Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Oct 14 19:22:46 UTC 2013
The following Fedora 20 Security updates need testing:
Age URL
16 https://admin.fedoraproject.org/updates/FEDORA-2013-17828/davfs2-1.4.7-3.fc20
15 https://admin.fedoraproject.org/updates/FEDORA-2013-17866/chicken-4.8.0.4-4.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2013-18703/dropbear-2013.59-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2013-18705/phpMyAdmin-3.5.8.2-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2013-18877/libtar-1.2.11-27.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18982/xen-4.3.0-8.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18840/ReviewBoard-1.7.16-2.fc20,python-djblets-0.7.21-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2013-18191/initial-setup-0.3.9-1.fc20
11 https://admin.fedoraproject.org/updates/FEDORA-2013-18174/perl-threads-1.89-1.fc20
11 https://admin.fedoraproject.org/updates/FEDORA-2013-18154/perl-Getopt-Long-2.42-1.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2013-18447/createrepo-0.9.9-23.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2013-18435/uboot-tools-2013.10-0.5.rc4.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2013-18709/mdadm-3.3-3.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2013-18741/python-meh-0.27-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19058/gstreamer-plugins-base-0.10.36-6.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19085/pulseaudio-4.0-7.gitf81e3.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19089/gstreamer-0.10.36-6.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19083/pam-1.1.8-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19086/openldap-2.4.36-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19084/samba-4.1.0-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-19074/qtwebkit-2.3.3-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18994/highlight-3.16-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18959/taglib-1.9.1-1.fc20
The following builds have been pushed to Fedora 20 updates-testing
Cython-0.19.2-1.fc20
ReviewBoard-1.7.16-2.fc20
cuneiform-1.1.0-15.fc20
diskimage-builder-0.0.5-1.fc20
dnf-0.4.4-1.fc20
drbdlinks-1.25-1.fc20
ghc-ForSyDe-3.1.1-16.fc20
glazedlists-1.9.0-3.fc20
google-crosextra-caladea-fonts-1.002-0.1.20130214.fc20
gstreamer-0.10.36-6.fc20
gstreamer-plugins-base-0.10.36-6.fc20
iwhd-1.6-7.fc20
jamonapi-2.74-2.fc20
kde-plasma-nm-0.9.3.1-4.fc20
kobo-0.4.1-1.fc20
ladvd-1.0.4-11.fc20
libinfinity-0.5.4-3.fc20
libmikmod-3.3.2-1.fc20
libmm-qt-1.0.0-1.20131009git1496e4d.fc20
libnm-qt-0.9.1-1.20131009git5af966a.fc20
maradns-2.0.07c-2.fc20
mikmod-3.2.3-1.fc20
openldap-2.4.36-2.fc20
oyranos-0.4.0-12.fc20
pam-1.1.8-1.fc20
pcapfix-1.0.0-1.fc20
perl-Module-Compile-0.23-1.fc20
perl-PDL-2.6.0.90-1.fc20
perl-Params-CallbackRequest-1.20-1.fc20
perl-Path-Tiny-0.043-1.fc20
postgresql-9.3.1-1.fc20
pulseaudio-4.0-7.gitf81e3.fc20
python-djblets-0.7.21-1.fc20
python-jsonpatch-1.2-1.fc20
python-warlock-1.0.1-1.fc20
qtwebkit-2.3.3-1.fc20
samba-4.1.0-1.fc20
scala-2.10.3-2.fc20
sssd-1.11.1-3.fc20
sugar-portfolio-44-1.fc20
sxiv-1.1.1-1.fc20
vfrnav-20130920-1.fc20
voms-api-java-2.0.10-4.fc20
vrq-1.0.96-5.fc20
xinetd-2.3.15-9.fc20
Details about builds:
================================================================================
Cython-0.19.2-1.fc20 (FEDORA-2013-19075)
A language for writing Python extension modules
--------------------------------------------------------------------------------
Update Information:
see: https://github.com/cython/cython/blob/master/CHANGES.rst
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 nbecker <ndbecker2 at gmail.com> - 0.19-2
- Update to 0.19.2
--------------------------------------------------------------------------------
================================================================================
ReviewBoard-1.7.16-2.fc20 (FEDORA-2013-18840)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).
