The following Fedora 20 Security updates need testing:
Age URL
24
https://admin.fedoraproject.org/updates/FEDORA-2014-5018/smb4k-1.1.1-2.fc20
23
https://admin.fedoraproject.org/updates/FEDORA-2014-5198/openstack-glance...
15
https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keysto...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5939/rxvt-unicode-9.2...
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5915/xen-4.3.2-3.fc20
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5918/owncloud-6.0.3-1...
5
https://admin.fedoraproject.org/updates/FEDORA-2014-5972/python-fmn-web-0...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6003/mingw-qt-4.8.6-1...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5988/mingw-qt5-qtbase...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6068/cifs-utils-6.3-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6098/rubygem-actionpa...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6120/mariadb-galera-5...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6128/abrt-2.2.1-2.fc20
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6122/kernel-3.14.3-20...
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
2
https://admin.fedoraproject.org/updates/FEDORA-2014-6064/gupnp-0.20.11-1....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5992/pcmanfm-qt-0.1.0...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6176/nspr-4.10.5-1.fc...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6132/xorg-x11-drv-evd...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6101/policycoreutils-...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6084/selinux-policy-3...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6121/qt-4.8.6-5.fc20
0
https://admin.fedoraproject.org/updates/FEDORA-2014-6107/iproute-3.14.0-2...
The following builds have been pushed to Fedora 20 updates-testing
acpica-tools-20140424-1.fc20
docker-io-0.11.1-1.fc20
drupal7-7.28-1.fc20
eclipse-mylyn-3.10.0-2.fc20
jmol-14.0.13-2.fc20
kcm_systemd-0.6.1-1.fc20
lcgdm-dav-0.14.1-2.fc20
leveldbjni-1.8-2.fc20
libguestfs-1.26.2-1.fc20
log4c-1.2.4-2.fc20
nodejs-grunt-contrib-uglify-0.4.0-3.fc20
nodejs-grunt-init-0.3.1-1.fc20
nodejs-maxmin-0.2.0-1.fc20
nspr-4.10.5-1.fc20
nss-3.16.1-1.fc20
nss-softokn-3.16.1-1.fc20
nss-util-3.16.1-1.fc20
perl-Thread-SigMask-0.004-1.fc20
python-ethtool-0.11-1.fc20
python-troveclient-1.0.3-2.fc20
python-txws-0.9-1.fc20
qpid-cpp-0.26-3.fc20
sx-2.17-1.fc20
Details about builds:
================================================================================
acpica-tools-20140424-1.fc20 (FEDORA-2014-6155)
ACPICA tools for the development and debug of ACPI tables
--------------------------------------------------------------------------------
Update Information:
Updates the package to the latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Al Stone <ahs3(a)redhat.com> - 20140424-1
- Update to latest upstream. Closes BZ#1091189.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091189 - acpica-tools-20140424 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1091189
--------------------------------------------------------------------------------
================================================================================
docker-io-0.11.1-1.fc20 (FEDORA-2014-6173)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
Bug 1095616 - upstream bump to 0.11.1
regenerate btrfs removal patch
BZ 1080799 - upstream version bump
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.11.1-1
- Bug 1095616 - upstream bump to 0.11.1
- manpages via pandoc
* Mon Apr 14 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.10.0-2
- regenerate btrfs removal patch
- update commit value
* Mon Apr 14 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.10.0-1
- include manpages from contrib
* Wed Apr 9 2014 Bobby Powers <bobbypowers(a)gmail.com> - 0.10.0-1
- Upstream version bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095616 - docker-io-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1095616
[ 2 ] Bug #1087223 - docker-io-0.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1087223
[ 3 ] Bug #1086430 - Update to latest version 0.10.0
https://bugzilla.redhat.com/show_bug.cgi?id=1086430
[ 4 ] Bug #1080799 - docker-io-0.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1080799
--------------------------------------------------------------------------------
================================================================================
drupal7-7.28-1.fc20 (FEDORA-2014-6152)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Minor upstream bugfixes.
https://drupal.org/drupal-7.28-release-notes
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Jon Ciesla <limburgher(a)gmail.com> - 7.28-1
- 7.28, BZ 1095618.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095618 - drupal7-7.28 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1095618
--------------------------------------------------------------------------------
================================================================================
eclipse-mylyn-3.10.0-2.fc20 (FEDORA-2014-6164)
Eclipse Mylyn main feature.
