The following Fedora 21 Security updates need testing:
Age URL
85
https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14....
81
https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15...
77
https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-...
74
https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2...
61
https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
54
https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-...
37
https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance...
30
https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21
22
https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-...
21
https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3....
16
https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21
11
https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.b...
9
https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12...
8
https://admin.fedoraproject.org/updates/FEDORA-2015-2828/suricata-2.0.7-1...
8
https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-3036/cups-filters-1.0...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-3032/jBCrypt-0.4-1.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3235/tcllib-1.16-5.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3249/libmspack-0.5-0....
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3160/putty-0.64-1.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3218/xterm-308-3.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3186/dokuwiki-0-0.24....
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3336/phpMyAdmin-4.3.1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3497/librsync-1.0.0-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3381/xen-4.4.1-13.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3471/freexl-1.0.0i-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3489/libgcrypt-1.6.3-...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3505/389-ds-base-1.3....
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
4
https://admin.fedoraproject.org/updates/FEDORA-2015-3047/livecd-tools-21....
4
https://admin.fedoraproject.org/updates/FEDORA-2015-2986/gnutls-3.3.13-1....
4
https://admin.fedoraproject.org/updates/FEDORA-2015-3009/perl-Pod-Usage-1...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3303/libsoup-2.48.1-2...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3323/poppler-0.26.2-7...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3324/crypto-policies-...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3226/perl-Encode-2.70...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-3202/exo-0.10.2-9.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3476/selinux-policy-3...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3379/gstreamer1-plugi...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3363/glib-networking-...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3489/libgcrypt-1.6.3-...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3484/dracut-038-33.gi...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-3017/ModemManager-1.4...
The following builds have been pushed to Fedora 21 updates-testing
389-ds-base-1.3.3.9-1.fc21
HepMC-2.06.09-9.fc21
ModemManager-1.4.4-2.fc21
R-qtl-1.36.6-1.fc21
buildbot-0.8.10-2.fc21
cdbs-0.4.128-1.fc21
chrpath-0.16-1.fc21
clamtk-5.15-1.fc21
csdiff-1.2.1-1.fc21
csmock-1.7.2-1.fc21
cswrap-1.3.0-1.fc21
csync2-1.34-15.fc21
dogtag-pki-10.2.1-1.fc21
dogtag-pki-theme-10.2.1-1.fc21
dracut-038-33.git20141216.fc21
duplicity-0.6.25-3.fc21
eclipse-mpc-1.3.2-1.fc21
eclipse-webtools-3.6.3-2.fc21
farstream-0.1.2-10.fc21
florence-0.6.3-1.fc21
freerdp-1.2.0-0.6.beta.1.fc21.2
freexl-1.0.0i-1.fc21
fts-3.2.32-1.fc21
fts-monitoring-3.2.32-1.fc21
fts-mysql-3.2.32-1.fc21
glib-networking-2.42.0-2.fc21
globus-ftp-client-8.20-1.fc21
golang-github-google-gofuzz-0-0.5.gitbbcb9da.fc21
golang-github-rackspace-gophercloud-1.0.0-5.fc21
golang-github-stretchr-testify-0-0.7.gite4ec815.fc21
graphite-web-0.9.13-0.3.aa992b9.fc21
gstreamer1-plugins-bad-free-1.4.5-2.fc21
gstreamer1-plugins-good-1.4.5-2.fc21
guayadeque-0.3.7-7.svn1893.fc21
ibus-table-1.9.4-1.fc21
josm-0-0.66.8109svn.fc21
julia-0.3.6-2.fc21
kde-workspace-4.11.16-3.fc21
lhapdf-5.9.1-9.fc21
libgcrypt-1.6.3-1.fc21
libmbim-1.12.0-1.fc21
libqmi-1.12.4-2.fc21
librsync-1.0.0-1.fc21
liveusb-creator-3.13.3-1.fc21
mariadb-10.0.17-1.fc21
milter-greylist-4.5.12-2.fc21
mirall-1.7.1-2.fc21
munin-2.0.25-2.fc21
opendmarc-1.3.1-3.fc21
owncloud-7.0.4-3.fc21
oz-0.13.0-1.fc21
perl-Class-Virtual-0.07-1.fc21
php-google-apiclient-1.1.2-2.fc21
php-sabre-dav-1.8.12-1.fc21
php-sabredav-Sabre_VObject-2.1.7-1.fc21
pki-console-10.2.1-1.fc21
pki-core-10.2.1-1.fc21
plantuml-8020-1.fc21
pymodbus-1.2.0-1.fc21
pyserial-2.7-1.fc21
python-astroML-addons-0.2.1-7.fc21
python-carbon-0.9.13-0.1.pre1.fc21
python-gertty-1.1.0-1.fc21
python-ipgetter-0.6-1.fc21
python-whisper-0.9.13-0.1.pre1.fc21
qt-creator-3.3.2-1.fc21
rdiff-backup-1.2.8-14.fc21
selinux-policy-3.13.1-105.6.fc21
sflphone-1.4.1-6.fc21
strace-4.10-1.fc21
udt-4.11-4.fc21
varnish-4.0.3-1.fc21
weechat-1.1.1-1.fc21
wireshark-1.12.4-1.fc21
wxsqlite3-3.2.1-1.fc21
xen-4.4.1-13.fc21
xfce4-hamster-plugin-1.6.1-1.fc21
yoshimi-1.3.3-2.fc21
znc-1.6.0-1.fc21
Details about builds:
================================================================================
389-ds-base-1.3.3.9-1.fc21 (FEDORA-2015-3505)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Release 1.3.3.9 with security bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Noriko Hosoi <nhosoi(a)redhat.com> - 1.3.3.9-1
- bump version to 1.3.3.9
- Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all]
- Ticket 47801 - RHDS keeps on logging write_changelog_and_ruv: failed to update RUV for
unknown
- Ticket 47957 - Make ReplicaWaitForAsyncResults configurable
- Ticket 47431 - CI test: added test cases for ticket 47431
- Ticket 47431 - Duplicate values for the attribute nsslapd-pluginarg are not handled
correctly
- Ticket 47936: Create a global lock to serialize write operations over several backends
- Ticket 48021 - nsDS5ReplicaBindDNGroup checkinterval not working properly
- Ticket 48048 - Fix coverity issues - 2015/3/1
- Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like
(attr=x*)
- Ticket 48109 - CI test: added test cases for ticket 48109
- Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like
(attr=x*)
- Ticket 48048 - Fix coverity issues - 2015/2/24
- Ticket 48030 - spec file should run "systemctl stop" against each running
instance instead of dirsrv.target
- Ticket 47828: DNA scope: allow to exlude some subtrees
- Ticket 47988: test case
- Ticket 47901: After total init, nsds5replicaLastInitStatus can report an erroneous error
status (like 'Referral')
- Ticket 48003 - add template scripts
- Ticket 48003 - build "suite" framework
- Ticket 48005 - CI test: added test cases for ticket 48005
- Ticket 48005 - ns-slapd crash in shutdown phase
- Ticket 47742 - 64bit problem on big endian: auth method not supported
- Ticket 47836 - Do not return '0' as empty fallback value of
nsds5replicalastupdatestart and nsds5replicalastupdatestart
- Ticket 47728 - compilation failed with ' incomplete struct/union/enum' if not
set USE_POSIX_RWLOCKS
- Ticket 48027 - revise the rootdn plugin configuration validation
- Ticket 47451 - dynamic plugins - fix crash caused by invalid plugin config
- Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD
* Wed Feb 25 2015 Noriko Hosoi <nhosoi(a)redhat.com> - 1.3.3.8-2
- Fixes spec file to make sure all the server instances are stopped before upgrade
- Ticket 48030 - DNS errors after IPA upgrade due to broken ReplSync
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1199675
--------------------------------------------------------------------------------
================================================================================
HepMC-2.06.09-9.fc21 (FEDORA-2015-3477)
C++ Event Record for Monte Carlo Generators
--------------------------------------------------------------------------------
Update Information:
Avoid hexfloat notation (gcc 5), Use greater allowed epsilon for test (fixes i686 build).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.06.09-9
- Increase epsilon - for i686 Fedora 22+ tests
* Fri Mar 6 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.06.09-8
- Do not trigger hexfloat output with gcc 5
--------------------------------------------------------------------------------
================================================================================
ModemManager-1.4.4-2.fc21 (FEDORA-2015-3017)
Mobile broadband modem management service
--------------------------------------------------------------------------------
Update Information:
This update suppresses GSM cell location messages at default log levels. This update also
adds the mistakenly omitted libqmi and libmbim dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 2 2015 Dan Williams <dcbw(a)redhat.com> - 1.4.4-2
- Don't print location information in logs (rh #1194492)
* Wed Feb 11 2015 Lubomir Rintel <lkundrak(a)v3.sk> - 1.4.4-1
- Update to 1.4.4 release
* Thu Jan 15 2015 Dan Williams <dcbw(a)redhat.com> - 1.4.2-1
- Update to 1.4.2 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default
log settings
https://bugzilla.redhat.com/show_bug.cgi?id=1194492
--------------------------------------------------------------------------------
================================================================================
R-qtl-1.36.6-1.fc21 (FEDORA-2015-3525)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
Version 1.36, 2015-03-05
Major changes:
* None.
