The following Fedora 21 Security updates need testing:
Age URL
139
https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
115
https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance...
60
https://admin.fedoraproject.org/updates/FEDORA-2015-4689/quassel-0.11.0-2...
44
https://admin.fedoraproject.org/updates/FEDORA-2015-6005/asterisk-11.17.1...
25
https://admin.fedoraproject.org/updates/FEDORA-2015-7242/389-ds-base-1.3....
24
https://admin.fedoraproject.org/updates/FEDORA-2015-7326/drupal7-views-3....
15
https://admin.fedoraproject.org/updates/FEDORA-2015-7878/krb5-1.12.2-17.fc21
15
https://admin.fedoraproject.org/updates/FEDORA-2015-7886/suricata-2.0.8-1...
11
https://admin.fedoraproject.org/updates/FEDORA-2015-8170/rawstudio-2.1-0....
8
https://admin.fedoraproject.org/updates/FEDORA-2015-8396/libinfinity-0.6....
8
https://admin.fedoraproject.org/updates/FEDORA-2015-8336/hostapd-2.4-2.fc21
6
https://admin.fedoraproject.org/updates/FEDORA-2015-8487/zarafa-7.1.12-2....
6
https://admin.fedoraproject.org/updates/FEDORA-2015-8482/LibRaw-0.16.2-1....
6
https://admin.fedoraproject.org/updates/FEDORA-2015-8498/mingw-LibRaw-0.1...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-8571/torque-4.2.10-3....
5
https://admin.fedoraproject.org/updates/FEDORA-2015-8606/python-tornado-3...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-8168/cabal-install-1....
4
https://admin.fedoraproject.org/updates/FEDORA-2015-8647/dcraw-9.25.0-2.fc21
4
https://admin.fedoraproject.org/updates/FEDORA-2015-8673/libtiff-4.0.3-20...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-8649/nss-3.19.0-1.0.f...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-8713/netty-4.0.28-1.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-8717/ufraw-0.21-1.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-8710/php-ZendFramewor...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8767/postgresql-9.3.7...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8751/fuse-2.9.4-1.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8771/ntfs-3g-2015.3.1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8783/batik-1.8-0.18.s...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8822/qpid-cpp-0.32-3....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8788/pcs-0.9.137-4.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
13
https://admin.fedoraproject.org/updates/FEDORA-2015-8045/libnl3-3.2.25-6....
13
https://admin.fedoraproject.org/updates/FEDORA-2015-8055/lua-socket-3.0-0...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-8262/createrepo_c-0.8...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-8272/libcap-ng-0.7.5-...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-8256/libseccomp-2.2.1...
8
https://admin.fedoraproject.org/updates/FEDORA-2015-8374/evolution-data-s...
8
https://admin.fedoraproject.org/updates/FEDORA-2015-8380/createrepo_c-0.8...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-8597/redhat-rpm-confi...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-8645/hwdata-0.278-1.fc21
4
https://admin.fedoraproject.org/updates/FEDORA-2015-8644/man-db-2.6.7.1-1...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-8732/linux-firmware-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8751/fuse-2.9.4-1.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8771/ntfs-3g-2015.3.1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8794/libdb-5.3.28-12....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8800/util-linux-2.25....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8778/ibus-1.5.10-5.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8764/webkitgtk3-2.4.9...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-8735/libfm-1.2.3-5.D2...
