The following Fedora 20 Security updates need testing:
Age URL
120
https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16....
73
https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionp...
72
https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprocke...
50
https://admin.fedoraproject.org/updates/FEDORA-2014-16494/mutt-1.5.23-4.fc20
49
https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-...
49
https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14....
44
https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2....
40
https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-...
37
https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2...
35
https://admin.fedoraproject.org/updates/FEDORA-2014-17641/dokuwiki-0-0.23...
19
https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2...
17
https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-...
14
https://admin.fedoraproject.org/updates/FEDORA-2015-0773/arc-5.21p-5.fc20
11
https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-1007/dump-0.4-0.24.b4...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1151/rubygem-passenge...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1085/puppetlabs-stdli...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1101/php-5.5.21-1.fc20
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1133/seamonkey-2.32-1...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1162/community-mysql-...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1125/mingw-jasper-1.9...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1159/jasper-1.900.1-2...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.3-1.fc20
4
https://admin.fedoraproject.org/updates/FEDORA-2015-1176/privoxy-3.0.23-1...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-1191/vorbis-tools-1.4...
3
https://admin.fedoraproject.org/updates/FEDORA-2015-1294/qpid-cpp-0.30-7....
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1439/websvn-2.3.3-8.fc20
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1354/firefox-35.0.1-3...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1364/mantis-1.2.19-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1263/maradns-2.0.11-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1497/kernel-3.18.5-10...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1510/pigz-2.3.3-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
11
https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-...
11
https://admin.fedoraproject.org/updates/FEDORA-2015-0959/redhat-rpm-confi...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-1033/sddm-0.10.0-3.fc20
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1095/perl-Filter-1.54...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.3-1.fc20
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1159/jasper-1.900.1-2...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-1214/hwdata-0.274-2.fc20
3
https://admin.fedoraproject.org/updates/FEDORA-2015-1285/polkit-0.112-7.f...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1425/perl-Getopt-Long...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1434/perl-Pod-Simple-...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1448/koji-1.9.0-10.fc...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1384/cairo-1.14.0-1.fc20
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1423/amor-14.12.1-1.f...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1420/zip-3.0-10.fc20
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1354/firefox-35.0.1-3...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1398/selinux-policy-3...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1497/kernel-3.18.5-10...
The following builds have been pushed to Fedora 20 updates-testing
coin-or-Ipopt-3.12.0-1.fc20
dovecot-2.2.15-2.fc20
icecat-31.4.0-2.fc20
iotop-0.6-4.fc20
kernel-3.18.5-100.fc20
maradns-2.0.11-1.fc20
openambit-0.3-2.git5f2b784.fc20
pcsc-tools-1.4.23-1.fc20
php-aws-sdk-2.7.17-1.fc20
pigz-2.3.3-1.fc20
pulseaudio-equalizer-2.7-14.fc20
rubygem-rmagick-2.13.4-2.fc20
Details about builds:
================================================================================
coin-or-Ipopt-3.12.0-1.fc20 (FEDORA-2015-1516)
Interior Point OPTimizer
--------------------------------------------------------------------------------
Update Information:
- **Update to 3.12.0**
Correct aarch64 build (#1185848)
- **Fix libraries's symlinks (bz#1152812)**
- **Update to 3.11.10**
- **Fix libraries's symlinks (bz#1152812)**
- **Update to 3.11.10**
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 27 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.12.0-1
- Update to 3.12.0 (bz#1152812)
* Mon Jan 26 2015 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.11.10-3
- Correct aarch64 build (#1185848)
