Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Dec 20 02:08:32 UTC 2013
The following Fedora 20 Security updates need testing:
Age URL
63 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20
25 https://admin.fedoraproject.org/updates/FEDORA-2013-22042/varnish-3.0.4-2.fc20
23 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20
17 https://admin.fedoraproject.org/updates/FEDORA-2013-22575/subversion-1.8.5-2.fc20
15 https://admin.fedoraproject.org/updates/FEDORA-2013-22713/hdapsd-20090401.20131204git401ca60-1.fc20
14 https://admin.fedoraproject.org/updates/FEDORA-2013-22809/net-snmp-5.7.2-16.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient-1.8.0-1.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2013-23177/samba-4.1.3-2.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23250/libreswan-3.7-1.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2013-23339/openttd-1.3.3-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2013-23361/v8-3.14.5.10-3.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23260/libgadu-1.12.0-0.2.rc1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23683/nss-3.15.3.1-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23445/kernel-3.12.5-302.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23594/perl-Proc-Daemon-0.14-9.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23589/openstack-keystone-2013.2.1-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23532/ca-certificates-2013.1.95-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23524/openstack-nova-2013.2.1-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23603/gnupg-1.4.16-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23654/seamonkey-2.23-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23659/ibus-chewing-1.4.4-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23680/openstack-glance-2013.2.1-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
36 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23111/python-setuptools-1.4.2-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23240/mash-0.6.02-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23243/libfm-1.1.4-1.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2013-23324/bluez-5.12-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2013-23444/libtevent-0.9.20-1.fc20,libtalloc-2.1.0-3.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2013-23451/gupnp-0.20.9-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23597/libtiff-4.0.3-14.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23683/nss-3.15.3.1-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23668/lvm2-2.02.103-5.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23532/ca-certificates-2013.1.95-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-23572/iscsi-initiator-utils-6.2.0.873-17.fc20
The following builds have been pushed to Fedora 20 updates-testing
NetworkManager-0.9.9.0-21.git20131003.fc20
boost-1.54.0-9.fc20
caja-actions-1.6.2-2.fc20
coq-8.4pl3-1.fc20
createrepo-0.10.1-0.fc20
docker-io-0.7.2-1.fc20
drupal7-features-2.0-5.fc20
elixir-0.12.0-1.fc20
flocq-2.2.0-2.fc20
gappalib-coq-1.0.0-5.fc20
ghc-numbers-3000.2.0.0-1.fc20
gnupg-1.4.16-2.fc20
golang-github-syndtr-gocapability-0-0.3.git3454319.fc20
google-crosextra-caladea-fonts-1.002-0.2.20130214.fc20
gust-antykwa-torunska-fonts-2.08-4.fc20
ibus-chewing-1.4.4-1.fc20
ibus-kkc-1.5.19-1.fc20
idle3-tools-0.9.1-1.fc20
jacoco-0.6.4-1.fc20
kernel-3.12.5-302.fc20
libguestfs-1.24.2-2.fc20
libkkc-0.3.2-1.fc20
libtiff-4.0.3-14.fc20
lvm2-2.02.103-5.fc20
m2crypto-0.21.1-13.fc20
mailman-2.1.15-16.fc20
mysql-utilities-1.3.6-1.fc20
nss-3.15.3.1-1.fc20
opendkim-2.9.0-2.fc20
openlmi-tools-0.9-15.fc20
openlmi-tools-0.9-16.fc20
opensc-0.13.0-7.fc20
openstack-ceilometer-2013.2.1-1.fc20
openstack-cinder-2013.2.1-1.fc20
openstack-glance-2013.2.1-1.fc20
openstack-keystone-2013.2.1-1.fc20
openstack-neutron-2013.2.1-1.fc20
perl-Proc-Daemon-0.14-9.fc20
python-django-horizon-2013.2.1-1.fc20
python-flask-whooshee-0.0.6-1.fc20
python-troveclient-1.0.3-1.fc20
pywbem-0.7.0-21.20131121svn626.fc20
qemu-1.6.1-3.fc20
qt5-qtbase-5.2.0-1.fc20
qt5-qtdeclarative-5.2.0-1.fc20
qt5-qtdoc-5.2.0-1.fc20
qt5-qtgraphicaleffects-5.2.0-1.fc20
qt5-qtimageformats-5.2.0-1.fc20
qt5-qtmultimedia-5.2.0-1.fc20
qt5-qtquick1-5.2.0-1.fc20
qt5-qtquickcontrols-5.2.0-1.fc20
qt5-qtscript-5.2.0-1.fc20
qt5-qtsvg-5.2.0-1.fc20
qt5-qttools-5.2.0-1.fc20
qt5-qttranslations-5.2.0-1.fc20
qt5-qtwebkit-5.2.0-1.fc20
qt5-qtx11extras-5.2.0-1.fc20
qt5-qtxmlpatterns-5.2.0-1.fc20
rubygem-actionpack-4.0.0-2.fc20
rubygem-scoped_search-2.6.1-1.fc20
sakura-3.1.3-1.fc20
seamonkey-2.23-1.fc20
spice-gtk-0.22-1.fc20
suricata-1.4.7-1.fc20
trafficserver-4.1.2-0.fc20
tuxcut-5.1-1.fc20
tzdata-2013i-1.fc20
vrq-1.0.97-1.fc20
wcslib-4.19-1.fc20
wireshark-1.10.4-2.fc20
x2goclient-4.0.1.2-1.fc20
yum-3.4.3-127.fc20
zenon-0.7.1-8.fc20
Details about builds:
================================================================================
NetworkManager-0.9.9.0-21.git20131003.fc20 (FEDORA-2013-23593)
Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:
This update fixes dependency problems with boot-time services that depend on networking, ensures that incorrect RA-provided IPv6 default routes are ignored, and sets the IPv4 broadcast address correctly.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Dan Williams <dcbw at redhat.com> - 0.9.9.0-21.git20131003
- core: wait for link before declaring startup complete (rh #1034921)
- core: ignore RA-provided IPv6 default routes (rh #1029213)
- core: set IPv4 broadcast address correctly (rh #1032819)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1034921 - Remote shares try to mount before network is up
https://bugzilla.redhat.com/show_bug.cgi?id=1034921
[ 2 ] Bug #1029213 - NetworkManager consumes 100% CPU printing 'add_object(): Netlink error: Invalid address for specified address family'
https://bugzilla.redhat.com/show_bug.cgi?id=1029213
[ 3 ] Bug #1032819 - broadcast address not configured
https://bugzilla.redhat.com/show_bug.cgi?id=1032819
--------------------------------------------------------------------------------
================================================================================
boost-1.54.0-9.fc20 (FEDORA-2013-23671)
The free peer-reviewed portable C++ source libraries
--------------------------------------------------------------------------------
Update Information:
Enable MPICH and OpenMPI support on ARM as it's long had them both
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Peter Robinson <pbrobinson at fedoraproject.org> 1.54.0-9
- Enable MPICH and OpenMPI support on ARM as it's long had them both
* Fri Dec 13 2013 Petr Machata <pmachata at redhat.com> - 1.54.0-8
- Add aarch64 into the list of arches that OpenMPI doesn't support.
