The following Fedora 20 Security updates need testing:
Age URL
25
https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keysto...
17
https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
15
https://admin.fedoraproject.org/updates/FEDORA-2014-5972/python-fmn-web-0...
10
https://admin.fedoraproject.org/updates/FEDORA-2014-6098/rubygem-actionpa...
6
https://admin.fedoraproject.org/updates/FEDORA-2014-6277/dpkg-1.16.14-1.fc20
6
https://admin.fedoraproject.org/updates/FEDORA-2014-6258/smb4k-1.1.2-1.fc20
6
https://admin.fedoraproject.org/updates/FEDORA-2014-6263/botan-1.10.8-1.fc20
6
https://admin.fedoraproject.org/updates/FEDORA-2014-6276/seamonkey-2.26-1...
5
https://admin.fedoraproject.org/updates/FEDORA-2014-6303/perl-LWP-Protoco...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-6373/zabbix-2.0.12-1....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6380/openssh-6.4p1-4....
1
https://admin.fedoraproject.org/updates/FEDORA-2014-6440/python-django15-...
1
https://admin.fedoraproject.org/updates/FEDORA-2014-6449/python-django-1....
1
https://admin.fedoraproject.org/updates/FEDORA-2014-6442/python-django14-...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6472/mumble-1.2.6-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
12
https://admin.fedoraproject.org/updates/FEDORA-2014-6064/gupnp-0.20.11-1....
12
https://admin.fedoraproject.org/updates/FEDORA-2014-5992/pcmanfm-qt-0.1.0...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-6366/btrfs-progs-3.14...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6412/taglib-1.9.1-5.fc20
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6381/gdb-7.7.1-13.fc20
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6339/squashfs-tools-4...
1
https://admin.fedoraproject.org/updates/FEDORA-2014-6451/libndp-1.2-2.fc20
1
https://admin.fedoraproject.org/updates/FEDORA-2014-6443/xfsprogs-3.2.0-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6468/libxfce4ui-4.10....
The following builds have been pushed to Fedora 20 updates-testing
RemoteBox-1.8-1.fc20
bullet-2.81-4.fc20
cabal-rpm-0.8.11-1.fc20
epix-1.2.14-4.fc20
gedit-code-assistance-0.3.1-1.fc20
ghc-hjsmin-0.1.4.6-3.fc20
ghc-language-javascript-0.5.13-1.fc20
ghc-rpm-macros-1.0.7.4-1.fc20
inkscape-sozi-13.11-1.fc20
java-1.8.0-openjdk-1.8.0.5-3.b13.fc20
libxfce4ui-4.10.0-11.fc20
mate-themes-extras-1.8.0-2.fc20
mumble-1.2.6-1.fc20
perl-Signal-Mask-0.007-1.fc20
python-neutronclient-2.3.4-1.fc20
sdformat-2.0.0-1.fc20
snapraid-6.1-3.fc20
transmission-2.82-3.fc20
vdr-epg2vdr-0.1.10-3.20140516gita569a6e.fc20
Details about builds:
================================================================================
RemoteBox-1.8-1.fc20 (FEDORA-2014-6481)
Open Source VirtualBox Client with Remote Management
--------------------------------------------------------------------------------
Update Information:
1.8 (16 May 2014)
-----------------
- Added option to automatically start chosen guests when the host system boots. This
requires some server side configuration before it can be used. Consult the RemoteBox
manual for more information.
- Added option to set the start delay on an autostarting guest so that guests can be
started up in a specific sequence if required.
- Added option to set the shutdown type on a guest when the host is shutdown.
- Added VirtualBox preference to set the location of the autostart database.
- Snapshot Tree: Moved 'current state' underneath the most recent snapshot in the
tree.
- Added state icons to the snapshot list, which indicate if a snapshot is an online or
offline snapshot.
- Optimized list handling in several places which should improve performance and remember
selections on list refreshes where practical.
- Added additional information when a storage medium is selected in the VMM.
- Added additional guest keyboard shortcuts, Ctrl-Alt-(F4, F5, F6, F8, F9, F10, F11).
- Added ability to add, remove and edit NAT Networks via the VirtualBox preferences menu
item. Port forwarding rules must be configured elsewhere for the moment.
- Added option to set the network attachment type in the guest settings to 'NAT
Network'. These are named NAT networks which are subtly different to just
'NAT'.
- Added option to set the snapshot folder location for a guest
- Added OS icons for various editions of MacOS X.
- Added support for guest groups. Groups are shown in a tree-fashion which is somewhat
visually different to VirtualBox. Setting guest groups is fairly rudimentary at the moment
requiring you to enter the group in the form of '/group/subgroup'.