--------------------------------------------------------------------------------
Update Information:
Support Bugzilla 4.4.4
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Roland Grunberg <rgrunber(a)redhat.com> - 3.10.0-2
- Add support for Bugzilla instances 4.5.4, 4.4.4, 4.2.9, and 4.0.13.
- Resolves Bug 1095842.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095842 - Support Bugzilla 4.4.4
https://bugzilla.redhat.com/show_bug.cgi?id=1095842
--------------------------------------------------------------------------------
================================================================================
jmol-14.0.13-2.fc20 (FEDORA-2014-6150)
An open-source Java viewer for chemical structures in 3D
--------------------------------------------------------------------------------
Update Information:
Don't bundle external libraries (BZ #1095315).
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 14.0.13-2
- Don't bundle external libraries (BZ #1095315).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095315 - jmol: Embeds classes from icedtea-web
https://bugzilla.redhat.com/show_bug.cgi?id=1095315
--------------------------------------------------------------------------------
================================================================================
kcm_systemd-0.6.1-1.fc20 (FEDORA-2014-6168)
Systemd control module for KDE
--------------------------------------------------------------------------------
Update Information:
New package kcm_systemd - Systemd control module for KDE
Systemd control module for KDE. It provides a graphical frontend for the systemd daemon,
which allows for viewing and controlling systemd units, as well as modifying configuration
files. In integrates in the System Settings dialog in KDE.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1085130 - Review Request: kcm_systemd - Systemd control module for KDE
https://bugzilla.redhat.com/show_bug.cgi?id=1085130
--------------------------------------------------------------------------------
================================================================================
lcgdm-dav-0.14.1-2.fc20 (FEDORA-2014-6157)
HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:
Upstream patch: fix for mod_lcgdm_disk context leaking
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 0.14.1-2
- Upstream patch: fix for mod_lcgdm_disk context leaking
--------------------------------------------------------------------------------
================================================================================
leveldbjni-1.8-2.fc20 (FEDORA-2014-6163)
A Java Native Interface to LevelDB
--------------------------------------------------------------------------------
Update Information:
fix leveldbjni-all.jar
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 gil cattaneo <puntogil(a)libero.it> 1.8-2
- fix leveldbjni-all.jar
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.26.2-1.fc20 (FEDORA-2014-6175)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
New upstream stable branch version 1.26.2.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.26.2-1
- New upstream version 1.26.2.
--------------------------------------------------------------------------------
================================================================================
log4c-1.2.4-2.fc20 (FEDORA-2014-6149)
Library for logging application messages
--------------------------------------------------------------------------------
Update Information:
Fix library reinitialization (bug #1095366).
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 František Dvořák <valtri(a)civ.zcu.cz> - 1.2.4-2
- Patch to fix library reinitialization (bug #1095366)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095366 - double free or corruption with multiple log4c_init and log4c_fini
https://bugzilla.redhat.com/show_bug.cgi?id=1095366
--------------------------------------------------------------------------------
================================================================================
nodejs-grunt-contrib-uglify-0.4.0-3.fc20 (FEDORA-2014-6170)
Minify files with UglifyJS
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
nodejs-grunt-init-0.3.1-1.fc20 (FEDORA-2014-6146)
Generate project scaffolding from a template when using Grunt
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
nodejs-maxmin-0.2.0-1.fc20 (FEDORA-2014-6170)
Get pretty output of the original, minified gzipped size of a string/buffer
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
nspr-4.10.5-1.fc20 (FEDORA-2014-6176)
Netscape Portable Runtime
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.16.1 and nspr-4.10.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_...