--------------------------------------------------------------------------------
================================================================================
caja-actions-1.6.2-2.fc20 (FEDORA-2013-23616)
Caja extension for customizing the context menu
--------------------------------------------------------------------------------
Update Information:
- update for rename caja in f21
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-2
- update for rename caja in f21
--------------------------------------------------------------------------------
================================================================================
coq-8.4pl3-1.fc20 (FEDORA-2013-23607)
Proof management system
--------------------------------------------------------------------------------
Update Information:
See http://coq.inria.fr/distrib/V8.4pl3/CHANGES for the bug fixes and enhancements in this version of coq. All other packages are merely rebuilds against the new version of coq.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 16 2013 Jerry James <loganjerry at gmail.com> - 8.4pl3-1
- New upstream release
* Wed Oct 2 2013 Richard W.M. Jones <rjones at redhat.com> - 8.4pl2-4
- Rebuild for ocaml-lablgtk 2.18.
* Mon Sep 16 2013 Jerry James <loganjerry at gmail.com> - 8.4pl2-3
- Rebuild for OCaml 4.01.0
- Enable debuginfo
--------------------------------------------------------------------------------
================================================================================
createrepo-0.10.1-0.fc20 (FEDORA-2013-23644)
Creates a common metadata repository
--------------------------------------------------------------------------------
Update Information:
Update to latest HEAD
Update to latest HEAD
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 28 2013 Zdenek Pavlas <zpavlas at redhat.com> - 0.10.1-0
- Close lock file before unlink(). BZ 1035588
* Wed Oct 23 2013 Zdenek Pavlas <zpavlas at redhat.com> - 0.10-3
- Make sure the "packages" attribute is always correct. BZ 1022001
- clean up .repodata directory on failure. BZ 1022515
* Mon Oct 21 2013 Zdenek Pavlas <zpavlas at redhat.com> - 0.10-1
- Add workers=1 default back, API users need it. BZ 1021162
* Fri Oct 18 2013 Zdenek Pavlas <zpavlas at redhat.com> - 0.10-0
- update to latest HEAD
- Don't spawn more workers that #pkgfiles.
- abort if $PWD does not exist. BZ 1001629
- mergerepo: merge package versions from multiple repos. BZ 1020756
- mergerepo: --repo option should work with relative paths.
* Tue Oct 1 2013 Zdenek Pavlas <zpavlas at redhat.com> - 0.9.9-23
- update to latest HEAD
- docs: Escape dashes in command-line options
- chdir("/") if $PWD does not exist. BZ 1001629
- modifyrepo: automatic option defaults
- modifyrepo: sanitize opts.sumtype. BZ 1013614
- modifyrepo: Add <open-size> element. BZ 1013601
- modifyrepo --remove: fix multiple bugs. BZ 1013626
- modifyrepo: fix handling of already compressed input. BZ 1013609
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044667 - Broken upgrade path F19 → F20
https://bugzilla.redhat.com/show_bug.cgi?id=1044667
[ 2 ] Bug #1022515 - createrepo failure leaves .repodata temp dir behind
https://bugzilla.redhat.com/show_bug.cgi?id=1022515
[ 3 ] Bug #1022001 - package count doesn't match with actual packages in repodata
https://bugzilla.redhat.com/show_bug.cgi?id=1022001
--------------------------------------------------------------------------------
================================================================================
docker-io-0.7.2-1.fc20 (FEDORA-2013-23620)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
upstream release bump to v0.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Lokesh Mandvekar <lsm5 at redhat.com> - 0.7.2-1
- upstream release bump to v0.7.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044373 - docker-io-0.7.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1044373
--------------------------------------------------------------------------------
================================================================================
drupal7-features-2.0-5.fc20 (FEDORA-2013-23681)
Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
Quote from the page of Features Plumber(https://drupal.org/project/features_plumber),
"Note: The d7 version of this module should no longer be necessary when using more recent versions of Features module. If you feel this is incorrect, please open an issue."
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Peter Borsa <peter.borsa at gmail.com> - 2.0-5
- Fix Obsolotes line, remove zero
* Wed Dec 18 2013 Peter Borsa <peter.borsa at gmail.com> - 2.0-4
- Obsolete drupal7-features_plumber package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043582 - according to upstream drupal7-features_plumber is not required anymore
https://bugzilla.redhat.com/show_bug.cgi?id=1043582
--------------------------------------------------------------------------------
================================================================================
elixir-0.12.0-1.fc20 (FEDORA-2013-23665)
A modern approach to programming for the Erlang VM
--------------------------------------------------------------------------------
Update Information:
Update to upstream 0.12.0.
Latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 15 2013 Ricky Elrod <codeblock at fedoraproject.org> - 0.12.0-1
- Update to upstream 0.12.0.
* Sun Nov 24 2013 Ricky Elrod <codeblock at fedoraproject.org> - 0.11.2-1
- Update to upstream 0.11.2.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1030850 - elixir-0.11.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1030850
--------------------------------------------------------------------------------
================================================================================
flocq-2.2.0-2.fc20 (FEDORA-2013-23607)
Formalization of floating point numbers for Coq
--------------------------------------------------------------------------------
Update Information:
See http://coq.inria.fr/distrib/V8.4pl3/CHANGES for the bug fixes and enhancements in this version of coq. All other packages are merely rebuilds against the new version of coq.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Jerry James <loganjerry at gmail.com> - 2.2.0-2
- Rebuild for coq 8.4pl3
--------------------------------------------------------------------------------
================================================================================
gappalib-coq-1.0.0-5.fc20 (FEDORA-2013-23607)
Coq support library for gappa
--------------------------------------------------------------------------------
Update Information:
See http://coq.inria.fr/distrib/V8.4pl3/CHANGES for the bug fixes and enhancements in this version of coq. All other packages are merely rebuilds against the new version of coq.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Jerry James <loganjerry at gmail.com> - 1.0.0-5
- Rebuild for coq 8.4pl3
* Mon Sep 16 2013 Jerry James <loganjerry at gmail.com> - 1.0.0-4
- Rebuild for OCaml 4.01.0
- Enable debuginfo
--------------------------------------------------------------------------------
================================================================================
ghc-numbers-3000.2.0.0-1.fc20 (FEDORA-2013-23637)
Instances of numerical classes for numbers
--------------------------------------------------------------------------------
Update Information:
Updated to 3000.2.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject dot org> - 3000.2.0.0-1
- new upstream version 3000.2.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018672 - ghc-numbers-3000.2.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1018672
--------------------------------------------------------------------------------
================================================================================
gnupg-1.4.16-2.fc20 (FEDORA-2013-23603)
A GNU utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
What's New
===========
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>.[CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small performance loss due to a change in 1.4.14.
Impact of the security problem
==============================
CVE-2013-4576 has been assigned to this security bug.
The paper describes two attacks.The first attack allows to distinguish keys: An attacker is able to notice which key is currently used for decryption.This is in general not a problem but may be used to reveal the information that a message, encrypted to a commonly not used key, has been received by the targeted machine.We do not have a software solution to mitigate this attack.