- Added 'Expand All Groups' and 'Collapse All Groups' buttons. The last
used button is remembered for subsequent refreshes of the guest list.
- Fixed some Windows guest icons.
- Fixed a bug when creating Host-Only networks. An associated virtual DHCP server
wasn't getting created which would cause invalid object references and ultimately made
the Host-Only network feature useless.
- Fixed a bug when entering folders in the remote file chooser that denied permission but
the location was still updated. Now also warns that you don't have permission to enter
that folder
- Fixed a bug where a medium would be masked out in lists if another medium with the same
name existed.
- Fixed a bug where the Video Memory could get erroneously pegged to 1MB on the first
opening on the settings dialog.
- Inaccessible guests are now filtered from the list of guests and a warning issued in the
message log. RemoteBox has never handled inaccessible guests well and for the most part
the cause is generally the user manipulating guests without VirtualBox's knowledge.
- Various GUI tweaks.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Christopher Meng <rpm(a)cicku.me> - 1.8-1
- Update to 1.8
--------------------------------------------------------------------------------
================================================================================
bullet-2.81-4.fc20 (FEDORA-2014-6461)
3D Collision Detection and Rigid Body Dynamics Library
--------------------------------------------------------------------------------
Update Information:
Fix installation of bullet extras (rhbz#1097452)
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 18 2014 Rich Mattes <richmattes(a)gmail.com> - 2.81-4
- Fix installation of bullet extras (rhbz#1097452)
- Spec file cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097452 - Extras/Serialize/BulletFileLoader not packaged
https://bugzilla.redhat.com/show_bug.cgi?id=1097452
--------------------------------------------------------------------------------
================================================================================
cabal-rpm-0.8.11-1.fc20 (FEDORA-2014-6485)
RPM packaging tool for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:
0.8.11
- use .spec file to determine pkg-ver
- "rpm" command renamed to "local"
- support for testsuites
when testsuites available
- disable debuginfo explicitly when no c-sources
- reset filemode of downloaded hackage tarballs to 0644
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Jens Petersen <petersen(a)redhat.com> - 0.8.11-1
- use .spec file to determine pkg-ver when no .cabal file around
- build command renamed again from "rpm" to "local" (like fedpkg)
- automatically generate bcond for %check and add testsuite BRs
when testsuites available
- disable debuginfo explicitly when no c-sources in preparation for
ghc-rpm-macros no longer disabling debuginfo
- reset filemode of downloaded hackage tarballs to 0644:
workaround for cabal-install setting 0600
- include release again in initial changelog
--------------------------------------------------------------------------------
================================================================================
epix-1.2.14-4.fc20 (FEDORA-2014-6457)
Utilities for mathematically accurate figures
--------------------------------------------------------------------------------
Update Information:
Rearrangement of documentation files
Update to 1.2.14
Update to 1.2.14
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Antonio Trande <sagitterATfedoraproject.org> 1.2.14-4
- Added a conditional macro for docdir in fedora<20
- Rearrangement of documentation files
* Sat May 17 2014 Antonio Trande <sagitterATfedoraproject.org> 1.2.14-3
- doc sub-package not built anymore
* Fri May 16 2014 Antonio Trande <sagitterATfedoraproject.org> 1.2.14-2
- Fixed documentation directories definition
* Wed May 14 2014 Antonio Trande <sagitterATfedoraproject.org> 1.2.14-1
- Update to 1.2.14
--------------------------------------------------------------------------------
================================================================================
gedit-code-assistance-0.3.1-1.fc20 (FEDORA-2014-6475)
gedit plugin for code assistance for C, C++ and Objective-C
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release, featuring use of gnome-code-assistance, wider
language support, and better performance
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Elad Alfassa <elad(a)fedoraproject.org> - 0.3.1-1
- Latest upstream is actually 0.3.1, my bad
- Update description too
* Wed May 7 2014 Elad Alfassa <elad(a)fedoraproject.org> - 0.3.0-1
- Update to upstream 0.3, now uses gnome-code-assistance as a backend
--------------------------------------------------------------------------------
================================================================================
ghc-hjsmin-0.1.4.6-3.fc20 (FEDORA-2014-6466)
Haskell implementation of a javascript minifier
--------------------------------------------------------------------------------
Update Information:
Rebuild for hjsmin.
Latest release
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 16 2014 Ricky Elrod <relrod(a)redhat.com> - 0.1.4.6-3
- Rebuild for hjsmin.
* Mon May 12 2014 Ricky Elrod <relrod(a)redhat.com> - 0.1.4.6-2
- Rebuild for new optparse-applicative.