Minor changes:
* Added a function flip.order() for flipping the order of markers on selected
chromosomes.
* Added scanonevar.meanperm and scanonevar.varperm (from Robert Corty) for permutation
tests with scanonevar().
* Revised plotPheno (aka plot.pheno) so that one can control the x-axis label and title
(also, in a histogram, the breaks).
* plotPXG: if infer=FALSE and there are no fully-informative genotypes (e.g., in a 4-way
cross), give a more informative error.
* geno.image: allow control of x- and y-axis labels; allow suppression of axes.
* Removed some warnings about missing end-of-line characters, in read.cross with MapQTL
format.
* Fixed a bug in scanonevar; was failing with an error about coercing class "A"
to a data.frame
* Dropped the name summary.scantwo.old(); still available as summaryScantwoOld().
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.36.6-1
- Update to 1.36.6
--------------------------------------------------------------------------------
================================================================================
buildbot-0.8.10-2.fc21 (FEDORA-2015-3465)
Build/test automation system
--------------------------------------------------------------------------------
Update Information:
apply patch from upstream for #1199283
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Gianluca Sforna <giallu(a)gmail.com> - 0.8.10-2
* add patch from upstream for # 1199283
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199283 - buildbot-master: page fails with “TypeError: 'NoneType'
object has no attribute '__getitem__'”
https://bugzilla.redhat.com/show_bug.cgi?id=1199283
--------------------------------------------------------------------------------
================================================================================
cdbs-0.4.128-1.fc21 (FEDORA-2015-3510)
Common build system for Debian packages
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.128, see
http://metadata.ftp-master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.12... for
details.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Sandro Mani <manisandro(a)gmail.com> - 0.4.128-1
- Update to 0.4.128
--------------------------------------------------------------------------------
================================================================================
chrpath-0.16-1.fc21 (FEDORA-2015-3530)
Modify rpath of compiled programs
--------------------------------------------------------------------------------
Update Information:
Update to 0.16 (#1144863)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2015 David King <amigadave(a)amigadave.com> - 0.16-1
- Update to 0.16 (#1144863)
- Remove clean section and BuildRoot tag
- Update URL and Sourc0
- Use license macro for COPYING
- Use parallel make flags
- Preserve timestamps during install
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1144863 - chrpath Missing biarch/multiarch/multilib support ; new upstream
release
https://bugzilla.redhat.com/show_bug.cgi?id=1144863
--------------------------------------------------------------------------------
================================================================================
clamtk-5.15-1.fc21 (FEDORA-2015-3404)
Easy to use graphical user interface for Clam anti virus
--------------------------------------------------------------------------------
Update Information:
Update to 5.15.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Dave M. <dave.nerd(a)gmail.com> - 5.15-1
- Updated to release 5.15.
--------------------------------------------------------------------------------
================================================================================
csdiff-1.2.1-1.fc21 (FEDORA-2015-3448)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
latest upstream version of csmock and its dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 3 2015 Kamil Dudka <kdudka(a)redhat.com> 1.2.1-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
csmock-1.7.2-1.fc21 (FEDORA-2015-3448)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
latest upstream version of csmock and its dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 3 2015 Kamil Dudka <kdudka(a)redhat.com> 1.7.2-1
- update to latest upstream
--------------------------------------------------------------------------------
================================================================================
cswrap-1.3.0-1.fc21 (FEDORA-2015-3448)
Generic compiler wrapper
--------------------------------------------------------------------------------
Update Information:
latest upstream version of csmock and its dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 18 2015 Kamil Dudka <kdudka(a)redhat.com> 1.3.0-1
- update to latest upstream
--------------------------------------------------------------------------------
================================================================================
csync2-1.34-15.fc21 (FEDORA-2015-3497)
Cluster synchronization tool
--------------------------------------------------------------------------------
Update Information:
Changes in librsync 1.0.0 (2015-01-23)
======================================
* SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong"
check sum to match blocks. However, MD4 is not cryptographically strong. It's possible
that an attacker who can control the contents of one part of a file could use it to
control other regions of the file, if it's transferred using librsync/rdiff. For
example this might occur in a database, mailbox, or VM image containing some
attacker-controlled data. To mitigate this issue, signatures will by default be computed
with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic
number when given these signature files. Backward compatibility can be obtained using the
new `rdiff sig --hash=md4` option or through specifying the "signature magic" in
the API, but this should not be used when either the old or new file contain untrusted
data. Deltas generated from those signatures will also use BLAKE2 during generation, but
produce output that can be read by old versions. See
https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net>
for reporting this and offering an initial patch.
* Various build fixes, thanks Timothy Gu.
* Improved rdiff man page from Debian.
* Improved librsync.spec file for building RPMs.
* Fixed bug #1110812 'internal error: job made no progress'; on large files.
* Moved hosting to
https://github.com/librsync/librsync/
*
Travis-CI.org integration test at
https://travis-ci.org/librsync/librsync/
* Remove bundled copy of popt; it must be installed separately.
* You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew
where it is called `glibtoolize`.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 1 2015 Robert Scheck <robert(a)fedoraproject.org> 1.34-15
- Rebuild for librsync 1.0.0 (#1126712)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption
https://bugzilla.redhat.com/show_bug.cgi?id=1126712
--------------------------------------------------------------------------------
================================================================================
dogtag-pki-10.2.1-1.fc21 (FEDORA-2015-3351)
Dogtag Public Key Infrastructure (PKI) Suite
--------------------------------------------------------------------------------
Update Information:
PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Dogtag Team <pki-devel(a)redhat.com> 10.2.1-1
- Update release number for release build
* Tue Dec 16 2014 Matthew Harmsen <mharmsen(a)redhat.com> - 10.2.1-0.4
- PKI TRAC Ticket #1205 - Outdated selinux-policy dependency.