These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.
There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk at gmail.com> - 1.7.16-2
- Update Djblets version
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk at redhat.com> - 1.7.15-2
- New upstream bugfix release 1.7.16
- Fixes a breakage when accessing the Review Group Users resource
- Fixes pagination in dashboard and similar pages
* Thu Oct 10 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.15-1
- New upstream security release 1.7.15
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/
- Resolves: CVE-2013-4410
- Fixes access-control problems with REST API
- Resolves: CVE-2013-4411
- Fixes URL processing allowing unauthorized users to view review lists
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API
https://bugzilla.redhat.com/show_bug.cgi?id=1016596
[ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists
https://bugzilla.redhat.com/show_bug.cgi?id=1016599
[ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1016601
--------------------------------------------------------------------------------
================================================================================
cuneiform-1.1.0-15.fc20 (FEDORA-2013-19090)
Command-line OCR system
--------------------------------------------------------------------------------
Update Information:
Update for new ImageMagic.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Dmitrij S. Kryzhevich <krege at land.ru> - 1.1.0-15
- Rebuild for new ImageMagic.
--------------------------------------------------------------------------------
================================================================================
diskimage-builder-0.0.5-1.fc20 (FEDORA-2013-19076)
Image building tools for OpenStack
--------------------------------------------------------------------------------
Update Information:
Release 0.0.5
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 9 2013 Jeff Peeler <jpeeler at redhat.com> 0.0.5-1
- rebase to 0.0.5
--------------------------------------------------------------------------------
================================================================================
dnf-0.4.4-1.fc20 (FEDORA-2013-19064)
Package manager forked from Yum, using libsolv as a dependency resolver
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Aleš Kozumplík <ales at redhat.com> - 0.4.4-1
- fix: missing config file shouldn't cause a LibrepoExeption-triggered traceback. (Ales Kozumplik)
- basic python 3 support added. (Jan Silhan)
- input function in dnf.i18n renamed to ucd_input to avoid conflicts with buildin function (Jan Silhan)
- Improve error reporting in hdrFromPackage() (Ales Kozumplik)
- Resetting base.goal. (Ales Kozumplik)
- fix: install does not report file conflicts (RhBug:1017278) (Ales Kozumplik)
- Base.download_packages() must not assume self.progress exists. (Ales Kozumplik)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017278 - dnf does not notice file conflicts
https://bugzilla.redhat.com/show_bug.cgi?id=1017278
--------------------------------------------------------------------------------
================================================================================
drbdlinks-1.25-1.fc20 (FEDORA-2013-19081)
A program for managing links into a DRBD shared partition
--------------------------------------------------------------------------------
Update Information:
Upstream changes:
* Fixing string formatting exception in initialize_shared_storage (Fix by Flavio Grossi)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Robert Scheck <robert at fedoraproject.org> 1.25-1
- Upgrade to 1.25
--------------------------------------------------------------------------------
================================================================================
ghc-ForSyDe-3.1.1-16.fc20 (FEDORA-2013-19087)
ForSyDe's Haskell-embedded Domain Specific Language
--------------------------------------------------------------------------------
Update Information:
Fix bz #992356
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Shakthi Kannan <shakthimaan at fedoraproject.org> - 3.1.1-16
- Fix bz #992356 FTBFS in rawhide
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.1.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #992356 - [ARM] ghc-ForSyDe: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=992356
--------------------------------------------------------------------------------
================================================================================
glazedlists-1.9.0-3.fc20 (FEDORA-2013-19077)
A toolkit for transformations in Java
--------------------------------------------------------------------------------
Update Information:
Include treetable extension
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Mary Ellen Foster <mefoster at gmail.com> - 1.9.0-3
- Enable "treetable" extension which wasn't being built by default
--------------------------------------------------------------------------------
================================================================================