* Mon May 12 2014 Ricky Elrod <relrod(a)redhat.com> - 0.1.4.6-1
- Latest upstream release.
- Add optparse-applicative dep.
* Thu Apr 24 2014 Jens Petersen <petersen(a)redhat.com> - 0.1.4.4-5
- rebuild
* Mon Jan 20 2014 Ricky Elrod <codeblock(a)fedoraproject.org> - 0.1.4.4-4
- Rebuild again.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038491 - ghc-hjsmin-0.1.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1038491
--------------------------------------------------------------------------------
================================================================================
ghc-language-javascript-0.5.13-1.fc20 (FEDORA-2014-6313)
Parser for JavaScript
--------------------------------------------------------------------------------
Update Information:
Latest upstream releases + new deps.
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 11 2014 Ricky Elrod <relrod(a)redhat.com> - 0.5.13-1
- Latest upstream release.
* Thu Apr 10 2014 Ricky Elrod <codeblock(a)fedoraproject.org> - 0.5.12-1
- Latest upstream release.
- Remove old patch.
* Mon Jan 20 2014 Ricky Elrod <codeblock(a)fedoraproject.org> - 0.5.8-5
- Another rebuild.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1092434 - ghc-language-javascript-0.5.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1092434
[ 2 ] Bug #1057479 - ghc-hjsmin-0.1.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1057479
--------------------------------------------------------------------------------
================================================================================
ghc-rpm-macros-1.0.7.4-1.fc20 (FEDORA-2014-6460)
RPM macros for building packages for GHC
--------------------------------------------------------------------------------
Update Information:
- bcond %cabal_configure --enable-tests
- use -O2 also for executable packages and allow overriding it
- set URL field when generating subpackages
- update License tag to GPLv3+
- handle no _pkgdocdir in RHEL7 and docdir path different to F20+
- abort %ghc_fix_dynamic_rpath if no chrpath
- move macros to %{_rpmconfigdir}/macros.d
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Jens Petersen <petersen(a)redhat.com> - 1.0.7.4-1
- do bcond cabal configure --enable-tests also for Bin packages
- enable configure bcond check for tests
- use -O2 also for executable (Bin) packages and allow it to be overrided
- set Url field when generating subpackages
- update license tag to GPLv3+
- handle no _pkgdocdir in RHEL7 and docdir path different to F20+
- abort ghc_fix_dynamic_rpath if no chrpath
- Install macros to %{_rpmconfigdir}/macros.d.
- set datasubdir in cabal_configure for ghc-7.8
--------------------------------------------------------------------------------
================================================================================
inkscape-sozi-13.11-1.fc20 (FEDORA-2014-6476)
Inkscape extension for creating animated presentations
--------------------------------------------------------------------------------
Update Information:
Updated to the latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Eduardo Echeverria <echevemaster(a)gmail.com> - 13.11-1
- Updated to the latest upstream release
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.5-3.b13.fc20 (FEDORA-2014-6473)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
disabled doclint
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 16 2014 Jiri Vanek <jvanek(a)redhat.com> - 1:1.8.0.5-3.b13
- Disable doclint for compatiblity
- Patch contributed by Andrew John Hughes
* Wed Apr 23 2014 Omair Majid <omajid(a)redhat.com> - 1:1.8.0.5-2.b13
- Change make flags to fix debuginfo generation
- Fix suggested by Yasumasa Suenaga
--------------------------------------------------------------------------------
================================================================================
libxfce4ui-4.10.0-11.fc20 (FEDORA-2014-6468)
Commonly used Xfce widgets
--------------------------------------------------------------------------------
Update Information:
fix for shift modifier in shortcuts to work correctly
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 16 2014 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 4.10.0-11
- patch to fix bug #1095362
- patch13 - enable-shortcut.patch
* Fri May 16 2014 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 4.10.0-10
- Add patches to fix bug #1095362
- Patch11 - enable-shift-modifier-in-shortcut-dialog.patch
- Patch12 - enable-shift-modifier-in-shortcut-grabber.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095362 - Shortcuts don't use Shift modifier correctly
https://bugzilla.redhat.com/show_bug.cgi?id=1095362
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-1.8.0-2.fc20 (FEDORA-2014-6463)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
- update to 1.8.0 release
- Blue-Submarine: update to GTK 3.12
- Green-Submarine: update to GTK 3.12
- Gnome-Cupertino: update to GTK 3.10
- Smoothly: update to GTK 3.10
- Smootly-Black: update to GTK 3.10
- GnomishBeige: complete GTK3-3.10
- DeloreanDark: update to GTK3-3.10
- drop Cologne theme, get rid of xfce theme engine
- several improvements
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 18 2014 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.8.0.2
- drop forgoten gtk-xfce-engine requires
* Sun May 18 2014 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.8.0.1
- update to 1.8.0 release
- Blue-Submarine: update to GTK 3.12
- Green-Submarine: update to GTK 3.12
- Gnome-Cupertino: update to GTK 3.10
- Smoothly: update to GTK 3.10
- Smootly-Black: update to GTK 3.10
- GnomishBeige: complete GTK3-3.10
- DeloreanDark: update to GTK3-3.10
- drop Cologne theme, get rid of xfce theme engine
- several improvements
--------------------------------------------------------------------------------
================================================================================
mumble-1.2.6-1.fc20 (FEDORA-2014-6472)
Voice chat suite aimed at gamers
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.2.6.