The second attack is more serious. It is an adaptive chosen ciphertext attack to reveal the private key. A possible scenario is that the attacker places a sensor (for example a standard smartphone) in the vicinity of the targeted machine. That machine is assumed to do unattended RSA decryption of received mails, for example by using a mail client which speeds up browsing by opportunistically decrypting mails expected to be read soon.While listening to the acoustic emanations of the targeted machine, the smartphone will send new encrypted messages to that machine and re-construct the private key bit by bit.A 4096 bit RSA key used on a laptop can be revealed within an hour.
GnuPG 1.4.16 avoids this attack by employing RSA blinding during decryption.GnuPG 2.x and current Gpg4win versions make use of Libgcrypt which employs RSA blinding anyway and are thus not vulnerable.
For the highly interesting research on acoustic cryptanalysis and the details of the attack see http://www.cs.tau.ac.il/~tromer/acoustic/ .
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Peter Robinson <pbrobinson at fedoraproject.org> 1.4.16-2
- New upstream v1.4.16
fixes for CVE-2013-4576
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044402 - gnupg-1.4.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1044402
--------------------------------------------------------------------------------
================================================================================
golang-github-syndtr-gocapability-0-0.3.git3454319.fc20 (FEDORA-2013-23664)
POSIX capability library for the Go programming language
--------------------------------------------------------------------------------
Update Information:
new release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1032750 - Review Request: golang-github-syndtr-gocapability - POSIX capability library for the Go programming language
https://bugzilla.redhat.com/show_bug.cgi?id=1032750
--------------------------------------------------------------------------------
================================================================================
google-crosextra-caladea-fonts-1.002-0.2.20130214.fc20 (FEDORA-2013-23682)
Sans-serif font metric-compatible with Cambria font
--------------------------------------------------------------------------------
Update Information:
backport from rawhide
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044962 - Broken upgrade path F19 → F20
https://bugzilla.redhat.com/show_bug.cgi?id=1044962
--------------------------------------------------------------------------------
================================================================================
gust-antykwa-torunska-fonts-2.08-4.fc20 (FEDORA-2013-23661)
Two-element typeface for typesetting of small prints
--------------------------------------------------------------------------------
Update Information:
Nice new package of an old font.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1024134 - Review Request: gust-antykwa-torunska-fonts - Two-element typeface for typesetting of small prints
https://bugzilla.redhat.com/show_bug.cgi?id=1024134
--------------------------------------------------------------------------------
================================================================================
ibus-chewing-1.4.4-1.fc20 (FEDORA-2013-23659)
The Chewing engine for IBus input platform
--------------------------------------------------------------------------------
Update Information:
- Resolves Bug 842856 - ibus-chewing 1.4.3-1 not built with $RPM_OPT_FLAGS
- Resolves Bug 1027030 - CVE-2013-4509 ibus-chewing: ibus: visible
password entry flaw [fedora-all]
Thanks czchen for the GitHub pull request 39.
- Added translations: fr_FR, ja_JP, ko_KR
- Adopt cmake-fedora-1.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Ding-Yi Chen <dchen at redhat.com> - 1.4.4-1
- Resolves Bug 842856 - ibus-chewing 1.4.3-1 not built with $RPM_OPT_FLAGS
- Resolves Bug 1027030 - CVE-2013-4509 ibus-chewing: ibus: visible
password entry flaw [fedora-all]
Thanks czchen for the GitHub pull request 39.
- Added translations: fr_FR, ja_JP, ko_KR
- Adopt cmake-fedora-1.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #842856 - ibus-chewing 1.4.3-1 not built with $RPM_OPT_FLAGS
https://bugzilla.redhat.com/show_bug.cgi?id=842856
[ 2 ] Bug #1027030 - CVE-2013-4509 ibus-chewing: ibus: visible password entry flaw [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1027030
--------------------------------------------------------------------------------
================================================================================
ibus-kkc-1.5.19-1.fc20 (FEDORA-2013-23605)
Japanese Kana Kanji input method for ibus
--------------------------------------------------------------------------------
Update Information:
new upstream release, which includes:
* fix for "make check" errors with glib 2.39
* fix for user dictionary corruption problem
* fix for kkc decoder command N-best display
* fix for caret display when moving cursor within preedit buffer
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Daiki Ueno <dueno at redhat.com> - 1.5.19-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
idle3-tools-0.9.1-1.fc20 (FEDORA-2013-23609)
Manipulate the value of the idle3 timer found on recent WD Hard Disk Drives
--------------------------------------------------------------------------------
Update Information:
Add idle3-tools, a small utility to edit some low-level knobs in WD hard drives.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #883104 - Review Request: idle3-tools - Manipulate the value of the idle3 timer found on recent WD Hard Disk Drives
https://bugzilla.redhat.com/show_bug.cgi?id=883104
--------------------------------------------------------------------------------
================================================================================
jacoco-0.6.4-1.fc20 (FEDORA-2013-23652)
Java Code Coverage for Eclipse
--------------------------------------------------------------------------------
Update Information:
Update to 0.6.4 upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 19 2013 Alexander Kurtakov <akurtako at redhat.com> 0.6.4-1
- Update to 0.6.4 upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044412 - jacoco-0.6.4.201312101107 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1044412
--------------------------------------------------------------------------------
================================================================================
kernel-3.12.5-302.fc20 (FEDORA-2013-23445)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.12.5 kernel contains support for new devices, and a number of bug fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Josh Boyer <jwboyer at fedoraproject.org> - 3.12.5-302
- Add patch to avoid using queued trim on M500 SSD (rhbz 1024002)
* Mon Dec 16 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Fix host lockup in bridge code when starting from virt guest (rhbz 1025770)
* Fri Dec 13 2013 Josh Boyer <jwboyer at fedoraproject.org> 3.12.5-301
- More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz 1043033)
* Fri Dec 13 2013 Justin M. Forbes <jforbes at fedoraproject.org - 3.12.5-300
- Linux v3.12.5 rebase
* Thu Dec 12 2013 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071)
- CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099)
- CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090)
- CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081)
* Wed Dec 11 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802)
* Tue Dec 10 2013 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874)
* Fri Dec 6 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix up ARM usb gadget config to make it useful
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1030986 - CVE-2013-4587 kernel: kvm: rtc_status.dest_map out-of-bounds access
https://bugzilla.redhat.com/show_bug.cgi?id=1030986
[ 2 ] Bug #1033106 - CVE-2013-6376 kernel: kvm: BUG_ON() in apic_cluster_id()
https://bugzilla.redhat.com/show_bug.cgi?id=1033106
[ 3 ] Bug #1032210 - CVE-2013-6368 kvm: cross page vapic_addr access
https://bugzilla.redhat.com/show_bug.cgi?id=1032210
[ 4 ] Bug #1032207 - CVE-2013-6367 kvm: division by zero in apic_get_tmcct()
https://bugzilla.redhat.com/show_bug.cgi?id=1032207
[ 5 ] Bug #1039845 - Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic
https://bugzilla.redhat.com/show_bug.cgi?id=1039845
[ 6 ] Bug #1035875 - CVE-2013-6405 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
https://bugzilla.redhat.com/show_bug.cgi?id=1035875
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.24.2-2.fc20 (FEDORA-2013-23621)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
Disable golang package on F20 ppc64.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 16 2013 Richard W.M. Jones <rjones at redhat.com> - 1:1.24.2-2
- Build golang package only on x86 and ARM. The golang package in Fedora
uses the same ExclusiveArch. Thanks: Dan Horák.