The following builds have been pushed to Fedora 21 updates-testing
admesh-0.98.2-1.fc21
batik-1.8-0.18.svn1230816.fc21
etcd-2.0.11-2.fc21
fpaste-0.3.7.4-1.fc21
fuse-2.9.4-1.fc21
golang-googlecode-tools-0-2.0.hga7e14835e46b.fc21
ibus-1.5.10-5.fc21
libdb-5.3.28-12.fc21
libdb4-4.8.30-18.fc21
libfm-1.2.3-5.D20150521git577806e29d.fc21
liveusb-creator-3.14.0-1.fc21
man-pages-3.69-3.fc21
mingw-admesh-0.98.2-1.fc21
mozilla-requestpolicy-1.0-0.6.20150522git631b52.fc21
nodejs-defaults-1.0.2-2.fc21
ntfs-3g-2015.3.14-2.fc21
pcmanfm-1.2.3-2.fc21
pcs-0.9.137-4.fc21
php-PHPParser-1.3.0-1.fc21
php-andrewsville-php-token-reflection-1.4.0-2.fc21
php-bartlett-PHP-CompatInfo-4.2.0-1.fc21
php-bartlett-PHP-Reflect-3.1.0-1.fc21
php-bartlett-umlwriter-1.0.0-2.fc21
php-horde-Horde-Crypt-Blowfish-1.1.0-1.fc21
php-horde-Horde-Date-2.1.0-1.fc21
php-horde-Horde-Mime-2.9.1-1.fc21
php-horde-Horde-Share-2.0.7-1.fc21
php-pimple1-1.1.1-4.fc21
php-znerol-php-stringprep-0-0.1.20150519git804b0d5.fc21
postgresql-9.3.7-1.fc21
python-bugzilla-1.2.1-1.fc21
qpid-cpp-0.32-3.fc21
util-linux-2.25.2-3.fc21
webkitgtk-2.4.9-1.fc21
webkitgtk3-2.4.9-1.fc21
zsh-5.0.7-8.fc21
Details about builds:
================================================================================
admesh-0.98.2-1.fc21 (FEDORA-2015-8760)
Diagnose and/or repair problems with STereo Lithography files
--------------------------------------------------------------------------------
Update Information:
Reverse all facets when volume is negative only when fixall_flag is set. Also pre-zero
backwards_edges in stl_initialize()
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Miro Hrončok <mhroncok(a)redhat.com> - 0.98.2-1
- Updated to 0.98.2
--------------------------------------------------------------------------------
================================================================================
batik-1.8-0.18.svn1230816.fc21 (FEDORA-2015-8783)
Scalable Vector Graphics for Java
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2015-0250
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 21 2015 Michal Srb <msrb(a)redhat.com> - 1.8-0.18.svn1230816
- Disable external xml entities
- Resolves: CVE-2015-0250
--------------------------------------------------------------------------------
================================================================================
etcd-2.0.11-2.fc21 (FEDORA-2015-8781)
A highly-available key value store for shared configuration
--------------------------------------------------------------------------------
Update Information:
ETCD_ADVERTISE_CLIENT_URLS has to be set if ETCD_LISTEN_CLIENT_URLS is
Update to v2.0.11
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 jchaloup <jchaloup(a)redhat.com> - 2.0.11-2
- ETCD_ADVERTISE_CLIENT_URLS has to be set if ETCD_LISTEN_CLIENT_URLS is
related: #1222416
* Mon May 18 2015 jchaloup <jchaloup(a)redhat.com> - 2.0.11-1
- Update to v2.0.11
resolves: #1222416
* Thu Apr 23 2015 jchaloup <jchaloup(a)redhat.com> - 2.0.10-1
- Update to v2.0.10
resolves: #1214705
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222416 - etcd-v2.0.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1222416
--------------------------------------------------------------------------------
================================================================================
fpaste-0.3.7.4-1.fc21 (FEDORA-2015-8747)
A simple tool for pasting info onto sticky notes instances
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.3.7.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Ankur Sinha <ankursinha AT fedoraproject DOT org> 0.3.7.4-1
- Update to latest upstream release
- yum -> dnf
- DRM now uses journalctl
- Xorg.0.log for gdm is in .local/share/xorg
- added lxqt and cinnamon to sessions list
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1212843 - [RFE] fpaste --sysinfo does not detect Cinnamon in the list of
running desktops
https://bugzilla.redhat.com/show_bug.cgi?id=1212843
[ 2 ] Bug #1220626 - fpaste --sysinfo does not recognize lxqt
https://bugzilla.redhat.com/show_bug.cgi?id=1220626
[ 3 ] Bug #1172857 - fpaste --sysinfo missing information on >=f21 (workstation,
others?)
https://bugzilla.redhat.com/show_bug.cgi?id=1172857
--------------------------------------------------------------------------------
================================================================================
fuse-2.9.4-1.fc21 (FEDORA-2015-8751)
File System in Userspace (FUSE) utilities
--------------------------------------------------------------------------------
Update Information:
Update to 2.9.4, which fixes CVE-2015-3202.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Tom Callaway <spot(a)fedoraproject.org> 2.9.4-1
- update to 2.9.4
- fixes CVE-2015-3202
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1224103 - CVE-2015-3202 fuse: incorrect filtering of environment variables
leading to privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=1224103
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-tools-0-2.0.hga7e14835e46b.fc21 (FEDORA-2015-8780)
Supplementary tools and packages for Go
--------------------------------------------------------------------------------
Update Information:
Bump to a7e14835e46bb13da10fa8b9c9c5e7f2f378f568
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 6 2015 jchaloup <jchaloup(a)redhat.com> - 0-2.0.hga7e14835e46b
- Bump to a7e14835e46bb13da10fa8b9c9c5e7f2f378f568
- Add new tools presented in the commit
- Change import paths to new prefix schema
golang.org/x/...