google-crosextra-caladea-fonts-1.002-0.1.20130214.fc20 (FEDORA-2013-19068)
Sans-serif font metric-compatible with Cambria font
--------------------------------------------------------------------------------
Update Information:
Sans-serif font metric-compatible with Cambria font
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017766 - Review Request: google-crosextra-caladea-fonts - Sans-serif font metric-compatible with Cambria font
https://bugzilla.redhat.com/show_bug.cgi?id=1017766
--------------------------------------------------------------------------------
================================================================================
gstreamer-0.10.36-6.fc20 (FEDORA-2013-19089)
GStreamer streaming media framework runtime
--------------------------------------------------------------------------------
Update Information:
drop BR: PyXML (https://fedoraproject.org/wiki/Features/RemovePyXML)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Dan Horák <dan[at]danny.cz> - 0.10.36-6
- drop BR: PyXML (https://fedoraproject.org/wiki/Features/RemovePyXML), fixes #992438
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.10.36-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Matthias Clasen <mclasen at redhat.com> 0.10.36-4
- Fix a bogus BR found by rpmdiff
* Wed Mar 27 2013 Adam Jackson <ajax at redhat.com> 0.10.36-3
- Tweak BRs for RHEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #992438 - gstreamer: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=992438
--------------------------------------------------------------------------------
================================================================================
gstreamer-plugins-base-0.10.36-6.fc20 (FEDORA-2013-19058)
GStreamer streaming media framework base plug-ins
--------------------------------------------------------------------------------
Update Information:
drop BR: PyXML (https://fedoraproject.org/wiki/Features/RemovePyXML)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Dan Horák <dan[at]danny.cz> - 0.10.36-6
- drop BR: PyXML (https://fedoraproject.org/wiki/Features/RemovePyXML), fixes #992440
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.10.36-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #992440 - gstreamer-plugins-base: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=992440
--------------------------------------------------------------------------------
================================================================================
iwhd-1.6-7.fc20 (FEDORA-2013-19057)
Image WareHouse Daemon
--------------------------------------------------------------------------------
Update Information:
Fix FTBFS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 Pete Zaitcev <zaitcev at redhat.com> - 1.6-7
- Add iwhd-1.6-f20.patch to deal with some mysterious GC vs MHD issue
- Disable build-time check -- hopefuly temporarily
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 28 2013 Petr Machata <pmachata at redhat.com> - 1.6-5
- Rebuild for boost 1.54.0
--------------------------------------------------------------------------------
================================================================================
jamonapi-2.74-2.fc20 (FEDORA-2013-19088)
A Java monitoring API
--------------------------------------------------------------------------------
Update Information:
update to 2.74.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 gil cattaneo <puntogil at libero.it> 2.74-2
- fix project url
* Sun Oct 13 2013 gil cattaneo <puntogil at libero.it> 2.74-1
- update to 2.74
--------------------------------------------------------------------------------
================================================================================
kde-plasma-nm-0.9.3.1-4.fc20 (FEDORA-2013-18708)
Plasma applet written in QML for managing network connections
--------------------------------------------------------------------------------
Update Information:
Plasma-nm 0.9.3.1 release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Jan Grulich <jgrulich at redhat.com> - 0.9.3.1-4
- Update to 0.9.3.1
* Mon Oct 14 2013 Jan Grulich <jgrulich at redhat.com> - 0.9.3.1-3.20131009git82dab6e
- Fix obsoletes
* Thu Oct 10 2013 Jan Grulich <jgrulich at redhat.com> - 0.9.3.1-2.20131009git82dab6e
- Add obsoletes for kde-plasma-networkmanagement
- Add rename script
* Wed Oct 9 2013 Jan Grulich <jgrulich at redhat.com> - 0.9.3.1-1.20131009git82dab6e
- Update to current git snapshot
* Tue Oct 1 2013 Jan Grulich <jgrulich at redhat.com> - 0.9.3.0-7
- Make ModemManager as runtime dependency installed with -mobile subpkg
- Resolves #1013838
--------------------------------------------------------------------------------
================================================================================
kobo-0.4.1-1.fc20 (FEDORA-2013-19067)
Python modules for tools development
--------------------------------------------------------------------------------
Update Information:
Bump version to 0.4.1.
Completely remove Django support on el5 and el6.
New upstream release
New upstream release
Completely remove Django support on el5 and el6.