Resolves RHBZ#960522
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #960522 - libguestfs is not built for F20 ppc64
https://bugzilla.redhat.com/show_bug.cgi?id=960522
--------------------------------------------------------------------------------
================================================================================
libkkc-0.3.2-1.fc20 (FEDORA-2013-23605)
Japanese Kana Kanji conversion library
--------------------------------------------------------------------------------
Update Information:
new upstream release, which includes:
* fix for "make check" errors with glib 2.39
* fix for user dictionary corruption problem
* fix for kkc decoder command N-best display
* fix for caret display when moving cursor within preedit buffer
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Daiki Ueno <dueno at redhat.com> - 0.3.2-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
libtiff-4.0.3-14.fc20 (FEDORA-2013-23597)
Library of functions for manipulating TIFF format image files
--------------------------------------------------------------------------------
Update Information:
Can't install both architectures
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 19 2013 Petr Hracek <phracek at redhat.com> - 4.0.3-14
- Fix: #1044609 Can't install both architectures
* Wed Dec 18 2013 Petr Hracek <phracek at redhat.com> - 4.0.3-13
- Fix #510240 Correct tiff2ps man option -W
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044609 - Can't install both libtiff-devel-4.0.3-12.fc20.i686 and libtiff-devel-4.0.3-12.fc20.x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1044609
--------------------------------------------------------------------------------
================================================================================
lvm2-2.02.103-5.fc20 (FEDORA-2013-23668)
Userland logical volume management tools
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug in lvm2-pvscan@<major>:<minor>.service and global_filter processing. The lvm2-pvscan service called the pvscan improperly with absolute path to /dev/block/<major>:<minor> which then required exact matching lines in global_filter for the device to be accepted or rejected. This update fixes this in a way that the absolute path is not used for the lvm2-pvscan service and the device is referenced solely by its major and minor pair. This means that for the global_filter to match the device, we can pick any of the device name aliases for the filter line to be applied.
This bug may have caused the PVs to be incorrectly ignored while they were supposed to be visible and the LVM volumes may have ended up inactive while they were supposed to be activated.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Peter Rajnoha <prajnoha at redhat.com> - 2.02.103-5
- Use major:minor in lvm2-pvscan at .service for proper global_filter application.
* Wed Dec 11 2013 Peter Rajnoha <prajnoha at redhat.com> - 2.02.103-4
- Fix SYSTEMD_READY assignment for foreign devs in lvmetad rules.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044474 - The global_filter is not properly applied for lvm2-pvscan at .service - only major:minor pair should be used, not device path for the service's "pvscan --cache -aay" call
https://bugzilla.redhat.com/show_bug.cgi?id=1044474
--------------------------------------------------------------------------------
================================================================================
m2crypto-0.21.1-13.fc20 (FEDORA-2013-23645)
Support for using OpenSSL in python scripts
--------------------------------------------------------------------------------
Update Information:
Adds minimal SNI support, miscellaneous bug fixes. The test suite run during build, and no longer packaged.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Miloslav Trmač <mitr at redhat.com> - 0.21.1-13
- Use only ECC curves available in Fedora in the test suite
Related: #904996
- Fix terminating test suite helper processes when running in Koji
Related: #904996
- Run test suite in %check, don't ship it in the package. Based on a patch by
Matěj Cepl <mcepl at redhat.com>.
Resolves: #904996
* Tue Dec 17 2013 Miloslav Trmač <mitr at redhat.com> - 0.21.1-13
- Add minimal SNI support, based on a patch by Sander Steffann
<sander at steffann.nl>
Resolves: #1029246
* Sat Dec 7 2013 Miloslav Trmač <mitr at redhat.com> - 0.21.1-13
- Fix incorrect exception handling of SSL_CTX_new (manifesting in FIPS mode)
Resolves: #879043
* Tue Nov 26 2013 Miloslav Trmač <mitr at redhat.com> - 0.21.1-13
- Fix occasional spurious failures in test_makefile_timeout_fires
Resolves: #969077
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #879043 - Incorrect exception type raised when TLS protocol version is not available in FIPS mode
https://bugzilla.redhat.com/show_bug.cgi?id=879043
[ 2 ] Bug #1029246 - Add support for SNI to m2crypto package.
https://bugzilla.redhat.com/show_bug.cgi?id=1029246
[ 3 ] Bug #904996 - Run test suite in %check
https://bugzilla.redhat.com/show_bug.cgi?id=904996
--------------------------------------------------------------------------------
================================================================================
mailman-2.1.15-16.fc20 (FEDORA-2013-23675)
Mailing list manager with built in Web access
--------------------------------------------------------------------------------
Update Information:
Fix bug caused by RPM change in setgid handling.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Jan Kaluza <jkaluza at redhat.com> - 3:2.1.15-16
- fix #1043677 - fix setgid for cgi binaries
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043677 - mailman cgi scripts lack setgid bit
https://bugzilla.redhat.com/show_bug.cgi?id=1043677
--------------------------------------------------------------------------------
================================================================================
mysql-utilities-1.3.6-1.fc20 (FEDORA-2013-23596)
MySQL Utilities
--------------------------------------------------------------------------------
Update Information:
Release 1.3.6 (Released November 26, 2013)
- BUG#13417229: mysqldbexport/mysqldbimport doesn't work with non-latin data
- BUG#13563921: mysqlmetagrep does not search the body of all objects
- BUG#13572964: mysqlprocgrep missing kill process by id
- BUG#13773247: mysqlserverclone wrongly states it can only clone local server
- BUG#14181681: server info should include the log files (error, general, slow)
- BUG#14725390: multithreaded copy, export, import
- BUG#16226348: test server_info_errors does not execute correctly on windows
- BUG#16386941: Parsing errors to identify treatment instead of use errno
- BUG#17066910: a killed connection can cause failover
- BUG#17214291: cannot access login-path with dashes in the name
- BUG#17217461: mysqluserclone throws exception when --source omitted
- BUG#17242369: extend mysqlfrm to produce .frm file
- BUG#17347424: No MySQL Utilities package for MAC OS X
- BUG#17393523: Utilities can not be upgraded using RPM distribution pkg
- BUG#17393742: Debian pkgs can't use C/py if License types are different
- BUG#17415167: mysqluc crashes when pressing home button on windows
- BUG#17423074: reuse drop_db() function in mut tests instead of redefining it
- BUG#17457402: mysqlindexcheck not displaying best/worst when low data
- BUG#17474810: constraint error copying the employees with mysqldbcopy
- BUG#17475780: mysqlauditadmin unnecessary flush audit log during rotation
- BUG#17510350: mysqldbcompare fails with no error message
- BUG#17548335: clone_db test to copy databases with weird names not executed
- BUG#17622298: mysqldbcopy and mysqldbexport copy and export routines after views
- BUG#17633465: mysqldbexport requires the replicate user on master
- BUG#17634676: Add missing option to show license type on Utilities
- BUG#17722274: Error when copying db with blob fields
- BUG#17903944: mysqlfailover crashes when non-existing slave is used
- BUG#17908146: metagrep utility crashes when unsupported object-type is used
- BUG#17909223: The backspace key is not recognized by utilities console
- WL#7232: MySQL Utilities: PEP-8 Compliance
Upstream changelog:
Release 1.3.5 (Released August 21, 2013)
- BUG#17061126: mysqldiff needs an auto_increment ignoring option
- BUG#17205680: non-deterministic failure of rpl_admin tests
- BUG#17256821: Commercial and GPL msi distro shares build descriptor
- BUG#17271100: mysqldbexport does not export fkeys
- BUG#17316515: Community distros contain both GPL and Commercial license
- BUG#17353571: GPL & Commercial msi installers create separate installs
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 19 2013 Remi Collet <remi at fedoraproject.org> - 1.3.6-1
- update to 1.3.6 GA
- add mysqlauditadmin and mysqlauditgrep on EPEL-6
--------------------------------------------------------------------------------
================================================================================
nss-3.15.3.1-1.fc20 (FEDORA-2013-23683)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Update of nss to nss-3.13.1.1 to address a security vulnerability.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 11 2013 Elio Maldonado <emaldona at redhat.com> - 3.15.3.1-1
- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM)
- Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117)
- Resolves: Bug 1040192 - nss-3.15.3.1 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038894 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117)
https://bugzilla.redhat.com/show_bug.cgi?id=1038894
--------------------------------------------------------------------------------
================================================================================
opendkim-2.9.0-2.fc20 (FEDORA-2013-23639)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
- Updating to new upstream 2.9.0 for all build version
- Fixing some minor bugs for systemd users.