- Add new subpackage and keep the only one for back-compatibility
resolves: #1199617, #1215336
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199617 - Update to the latest commit and from devel subpackage remove all
directories that does not define one and only one golang package unit
https://bugzilla.redhat.com/show_bug.cgi?id=1199617
[ 2 ] Bug #1215336 - godoc uses invalid path for documentation
https://bugzilla.redhat.com/show_bug.cgi?id=1215336
--------------------------------------------------------------------------------
================================================================================
ibus-1.5.10-5.fc21 (FEDORA-2015-8778)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
This update fixes to activate radio menu items on gtk ibus panel with gtk 3.16.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Takao Fujiwara <tfujiwar(a)redhat.com> - 1.5.10-5
- Updated ibus-HEAD.patch
Fixed Bug 1224025 - IBus radio menu items does not work
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1224025 - IBus radio menu items does not work on IBus panel icon with GTK
3.16
https://bugzilla.redhat.com/show_bug.cgi?id=1224025
--------------------------------------------------------------------------------
================================================================================
libdb-5.3.28-12.fc21 (FEDORA-2015-8794)
The Berkeley DB database library for C
--------------------------------------------------------------------------------
Update Information:
Applied upstream-provided patches for fixing a heap corruption.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 19 2015 Jan Stanek <jstanek(a)redhat.com> - 5.3.28-12
- Add upstream patch for a memp_stat issue.
- Resolves: rhbz#1211871
* Sat May 2 2015 Kalev Lember <kalevlember(a)gmail.com> - 5.3.28-11
- Rebuilt for GCC 5 C++11 ABI change
* Sat Feb 21 2015 Till Maas <opensource(a)till.name> - 5.3.28-10
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-...
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1211871 - heap corruption by memp_stat
https://bugzilla.redhat.com/show_bug.cgi?id=1211871
--------------------------------------------------------------------------------
================================================================================
libdb4-4.8.30-18.fc21 (FEDORA-2015-8794)
The Berkeley DB database library (version 4) for C
--------------------------------------------------------------------------------
Update Information:
Applied upstream-provided patches for fixing a heap corruption.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Jan Stanek <jstanek(a)redhat.com> - 4.8.30-18
- Add upstream fix for memp_stat heap corruption.
- Resolves: rhbz#1211871
* Sat May 2 2015 Kalev Lember <kalevlember(a)gmail.com> - 4.8.30-17
- Rebuilt for GCC 5 C++11 ABI change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1211871 - heap corruption by memp_stat
https://bugzilla.redhat.com/show_bug.cgi?id=1211871
--------------------------------------------------------------------------------
================================================================================
libfm-1.2.3-5.D20150521git577806e29d.fc21 (FEDORA-2015-8735)
GIO-based library for file manager-like programs
--------------------------------------------------------------------------------
Update Information:
libfm: update to the latest git to fix several bugs
libfm: make libfm-pref-apps work
pcmanfm: make about dialog work
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 23 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> -
1.2.3-5.D20150521git577806e29d
- Make search dialog work
* Thu May 21 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> -
1.2.3-4.D20150521git577806e29d
- Again try the latest git
* Thu May 21 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> -
1.2.3-3.D20150519git699810d3bd
- Make libfm-pref-apps work
* Thu May 21 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> -
1.2.3-2.D20150519git699810d3bd
- Try latest git (2015-05-19)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178518 - [abrt] pcmanfm: fm_file_info_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1178518
[ 2 ] Bug #1167132 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1167132
[ 3 ] Bug #1167368 - [abrt] pcmanfm-qt4: fm_mime_type_ref(): pcmanfm-qt4 killed by
SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1167368
[ 4 ] Bug #1151658 - [abrt] pcmanfm: fm_file_info_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1151658
[ 5 ] Bug #1176346 - Preferred Applications does not work (libfm-pref-apps) Fedora 21
LXDE
https://bugzilla.redhat.com/show_bug.cgi?id=1176346
[ 6 ] Bug #1205096 - [abrt] pcmanfm-qt: fm_file_info_ref(): pcmanfm-qt killed by
SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1205096
[ 7 ] Bug #1175940 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1175940
[ 8 ] Bug #1119219 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1119219
[ 9 ] Bug #1093729 - [abrt] pcmanfm: fm_list_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1093729
[ 10 ] Bug #1176348 - About Box in pcmanfm does not work (Fedora 21 LXDE Installation)
https://bugzilla.redhat.com/show_bug.cgi?id=1176348
--------------------------------------------------------------------------------
================================================================================
liveusb-creator-3.14.0-1.fc21 (FEDORA-2015-8744)
A liveusb creator
--------------------------------------------------------------------------------
Update Information:
Ported to UDisks2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Luke Macken <lmacken(a)redhat.com> - 3.14.0-1
- Latest upstream release ported from udisks to udisks2 (#1166650)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166650 - [abrt] liveusb-creator:
connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Error.UnknownMethod:
Method "Get" with signature "ss" on interface
"org.freedesktop.DBus.Properties" doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1166650
[ 2 ] Bug #1145468 - [abrt] liveusb-creator:
connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Error.UnknownMethod:
Method "Get" with signature "ss" on interface
"org.freedesktop.DBus.Properties" doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1145468
[ 3 ] Bug #1174431 - [abrt] liveusb-creator:
connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Error.UnknownMethod:
Method "Get" with signature "os" on interface
"org.freedesktop.DBus.Properties" doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1174431
[ 4 ] Bug #1177275 - [abrt] liveusb-creator:
connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Error.UnknownMethod:
Method "Get" with signature "os" on interface
"org.freedesktop.DBus.Properties" doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1177275
--------------------------------------------------------------------------------
================================================================================
man-pages-3.69-3.fc21 (FEDORA-2015-8755)
Linux kernel and C library user-space interface documentation
--------------------------------------------------------------------------------
Update Information:
rtld-audit.7: use the correct format character
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 jchaloup <jchaloup(a)redhat.com> - 3.69-3
- rtld-audit.7: use the correct format character
resolves: #1222719
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222719 - rtld-audit man example code uses wrong format for cookies
https://bugzilla.redhat.com/show_bug.cgi?id=1222719
--------------------------------------------------------------------------------
================================================================================
mingw-admesh-0.98.2-1.fc21 (FEDORA-2015-8757)
MinGW compiled ADMesh
--------------------------------------------------------------------------------
Update Information:
Updated to 0.98.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Miro Hrončok <mhroncok(a)redhat.com> - 0.98.2-1
- Updated to 0.98.2
--------------------------------------------------------------------------------
================================================================================
mozilla-requestpolicy-1.0-0.6.20150522git631b52.fc21 (FEDORA-2015-8814)
Firefox and Seamonkey extension that gives you control over cross-site requests
--------------------------------------------------------------------------------
Update Information:
- **Update to Beta9.3**
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Antonio Trande <sagitterATfedoraproject.org> -
1.0-0.6.20150522git631b52
- Update to Beta9.3
* Thu May 7 2015 Antonio Trande <sagitterATfedoraproject.org> -
1.0-0.5.20150507git5bff8c
- Update to Beta9.2
--------------------------------------------------------------------------------
================================================================================
nodejs-defaults-1.0.2-2.fc21 (FEDORA-2015-8807)
Merge single level defaults over a config object
--------------------------------------------------------------------------------
Update Information:
Added %nodejs_fixdep macro to fix failing dependency
Rebuilt with new upstream release containing license text
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196289 - Review Request: nodejs-defaults - A simple one level options merge
utility
https://bugzilla.redhat.com/show_bug.cgi?id=1196289
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2015.3.14-2.fc21 (FEDORA-2015-8771)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2015-3202.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Tom Callaway <spot(a)fedoraproject.org> 2:2015.3.14-2
- fix CVE-2015-3202
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1224103 - CVE-2015-3202 fuse: incorrect filtering of environment variables
leading to privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=1224103
--------------------------------------------------------------------------------
================================================================================
pcmanfm-1.2.3-2.fc21 (FEDORA-2015-8735)
Extremly fast and lightweight file manager
--------------------------------------------------------------------------------
Update Information:
libfm: update to the latest git to fix several bugs
libfm: make libfm-pref-apps work
pcmanfm: make about dialog work
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 21 2015 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.2.3-2
- Make about dialog work
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178518 - [abrt] pcmanfm: fm_file_info_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1178518
[ 2 ] Bug #1167132 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1167132
[ 3 ] Bug #1167368 - [abrt] pcmanfm-qt4: fm_mime_type_ref(): pcmanfm-qt4 killed by
SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1167368
[ 4 ] Bug #1151658 - [abrt] pcmanfm: fm_file_info_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1151658
[ 5 ] Bug #1176346 - Preferred Applications does not work (libfm-pref-apps) Fedora 21
LXDE
https://bugzilla.redhat.com/show_bug.cgi?id=1176346
[ 6 ] Bug #1205096 - [abrt] pcmanfm-qt: fm_file_info_ref(): pcmanfm-qt killed by
SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1205096
[ 7 ] Bug #1175940 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1175940
[ 8 ] Bug #1119219 - [abrt] pcmanfm: fm_mime_type_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1119219
[ 9 ] Bug #1093729 - [abrt] pcmanfm: fm_list_ref(): pcmanfm killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1093729
[ 10 ] Bug #1176348 - About Box in pcmanfm does not work (Fedora 21 LXDE Installation)
https://bugzilla.redhat.com/show_bug.cgi?id=1176348
--------------------------------------------------------------------------------
================================================================================
pcs-0.9.137-4.fc21 (FEDORA-2015-8788)
Pacemaker Configuration System
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Tomas Jelinek <tojeline(a)redhat.com> - 0.9.137-4
- Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1208294 - CVE-2015-1848 CVE-2015-3983 pcs: improper web session variable
signing
https://bugzilla.redhat.com/show_bug.cgi?id=1208294
--------------------------------------------------------------------------------
================================================================================
php-PHPParser-1.3.0-1.fc21 (FEDORA-2015-8802)
A PHP parser written in PHP
--------------------------------------------------------------------------------
Update Information:
**PHP-Parser 1.3.0**
**Added**
* Errors can now store the attributes of the node/token where the error occurred.