* Fri Jan 23 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-2
- Fix libraries's symlinks (bz#1152812)
* Mon Jan 19 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-1
- Update to 3.11.10
* Sun Oct 26 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> - 3.11.9-4
- Update config.guess config.sub for new arch (aarch64/ppc64le) support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185848 - package fails to build on aarch64 due to very old
config.{guess,sub} files
https://bugzilla.redhat.com/show_bug.cgi?id=1185848
[ 2 ] Bug #1152812 - Dynamic library file should be symlink
https://bugzilla.redhat.com/show_bug.cgi?id=1152812
[ 3 ] Bug #1183505 - coin-or-Ipopt-3.11.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1183505
--------------------------------------------------------------------------------
================================================================================
dovecot-2.2.15-2.fc20 (FEDORA-2015-1500)
Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 5 2015 Michal Hlavinka <mhlavink(a)redhat.com> - 1:2.2.15-2
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176282 - [abrt] dovecot: strlen(): log killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1176282
--------------------------------------------------------------------------------
================================================================================
icecat-31.4.0-2.fc20 (FEDORA-2015-1481)
GNU version of Firefox browser
--------------------------------------------------------------------------------
Update Information:
- **Update to 31.4.0**
- **Added MPLv2.0 license of HTML5-video-everywhere extension**
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Antonio Trande <sagitterATfedoraproject.org> - 31.4.0-2
- Added %license macro
* Thu Jan 29 2015 Antonio Trande <sagitterATfedoraproject.org> - 31.4.0-1
- Update to 31.4.0
- Added MPLv2.0 license of HTML5-video-everywhere extension
- Description updated
* Mon Jan 26 2015 David Tardon <dtardon(a)redhat.com> - 31.2.0-8
- rebuild for ICU 54.1
* Wed Jan 21 2015 Antonio Trande <sagitterATfedoraproject.org> - 31.2.0-7
- Package now requires system-bookmarks (bz#1184297)
* Wed Nov 26 2014 Antonio Trande <sagitterATfedoraproject.org> - 31.2.0-6
- libjpeg-turbo unbundled (bz#1164815)
--------------------------------------------------------------------------------
================================================================================
iotop-0.6-4.fc20 (FEDORA-2015-1515)
Top like utility for I/O
--------------------------------------------------------------------------------
Update Information:
do not raise an exception when nocbreak() fails on exit
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Michal Hlavinka <mhlavink(a)redhat.com> - 0.6-4
- always ignore nocbreak errors, there is way too many false positives (#1035503)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1035503 - [abrt] iotop-0.6-1.fc19: wrapper.py:49:wrapper:error: nocbreak()
returned ERR
https://bugzilla.redhat.com/show_bug.cgi?id=1035503
--------------------------------------------------------------------------------
================================================================================
kernel-3.18.5-100.fc20 (FEDORA-2015-1497)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.18.5 stable update contains a number of important fixes across the tree.
The 3.18.4 stable update contains a number new features and drivers as well as several
important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.18.5-100
- Linux v3.18.5
* Thu Jan 29 2015 Josh Boyer <jwboyer(a)fedoraproject.org>
- Backport patch from Rob Clark to toggle i915 state machine checks
- Disable i915 state checks
* Wed Jan 28 2015 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.18.4-100
- Linux v3.18.4
* Thu Jan 15 2015 Josh Boyer <jwboyer(a)fedoraproject.org> - 3.17.8-201
- CVE-2014-8160 iptables restriction bypass (rhbz 1182059 1182063)
* Mon Jan 12 2015 Josh Boyer <jwboyer(a)fedoraproject.org>
- CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056)
- Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574)
- Add various UAS quirks (rhbz 1124119)
- Add patch to fix loop in VDSO (rhbz 1178975)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186448 - CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when
invoked from 16-bit code
https://bugzilla.redhat.com/show_bug.cgi?id=1186448
--------------------------------------------------------------------------------
================================================================================
maradns-2.0.11-1.fc20 (FEDORA-2015-1263)
Authoritative and recursive DNS server made with security in mind
--------------------------------------------------------------------------------
Update Information:
This upgrade fixes CERT VU#264212 (infinite referral loop) along with few other fixes.