--------------------------------------------------------------------------------
================================================================================
dogtag-pki-theme-10.2.1-1.fc21 (FEDORA-2015-3460)
Certificate System - Dogtag PKI Theme Components
--------------------------------------------------------------------------------
Update Information:
PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Dogtag Team <pki-devel(a)redhat.com> 10.2.1-1
- Update release number for release build
--------------------------------------------------------------------------------
================================================================================
dracut-038-33.git20141216.fc21 (FEDORA-2015-3484)
Initramfs generator using udev
--------------------------------------------------------------------------------
Update Information:
- Do not fsck when resuming from hibernation to avoid root filesystem corruption
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Till Maas <opensource(a)till.name> - 038-33.git20141216
- Do not fsck on resum from hibernate
Resolves: rhbz#1174945
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1174945 - Filesystem corruption after resume from suspend to disk
(hibernation)
https://bugzilla.redhat.com/show_bug.cgi?id=1174945
--------------------------------------------------------------------------------
================================================================================
duplicity-0.6.25-3.fc21 (FEDORA-2015-3497)
Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:
Changes in librsync 1.0.0 (2015-01-23)
======================================
* SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong"
check sum to match blocks. However, MD4 is not cryptographically strong. It's possible
that an attacker who can control the contents of one part of a file could use it to
control other regions of the file, if it's transferred using librsync/rdiff. For
example this might occur in a database, mailbox, or VM image containing some
attacker-controlled data. To mitigate this issue, signatures will by default be computed
with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic
number when given these signature files. Backward compatibility can be obtained using the
new `rdiff sig --hash=md4` option or through specifying the "signature magic" in
the API, but this should not be used when either the old or new file contain untrusted
data. Deltas generated from those signatures will also use BLAKE2 during generation, but
produce output that can be read by old versions. See
https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net>
for reporting this and offering an initial patch.
* Various build fixes, thanks Timothy Gu.
* Improved rdiff man page from Debian.
* Improved librsync.spec file for building RPMs.
* Fixed bug #1110812 'internal error: job made no progress'; on large files.
* Moved hosting to
https://github.com/librsync/librsync/
*
Travis-CI.org integration test at
https://travis-ci.org/librsync/librsync/
* Remove bundled copy of popt; it must be installed separately.
* You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew
where it is called `glibtoolize`.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 2 2015 Jon Ciesla <limburgher(a)gmail.com> - 0.6.25-3
- Patch out deprecation warning to fix deja-dup, BZ 1197627.
* Sun Mar 1 2015 Robert Scheck <robert(a)fedoraproject.org> 0.6.25-2
- Rebuild for librsync 1.0.0 (#1126712)
* Thu Feb 26 2015 Jon Ciesla <limburgher(a)gmail.com> - 0.6.25-1
- 0.6.25.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption
https://bugzilla.redhat.com/show_bug.cgi?id=1126712
--------------------------------------------------------------------------------
================================================================================
eclipse-mpc-1.3.2-1.fc21 (FEDORA-2015-3473)
Eclipse Marketplace Client
--------------------------------------------------------------------------------
Update Information:
Update to Luna SR2 release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Mat Booth <mat.booth(a)redhat.com> - 1.3.2-1
- Update to Luna SR2 release
--------------------------------------------------------------------------------
================================================================================
eclipse-webtools-3.6.3-2.fc21 (FEDORA-2015-3425)
Eclipse Webtools Projects
--------------------------------------------------------------------------------
Update Information:
This update is the latest service release of Eclipse Webtools for Eclipse Luna SR2.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 2 2015 Gerard Ryan <gerard(a)ryan.lt> - 3.6.3-2
- Update to latest upstream release tag R3_6_3
--------------------------------------------------------------------------------
================================================================================
farstream-0.1.2-10.fc21 (FEDORA-2015-3501)
Libraries for videoconferencing
--------------------------------------------------------------------------------
Update Information:
Fix crash when a SIPE call is received.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Michael Cronenworth <mike(a)cchtml.com> - 0.1.2-10
- Fix Pidgin crashing in SIPE calls (RHBZ#1032295)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1032295 - [abrt] pidgin-2.10.7-3.fc19: sighandler: Process /usr/bin/pidgin
was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=1032295
--------------------------------------------------------------------------------
================================================================================
florence-0.6.3-1.fc21 (FEDORA-2015-3421)
Extensible scalable on-screen virtual keyboard for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to 0.6.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 4 2015 Christopher Meng <rpm(a)cicku.me> - 0.6.3-1
- Update to 0.6.3
- Temporarily disable at-spi support since it's broken here.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168990 - [abrt] florence: _atspi_bus(): florence killed by SIGTRAP
https://bugzilla.redhat.com/show_bug.cgi?id=1168990
--------------------------------------------------------------------------------
================================================================================
freerdp-1.2.0-0.6.beta.1.fc21.2 (FEDORA-2015-3504)
Free implementation of the Remote Desktop Protocol (RDP)
--------------------------------------------------------------------------------
Update Information:
Backport upstream patch to avoid TCP_KEEPIDLE failure being fatal
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 David Woodhouse <dwmw2(a)infradead.org> - 1:1.2.0-0.6.beta.1.2
- Backport upstream patch to avoid TCP_KEEPIDLE failure being fatal
--------------------------------------------------------------------------------
================================================================================
freexl-1.0.0i-1.fc21 (FEDORA-2015-3471)
Library to extract data from within an Excel spreadsheet
--------------------------------------------------------------------------------
Update Information:
Four potentially harmful bugs causing crashes and stack corruption
were detected in FreeXL by American Fuzzy Lop and are solved in this release.
Please note: such issues are never realistically expected
to be encountered in real world XLS spreadsheets, anyway
some purposely forged XLS document could be used as a
"poisoned bait" to maliciously open a security breach.
https://groups.google.com/forum/#!topic/spatialite-users/plxKNbYw184
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Volker Fröhlich <volker27(a)gmx.at> 1.0.0i-1
- New release with security fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199328 - freexl-1.0.0i is available
https://bugzilla.redhat.com/show_bug.cgi?id=1199328
--------------------------------------------------------------------------------
================================================================================
fts-3.2.32-1.fc21 (FEDORA-2015-3380)
File Transfer Service V3
--------------------------------------------------------------------------------
Update Information:
fts 3.2.32 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 3.2.31-1
- Update for new upstream release
* Thu Jan 29 2015 Petr Machata <pmachata(a)redhat.com> - 3.2.30-3
- Rebuild for boost 1.57.0
- Include <boost/scoped_ptr.hpp> in src/url-copy/main.cpp
(fts-3.2.30-boost157.patch)
* Mon Jan 26 2015 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 3.2.30-2
- Rebuilt for gsoap 2.8.21
--------------------------------------------------------------------------------
================================================================================
fts-monitoring-3.2.32-1.fc21 (FEDORA-2015-3419)
FTS3 Web Application for monitoring
--------------------------------------------------------------------------------
Update Information:
Release 3.2.32
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Alejandro Alarez Ayllon <aalvarez(a)cern.ch> - 3.2.32-1
- Update for new upstream release
--------------------------------------------------------------------------------
================================================================================
fts-mysql-3.2.32-1.fc21 (FEDORA-2015-3522)
File Transfer Service V3 mysql plug-in
--------------------------------------------------------------------------------
Update Information:
New release 3.2.32
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 3.2.32-1
- Update for new upstream release
* Tue Feb 3 2015 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 3.2.30-2