Previously only the start line was stored.
* If file positions are enabled in the lexer, errors can now provide column information if
it is available. See documentation.
* The parser now provides an experimental error recovery mode, which can be enabled by
disabling the throwOnError parser option. In this mode the parser will try to construct a
partial AST even if the code is not valid PHP. See documentation.
* Added support for PHP 7 yield from expression. It is represented by Expr\YieldFrom.
* Added support for PHP 7 anonymous classes. These are represented by ordinary Stmt\Class_
nodes with the name set to null. Furthermore this implies that Expr\New_ can now contain a
Stmt\Class_ in its class subnode.
**Fixed**
* Fixed registration of PHP 7 aliases, for the case where the old name was used before the
new name.
* Fixed handling of precedence when pretty-printing print expressions.
* Floating point numbers are now pretty-printed with a higher precision.
* Checks for special class names like self are now case-insensitive.
**PHP-Parser 1.2.2**
* The NameResolver now resolves parameter type hints when entering the
function/method/closure node. As such other visitors running after it will be able to make
use of the resolved names at that point already.
* The autoloader no longer sets the unserialize_callback_func ini option on registration -
this is not necessary and may cause issues when running PhpUnit tests with process
isolation.
**PHP-Parser 1.2.1**
* This release fixes the registration of the class aliases introduced in version 1.2.0.
Previously the old class names could not be used in instanceof checks under some
circumstances.
**PHP-Parser 1.2.0**
**Changed**
* To ensure compatibility with PHP 7, some node classes have been renamed:
* The previous class names are still supported as aliases. However it is strongly
encouraged to use the new names in order to make your code compatible with PHP 7.
* Subnodes are now stored using real properties instead of an array. This improves
performance and memory usage of the initial parse and subsequent node tree operations. The
NodeAbstract class still supports the old way of specifying subnodes, however this is
deprecated. In any case properties that are assigned to a node after creation will no
longer be considered as subnodes.
* Methods and property declarations will no longer set the Stmt\Class_::MODIFIER_PUBLIC
flag if no visibility is explicitly given. However the isPublic() method will continue to
return true. This allows you to distinguish whether a method/property is explicitly or
implicitly public and control the pretty printer output more precisely.
* The Stmt\Class_, Stmt\Interface_ and Stmt\Trait_ nodes now inherit from Stmt\ClassLike,
which provides a getMethods() method. Previously this method was only available on
Stmt\Class_.
* Support including the bootstrap.php file multiple times.
* Make documentation and tests part of the release tarball again.
* Improve support for HHVM and PHP 7.
**Added**
* Added support for PHP 7 return type declarations. This adds an additional returnType
subnode to Stmt\Function_, Stmt\ClassMethod and Expr\Closure.
* Added support for the PHP 7 null coalesce operator ??. The operator is represented by
Expr\BinaryOp\Coalesce.
* Added support for the PHP 7 spaceship operator <=>. The operator is represented by
Expr\BinaryOp\Spaceship.
* Added use builder.
* Added global namespace support to the namespace builder.
* Added a constructor flag to NodeTraverser, which disables cloning of nodes
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 20 2015 Remi Collet <remi(a)fedoraproject.org> - 1.3.0-1
- update to 1.3.0
--------------------------------------------------------------------------------
================================================================================
php-andrewsville-php-token-reflection-1.4.0-2.fc21 (FEDORA-2015-8787)
Library emulating the PHP internal reflection
--------------------------------------------------------------------------------
Update Information:
This library emulates the PHP reflection model using the tokenized PHP source.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1207591 - Review Request: php-andrewsville-php-token-reflection - Library
emulating the PHP internal reflection
https://bugzilla.redhat.com/show_bug.cgi?id=1207591
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-CompatInfo-4.2.0-1.fc21 (FEDORA-2015-8805)
Find out version and the extensions required for a piece of code to run
--------------------------------------------------------------------------------
Update Information:
Update to new major version.