Full details at
http://samiam.org/blog/2015-01-25.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Tomasz Torcz <ttorcz(a)fedoraproject.org> - 2.0.11-1
- new upstream version
* Sun Jan 25 2015 Tomasz Torcz <ttorcz(a)fedoraproject.org> - 2.0.10-1
- new upstream version with important security fix -
http://samiam.org/blog/2015-01-25.html
--------------------------------------------------------------------------------
================================================================================
openambit-0.3-2.git5f2b784.fc20 (FEDORA-2015-1513)
Open software for the Suunto Ambit(2)
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185582 - Review Request: openambit - Open software for the Suunto Ambit(2)
https://bugzilla.redhat.com/show_bug.cgi?id=1185582
--------------------------------------------------------------------------------
================================================================================
pcsc-tools-1.4.23-1.fc20 (FEDORA-2015-1512)
Tools to be used with smart cards and PC/SC
--------------------------------------------------------------------------------
Update Information:
Update to the current upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Tomáš Mráz <tmraz(a)redhat.com> - 1.4.23-1
- upgrade to a latest upstream version
- include latest smartcard_list.txt (#1183327)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4.17-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4.17-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183327 - SmartCard database outdated
https://bugzilla.redhat.com/show_bug.cgi?id=1183327
--------------------------------------------------------------------------------
================================================================================
php-aws-sdk-2.7.17-1.fc20 (FEDORA-2015-1474)
Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:
## 2.7.17 - 2015-01-27
* Added support for `getShippingLabel` to the AWS Import/Export client.
* Updated the AWS Lambda client.
## 2.7.16 - 2015-01-20
* Added support for custom security groups to the Amazon EMR client.
* Added support for the latest APIs to the Amazon Cognito Identity client.
* Added support for ClassicLink to the Auto Scaling client.
* Added the ability to set a client's API version to "latest" for forwards
compatibility with v3.
## 2.7.15 - 2015-01-15
* Added support for [HLS Content
Protection](https://aws.amazon.com/releasenotes/3388917394239147) to the Elastic
Transcoder client.
* Updated client factory logic to add the `SignatureListener`, even when `NullCredentials`
have been specified. This way, you can update a client's credentials later if you want
to begin signing requests.
## 2.7.14 - 2015-01-09
* Fixed a regression in the CloudSearch Domain client (#448).
## 2.7.13 - 2015-01-08
* Added the Amazon EC2 Container Service client.
* Added the Amazon CloudHSM client.
* Added support for dynamic fields to the Amazon CloudSearch client.
* Added support for the ClassicLink feature to the Amazon EC2 client.
* Updated the Amazon RDS client to use the latest 2014-10-31 API.
* Updated S3 signature so retries use a new Date header on each attempt.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 2.7.17-1
- Updated to 2.7.17 (BZ #1180500)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1180500 - php-aws-sdk-2.7.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1180500
--------------------------------------------------------------------------------
================================================================================
pigz-2.3.3-1.fc20 (FEDORA-2015-1510)
Parallel implementation of gzip
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.3, fixes CVE-2015-1191:
- Return zero exit code when only warnings are issued
- Increase speed of unlzw (Unix compress decompression)
- Update zopfli to current google state
- Allow larger maximum blocksize (-b), now 512 MiB
- Do not require that -d precede -N, -n, -T options
- Strip any path from header name for -dN or -dNT
- Remove use of PATH_MAX (PATH_MAX is not reliable)
- Do not abort on inflate data error, do remaining files
- Check gzip header CRC if present
- Improve decompression error detection and reporting
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Orion Poplawski <orion(a)cora.nwra.com> - 2.3.3-1
- Update to 2.3.3, fixes CVE-2015-1191 (bug #1181045)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181045 - CVE-2015-1191 pigz: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1181045
--------------------------------------------------------------------------------
================================================================================
pulseaudio-equalizer-2.7-14.fc20 (FEDORA-2015-1506)
A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
Update Information:
- Fixing missing $HOME/.pulse dir
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Jaromir Capik <jcapik(a)redhat.com> - 2.7-14
- Fixing crashes when $HOME/.pulse missing (#1183283)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.7-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185103 - [abrt] pulseaudio-equalizer:
pulseaudio-equalizer.py:46:GetSettings:IOError: [Errno 2] No such file or directory:
'/home/arcademan/.pulse/equalizerrc'
https://bugzilla.redhat.com/show_bug.cgi?id=1185103
--------------------------------------------------------------------------------
================================================================================
rubygem-rmagick-2.13.4-2.fc20 (FEDORA-2015-1475)
Ruby binding to ImageMagick
--------------------------------------------------------------------------------
Update Information:
This is a new package
--------------------------------------------------------------------------------