New upstream release
New upstream release
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Daniel Mach <dmach at redhat.com> - 0.4.1-1
- Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach)
- Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach)
- Fix setup script to install additional package data. (Daniel Mach)
- Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach)
* Mon Jul 29 2013 Daniel Mach <dmach at redhat.com> - 0.4.0-2
- Drop admin subpackage on rhel <= 5
- Drop admin, django and hub subpackages on epel 6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #997735 - Error in packaging default.conf
https://bugzilla.redhat.com/show_bug.cgi?id=997735
[ 2 ] Bug #990016 - "make bkradd" is failing as kobo-client does not provide default.conf
https://bugzilla.redhat.com/show_bug.cgi?id=990016
--------------------------------------------------------------------------------
================================================================================
ladvd-1.0.4-11.fc20 (FEDORA-2013-19079)
CDP/LLDP sender for UNIX
--------------------------------------------------------------------------------
Update Information:
This updates make ladvd work in SELinux enforcing mode.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Tomasz Torcz <ttorcz at fedoraproject.org> - 1.0.4-11
- further SELinux policy fixes (#1018493, #1018497, #1018502, #1018503, #1018504, #1018505, #1018506)
* Tue Sep 17 2013 Tomasz Torcz <ttorcz at fedoraproject.org> - 1.0.4-10
- use macro for determining SELinux policy version
* Tue Sep 17 2013 Tomasz Torcz <ttorcz at fedoraproject.org> - 1.0.4-9
- apply SELinux policy patch by Daniel J Walsh (#975959)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018493 - SELinux is preventing /usr/sbin/ladvd from 'sendto' accesses on the unix_dgram_socket .
https://bugzilla.redhat.com/show_bug.cgi?id=1018493
[ 2 ] Bug #1018497 - SELinux is preventing /usr/sbin/ladvd from 'read' accesses on the file unix.
https://bugzilla.redhat.com/show_bug.cgi?id=1018497
[ 3 ] Bug #1018502 - SELinux is preventing /usr/sbin/ladvd from using the 'setrlimit' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=1018502
[ 4 ] Bug #1018503 - SELinux is preventing /usr/sbin/ladvd from using the 'sys_chroot' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1018503
[ 5 ] Bug #1018504 - SELinux is preventing /usr/sbin/ladvd from using the 'chown' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1018504
[ 6 ] Bug #1018505 - SELinux is preventing /usr/bin/bash from 'getattr' accesses on the file /proc/meminfo.
https://bugzilla.redhat.com/show_bug.cgi?id=1018505
[ 7 ] Bug #1018506 - SELinux is preventing /usr/bin/bash from 'read' accesses on the file meminfo.
https://bugzilla.redhat.com/show_bug.cgi?id=1018506
--------------------------------------------------------------------------------
================================================================================
libinfinity-0.5.4-3.fc20 (FEDORA-2013-19063)
Library implementing the infinote protocol
--------------------------------------------------------------------------------
Update Information:
- Make it not crash in several conditions: http://article.gmane.org/gmane.network.obby.user/415
- Enable more security protections
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Till Maas <opensource at till.name> - 0.5.4-3
- Harden build
* Sat Oct 12 2013 Matěj Cepl <mcepl at redhat.com> - 0.5.4-2
- Make infinoted build on EL-6
* Sun Aug 25 2013 Till Maas <opensource at till.name> - 0.5.4-1
- Update to new bugfix release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987364 - libinfinity-0.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=987364
--------------------------------------------------------------------------------
================================================================================
libmikmod-3.3.2-1.fc20 (FEDORA-2013-19082)
A MOD music file player library
--------------------------------------------------------------------------------
Update Information:
- New upstream
- New upstream libmikmod release 3.3.2
- New upstream mikmod release 3.2.3
- Drop a bunch of merged patches
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Hans de Goede <hdegoede at redhat.com> - 3.3.2-1
- New upstream and new upstream release 3.3.2
- Drop a bunch of merged patches
--------------------------------------------------------------------------------
================================================================================
libmm-qt-1.0.0-1.20131009git1496e4d.fc20 (FEDORA-2013-18708)
Qt-only wrapper for ModemManager DBus API
--------------------------------------------------------------------------------
Update Information:
Plasma-nm 0.9.3.1 release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 9 2013 Jan Grulich <jgrulich at redhat.com> - 1:1.0.0-1.20131009git1496e4d
- Update to current git snapshot
--------------------------------------------------------------------------------
================================================================================
libnm-qt-0.9.1-1.20131009git5af966a.fc20 (FEDORA-2013-18708)
Qt-only wrapper for NetworkManager DBus API