See upstream announcements on
*
http://php5.laurent-laville.org/compatinfo/blog/
*
http://php5.laurent-laville.org/reflect/blog/
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 19 2015 Remi Collet <remi(a)fedoraproject.org> - 4.2.0-1
- update to 4.2.0
- raise dependency on bartlett/php-reflect 3.1
- add dependency on bartlett/umlwriter
- add fedora-review-check script
- handle --without tests option to skip test suite during build
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-Reflect-3.1.0-1.fc21 (FEDORA-2015-8805)
Adds the ability to reverse-engineer PHP
--------------------------------------------------------------------------------
Update Information:
Update to new major version.
See upstream announcements on
*
http://php5.laurent-laville.org/compatinfo/blog/
*
http://php5.laurent-laville.org/reflect/blog/
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 11 2015 Remi Collet <remi(a)fedoraproject.org> - 3.1.0-1
- update to 3.1.0
- raise dependency on nikic/php-parser >= 1.2.2
- drop dependency on phpunit/php-timer
- add dependencies on php-pdo_sqlite, doctrine/collections,
symfony/stopwatch, symfony/dependency-injection
and phpdocumentor/reflection-docblock, bartlett/umlwriter
--------------------------------------------------------------------------------
================================================================================
php-bartlett-umlwriter-1.0.0-2.fc21 (FEDORA-2015-8817)
Create UML class diagrams from your PHP source
--------------------------------------------------------------------------------
Update Information:
This tool wil generate UML class diagrams with all class, interface and trait definitions
in your PHP project.
* reverse-engine interchangeable (currently support Bartlett\Reflect and
Andrewsville\TokenReflection)
* UML syntax processor interchangeable (currently support Graphviz and PlantUML)
* generates a class and its direct dependencies
* generates a namespace with all objects
* generates a full package with all namespaces and objects
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1205346 - Review Request: php-bartlett-umlwriter - Create UML class diagrams
from your PHP source
https://bugzilla.redhat.com/show_bug.cgi?id=1205346
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-Blowfish-1.1.0-1.fc21 (FEDORA-2015-8826)
Blowfish Encryption Library
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt_Blowfish 1.1.0**
* [mms] Add Horde_Crypt_Blowfish_Pbkdf2.
**Horde_Date 2.1.0**
* [jan] Support monthly recurrence by last weekday (Request #1922).
* [jan] Support negative occurrences in Horde_Date#setNthWeekday().
* [jan] Add Galician translation.
**Horde_Mime 2.9.1**
* [mms] Correctly output MIME headers when generating multipart/digest parts (RFC 2047
[5.1.5]).
**Horde_Share 2.0.7**
* [jan] Fix returning user and group permissions for system shares using the SQLNG
driver.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Remi Collet <remi(a)fedoraproject.org> - 1.1.0-1
- Update to 1.1.0
- add provides php-composer(horde/horde-crypt-blowfish)
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Date-2.1.0-1.fc21 (FEDORA-2015-8826)
Horde Date package
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt_Blowfish 1.1.0**
* [mms] Add Horde_Crypt_Blowfish_Pbkdf2.
**Horde_Date 2.1.0**
* [jan] Support monthly recurrence by last weekday (Request #1922).
* [jan] Support negative occurrences in Horde_Date#setNthWeekday().
* [jan] Add Galician translation.
**Horde_Mime 2.9.1**
* [mms] Correctly output MIME headers when generating multipart/digest parts (RFC 2047
[5.1.5]).
**Horde_Share 2.0.7**
* [jan] Fix returning user and group permissions for system shares using the SQLNG
driver.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Remi Collet <remi(a)fedoraproject.org> - 2.1.0-1
- Update to 2.1.0
- add provides php-composer(horde/horde-date)
- raise dependency on Horde_Translation 2.2.0
- enable test suite
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-2.9.1-1.fc21 (FEDORA-2015-8826)
Horde MIME Library
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt_Blowfish 1.1.0**
* [mms] Add Horde_Crypt_Blowfish_Pbkdf2.
**Horde_Date 2.1.0**
* [jan] Support monthly recurrence by last weekday (Request #1922).
* [jan] Support negative occurrences in Horde_Date#setNthWeekday().
* [jan] Add Galician translation.
**Horde_Mime 2.9.1**
* [mms] Correctly output MIME headers when generating multipart/digest parts (RFC 2047
[5.1.5]).