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta <ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
* Sat Aug 03 2013 Petr Pisar <ppisar at redhat.com> - 2.8.4-2
- Perl 5.18 rebuild
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta <ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
* Sat Aug 03 2013 Petr Pisar <ppisar at redhat.com> - 2.8.4-2
- Perl 5.18 rebuild
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta <ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
* Sat Aug 03 2013 Petr Pisar <ppisar at redhat.com> - 2.8.4-2
- Perl 5.18 rebuild
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta <ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
* Sat Aug 03 2013 Petr Pisar <ppisar at redhat.com> - 2.8.4-2
- Perl 5.18 rebuild
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta <ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
* Sat Aug 03 2013 Petr Pisar <ppisar at redhat.com> - 2.8.4-2
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Steve Jenkins <steve stevejenkins com> - 2.9.0-2
- Patch adds user and group to systemd service file (Thx jcosta at redhat.com)
- Changed default ownership of /etc/opendkim/keys directory to opendkim user
* Wed Dec 18 2013 Steve Jenkins <steve stevejenkins com> - 2.9.0-1
- Updated to use newer upstream 2.9.0 source code
- Added libbsd-devel to Build Requires
- Removed listrl references from libopendkim files section (handled by libbsd-devel)
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
- Rebuild of all release packages to sync version numbers
* Sun Nov 3 2013 Ville Skytta ville.skytta at iki.fi> - 2.8.4-3
- Fix path to docs in sample config when doc dir is unversioned (#993997).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1041546 - opendkim.service needs user/group
https://bugzilla.redhat.com/show_bug.cgi?id=1041546
[ 2 ] Bug #993997 - opendkim possibly affected by F-20 unversioned docdir change
https://bugzilla.redhat.com/show_bug.cgi?id=993997
--------------------------------------------------------------------------------
================================================================================
openlmi-tools-0.9-15.fc20 (FEDORA-2013-23626)
Set of CLI tools for Openlmi providers
--------------------------------------------------------------------------------
Update Information:
drop certificate verification callback; all the checks are done in pywbem
update documentation
fix indication unique name
fix blocking timeout when receiving indication
fix compulsory call order of LMIIndicationListener methods
fixed LMIShell naming
fixed interactive connect(), when -i option present
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fixed LMIShell naming
fixed interactive connect(), when -i option present
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix indication unique name
fix blocking timeout when receiving indication
fix compulsory call order of LMIIndicationListener methods
fixed LMIShell naming
fixed interactive connect(), when -i option present
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fixed LMIShell naming
fixed interactive connect(), when -i option present
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix missing log messages in connect()
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix instance comparision
fix passing method params
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
fix documentation version
simplify indication subscription
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Peter Hatina <phatina at redhat.com> - 0.9-15
- drop certificate verification callback; all the checks are
done in pywbem
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-14
- simplify indication subscription
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-13
- fix documentation version
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-12
- update documentation
* Fri Dec 6 2013 Peter Hatina <phatina at redhat.com> - 0.9-11
- fix indication unique name
* Fri Dec 6 2013 Peter Hatina <phatina at redhat.com> - 0.9-10
- fix blocking timeout when receiving indication
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1035693 - lmishell does not return success or error status message when connecting to CIMOM
https://bugzilla.redhat.com/show_bug.cgi?id=1035693
--------------------------------------------------------------------------------
================================================================================
openlmi-tools-0.9-16.fc20 (FEDORA-2013-23638)
Set of CLI tools for Openlmi providers
--------------------------------------------------------------------------------
Update Information:
Fix BuildRequires, Requires pywbem versions
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 19 2013 Peter Hatina <phatina at redhat.com> - 0.9-16
- fix BuildRequires, Requires pywbem versions
* Wed Dec 18 2013 Peter Hatina <phatina at redhat.com> - 0.9-15
- drop certificate verification callback; all the checks are
done in pywbem
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-14
- simplify indication subscription
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-13
- fix documentation version
* Mon Dec 9 2013 Peter Hatina <phatina at redhat.com> - 0.9-12
- update documentation
* Fri Dec 6 2013 Peter Hatina <phatina at redhat.com> - 0.9-11
- fix indication unique name
* Fri Dec 6 2013 Peter Hatina <phatina at redhat.com> - 0.9-10
- fix blocking timeout when receiving indication
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044896 - [abrt] openlmi-tools: LMIConnection.py:24:<module>:ImportError: No module named M2Crypto.SSL
https://bugzilla.redhat.com/show_bug.cgi?id=1044896
--------------------------------------------------------------------------------
================================================================================
opensc-0.13.0-7.fc20 (FEDORA-2013-23631)
Smart card library and applications
--------------------------------------------------------------------------------
Update Information:
fixed open bugs
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Nikos Mavrogiannopoulos <nmav at redhat.com> - 0.13.0-7
- Ensure that pcsc-lite is depended on (#1029133)
* Mon Sep 23 2013 Stef Walter <stefw at redhat.com> - 0.13.0-6
- Install p11-kit config file to the right place (#999190)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1029133 - unusable after installation if pcsc-lite isn't installed
https://bugzilla.redhat.com/show_bug.cgi?id=1029133
[ 2 ] Bug #999190 - opensc drops a p11-kit config file in a weird place
https://bugzilla.redhat.com/show_bug.cgi?id=999190
--------------------------------------------------------------------------------
================================================================================
openstack-ceilometer-2013.2.1-1.fc20 (FEDORA-2013-23614)
OpenStack measurement collection service
--------------------------------------------------------------------------------
Update Information:
- Update to Havana stable release 2013.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Pádraig Brady <pbrady at redhat.com> - 2013.2.1-1
- Update to Havana stable release 2013.2.1
--------------------------------------------------------------------------------
================================================================================
openstack-cinder-2013.2.1-1.fc20 (FEDORA-2013-23650)
OpenStack Volume service
--------------------------------------------------------------------------------
Update Information:
- Update to Havana stable release 2013.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Eric Harney <eharney at redhat.com> - 2013.2.1-1
- Update to Havana stable release 1
--------------------------------------------------------------------------------
================================================================================
openstack-glance-2013.2.1-1.fc20 (FEDORA-2013-23680)
OpenStack Image Service
--------------------------------------------------------------------------------
Update Information:
- Update to Havana stable release 2013.2.1
Fixes #956815
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Pádraig Brady <pbrady at redhat.com> 2013.2.1-1
- Update to Havana stable release 2013.2.1
* Fri Oct 25 2013 Flavio Percoco <flavio at redhat.com> 2013.2-2
- Fixes #956815
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #956472 - OpenStack glance: /var/log/glance/ is world readable
https://bugzilla.redhat.com/show_bug.cgi?id=956472
--------------------------------------------------------------------------------
================================================================================
openstack-keystone-2013.2.1-1.fc20 (FEDORA-2013-23589)
OpenStack Identity Service
--------------------------------------------------------------------------------
Update Information:
- Update to Havana stable release 2013.2.1
- Havana GA
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Alan Pevec <apevec at redhat.com> 2013.2.1-1
- updated to stable havana 2013.2.1 release CVE-2013-6391
* Wed Oct 30 2013 Alan Pevec <apevec at redhat.com> 2013.2-2
- unintentional role granting with Keystone LDAP backend CVE-2013-4477
* Thu Oct 17 2013 Alan Pevec <apevec at redhat.com> - 2013.2-1
- Update to havana final
* Mon Oct 7 2013 Alan Pevec <apevec at redhat.com> - 2013.2-0.14.rc1
- rename HTTPD integration to keystone.wsgi
* Wed Oct 2 2013 Adam Young <ayoung at redhat> - 2013.2-0.11.rc1
- HTTPD integration files
* Wed Oct 2 2013 Alan Pevec <apevec at redhat.com> - 2013.2-0.10.rc1
- Havana release candidate
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1024401 - CVE-2013-4477 openstack-keystone: unintentional role granting with Keystone LDAP backend
https://bugzilla.redhat.com/show_bug.cgi?id=1024401
--------------------------------------------------------------------------------
================================================================================
openstack-neutron-2013.2.1-1.fc20 (FEDORA-2013-23677)
OpenStack Networking Service
--------------------------------------------------------------------------------
Update Information:
- Update to havana stable release 2013.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Pádraig Brady <pbrady at redhat.com> - 2013.2.1-1
- Update to havana stable release 2013.2.1
* Tue Dec 10 2013 Terry Wilson <twilson at redhat.com> - 2013.2-6
- Add rootwrap.conf limitation to sudoers.d/neutron, bz#984097
- neutron-server-setup: support mariadb
* Wed Dec 4 2013 Terry Wilson <twilson at redhat.com> - 2013.2-5
- Add missing debug and vpnaas rootwrap filters, bz#1034207
* Mon Dec 2 2013 Terry Wilson <twilson at redhat.com> - 2013.2-4
- Replace quantum references in neutron-dist.conf
--------------------------------------------------------------------------------
================================================================================
perl-Proc-Daemon-0.14-9.fc20 (FEDORA-2013-23594)
Run Perl program as a daemon process
--------------------------------------------------------------------------------
Update Information:
Add patch from debian to fix pidfile with mode 666 CVE-2013-7135
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Remi Collet <remi at fedoraproject.org> 0.14-9
- fix pidfile with mode 666, patch from debian, CVE-2013-7135
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043872 - CVE-2013-7135 perl-Proc-Daemon: writes pidfile with mode 666
https://bugzilla.redhat.com/show_bug.cgi?id=1043872
--------------------------------------------------------------------------------
================================================================================
python-django-horizon-2013.2.1-1.fc20 (FEDORA-2013-23599)
Django application for talking to Openstack
--------------------------------------------------------------------------------
Update Information:
- Update to Havana stable release 2013.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Matthias Runge <mrunge at redhat.com> - 2013.2.1-1
- rebase to 2013.2.1
--------------------------------------------------------------------------------
================================================================================
python-flask-whooshee-0.0.6-1.fc20 (FEDORA-2013-23613)
Whoosh integration
--------------------------------------------------------------------------------
Update Information:
New tiny version of flask-whooshee that fixes couple of upstream bugs and brings few enhancements while staying fully backwards compatible.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Bohuslav Kabrda <bkabrda at redhat.com> - 0.0.6-1
- Update to flask-whooshee 0.0.6.
- Drop py3 compat patch, since it's now upstream.
- Use buildroot macro consistently.
--------------------------------------------------------------------------------
================================================================================
python-troveclient-1.0.3-1.fc20 (FEDORA-2013-23619)
Client library for OpenStack DBaaS API
--------------------------------------------------------------------------------
Update Information:
upgrade to 1.0.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 6 2013 Matthias Runge <mrunge at redhat.com> - 1.0.3-1
- upgrade to 1.0.3
--------------------------------------------------------------------------------
================================================================================
pywbem-0.7.0-21.20131121svn626.fc20 (FEDORA-2013-23670)
Python WBEM Client and Provider Interface
--------------------------------------------------------------------------------
Update Information:
Adjusted default certificate paths.
Fixed TOCTOU vulnerability in certificate validation.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Michal Minar <miminar at redhat.com> 0.7.0-21.20131121svn656
- Adjusted default certificates paths searched for cert validation.
* Tue Dec 17 2013 Michal Minar <miminar at redhat.com> 0.7.0-20.20131121svn656
- Tweaked the ssl_verify_host patch.
* Mon Dec 16 2013 Michal Minar <miminar at redhat.com> 0.7.0-18.20131121svn656
- Fixes TOCTOU vulnerability in certificate validation.