For best results, specially when using development packages, update all packages at once.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Elio Maldonado <emaldona(a)redhat.com> - 4.10.4-2
- Update to NSPR_4_10_5_RTM
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for
ECC support
https://bugzilla.redhat.com/show_bug.cgi?id=1075702
[ 2 ] Bug #1094702 - nss-3.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1094702
--------------------------------------------------------------------------------
================================================================================
nss-3.16.1-1.fc20 (FEDORA-2014-6176)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.16.1 and nspr-4.10.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_...
For best results, specially when using development packages, update all packages at once.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 6 2014 Elio Maldonado <emaldona(a)redhat.com> - 3.16.1-1
- Update to nss-3.16.1
- Update the iquote patch on account of the rebase
- Improve test error detection in the %section
- Resolves: Bug 1094702 - nss-3.16.1 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for
ECC support
https://bugzilla.redhat.com/show_bug.cgi?id=1075702
[ 2 ] Bug #1094702 - nss-3.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1094702
--------------------------------------------------------------------------------
================================================================================
nss-softokn-3.16.1-1.fc20 (FEDORA-2014-6176)
Network Security Services Softoken Module
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.16.1 and nspr-4.10.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_...
For best results, specially when using development packages, update all packages at once.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Elio Maldonado <emaldona(a)redhat.com> - 3.16.1-1
- Update to nss-3.16.1
- Resolves: Bug 1094702 - nss-3.16.1 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for
ECC support
https://bugzilla.redhat.com/show_bug.cgi?id=1075702
[ 2 ] Bug #1094702 - nss-3.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1094702
--------------------------------------------------------------------------------
================================================================================
nss-util-3.16.1-1.fc20 (FEDORA-2014-6176)
Network Security Services Utilities Library
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.16.1 and nspr-4.10.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_...
For best results, specially when using development packages, update all packages at once.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Elio Maldonado <emaldona(a)redhat.com> - 3.16.1-1
- Update to nss-3.16.1
- Resolves: Bug 1094702 - nss-3.16.1 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for
ECC support
https://bugzilla.redhat.com/show_bug.cgi?id=1075702
[ 2 ] Bug #1094702 - nss-3.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1094702
--------------------------------------------------------------------------------
================================================================================
perl-Thread-SigMask-0.004-1.fc20 (FEDORA-2014-6171)
Thread specific signal masks
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1087379 - Review Request: perl-Thread-SigMask - Thread specific signal
masks
https://bugzilla.redhat.com/show_bug.cgi?id=1087379
--------------------------------------------------------------------------------
================================================================================
python-ethtool-0.11-1.fc20 (FEDORA-2014-6180)
Ethernet settings python bindings
--------------------------------------------------------------------------------
Update Information:
Updated to the lastest python-ethtool-0.11 release
Updated to upstream 0.10 + additional fixes
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 David Sommerseth <davids(a)redhat.com> - 0.11-1
- Updated to the lastest python-ethtool-0.11 release, which
incorporates all these additional patches and improves
libnl3 connection error checking.
* Mon Apr 7 2014 David Sommerseth <davids(a)redhat.com> - 0.10-6
- Removed the never close netlink patch
- Added a patch which will ensure it will open a valid socket in open_netlink()
* Wed Apr 2 2014 David Sommerseth <davids(a)redhat.com> - 0.10-5
- Update patch 8 - to also never close the netlink socket
* Wed Apr 2 2014 David Sommerseth <davids(a)redhat.com> - 0.10-4
- Added patch 8 - to see of FD_CLOEXEC impacts vdsm
* Tue Apr 1 2014 David Sommerseth <davids(a)redhat.com> - 0.10-3
- Added patch 6 and 7, to improve error handling. Will be removed when released upstream
* Thu Mar 20 2014 David Sommerseth <davids(a)redhat.com> - 0.10-2
- Added patch 1, 2, 4 and 5; they have not appeared in an upstream release yet
--------------------------------------------------------------------------------
================================================================================
python-troveclient-1.0.3-2.fc20 (FEDORA-2014-6165)
Client library for OpenStack DBaaS API
--------------------------------------------------------------------------------
Update Information:
remove runtime dep to pbr
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Matthias Runge <mrunge(a)redhat.com> - 1.0.3-2
- remove runtime dep to pbr
--------------------------------------------------------------------------------
================================================================================
python-txws-0.9-1.fc20 (FEDORA-2014-6161)
Twisted WebSockets wrapper
--------------------------------------------------------------------------------
Update Information:
Fix protocol handling for chrome users.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 8 2014 Ralph Bean <rbean(a)redhat.com> - 0.9-1
- Protocol fixes to help support users on chrome.