**Horde_Share 2.0.7**
* [jan] Fix returning user and group permissions for system shares using the SQLNG
driver.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Remi Collet <remi(a)fedoraproject.org> - 2.9.1-1
- Update to 2.9.1
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Share-2.0.7-1.fc21 (FEDORA-2015-8826)
Horde Shared Permissions System
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt_Blowfish 1.1.0**
* [mms] Add Horde_Crypt_Blowfish_Pbkdf2.
**Horde_Date 2.1.0**
* [jan] Support monthly recurrence by last weekday (Request #1922).
* [jan] Support negative occurrences in Horde_Date#setNthWeekday().
* [jan] Add Galician translation.
**Horde_Mime 2.9.1**
* [mms] Correctly output MIME headers when generating multipart/digest parts (RFC 2047
[5.1.5]).
**Horde_Share 2.0.7**
* [jan] Fix returning user and group permissions for system shares using the SQLNG
driver.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Remi Collet <remi(a)fedoraproject.org> - 2.0.7-1
- Update to 2.0.7
- add provides php-composer(horde/horde-share)
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-pimple1-1.1.1-4.fc21 (FEDORA-2015-8821)
A simple dependency injection container for PHP
--------------------------------------------------------------------------------
Update Information:
Pimple is a small dependency injection container for PHP that consists of
just one file and one class.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222272 - Review Request: php-pimple1 - A simple dependency injection
container for PHP
https://bugzilla.redhat.com/show_bug.cgi?id=1222272
--------------------------------------------------------------------------------
================================================================================
php-znerol-php-stringprep-0-0.1.20150519git804b0d5.fc21 (FEDORA-2015-8819)
Implementation of RFC 3454 Preparation of Internationalized Strings
--------------------------------------------------------------------------------
Update Information:
Implementation of RFC 3454 Preparation of Internationalized Strings.
See:
http://tools.ietf.org/html/rfc3454
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222794 - Review Request: php-znerol-php-stringprep - Implementation of RFC
3454 Preparation of Internationalized Strings
https://bugzilla.redhat.com/show_bug.cgi?id=1222794
--------------------------------------------------------------------------------
================================================================================
postgresql-9.3.7-1.fc21 (FEDORA-2015-8767)
PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:
update to 9.3.7 per release notes
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Pavel Raiskup <praiskup(a)redhat.com> - 9.3.7-1
- update to 9.3.7 per release notes
http://www.postgresql.org/docs/9.3/static/release-9-3-7.html
--------------------------------------------------------------------------------
================================================================================
python-bugzilla-1.2.1-1.fc21 (FEDORA-2015-8785)
A python library and tool for interacting with Bugzilla
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 1.2.1
* bin/bugzilla: Add --ensure-logged-in option
* Fix get_products with
bugzilla.redhat.com
* A few other minor improvements
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Cole Robinson <crobinso(a)redhat.com> - 1.2.1-1
- Rebased to version 1.2.1
- bin/bugzilla: Add --ensure-logged-in option
- Fix get_products with
bugzilla.redhat.com
- A few other minor improvements
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1224073 - Can't list available products
https://bugzilla.redhat.com/show_bug.cgi?id=1224073
[ 2 ] Bug #1222078 - [abrt] python-bugzilla: models.py:851:raise_for_status:HTTPError:
404 Client Error: Not Found
https://bugzilla.redhat.com/show_bug.cgi?id=1222078
--------------------------------------------------------------------------------
================================================================================
qpid-cpp-0.32-3.fc21 (FEDORA-2015-8822)
Libraries for Qpid C++ client applications
--------------------------------------------------------------------------------
Update Information:
Include the qpid.tests module in python-qpid
Bumped the release to force a build against Proton 0.9 in F22.
Added qpidtoollibs to the qpid-tools package.
Fixed path to qpid-ha in the systemd service descriptor.
Resolves: BZ#1186308
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.32-3
- Include the qpid.tests module in python-qpid
- Resolves: BZ#1224260
* Mon Apr 13 2015 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.32-2
- Re-add patch that fixes builds on aarch64/ppc64le
* Tue Apr 7 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.32-1.1
- Bumped the release to force a build against Proton 0.9 in F22.
* Mon Apr 6 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.32-1
- Rebased on Qpid 0.32.
- Added build flag to enable building the legacy store.
- Added the perl-qpid-messaging subpackage.
- Added the python-qpid-messaging subpackage.
- Added the python-qpid subpackage.
* Wed Feb 25 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-12
- Added qpidtoollibs to the qpid-tools package.
* Fri Feb 20 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-11
- Fixed path to qpid-ha in the systemd service descriptor.
* Wed Feb 4 2015 Petr Machata <pmachata(a)redhat.com> - 0.30-10
- Bump for rebuild.