- Resolves: rhbz#1026891
--------------------------------------------------------------------------------
================================================================================
qemu-1.6.1-3.fc20 (FEDORA-2013-23618)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
* Changing streaming mode default to off for spice (bz #1038336)
* Fix guest scsi verify command (bz #1001617)
* Fix performance regression after save/restore (bz #917723)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Cole Robinson <crobinso at redhat.com> - 2:1.6.1-3
- Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
- Changing streaming mode default to off for spice (bz #1038336)
- Fix guest scsi verify command (bz #1001617)
- Fix performance regression after save/restore (bz #917723)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038336 - Turn of spice compression mode by default
https://bugzilla.redhat.com/show_bug.cgi?id=1038336
[ 2 ] Bug #917723 - VM Guest poor performance after migration or save/restore
https://bugzilla.redhat.com/show_bug.cgi?id=917723
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtdeclarative-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtDeclarative component
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtdoc-5.2.0-1.fc20 (FEDORA-2013-23611)
Main Qt5 Reference Documentation
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
* Fri Dec 6 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-0.11.rc1
- BR: qt5-qtbase-devel
--------------------------------------------------------------------------------
================================================================================
qt5-qtgraphicaleffects-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtGraphicalEffects component
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtimageformats-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtImageFormats component
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtmultimedia-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - Multimedia support
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtquick1-5.2.0-1.fc20 (FEDORA-2013-23611)
A declarative language for describing user interfaces in Qt5
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtquickcontrols-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - module with set of QtQuick controls
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtscript-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtScript component
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtsvg-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - Support for rendering and displaying SVG
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
* Fri Dec 6 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-0.11.rc1
- rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qttools-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtTool components
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qttranslations-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtTranslations module
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtwebkit-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtWebKit components
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtx11extras-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - X11 support library
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
qt5-qtxmlpatterns-5.2.0-1.fc20 (FEDORA-2013-23611)
Qt5 - QtXmlPatterns component
--------------------------------------------------------------------------------
Update Information:
Qt 5.2.0 final release, see http://blog.qt.digia.com/blog/2013/12/12/qt-5-2-released-the-best-qt-yet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Rex Dieter <rdieter at fedoraproject.org> 5.2.0-1
- 5.2.0
--------------------------------------------------------------------------------
================================================================================
rubygem-actionpack-4.0.0-2.fc20 (FEDORA-2013-23636)
Web-flow and rendering framework putting the VC in MVC
--------------------------------------------------------------------------------
Update Information:
Includes security patches for:
- CVE-2013-6417 - Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)
- CVE-2013-4491 - Reflective XSS Vulnerability in Ruby on Rails
- CVE-2013-6415 - XSS Vulnerability in number_to_currency
- CVE-2013-6414 - Denial of Service Vulnerability in Action View
- CVE-2013-6416 - XSS Vulnerability in simple_format helper
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 16 2013 Josef Stribny <jstribny at redhat.com> - 1:4.0.0-2
- Fixes for CVE-2013-6414, CVE-2013-6415, CVE-2013-6416, CVE-2013-6417, CVE-2013-4491
--------------------------------------------------------------------------------
================================================================================
rubygem-scoped_search-2.6.1-1.fc20 (FEDORA-2013-23600)
Easily search your ActiveRecord models
--------------------------------------------------------------------------------
Update Information:
rebase to 2.6.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Miroslav Suchý <msuchy at redhat.com> 2.6.1-1
- rebase to scoped_search-2.6.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044458 - rubygem-scoped_search-2.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1044458
--------------------------------------------------------------------------------
================================================================================
sakura-3.1.3-1.fc20 (FEDORA-2013-23648)
Terminal emulator based on GTK and VTE
--------------------------------------------------------------------------------
Update Information:
This update fixes the -e commandline option and removes the deprecated input methods menu. It also includes new and updated translations.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Christoph Wickert <cwickert at fedoraproject.org> - 3.1.3-1
- Update to 3.1.3 (#1034129)
* Mon Nov 25 2013 Christoph Wickert <cwickert at fedoraproject.org> - 3.1.1-1
- Update to 3.1.1 (#1034129, fixes FTBFS #993220)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #993220 - sakura: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=993220
[ 2 ] Bug #1034129 - sakura-3.1.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1034129
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.23-1.fc20 (FEDORA-2013-23654)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.23
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Dmitry Butskoy <Dmitry at Butskoy.name> 2.23-1
- update to 2.23
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043100 - seamonkey-2.23 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1043100
--------------------------------------------------------------------------------
================================================================================
spice-gtk-0.22-1.fc20 (FEDORA-2013-23676)
A GTK+ widget for SPICE clients
--------------------------------------------------------------------------------
Update Information:
Release v0.22 update
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 27 2013 Marc-André Lureau <marcandre.lureau at redhat.com> - 0.22-1
- Update to spice-gtk 0.22
--------------------------------------------------------------------------------
================================================================================
suricata-1.4.7-1.fc20 (FEDORA-2013-23657)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
This update fixes several small problems compared to the 1.4.6 release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Steve Grubb <sgrubb at redhat.com> 1.4.7-1
- New upstream bug fix release
* Fri Oct 4 2013 Steve Grubb <sgrubb at redhat.com> 1.4.6-1
- New upstream bug fix release
--------------------------------------------------------------------------------
================================================================================
trafficserver-4.1.2-0.fc20 (FEDORA-2013-23604)
Fast, scalable and extensible HTTP/1.1 compliant caching proxy server
--------------------------------------------------------------------------------
Update Information:
Update to 4.1.2
What's new: https://cwiki.apache.org/confluence/display/TS/What%27s+new+in+v4.1.x
Also enable hwloc, since it supposedly gives tremendous positive performance impact to optimize scaling and number of threads and alignment for actual hardware we're running on.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 4.1.2-0
- Bump to final. No change from rc0.
- What's new: https://cwiki.apache.org/confluence/display/TS/What%27s+new+in+v4.1.x
* Thu Dec 12 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 4.1.2-rc0
- Update to 4.1.2-rc0.
* Mon Nov 11 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 4.0.2-5
- Buildrequire hwloc-devel, since it supposedly gives tremendous
positive performance impact to use hwlock to optimize scaling and
number of threads and alignment for actual hardware we're running on.
* Sun Oct 20 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 4.0.2-3
- Rebuild for picking up ECC/ECDHE/EC/ECDSA/elliptic curves
which are now enabled in OpenSSL.
--------------------------------------------------------------------------------
================================================================================
tuxcut-5.1-1.fc20 (FEDORA-2013-23588)
Arpspoof attacks protector
--------------------------------------------------------------------------------
Update Information:
Fix the remove issue.
Fix delay time when closing the application sometimes.
Enhance the application launcher.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2013 Mosaab Alzoubi <moceap at hotmail.com> - 5.1-1
- Update release.
- New upstream URL method.
- Tweak %prep for new release.
- Use upstream icon.
- Update bin/tuxcut.
--------------------------------------------------------------------------------
================================================================================
tzdata-2013i-1.fc20 (FEDORA-2013-23632)
Timezone data
--------------------------------------------------------------------------------
Update Information:
- Rebase with early release of 2013i from Paul Eggert github.
- Jordan switches back to standard time at 00:00 on December 20,2013.
- The 2006-2011 transition schedule is planned to resume in 2014.
- The compile-time flag NOSOLAR has been removed.
- The files solar87, solar88, and solar89 are no longer distributed.
- tz-link.htm now mentions Noda Time.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Patsy Franklin <pfrankli at redhat.com> 2013i-1
- Rebase with early release of 2013i from Paul Eggert github.
- Jordan switches back to standard time at 00:00 on December 20,2013.
- The 2006-2011 transition schedule is planned to resume in 2014.
- The compile-time flag NOSOLAR has been removed.
- The files solar87, solar88, and solar89 are no longer distributed.
- tz-link.htm now mentions Noda Time.