--------------------------------------------------------------------------------
Update Information:
Plasma-nm 0.9.3.1 release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 9 2013 Jan Grulich <jgrulich at redhat.com> - 1.0.9.1-1.20131009git5af966a
- Update to current git snapshot
--------------------------------------------------------------------------------
================================================================================
maradns-2.0.07c-2.fc20 (FEDORA-2013-19071)
Authoritative and recursive DNS server made with security in mind
--------------------------------------------------------------------------------
Update Information:
Thise updates fixes problem with MaraDNS starting too early with respect to network configuration.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Tomasz Torcz <ttorcz at fedoraproject.org> - 2.0.07c-2
- refresh systemd patch, introduce additional deps on network-online (#1015282)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1015282 - maradns systemd service files should start the daemons after network.target
https://bugzilla.redhat.com/show_bug.cgi?id=1015282
--------------------------------------------------------------------------------
================================================================================
mikmod-3.2.3-1.fc20 (FEDORA-2013-19082)
Console music module player
--------------------------------------------------------------------------------
Update Information:
- New upstream
- New upstream libmikmod release 3.3.2
- New upstream mikmod release 3.2.3
- Drop a bunch of merged patches
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Hans de Goede <hdegoede at redhat.com> - 3.2.3-1
- New upstream and new upstream release 3.2.3
- Drop a bunch of merged patches
--------------------------------------------------------------------------------
================================================================================
openldap-2.4.36-2.fc20 (FEDORA-2013-19086)
LDAP support libraries
--------------------------------------------------------------------------------
Update Information:
Fix connectionless LDAP with IPv6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Jan Synáček <jsynacek at redhat.com> - 2.4.36-2
- fix: CLDAP is broken for IPv6 (#1018688)
* Wed Sep 4 2013 Jan Synáček <jsynacek at redhat.com> - 2.4.36-2
- fix: typos in manpages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018688 - Connectionless LDAP is broken for IPv6
https://bugzilla.redhat.com/show_bug.cgi?id=1018688
--------------------------------------------------------------------------------
================================================================================
oyranos-0.4.0-12.fc20 (FEDORA-2013-19060)
The Oyranos Color Management System (CMS)
--------------------------------------------------------------------------------
Update Information:
Fix test for libXcm to fix FTBFS and upgrade path
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 15 2013 Bruno Wolff III <bruno at wolff.to> - 0.4.0-12
- Fix test for libXcm
* Sat Sep 14 2013 Bruno Wolff III <bruno at wolff.to> - 0.4.0-11
- Rebuild for libraw soname bump
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 30 2013 Petr Machata <pmachata at redhat.com> - 0.4.0-9
- Rebuild for boost 1.54.0
* Fri May 31 2013 Jon Ciesla <limburgher at gmail.com> - 0.4.0-8
- Rebuild for new LibRaw.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991898 - oyranos: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=991898
[ 2 ] Bug #1016388 - F19 to F20 upgrade looks like it will fail
https://bugzilla.redhat.com/show_bug.cgi?id=1016388
--------------------------------------------------------------------------------
================================================================================
pam-1.1.8-1.fc20 (FEDORA-2013-19083)
An extensible library which provides authentication for applications
--------------------------------------------------------------------------------
Update Information:
New minor upstream release with bugfixes and enhancement.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Tomáš Mráz <tmraz at redhat.com> 1.1.8-1
- new upstream release
- pam_tty_audit: allow the module to work with old kernels
- F20 only: disable message from pam_lastlog
* Fri Oct 4 2013 Tomáš Mráz <tmraz at redhat.com> 1.1.7-3
- pam_tty_audit: proper initialization of the tty_audit_status struct
* Mon Sep 30 2013 Tomáš Mráz <tmraz at redhat.com> 1.1.7-2
- add "local_users_only" to pam_pwquality in default configuration
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1013632 - remove lastlog from the default pam stack
https://bugzilla.redhat.com/show_bug.cgi?id=1013632
--------------------------------------------------------------------------------
================================================================================
pcapfix-1.0.0-1.fc20 (FEDORA-2013-19066)
A tool for repairing corrupted pcap files
--------------------------------------------------------------------------------
Update Information:
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Christopher Meng <rpm at cicku.me> - 1.0.0-1
- New version.