- Added a disabled python3 subpackage for the future.
- Modernized python2 macros.
* Tue Jan 28 2014 Ralph Bean <rbean(a)redhat.com> - 0.8-2
- Patch to drop vcversioner for building in koji.
* Tue Jan 28 2014 Ralph Bean <rbean(a)redhat.com> - 0.8-1
- Latest upstream.
* Tue Jan 14 2014 Ralph Bean <rbean(a)redhat.com> - 0.7.1-4
- Update deps to use more specific twisted subpackages.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095658 - python-txws-0.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1095658
--------------------------------------------------------------------------------
================================================================================
qpid-cpp-0.26-3.fc20 (FEDORA-2014-6153)
Libraries for Qpid C++ client applications
--------------------------------------------------------------------------------
Update Information:
Changed qpid-cpp-server-ha to use systemd macros for pre/post/postun
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.26-3
- Changed qpid-cpp-server-ha to use systemd macros for pre/post/postun
- Resoves: BZ#1094928
* Fri Feb 21 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.26-2
- QPID-5499: Fix for building with -Werror=format-security enabled.
- * This was previously for files include in qpid-cpp-client-devel.
* Thu Feb 20 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.26-1
- Rebased on Qpid 0.26.
- Updated qpid-cpp-server-ha to be a systemd service.
- Removed qpid-cpp-server dependency on qpid-cpp-server-store.
- * The package was mistakenly including store libraries.
- Added BR for gcc-c++.
- Removed -n option from all subpackages.
- Removed clean and check sections.
- Updated package to use systemd macros correctly.
- Removed unnecessary BRs.
- Cleaned up the deletes after the build finishes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1094928 - qpid-cpp: script and/or trigger should not directly enable systemd
units
https://bugzilla.redhat.com/show_bug.cgi?id=1094928
--------------------------------------------------------------------------------
================================================================================
sx-2.17-1.fc20 (FEDORA-2014-6154)
Tool to extract reports and run plug-ins against those extracted reports
--------------------------------------------------------------------------------
Update Information:
Update to new upstream release, sx-2.17
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 5 2014 Pierguido Lambri <plambri(a)fedoraproject.org> - 2.17-1
- Update to sx-2.17 (BZ#1094375)
- Fix some parsing issues of strings in logger and strings when formatting tables.
- Fixed an error that was thrown if user did not have privledges for user configuration
directory that would be created.
- Added check to make sure that fsck option is not enabled on GFS/GFS2 filesystems.
- The cluster services are no longer printed to a file and now a total counted in printed
in summary.
- Add ip to bonding output in networking plugin.
- Add check for quromd section that is not running master_wins && 2 nodes with no
heuristics.
- It detects broadcast, but multicast configured on RHEL4.
- Detects if quorum disk did not have heuristics configured when not using master_wins
mode on RHEL 5.
- Added multiple evaluations for correctly configured quorum disk.
- Check to verify that if fence_scsi is used on virtual machines that iscsi is used on all
shared storage.
- Added unfence check to see if fence agent supports that tag.
- Changed the cluster boot up services summary to a table.
- Add checks and summary information on pacemaker cluster.
- Added new option (-t) so that timestamp could be set.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095802 - Update to sx-2.17
https://bugzilla.redhat.com/show_bug.cgi?id=1095802
--------------------------------------------------------------------------------