--------------------------------------------------------------------------------
================================================================================
vrq-1.0.97-1.fc20 (FEDORA-2013-23656)
Verilog tool framework with plugins for manipulating source code
--------------------------------------------------------------------------------
Update Information:
Updated to 1.0.97.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject dot org> - 1.0.97-1
- Updated to 1.0.97
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987435 - vrq-1.0.97 is available
https://bugzilla.redhat.com/show_bug.cgi?id=987435
--------------------------------------------------------------------------------
================================================================================
wcslib-4.19-1.fc20 (FEDORA-2013-23674)
An implementation of the FITS World Coordinate System standard
--------------------------------------------------------------------------------
Update Information:
Bugfix release, see http://www.atnf.csiro.au/people/mcalabre/WCS/CHANGES for details
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 23 2013 Sergio Pascual <sergiopr at fedoraproject.org> 4.19-1
- New upstream source (4.19)
--------------------------------------------------------------------------------
================================================================================
wireshark-1.10.4-2.fc20 (FEDORA-2013-23669)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
- Ver. 1.10.4
- Don't apply upsteamed patches no. 13, 14, 15, 16, 17
- Fix variable overflow (patch no. 18)
- Updated RTPproxy dissector (backported three more patches from trunk)
- Fix endianness in the Bitcoin protocol dissector (patch no. 19)
- Last-minute fix for wrongly backported change (patch no. 20)
- Recent Glib doesn't provide g_memmove macro anymore so we have to fallback to memmove (patch no. 21)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 19 2013 Peter Lemenkov <lemenkov at gmail.com> - 1.10.4-2
- Fix endianness in the Bitcoin protocol dissector (patch no. 19)
- Last-minute fix for wrongly backported change (patch no. 20)
- Fix FTBFS in Rawhide (see patch no. 21 - recent Glib doesn't provide g_memmove macro anymore)
* Wed Dec 18 2013 Peter Lemenkov <lemenkov at gmail.com> - 1.10.4-1
- Ver. 1.10.4
- Don't apply upsteamed patches no. 13, 14, 15, 16, 17
- Fix variable overflow (patch no. 18)
- Updated RTPproxy dissector (backported patches from trung)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044439 - Wireshark 1.10.4 FTBFS in Rawhide due to dropped g_memmove in recent Glib versions
https://bugzilla.redhat.com/show_bug.cgi?id=1044439
--------------------------------------------------------------------------------
================================================================================
x2goclient-4.0.1.2-1.fc20 (FEDORA-2013-23586)
X2Go Client application (Qt4)
--------------------------------------------------------------------------------
Update Information:
- Update to 4.0.1.2:
- Provide Keywords: key in .desktop file.
- Store broker HTTPS certificate exceptions in $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions). (Fixes: #328).
- Perform sanity checks on data that comes in from X2Go Servers. Prohibit the execution of arbitrary code via the ~/.bashrc file. (Fixes: #333).
- Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311).
- Update man page for new --tray-icon cmdline option.
- Update man page for --broker-url. Explain the syntax of <URL>.
- Properly handle (=expand) the "~" character in key filenames. (Brought to attention by Eldamir on IRC. Thanks!).
- Expand tilde operator for all other file paths handed over to X2Go Client via sessions file or cmdline parameter.
- Syntax fix of x2goclient.desktop file.
- Test for various file locations of the pulseaudio cookie file.
- Strip whitespaces off of user name, host name and other strings when loading / saving session profiles. (Fixes: #315).
- New option --tray-icon. Force showing the tray icon, even for hidden sessions. Also allow creation of .desktop files with --tray-icon optionally being enabled. (Fixes: #316).
- Update Spanish translation.
- Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in config file. This allows choosing the default display for shadow sessions.
- Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands on Linux and Mac and plink/pscp on Windows.
- Support for ChallengeResponseAuthentication (Google Authenticator)
- Additional check if authentication with GSSApi successfull
- c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote command produce only stderr and not stdout. It made x2goclient crash if x2gostartagent send LIMIT error. Current commit fixes this issue.
- SshMasterConnection should use current user name if no user name is specified in session settings
- GSSApi(Kerberos 5) authentication for sshproxy and sshbroker
- Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241).
- Update summary and description from upstream
- Split out browser plugin into x2goplugin package
- Add x2goplugin-provider package for apache config
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2013 Orion Poplawski <orion at cora.nwra.com> - 4.0.1.2-1
- Update to 4.0.1.2
- Update summary and description from upstream
- Split out browser plugin into x2goplugin package
- Add x2goplugin-provider package for apache config
--------------------------------------------------------------------------------
================================================================================
yum-3.4.3-127.fc20 (FEDORA-2013-23627)
RPM package installer/updater/manager
--------------------------------------------------------------------------------
Update Information:
Lots of fixes for group handling. Added "yum group mark blacklist".
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 James Antill <james at fedoraproject.org> - 3.4.3-127
- update to latest HEAD
- Fix for traceback with installed env. groups with owned groups in info.
- Again, thanks to Adam.
* Wed Dec 18 2013 James Antill <james at fedoraproject.org> - 3.4.3-126
- update to latest HEAD
- Fixes for typo in group remove/install mark messages tests.
- Again, thanks to Adam.
* Tue Dec 17 2013 James Antill <james at fedoraproject.org> - 3.4.3-125
- update to latest HEAD
- Again, lots of groups UI changes/fixes thanks to Adam.
- Add "groups mark blacklist" command to get out of the upgrade problem.
- Tell users how to mark install/remove groups without packages.
- Show install groups as well as upgrading groups in transaction output.
- Fix mark-convert-whitelist, and add mark-convert-blacklist (default).
- Fix typo with simple groups compile of environment with only options.
- Pass the ievgrp to groups for new installed envs., so they belong. BZ 1043231.
- Don't confuse "group info" output by giving data for optional when it's off.
* Tue Dec 17 2013 James Antill <james at fedoraproject.org> - 3.4.3-124
- update to latest HEAD
- Fix group update not trying to install all optional groups of evgrp.
* Mon Dec 16 2013 James Antill <james at fedoraproject.org> - 3.4.3-123
- update to latest HEAD
- Lots of "minor" group changes to hopefully fix a bunch of the bugs. Eg.
- 1043207, 1014202.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043207 - _at_groupinstall check for 'non-existent' package groups, added by upstream commit ff5416b1532fe43c68bf51ae30751504885a501a, reports that installed groups do not exist
https://bugzilla.redhat.com/show_bug.cgi?id=1043207
[ 2 ] Bug #1014202 - Warnings about non-existent environment groups in __init__.py and cli.py assume any GroupError means the group does not exist, but there are other causes of GroupError
https://bugzilla.redhat.com/show_bug.cgi?id=1014202
[ 3 ] Bug #1043231 - yum does not succeed in marking package groups installed with an environment group
https://bugzilla.redhat.com/show_bug.cgi?id=1043231
--------------------------------------------------------------------------------
================================================================================
zenon-0.7.1-8.fc20 (FEDORA-2013-23607)
Automated theorem prover for first-order classical logic
--------------------------------------------------------------------------------
Update Information:
See http://coq.inria.fr/distrib/V8.4pl3/CHANGES for the bug fixes and enhancements in this version of coq. All other packages are merely rebuilds against the new version of coq.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Jerry James <loganjerry at gmail.com> - 0.7.1-8
- Rebuild for coq 8.4pl3
- Enable debuginfo generation
--------------------------------------------------------------------------------
More information about the test
mailing list