--------------------------------------------------------------------------------
================================================================================
perl-Module-Compile-0.23-1.fc20 (FEDORA-2013-19065)
Perl Module Compilation
--------------------------------------------------------------------------------
Update Information:
Version 0.23 changes build-time dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Jitka Plesnikova <jplesnik at redhat.com> - 0.23-1
- 0.23 bump
- Specify all dependencies
--------------------------------------------------------------------------------
================================================================================
perl-PDL-2.6.0.90-1.fc20 (FEDORA-2013-19059)
The Perl Data Language
--------------------------------------------------------------------------------
Update Information:
This release brings Perl Data Language (PDL) toolkit compatible with Perl 5.18 into the distribution.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Petr Pisar <ppisar at redhat.com> - 2.6.0.90-1
- 2.006_90 bump
- Enable Proj support
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.4.10-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 23 2013 Petr Pisar <ppisar at redhat.com> - 2.4.10-9
- Perl 5.18 rebuild
* Tue Jun 11 2013 Remi Collet <rcollet at redhat.com> - 2.4.10-8
- rebuild for new GD 2.1.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.4.10-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #914307 - perl-PDL: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=914307
[ 2 ] Bug #927585 - perl-PDL-2.006 is available
https://bugzilla.redhat.com/show_bug.cgi?id=927585
--------------------------------------------------------------------------------
================================================================================
perl-Params-CallbackRequest-1.20-1.fc20 (FEDORA-2013-19062)
Functional and object-oriented callback architecture
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Paul Howarth <paul at city-fan.org> - 1.20-1
- Update to 1.20
- Moved repository to https://github.com/theory/params-callbackrequest/
- Switched to a "traditional" Makefile.PL
- Specify all dependencies
- Don't need to remove empty directories from the buildroot
- Drop %defattr, redundant since rpm 4.4
- Make %files list more explicit
- Don't use macros for commands
--------------------------------------------------------------------------------
================================================================================
perl-Path-Tiny-0.043-1.fc20 (FEDORA-2013-18764)
File path utility
--------------------------------------------------------------------------------
Update Information:
Added file locking facilities.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Paul Howarth <paul at city-fan.org> - 0.043-1
- Update to 0.043
- Calling 'absolute' on Windows will add the volume if it is missing (e.g.
"/foo" will become "C:/foo"); this matches the behavior of
File::Spec->rel2abs
- Fixed t/00-report-prereqs.t for use with older versions of
CPAN::Meta::Requirements
* Sun Oct 13 2013 Paul Howarth <paul at city-fan.org> - 0.042-1
- Update to 0.042
- When 'realpath' can't be resolved (because intermediate directories don't
exist), the exception now explains the error clearly instead of complaining
about path() needing a defined, positive-length argument
- On Windows, fixed resolution of relative paths with a volume, e.g. "C:foo"
is now correctly translated into getdcwd on "C:" plus "foo"
* Fri Oct 11 2013 Paul Howarth <paul at city-fan.org> - 0.041-1
- Update to 0.041
- Remove duplicate test dependency on File::Spec that triggers a CPAN.pm bug
* Wed Oct 9 2013 Paul Howarth <paul at city-fan.org> - 0.040-1
- Update to 0.040
- The 'filehandle' method now offers an option to return locked handles
based on the file mode
- The 'filehandle' method now respects default encoding set by the caller's
open pragma
--------------------------------------------------------------------------------
================================================================================
postgresql-9.3.1-1.fc20 (FEDORA-2013-19092)
PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Jozef Mlich <jmlich at redhat.com> - 9.3.1-1
- update to 9.3.1 minor version per release notes:
http://www.postgresql.org/docs/9.3/static/release-9-3-1.html
--------------------------------------------------------------------------------
================================================================================
pulseaudio-4.0-7.gitf81e3.fc20 (FEDORA-2013-19085)
Improved Linux Sound Server
--------------------------------------------------------------------------------
Update Information:
Fresh snapshot, more bluez-related work/fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.0-7.gitf81e3
- %build fix typo, explicitly --enable-tests
* Mon Oct 14 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.0-6.gitf81e3
- ship a single autostart file
* Fri Oct 11 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.0-5.gitf81e3
- fresh snapshot
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.7.21-1.fc20 (FEDORA-2013-18840)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).