- Rebuilt for new Boost release
--------------------------------------------------------------------------------
================================================================================
glib-networking-2.42.0-2.fc21 (FEDORA-2015-3363)
Networking support for GLib
--------------------------------------------------------------------------------
Update Information:
Improve priority string and fallback rules for the post-POODLE world (#1177964)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Dan Winship <danw(a)redhat.com> - 2.42.0-2
- Improve priority string and fallback rules for the post-POODLE world (#1177964)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177964 - GnuTLS internal error connecting to
https://www.timewarnercable.com/
https://bugzilla.redhat.com/show_bug.cgi?id=1177964
--------------------------------------------------------------------------------
================================================================================
globus-ftp-client-8.20-1.fc21 (FEDORA-2015-3312)
Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:
Improved fix for GGUS 109089/109576 (from upstream git)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.20-1
- GT6 update (upstream's release of previous fix)
* Thu Mar 5 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.19-2
- Improved fix for GGUS 109089/109576 (from upstream git)
--------------------------------------------------------------------------------
================================================================================
golang-github-google-gofuzz-0-0.5.gitbbcb9da.fc21 (FEDORA-2015-3397)
Library for populating go objects with random values
--------------------------------------------------------------------------------
Update Information:
Bump to upstream bbcb9da2d746f8bdbd6a936686a0a6067ada0ec5
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 8 2015 jchaloup <jchaloup(a)redhat.com> - 0-0.5.gitbbcb9da
- Bump to upstream bbcb9da2d746f8bdbd6a936686a0a6067ada0ec5
related: #1141817
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141817 - Review Request: golang-github-google-gofuzz - Library for
populating go objects with random values
https://bugzilla.redhat.com/show_bug.cgi?id=1141817
--------------------------------------------------------------------------------
================================================================================
golang-github-rackspace-gophercloud-1.0.0-5.fc21 (FEDORA-2015-3402)
The Go SDK for Openstack
http://gophercloud.io
--------------------------------------------------------------------------------
Update Information:
Fix root provide, replace double % with one
Fix Provides, used import_path macro instead of its value
Bump to upstream 6753165c3bb83a2b41bc495210509eacb12926d6
Bump to upstream 75c3fecab50deff8ff90bce2147a9d3140c5a13f
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 jchaloup <jchaloup(a)redhat.com> - 1.0.0-5
- Fix root provide, replace double % with one
related: #1153733
* Fri Mar 6 2015 jchaloup <jchaloup(a)redhat.com> - 1.0.0-4
- Fix Provides, used import_path macro instead of its value
related: #1153733
* Fri Mar 6 2015 jchaloup <jchaloup(a)redhat.com> - 1.0.0-3
- Bump to upstream 6753165c3bb83a2b41bc495210509eacb12926d6
related: #1153733
* Wed Feb 25 2015 jchaloup <jchaloup(a)redhat.com> - 1.0.0-2
- Bump to upstream 75c3fecab50deff8ff90bce2147a9d3140c5a13f
related: #1153733
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1153733 - Review Request: golang-github-rackspace-gophercloud - The Go SDK
for Openstack
http://gophercloud.io
https://bugzilla.redhat.com/show_bug.cgi?id=1153733
--------------------------------------------------------------------------------
================================================================================
golang-github-stretchr-testify-0-0.7.gite4ec815.fc21 (FEDORA-2015-3490)
Tools for testifying that your code will behave as you intend
--------------------------------------------------------------------------------
Update Information:
update URL to point to github repository
Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 jchaloup <jchaloup(a)redhat.com> - 0-0.7.gite4ec815
- update URL to point to github repository
related: #1141872
* Thu Mar 5 2015 jchaloup <jchaloup(a)redhat.com> - 0-0.6.gite4ec815
- Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325
related: #1141872
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools for
testifying that your code will behave as you intend
https://bugzilla.redhat.com/show_bug.cgi?id=1141872
--------------------------------------------------------------------------------
================================================================================
graphite-web-0.9.13-0.3.aa992b9.fc21 (FEDORA-2015-3459)
A Django web application for enterprise scalable realtime graphing
--------------------------------------------------------------------------------
Update Information:
update all Graphite packages to 0.9.13-pre1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 17 2015 Piotr Popieluch <piotr1212(a)gmail.com> - 0.9.13-0.3.aa992b9
- fix IE 10 javascript issues
* Thu Feb 5 2015 Piotr Popieluch <piotr1212(a)gmail.com> - 0.9.13-0.2.094cf54
- update to later commit to fix XSS
* Mon Jan 19 2015 Piotr Popieluch <piotr1212(a)gmail.com> - 0.9.13-0.1.pre1
- update to upstream pre-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon
https://bugzilla.redhat.com/show_bug.cgi?id=1183270
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-bad-free-1.4.5-2.fc21 (FEDORA-2015-3362)
GStreamer streaming media framework "bad" plugins
--------------------------------------------------------------------------------
Update Information:
Fix RTP/RTCP muxing (#1199578)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 David Woodhouse <dwmw2(a)infradead.org> - 1.4.5-2
- Fix RTP/RTCP muxing (#1199578)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199578 - srtpdec doesn't support RTP on the RTCP sink pad
https://bugzilla.redhat.com/show_bug.cgi?id=1199578
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-good-1.4.5-2.fc21 (FEDORA-2015-3379)
GStreamer plugins with good code and licensing
--------------------------------------------------------------------------------
Update Information:
Don't force RTP jitterbuffer clock-rate (#1199579)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 David Woodhouse <dwmw2(a)infradead.org> - 1.4.5-2
- Don't force RTP jitterbuffer clock-rate (#1199579)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199579 - RTP Jitterbuffer shouldn't force clock-rate on the caps
https://bugzilla.redhat.com/show_bug.cgi?id=1199579
--------------------------------------------------------------------------------
================================================================================
guayadeque-0.3.7-7.svn1893.fc21 (FEDORA-2015-3463)
Music player
--------------------------------------------------------------------------------
Update Information:
dropped CMAKE_INSTALL_PREFIX because already sets by %cmake macro
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Martin Gansser <martinkg(a)fedoraproject.org> - 0.3.7-7.svn1893
- dropped CMAKE_INSTALL_PREFIX because already sets by %cmake macro
- rebuild for new wxsqlite3 version
--------------------------------------------------------------------------------
================================================================================
ibus-table-1.9.4-1.fc21 (FEDORA-2015-3415)
The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:
Check existence of old log files before trying to delete them
update to 1.9.3; Try to get the English name of the table if run in locale C/POSIX
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Mike FABIAN <mfabian(a)redhat.com> - 1.9.4-1
- update to 1.9.4
- Check existence of old log files before trying to delete them
- Resolves: rhbz#1199673
* Mon Mar 2 2015 Mike FABIAN <mfabian(a)redhat.com> - 1.9.3-1
- update to 1.9.3
- Try to get the English name of the table if run in locale C/POSIX
- Resolves: rhbz#1197001
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197001 - [abrt] ibus-table: main.py:222:main:AttributeError:
'NoneType' object has no attribute 'lower'
https://bugzilla.redhat.com/show_bug.cgi?id=1197001
[ 2 ] Bug #1199673 - [abrt] ibus-table: factory.py:89:do_create_engine:Exception: Cannot
create engine wubi-jidian86
https://bugzilla.redhat.com/show_bug.cgi?id=1199673
--------------------------------------------------------------------------------
================================================================================
josm-0-0.66.8109svn.fc21 (FEDORA-2015-3518)
An editor for OpenStreetMap (OSM)
--------------------------------------------------------------------------------
Update Information:
Update to 8109 svn revision
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 3 2015 Cédric OLIVIER <cedric.olivier(a)free.fr> 0-0.66.8109svn
- Update to 8109 svn revision
--------------------------------------------------------------------------------
================================================================================
julia-0.3.6-2.fc21 (FEDORA-2015-3456)
High-level, high-performance dynamic language for technical computing
--------------------------------------------------------------------------------
Update Information:
Fix loading libcholmod, libfftw3_threads and libumfpack.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 2 2015 Milan Bouchet-Valat <nalimilan(a)club.fr> - 0.3.6-2
- Fix loading libcholmod, libfftw3_threads and libumfpack.