This update fixes:
* CVE-2014-3755
* CVE-2014-3756
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Christian Krause <chkr(a)fedoraproject.org> - 1.2.6-1
- Update 1.2.6
- Update fixes CVE-2014-3755 (BZ 1098231) and CVE-2014-3756 (BZ 1098233)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1098231 - CVE-2014-3755 mumble: Mumble-SA-2014-005 - SVG images with local
file references could trigger client DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1098231
[ 2 ] Bug #1098233 - CVE-2014-3756 mumble: Mumble-SA-2014-006 - DoS (hang and/or
resource exhaustion) on a Mumble client by causing it to load external files via the HTML
https://bugzilla.redhat.com/show_bug.cgi?id=1098233
--------------------------------------------------------------------------------
================================================================================
perl-Signal-Mask-0.007-1.fc20 (FEDORA-2014-6479)
Signal masks made easy
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1087401 - Review Request:perl-Signal-Mask - Signal masks made easy
https://bugzilla.redhat.com/show_bug.cgi?id=1087401
--------------------------------------------------------------------------------
================================================================================
python-neutronclient-2.3.4-1.fc20 (FEDORA-2014-6480)
Python API and CLI for OpenStack Neutron
--------------------------------------------------------------------------------
Update Information:
- Havana requirement
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 8 2014 Jakub Ruzicka <jruzicka(a)redhat.com> 2.3.4-1
- Update to upstream 2.3.4
--------------------------------------------------------------------------------
================================================================================
sdformat-2.0.0-1.fc20 (FEDORA-2014-6471)
The Simulation Description Format
--------------------------------------------------------------------------------
Update Information:
Update to release 2.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 15 2014 Rich Mattes <richmattes(a)gmail.com> - 2.0.0-1
- Update to release 2.0
* Sun Feb 9 2014 Rich Mattes <richmattes(a)gmail.com> - 1.4.11-3
- Rebuild for console-bridge 0.2.5
--------------------------------------------------------------------------------
================================================================================
snapraid-6.1-3.fc20 (FEDORA-2014-6477)
Disk array backup for many large rarely-changed files
--------------------------------------------------------------------------------
Update Information:
Disk array backup for many large rarely-changed files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1055366 - Review Request: snapraid - Disk array backup for many large
rarely-changed files
https://bugzilla.redhat.com/show_bug.cgi?id=1055366
--------------------------------------------------------------------------------
================================================================================
transmission-2.82-3.fc20 (FEDORA-2014-6474)
A lightweight GTK+ BitTorrent client
--------------------------------------------------------------------------------
Update Information:
fix Transmission Qt icon location
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 17 2014 Rahul Sundaram <sundaram(a)fedoraproject.org> - 2.82-3
- fix Transmission Qt icon location (rhbz#1096423)
* Thu Aug 29 2013 Ankur Sinha <ankursinha AT fedoraproject DOT org> 2.82-2
- Remove obseleted Obsoletes tag
- Forgot a spec bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1096423 - Transmission-QT package is pointing to a missing icon
https://bugzilla.redhat.com/show_bug.cgi?id=1096423
--------------------------------------------------------------------------------
================================================================================
vdr-epg2vdr-0.1.10-3.20140516gita569a6e.fc20 (FEDORA-2014-6459)
A plugin to retrieve EPG data from a mysql database into VDR
--------------------------------------------------------------------------------
Update Information:
rebuild for new git release
rebuild for new git release
rebuild for new git release 0.1.10
rebuild for new git release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1093408 - Review Request: vdr-scraper2vdr - A client plugin which provides
scraped metadata from EPGD to other plugins
https://bugzilla.redhat.com/show_bug.cgi?id=1093408
--------------------------------------------------------------------------------