* Mon Feb 2 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-9
- Resolves: BZ#1186308
* Tue Jan 27 2015 Petr Machata <pmachata(a)redhat.com> - 0.30-8
- Rebuild for boost 1.57.0
* Thu Jan 22 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-7
- Apply patch 10.
* Wed Jan 21 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-6
- Resolves: BZ#1184488
* Fri Jan 16 2015 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-5
- Resolves: BZ#1181721
* Wed Oct 29 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.30-4
- QPID-6170: Fixes builds on aarch64 and ppc64le architectures.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be
prevented
https://bugzilla.redhat.com/show_bug.cgi?id=1186308
[ 2 ] Bug #1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol
handling
https://bugzilla.redhat.com/show_bug.cgi?id=1181721
--------------------------------------------------------------------------------
================================================================================
util-linux-2.25.2-3.fc21 (FEDORA-2015-8800)
A collection of basic system utilities
--------------------------------------------------------------------------------
Update Information:
fix #1223894 - util-linux FTBFS during stage1 bootstrap
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Karel Zak <kzak(a)redhat.com> 2.25.2-3
- fix #1223894 - util-linux FTBFS during stage1 bootstrap
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1223894 - util-linux FTBFS during stage1 bootstrap - the configure script
doesn't support --without-tinfo
https://bugzilla.redhat.com/show_bug.cgi?id=1223894
--------------------------------------------------------------------------------
================================================================================
webkitgtk-2.4.9-1.fc21 (FEDORA-2015-8764)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
- Check TLS errors as soon as they are set in the SoupMessage to prevent any data from
being sent to the server in case of invalid certificate.
- Clear the GObject DOM bindings internal cache when frames are destroyed or web view
contents are updated.
- Add HighDPI support for non-accelerated compositing contents.
- Fix some transfer annotations used in GObject DOM bindings.
- Use latin1 instead of UTF-8 for HTTP header values.
- Fix synchronous loads when maximum connection limits are reached.
- Fix a crash ScrollView::contentsToWindow() when GtkPluginWidget doesn't have a
parent.
- Fix a memory leak in webkit_web_policy_decision_new.
- Fix g_closure_unref runtime warning.
- Fix a crash due to empty drag image during drag and drop.
- Fix rendering of scrollbars with GTK+ >= 3.16.
- Fix the build on mingw32/msys.
- Fix the build with WebKit2 disabled.
- Fix the build with accelerated compositing disabled.
- Fix clang version check in configure.
- Fix the build with recent versions of GLib that have GMutexLocker.
- Fix the build for Linux/MIPS64EL.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 21 2015 Tomas Popela <tpopela(a)redhat.com> - 2.4.9-1
- Update to 2.4.9
--------------------------------------------------------------------------------
================================================================================
webkitgtk3-2.4.9-1.fc21 (FEDORA-2015-8764)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
- Check TLS errors as soon as they are set in the SoupMessage to prevent any data from
being sent to the server in case of invalid certificate.
- Clear the GObject DOM bindings internal cache when frames are destroyed or web view
contents are updated.
- Add HighDPI support for non-accelerated compositing contents.
- Fix some transfer annotations used in GObject DOM bindings.
- Use latin1 instead of UTF-8 for HTTP header values.
- Fix synchronous loads when maximum connection limits are reached.
- Fix a crash ScrollView::contentsToWindow() when GtkPluginWidget doesn't have a
parent.
- Fix a memory leak in webkit_web_policy_decision_new.
- Fix g_closure_unref runtime warning.
- Fix a crash due to empty drag image during drag and drop.
- Fix rendering of scrollbars with GTK+ >= 3.16.
- Fix the build on mingw32/msys.
- Fix the build with WebKit2 disabled.
- Fix the build with accelerated compositing disabled.
- Fix clang version check in configure.
- Fix the build with recent versions of GLib that have GMutexLocker.
- Fix the build for Linux/MIPS64EL.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 21 2015 Tomas Popela <tpopela(a)redhat.com> - 2.4.9-1
- Update to 2.4.9
--------------------------------------------------------------------------------
================================================================================
zsh-5.0.7-8.fc21 (FEDORA-2015-8823)
Powerful interactive shell
--------------------------------------------------------------------------------
Update Information:
- fix SIGSEGV of the syntax check in ksh emulation mode (#1222867)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 22 2015 Kamil Dudka <kdudka(a)redhat.com> - 5.0.7-8
- fix SIGSEGV of the syntax check in ksh emulation mode (#1222867)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222867 - zsh in ksh emulation mode, coredumps when trying to check the
syntax of a shell script
https://bugzilla.redhat.com/show_bug.cgi?id=1222867
--------------------------------------------------------------------------------