--------------------------------------------------------------------------------
================================================================================
kde-workspace-4.11.16-3.fc21 (FEDORA-2015-3406)
KDE Workspace
--------------------------------------------------------------------------------
Update Information:
New bugfix release, part of KDE Applications 14.12.3 release. See also:
https://www.kde.org/announcements/announce-applications-14.12.3.php
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Kevin Kofler <Kevin(a)tigcc.ticalc.org> - 4.11.16-3
- fix the colorschemes.knsrc file conflict correctly (also patch the code)
* Fri Mar 6 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.11.16-2
- kcm_colors: avoid conflict with plasma-desktop
* Mon Feb 23 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.11.16-1
- 4.11.16
* Wed Feb 11 2015 Than Ngo <than(a)redhat.com> 4.11.15-6
- rebuilt
* Sat Feb 7 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.11.15-5
- KDM writing incorrect XAUTHORITY file for XDMCP sessions (#1187957)
* Tue Feb 3 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.11.15-4
- -devel: drop dep on kwin-gles-libs (#1188877)
--------------------------------------------------------------------------------
================================================================================
lhapdf-5.9.1-9.fc21 (FEDORA-2015-3356)
Les Houches Accord PDF Interface
--------------------------------------------------------------------------------
Update Information:
Fix to example code.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.9.1-9
- Fix lhacontrol common block in example
* Sun Oct 12 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.9.1-8
- Re-enable octave for EPEL 7
--------------------------------------------------------------------------------
================================================================================
libgcrypt-1.6.3-1.fc21 (FEDORA-2015-3489)
A general-purpose cryptography library
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing two minor security issues.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Tomáš Mráz <tmraz(a)redhat.com> 1.6.3-1
- new upstream version
* Wed Feb 25 2015 Tomáš Mráz <tmraz(a)redhat.com> 1.6.2-4
- do not initialize secure memory during the selftest (#1195850)
* Sat Feb 21 2015 Till Maas <opensource(a)till.name> - 1.6.2-3
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-...
* Wed Jan 14 2015 Tomáš Mráz <tmraz(a)redhat.com> 1.6.2-2
- fix buildability of programs using gcrypt.h with -ansi (#1182200)
* Mon Dec 8 2014 Tomáš Mráz <tmraz(a)redhat.com> 1.6.2-1
- new upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1198145 - CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal
decryption (new side-channel attack)
https://bugzilla.redhat.com/show_bug.cgi?id=1198145
[ 2 ] Bug #1198147 - CVE-2015-0837 libgcrypt: last-level cache side-channel attack
https://bugzilla.redhat.com/show_bug.cgi?id=1198147
--------------------------------------------------------------------------------
================================================================================
libmbim-1.12.0-1.fc21 (FEDORA-2015-3017)
Support library for the Mobile Broadband Interface Model protocol
--------------------------------------------------------------------------------
Update Information:
This update suppresses GSM cell location messages at default log levels. This update also
adds the mistakenly omitted libqmi and libmbim dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 15 2015 Dan Williams <dcbw(a)redhat.com> - 1.12.0-1
- Update to 1.12.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default
log settings
https://bugzilla.redhat.com/show_bug.cgi?id=1194492
--------------------------------------------------------------------------------
================================================================================
libqmi-1.12.4-2.fc21 (FEDORA-2015-3017)
Support library to use the Qualcomm MSM Interface (QMI) protocol
--------------------------------------------------------------------------------
Update Information:
This update suppresses GSM cell location messages at default log levels. This update also
adds the mistakenly omitted libqmi and libmbim dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 21 2015 Till Maas <opensource(a)till.name> - 1.12.4-2
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-...
* Wed Feb 11 2015 Lubomir Rintel <lkundrak(a)v3.sk> - 1.12.4-1
- Update to 1.12.4 release
* Tue Feb 10 2015 Lubomir Rintel <lkundrak(a)v3.sk> - 1.12.2-1
- Clean up the spec file a bit
- Update to 1.12.2 release
* Thu Jan 15 2015 Dan Williams <dcbw(a)redhat.com> - 1.12.0-1
- Update to 1.12.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default
log settings
https://bugzilla.redhat.com/show_bug.cgi?id=1194492
--------------------------------------------------------------------------------
================================================================================
librsync-1.0.0-1.fc21 (FEDORA-2015-3497)
Rsync libraries
--------------------------------------------------------------------------------
Update Information:
Changes in librsync 1.0.0 (2015-01-23)
======================================
* SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong"
check sum to match blocks. However, MD4 is not cryptographically strong. It's possible
that an attacker who can control the contents of one part of a file could use it to
control other regions of the file, if it's transferred using librsync/rdiff. For
example this might occur in a database, mailbox, or VM image containing some
attacker-controlled data. To mitigate this issue, signatures will by default be computed
with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic
number when given these signature files. Backward compatibility can be obtained using the
new `rdiff sig --hash=md4` option or through specifying the "signature magic" in
the API, but this should not be used when either the old or new file contain untrusted
data. Deltas generated from those signatures will also use BLAKE2 during generation, but
produce output that can be read by old versions. See
https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net>
for reporting this and offering an initial patch.
* Various build fixes, thanks Timothy Gu.
* Improved rdiff man page from Debian.
* Improved librsync.spec file for building RPMs.
* Fixed bug #1110812 'internal error: job made no progress'; on large files.
* Moved hosting to
https://github.com/librsync/librsync/
*
Travis-CI.org integration test at
https://travis-ci.org/librsync/librsync/
* Remove bundled copy of popt; it must be installed separately.
* You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew
where it is called `glibtoolize`.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 1 2015 Robert Scheck <robert(a)fedoraproject.org> 1.0.0-1
- Upgrade to 1.0.0 (#1126712)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption
https://bugzilla.redhat.com/show_bug.cgi?id=1126712
--------------------------------------------------------------------------------
================================================================================
liveusb-creator-3.13.3-1.fc21 (FEDORA-2015-3491)
A liveusb creator
--------------------------------------------------------------------------------
Update Information:
New upstream release to fix an issue with stripping LABEL parameters from the syslinux.cfg
when used in 'destructive mode (cp)'
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Luke Macken <lmacken(a)redhat.com> - 3.13.3-1
- Latest upstream release
--------------------------------------------------------------------------------
================================================================================
mariadb-10.0.17-1.fc21 (FEDORA-2015-3503)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes all issues described at
https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-10017-ch...
Enable tokudb
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 4 2015 Honza Horak <hhorak(a)redhat.com> - 1:10.0.17-1
- Rebase to version 10.0.17
* Wed Feb 18 2015 Matej Muzila <mmuzila(a)redhat.com> - 1:10.0.16-3
- Enable tokudb
* Tue Feb 10 2015 Honza Horak <hhorak(a)redhat.com> - 1:10.0.16-3
- Fix openssl_1 test
* Wed Feb 4 2015 Jakub Dorňák <jdornak(a)redhat.com> - 1:10.0.16-2
- Include new certificate for tests
- Update lists of failing tests
Related: #1186110
* Tue Feb 3 2015 Jakub Dorňák <jdornak(a)redhat.com> - 1:10.0.16-9
- Rebase to version 10.0.16
Resolves: #1187895
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197278 - mariadb-10.0.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1197278
[ 2 ] Bug #1171767 - TokuDB plugin missing from MariaDB
https://bugzilla.redhat.com/show_bug.cgi?id=1171767
--------------------------------------------------------------------------------
================================================================================
milter-greylist-4.5.12-2.fc21 (FEDORA-2015-3468)
Milter for greylisting, the next step in the spam control war
--------------------------------------------------------------------------------
Update Information:
Cumulative bug fix release from upstream.
See package changelog for full details.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Paul Howarth <paul(a)city-fan.org> - 4.5.12-2
- Include milter-greylist.m4 as %doc
- Add preset support for EL-7 build
- Tag README as %license where possible as it includes the license details
* Thu Dec 18 2014 Paul Howarth <paul(a)city-fan.org> - 4.5.12-1
- Update to 4.5.12
- Prevent buffer overflow on IP address in DRAC code
- Remove duplicate dkim check in configure
- Let MX clause work if a MX has no DNS A record
- Fix build on CentOS
--------------------------------------------------------------------------------
================================================================================
mirall-1.7.1-2.fc21 (FEDORA-2015-3347)
The ownCloud Client
--------------------------------------------------------------------------------
Update Information:
Upstream 1.7.1 version with gcc5 compliance
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Dams <anvil[AT]livna.org> - 1.7.1-2
- Added gcc5 compliance patch
* Fri Mar 6 2015 Dams <anvil[AT]livna.org> - 1.7.1-1
- Updated to 1.7.1
--------------------------------------------------------------------------------
================================================================================
munin-2.0.25-2.fc21 (FEDORA-2015-3426)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Merge 2.1 paches back to 2.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 "D. Johnson" <fenris02(a)fedoraproject.org> - 2.0.25-2
- Merge 2.1 paches back to 2.0
- BZ# 1149949 - munin-async init script to override defaults (PR-274 backport)
- BZ# 1049262 - munin ntp_ plugin uses perl features from perl 5.10.0 but can only use
perl 5.8.8
- BZ# 1140015 - Munin mysql plugin fails to parse MariaDB status
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1149949 - munin-async init script to override defaults
https://bugzilla.redhat.com/show_bug.cgi?id=1149949
[ 2 ] Bug #1049262 - munin ntp_ plugin uses perl features from perl 5.10.0 but can only
use perl 5.8.8
https://bugzilla.redhat.com/show_bug.cgi?id=1049262
[ 3 ] Bug #1140015 - Munin mysql plugin fails to parse MariaDB status
https://bugzilla.redhat.com/show_bug.cgi?id=1140015
--------------------------------------------------------------------------------
================================================================================
opendmarc-1.3.1-3.fc21 (FEDORA-2015-3495)
A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and
library
--------------------------------------------------------------------------------
Update Information:
* Fri Mar 06 2015 Steve Jenkins <steve(a)stevejenkins.com> 1.3.1-3
- Added libbsd and libbsd-devel build requirement to fix libstrl issue
- initial packaged version of OpenDMARC for Fedora-based systems
- initial packaged version of OpenDMARC for Fedora-based systems
- initial packaged version of OpenDMARC for Fedora-based systems
- initial packaged version of OpenDMARC for Fedora-based systems
- initial packaged version of OpenDMARC for Fedora-based systems
- initial packaged version of OpenDMARC for Fedora-based systems
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905304 - Review Request: OpenDMARC - Domain-based Message Authentication,
Reporting & Conformance (DMARC) milter and library
https://bugzilla.redhat.com/show_bug.cgi?id=905304
--------------------------------------------------------------------------------
================================================================================
owncloud-7.0.4-3.fc21 (FEDORA-2015-3532)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
This update provides some improvements to the Apache configuration files that are included
in the package to ease deployment (and to a smaller extent, also the Nginx configuration
file).
Most notably, this should fix the 'app store' function by providing the necessary
Alias:
Alias /owncloud/apps-appstore /var/lib/owncloud/apps
if you have edited the /etc/httpd/conf.d/owncloud.conf file locally, the packaged version
will install as owncloud.conf.rpmnew. We recommend you merge the changes into your own
version, or keep the packaged owncloud.conf and move your changes to a file which
overrides it, such as z-owncloud-local.conf .
The update also provides a (hopefully) more convenient method for enabling and disabling
remote access to the ownCloud installation. You can simply symlink the file
owncloud-access-conf.avail to enable remote access, e.g.:
ln -s /etc/httpd/conf.d/owncloud-access.conf.avail
/etc/httpd/conf.d/z-owncloud-access.conf
as long as the target name ends in .conf and sorts alphabetically after
'owncloud.conf', it will supersede owncloud.conf and enable remote access. If you
need to lock down access to the server, you can simply remove the symlink.
This removes the need for you to provide the appropriate syntax yourself, and the symlink
approach will mean that if the required configuration changes in future ownCloud releases,
the packaged owncloud-access.conf.avail file can be updated and your installation will
keep working with no need for you to make manual changes.
The new approach makes use of some files containing common directives, to be included by
the .conf files (to reduce duplication of these directives between different config files
and sections). These are named with the suffix .inc. Note that they only take effect when
included by files whose names end with .conf. Only files whose name end with .conf are
directly read by Apache.
There are no functional changes to ownCloud itself in this update, it is concerned only
with the web server configuration files.
This update provides the latest upstream release of ownCloud, with various bug fixes. This
is a minor release and should apply smoothly with no special handling.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 22 2015 Adam Williamson <awilliam(a)redhat.com> - 7.0.4-3
- revise and strengthen Apache configuration layout, fix external apps
- fix external apps for Nginx
--------------------------------------------------------------------------------
================================================================================
oz-0.13.0-1.fc21 (FEDORA-2015-3470)
Library and utilities for automated guest OS installs
--------------------------------------------------------------------------------
Update Information:
Update to release 0.13.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Chris Lalancette <clalancette(a)gmail.com> - 0.13.0-1
- Update to release 0.13.0
--------------------------------------------------------------------------------
================================================================================
perl-Class-Virtual-0.07-1.fc21 (FEDORA-2015-3436)
Base class for virtual base classes in Perl
--------------------------------------------------------------------------------
Update Information:
Update to 0.07 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1195862 - Review Request: perl-Class-Virtual - Base class for virtual base
classes in Perl
https://bugzilla.redhat.com/show_bug.cgi?id=1195862
--------------------------------------------------------------------------------
================================================================================
php-google-apiclient-1.1.2-2.fc21 (FEDORA-2015-3344)
Client library for Google APIs
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream release of the library with various improvements
and bug fixes. See
https://github.com/google/google-api-php-client/releases for a handy
summary of upstream changes.
Since 1.1.1 the library includes an autoloader and recommends its use. However, including
files directly should continue to work as it previously did.
The only Fedora package which uses this library is ownCloud, so the best way to test it
(unless you have your own unpackaged code that uses it) is to check ownCloud's
integration with Google Drive storage continues to work.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 2 2015 Adam Williamson <awilliam(a)redhat.com> - 1.1.2-2
- update autoloader relocation patch to match latest upstream submission
--------------------------------------------------------------------------------
================================================================================
php-sabre-dav-1.8.12-1.fc21 (FEDORA-2015-3358)
WebDAV Framework for PHP
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream 1.8 release, which is a bugfix release with no
expected compatibility changes. The upstream changes can be seen at
https://github.com/fruux/sabre-dav/blob/1.8/ChangeLog .
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Adam Williamson <awilliam(a)redhat.com> - 1.8.12-1
- update to 1.8.12 (bugfix release, no bc breaks)
--------------------------------------------------------------------------------
================================================================================
php-sabredav-Sabre_VObject-2.1.7-1.fc21 (FEDORA-2015-3528)
An intuitive reader for iCalendar and vCard objects
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream release of the 2.1 series. It is a stable bugfix
release. The most significant change since 2.1.4 is a workaround for
https://github.com/fruux/sabre-vobject/issues/94 , which should improve interoperability
with several clients.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Adam Williamson <awilliam(a)redhat.com> - 2.1.7-1
- update to 2.1.7
--------------------------------------------------------------------------------
================================================================================
pki-console-10.2.1-1.fc21 (FEDORA-2015-3512)
Certificate System - PKI Console
--------------------------------------------------------------------------------
Update Information:
PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Dogtag Team <pki-devel(a)redhat.com> 10.2.1-1
- Update release number for release build
--------------------------------------------------------------------------------
================================================================================
pki-core-10.2.1-1.fc21 (FEDORA-2015-3529)
Certificate System - PKI Core Components
--------------------------------------------------------------------------------
Update Information:
PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Dogtag Team <pki-devel(a)redhat.com> 10.2.1-1
- Update release number for release build
* Tue Dec 16 2014 Matthew Harmsen <mharmsen(a)redhat.com> - 10.2.1-0.4
- PKI TRAC Ticket #1187 - mod_perl should be removed from requirements for 10.2
- PKI TRAC Ticket #1205 - Outdated selinux-policy dependency.
- Removed perl(XML::LibXML), perl-Crypt-SSLeay, and perl-Mozilla-LDAP runtime
dependencies
* Fri Dec 12 2014 Ade Lee <alee(a)redhat.com> 10.2.1-0.3
- Change resteasy dependencies for F22+
--------------------------------------------------------------------------------
================================================================================
plantuml-8020-1.fc21 (FEDORA-2015-3427)
Program to generate UML diagram from a text description
--------------------------------------------------------------------------------
Update Information:
Updating to a new upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Jan Safranek <jsafrane(a)redhat.com> - 8020-1
- Update to ver. 8020
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199286 - Please update plantuml from 7978 to 8020
https://bugzilla.redhat.com/show_bug.cgi?id=1199286
--------------------------------------------------------------------------------
================================================================================
pymodbus-1.2.0-1.fc21 (FEDORA-2015-3420)
A Modbus Protocol Stack in Python
--------------------------------------------------------------------------------
Update Information:
New upstream release with various enhancements and bugfixes.
Detailed changelog:
https://github.com/bashwork/pymodbus/blob/master/CHANGELOG.rst
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 9 2015 Christian Krause <chkr(a)fedoraproject.org> - 1.2.0-1
- Update to new upstream release 1.2.0
- Add patch to avoid installation of ez_setup
- Change URL and Source URL
- Adjust requirements
--------------------------------------------------------------------------------
================================================================================
pyserial-2.7-1.fc21 (FEDORA-2015-3466)
Python serial port access library
--------------------------------------------------------------------------------
Update Information:
New upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 8 2015 Paul Komkoff <i(a)stingr.net> 2.7-1
- new upstream version
--------------------------------------------------------------------------------
================================================================================
python-astroML-addons-0.2.1-7.fc21 (FEDORA-2015-3394)
Performance add-ons for the astroML package
--------------------------------------------------------------------------------
Update Information:
fixed wrong dependency in python 2 package (BZ #1199429)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Christian Dersch <chrisdersch(a)gmail.com> - 0.2.1-7
- fixed wrong dependency in python 2 package (BZ #1199429)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199429 - python-astroML-addons-0.2.1-6.fc21 wrong dependency in
python3-scikit-learn
https://bugzilla.redhat.com/show_bug.cgi?id=1199429
--------------------------------------------------------------------------------
================================================================================
python-carbon-0.9.13-0.1.pre1.fc21 (FEDORA-2015-3459)
Back-end data caching and persistence daemon for Graphite
--------------------------------------------------------------------------------
Update Information:
update all Graphite packages to 0.9.13-pre1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 19 2015 Piotr Popieluch <piotr1212(a)gmail.com> - 0.9.13-0.1.pre1
- update to 0.9.13-pre1
* Mon Nov 24 2014 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.9.12-7
- patch setup.py to prevent installation of upstream init scripts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon
https://bugzilla.redhat.com/show_bug.cgi?id=1183270
--------------------------------------------------------------------------------
================================================================================
python-gertty-1.1.0-1.fc21 (FEDORA-2015-3423)
Gertty is a console-based interface to the Gerrit Code Review system
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Kashyap Chamarthy <kashyapc(a)fedoraproject.org> - 1.1.0-1
- New upstream release 1.1.0
--------------------------------------------------------------------------------
================================================================================
python-ipgetter-0.6-1.fc21 (FEDORA-2015-3392)
A Python module to fetch the external IP address
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.6-1
- Update to latest upstream release 0.6
--------------------------------------------------------------------------------
================================================================================
python-whisper-0.9.13-0.1.pre1.fc21 (FEDORA-2015-3459)
Simple database library for storing time-series data
--------------------------------------------------------------------------------
Update Information:
update all Graphite packages to 0.9.13-pre1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 19 2015 Piotr Popieluch <piotr1212(a)gmail.com> - 0.9.13-0.1.pre1
- update to 0.9.13-pre1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon
https://bugzilla.redhat.com/show_bug.cgi?id=1183270
--------------------------------------------------------------------------------
================================================================================
qt-creator-3.3.2-1.fc21 (FEDORA-2015-3458)
Cross-platform IDE for Qt
--------------------------------------------------------------------------------
Update Information:
Update to version 3.3.2, see
https://qt.gitorious.org/qt-creator/qt-creator/raw/2fb9c3c7abc93a9237e729...
for details.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Sandro Mani <manisandro(a)gmail.com> - 3.3.2-1
- 3.3.2 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199110 - qt-creator-3.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1199110
--------------------------------------------------------------------------------
================================================================================
rdiff-backup-1.2.8-14.fc21 (FEDORA-2015-3497)
Convenient and transparent local/remote incremental mirror/backup
--------------------------------------------------------------------------------
Update Information:
Changes in librsync 1.0.0 (2015-01-23)
======================================
* SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong"
check sum to match blocks. However, MD4 is not cryptographically strong. It's possible
that an attacker who can control the contents of one part of a file could use it to
control other regions of the file, if it's transferred using librsync/rdiff. For
example this might occur in a database, mailbox, or VM image containing some
attacker-controlled data. To mitigate this issue, signatures will by default be computed
with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic
number when given these signature files. Backward compatibility can be obtained using the
new `rdiff sig --hash=md4` option or through specifying the "signature magic" in
the API, but this should not be used when either the old or new file contain untrusted
data. Deltas generated from those signatures will also use BLAKE2 during generation, but
produce output that can be read by old versions. See
https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net>
for reporting this and offering an initial patch.
* Various build fixes, thanks Timothy Gu.
* Improved rdiff man page from Debian.
* Improved librsync.spec file for building RPMs.
* Fixed bug #1110812 'internal error: job made no progress'; on large files.
* Moved hosting to
https://github.com/librsync/librsync/
*
Travis-CI.org integration test at
https://travis-ci.org/librsync/librsync/
* Remove bundled copy of popt; it must be installed separately.
* You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew
where it is called `glibtoolize`.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 1 2015 Robert Scheck <robert(a)fedoraproject.org> - 1.2.8-14
- Rebuild for librsync 1.0.0 (#1126712)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption
https://bugzilla.redhat.com/show_bug.cgi?id=1126712
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-105.6.fc21 (FEDORA-2015-3476)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info:
http://koji.fedoraproject.org/koji/buildinfo?buildID=618340
More
info:http://koji.fedoraproject.org/koji/buildinfo?buildID=615187
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Lukas Vrabec <lvrabec(a)redhat.com> 3.13.1-105.6
- Allow glusterd_t exec glusterd_var_lib_t files. BZ(1198406)
- Add gluster_exec_lib interface.
- Allow cyrus bind tcp berknet port. BZ(1198347)
- Allow abrt_dump_oops_t read /etc/passwd file. BZ(1197190)
- Allow l2tp to manage NetworkManager_var_run_t files. BZ(1197428)
- Allow denyhosts execute iptables. BZ(1197371)
- Allow brltty rw event device. BZ(1190349)
- Allow cupsd config to execute ldconfig. BZ(1196608)
- Allow ping_t read urand. BZ(1181831)
- Add support for tcp/2005 port.
* Wed Feb 25 2015 Lukas Vrabec <lvrabec(a)redhat.com> 3.13.1-105.5
- Make sure NetworkManager configures resolv.conf correctly
- Label /var/run/NetworkManager/resolv.conf.tmp as net_conf_t.
- Added interface files_search_all_pids
- Allow search all pid dirs when managing net_conf_t files
- Fix path label to resolv.conf under NetworkManager
* Mon Feb 23 2015 Lukas Vrabec <lvrabec(a)redhat.com> 3.13.1-105.4
- Added logging_syslogd_pid_filetrans
- Additional fix for labeleling /dev/log correctly
- Label new strongswan binary swanctl and new unit file strongswan-swanctl.service.
BZ(1193102)
- Label /dev/log correctly.
- Create dnf and yum directories in /var with correct label
- Dontaudit sys_resource in prelink_cron)_system_t
- Add filename transitions for /var/lib/rpm and /var/cache/rpm
- Create dnf and yum directories in /var with correct label
- Allow brltty ioctl on usb_device_t. BZ(1190349)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181831 - SELinux is preventing ping6 from read access on the chr_file
urandom.
https://bugzilla.redhat.com/show_bug.cgi?id=1181831
[ 2 ] Bug #1184389 - running a server with docker leads to selinux warnings
https://bugzilla.redhat.com/show_bug.cgi?id=1184389
[ 3 ] Bug #1196608 - SELinux is preventing udev-add-printe from 'execute'
accesses on the file /usr/sbin/ldconfig.
https://bugzilla.redhat.com/show_bug.cgi?id=1196608
[ 4 ] Bug #1197371 - SELinux is preventing /usr/bin/bash from 'execute' accesses
on the file /usr/sbin/xtables-multi.
https://bugzilla.redhat.com/show_bug.cgi?id=1197371
[ 5 ] Bug #1197428 - SELinux is preventing nm-l2tp-service from 'unlink'
accesses on the file nm-xl2tpd.conf.4356.
https://bugzilla.redhat.com/show_bug.cgi?id=1197428
[ 6 ] Bug #1198406 - SELinux is preventing /usr/sbin/glusterfsd from 'execute'
accesses on the file /var/lib/glusterd/hooks/1/start/post/S30samba-start.sh.
https://bugzilla.redhat.com/show_bug.cgi?id=1198406
[ 7 ] Bug #1190349 - SELinux is preventing /usr/bin/brltty from ioctl access on the
chr_file /dev/bus/usb/002/004.
https://bugzilla.redhat.com/show_bug.cgi?id=1190349
[ 8 ] Bug #1193102 - /usr/sbin/charon-systemd needs policy
https://bugzilla.redhat.com/show_bug.cgi?id=1193102
[ 9 ] Bug #1195752 - dnssec-triggerd is not allowed to write to /etc
https://bugzilla.redhat.com/show_bug.cgi?id=1195752
--------------------------------------------------------------------------------
================================================================================
sflphone-1.4.1-6.fc21 (FEDORA-2015-3444)
SIP/IAX2 compatible enterprise-class software phone
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1180698 - Review Request: sflphone - SIP/IAX2 compatible enterprise-class
software phone
https://bugzilla.redhat.com/show_bug.cgi?id=1180698
--------------------------------------------------------------------------------
================================================================================
strace-4.10-1.fc21 (FEDORA-2015-3365)
Tracks and displays system calls associated with a running process
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 Dmitry V. Levin <ldv(a)altlinux.org> - 4.10-1
- New upstream release:
+ enhanced ioctl decoding (#902788).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #902788 - RFE: strace should interpret also the direction and size fields for
the ioctl() syscall
https://bugzilla.redhat.com/show_bug.cgi?id=902788
--------------------------------------------------------------------------------
================================================================================
udt-4.11-4.fc21 (FEDORA-2015-3450)
UDP based Data Transfer Protocol
--------------------------------------------------------------------------------
Update Information:
Fix sed substitutions in case of slashes in rpm macros
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.11-4
- Fix sed substitutions in case of slashes in rpm macros
--------------------------------------------------------------------------------
================================================================================
varnish-4.0.3-1.fc21 (FEDORA-2015-3467)
High-performance HTTP accelerator
--------------------------------------------------------------------------------
Update Information:
New upstream release. A bugfix release.
Highlights from the changelog:
* 26 reported bugs fixed.
* Replaced objects are now expired immediately, instead of kept around until expiry.
* Memory usage on chunked backend responses is lower
Fore a detailed list of changes, please see the project's announcement at
https://www.varnish-cache.org/content/varnish-cache-403
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Ingvar Hagelund <ingvar(a)redpill-linpro.com> 4.0.3-1
- New upstream release
- Removed systemd patch included upstream
- Rebased trivial Werr-patch for varnish-4.0.3
- Added patch to build on el5
* Tue Nov 25 2014 Ingvar Hagelund <ingvar(a)redpill-linpro.com> 4.0.2-1
- New upstream release
- Rebased sphinx makefile patch
- Added systemd services patch from Federico Schwindt
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.0.1-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
weechat-1.1.1-1.fc21 (FEDORA-2015-3395)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
New upstream version 1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 8 2015 Paul Komkoff <i(a)stingr.net> - 1.1.1-1
- new upstream version (#1181572)
* Sat Jan 17 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.0.1-3
- Rebuild for
https://fedoraproject.org/wiki/Changes/Ruby_2.2
- Build plugins with -fPIC
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181572 - weechat-1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1181572
--------------------------------------------------------------------------------
================================================================================
wireshark-1.12.4-1.fc21 (FEDORA-2015-3507)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
Ver. 1.12.4
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Peter Hatina <phatina(a)redhat.com> - 1.12.4-1
- Ver. 1.12.4
--------------------------------------------------------------------------------
================================================================================
wxsqlite3-3.2.1-1.fc21 (FEDORA-2015-3455)
C++ wrapper around the SQLite 3.x database
--------------------------------------------------------------------------------
Update Information:
update to 3.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Martin Gansser <martinkg(a)fedoraproject.org> 3.2.1-1
- update to 3.2.1
--------------------------------------------------------------------------------
================================================================================
xen-4.4.1-13.fc21 (FEDORA-2015-3381)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
enable building pngs from fig files which is working again,
fix oxenstored.service preset preuninstall script,
arm: vgic: incorrect rate limiting of guest triggered logging,
Information leak via internal x86 system device emulation,
Information leak through version information hypercall
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2015 Michael Young <m.a.young(a)durham.ac.uk> - 4.4.1-13
- enable building pngs from fig files which is working again
- fix oxenstored.service preset preuninstall script
- arm: vgic: incorrect rate limiting of guest triggered logging [XSA-118,
CVE-2015-1563] (#1187153)
- Information leak via internal x86 system device emulation [XSA-121,
CVE-2015-2044]
- Information leak through version information hypercall [XSA-122,
CVE-2015-2045]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187153 - CVE-2015-1563 xen: vgic: incorrect rate limiting of guest triggered
logging on ARM architectures (XSA-118)
https://bugzilla.redhat.com/show_bug.cgi?id=1187153
--------------------------------------------------------------------------------
================================================================================
xfce4-hamster-plugin-1.6.1-1.fc21 (FEDORA-2015-3350)
Time tracker port of the 'hamster project extension' for the xfce4 panel
--------------------------------------------------------------------------------
Update Information:
v1.6.1
add spanish translations
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Raphael Groner <projects.rg(a)smart.ms> - 1.6.1-1
- v1.6.1
* Fri Mar 6 2015 Raphael Groner <projects.rg(a)smart.ms> - 1.6-5
- add spanish translations
- remove obsolete comments at closed upstream issues
- remove some ridiculous globals and use shortifying URL macro
* Sun Mar 1 2015 Raphael Groner <projects.rg(a)smart.ms> - 1.6-4
- bump again due to wrong Release logic in f22
* Sun Mar 1 2015 Raphael Groner <projects.rg(a)smart.ms> - 1.6-3
- bump and rebuild for xfce 4.12
* Wed Jan 28 2015 Raphael Groner <projects.rg (AT) smart.ms> - 1.6-2
- introduce license macro
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199735 - xfce4-hamster-plugin-1.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1199735
--------------------------------------------------------------------------------
================================================================================
yoshimi-1.3.3-2.fc21 (FEDORA-2015-3487)
Rewrite of ZynAddSubFx aiming for better JACK support
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.3 and include new SVG icon
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 7 2015 Adam Huffman <bloch(a)verdurin.com> - 1.3.3-2
- Include new SVG icon
* Fri Mar 6 2015 Adam Huffman <bloch(a)verdurin.com> - 1.3.3-1
- Update to upstream release 1.3.3
--------------------------------------------------------------------------------
================================================================================
znc-1.6.0-1.fc21 (FEDORA-2015-3389)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 23 2015 Nick Bebout <nb(a)fedoraproject.org> - 1.6.0-1
- Update to 1.6.0
* Wed Aug 27 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.4-7
- Perl 5.20 rebuild
--------------------------------------------------------------------------------