These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.
There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk at gmail.com> - 0.7.21-1
- New upstream bugfix release 0.7.21
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS
- Added a has_list_access_permissions function, which is used to
determine access to a list resource.
* Fri Oct 11 2013 Stephen Gallagher <sgallagh at redhat.com> - 0.7.20-1
- New upstream bugfix release 0.7.20
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.20.NEWS
- Fixed regression with pagination on the datagrid
* Thu Oct 10 2013 Stephen Gallagher <sgallagh at redhat.com> - 0.7.19-1
- New upstream security release 0.7.19
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.19.NEWS
- Resolves: CVE-2013-4409
- Resolves unsanitized eval() vulnerability
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API
https://bugzilla.redhat.com/show_bug.cgi?id=1016596
[ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists
https://bugzilla.redhat.com/show_bug.cgi?id=1016599
[ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1016601
--------------------------------------------------------------------------------
================================================================================
python-jsonpatch-1.2-1.fc20 (FEDORA-2013-19078)
Applying JSON Patches in Python
--------------------------------------------------------------------------------
Update Information:
Update python-warlock to 1.0.1 and add its new dependency python-jsonpatch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #997850 - python-warlock-1.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=997850
[ 2 ] Bug #982352 - Review Request: python-jsonpatch - Applying JSON Patches in Python
https://bugzilla.redhat.com/show_bug.cgi?id=982352
--------------------------------------------------------------------------------
================================================================================
python-warlock-1.0.1-1.fc20 (FEDORA-2013-19078)
Python object model built on top of JSON schema
--------------------------------------------------------------------------------
Update Information:
Update python-warlock to 1.0.1 and add its new dependency python-jsonpatch.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Alan Pevec <apevec at redhat.com> 1.0.1-1
- update to 1.0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #997850 - python-warlock-1.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=997850
[ 2 ] Bug #982352 - Review Request: python-jsonpatch - Applying JSON Patches in Python
https://bugzilla.redhat.com/show_bug.cgi?id=982352
--------------------------------------------------------------------------------
================================================================================
qtwebkit-2.3.3-1.fc20 (FEDORA-2013-19074)
Qt WebKit bindings
--------------------------------------------------------------------------------
Update Information:
New stable bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 Rex Dieter <rdieter at fedoraproject.org> 2.3.3-1
- qtwebkit-2.3.3
- include some post 2.3.3 commits/fixes
--------------------------------------------------------------------------------
================================================================================
samba-4.1.0-1.fc20 (FEDORA-2013-19084)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.1.0.
Update to Samba 4.1.0rc4.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 - Andreas Schneider <asn at redhat.com> - 4.1.0-1
- related: #985609 - Update to Samba 4.1.0.
* Tue Oct 1 2013 - Andreas Schneider <asn at redhat.com> - 2:4.1.0-0.8
- related: #985609 - Update to Samba 4.1.0rc4.
- resolves: #1010722 - Split out a samba-winbind-modules package.
* Wed Sep 11 2013 - Andreas Schneider <asn at redhat.com> - 2:4.1.0-0.7
- related: #985609 - Update to Samba 4.1.0rc3.
- resolves: #1005422 - Add support for KEYRING ccache type in pam_winbindd.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985609 - Update Samba to 4.1.x for RHEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=985609
[ 2 ] Bug #1010722 - Unable to instal both 32-bit and 64-bit packages samba-common and samba-winbind-clients
https://bugzilla.redhat.com/show_bug.cgi?id=1010722
--------------------------------------------------------------------------------
================================================================================
scala-2.10.3-2.fc20 (FEDORA-2013-18956)
A hybrid functional/object-oriented language for the JVM
--------------------------------------------------------------------------------
Update Information:
New upstream release with minor language enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 13 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.10.3-2
- Fix REPL crash issue when entering an exclaimation mark (#890069)
* Thu Oct 10 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.10.3-1
- New upstream release
* Thu Sep 26 2013 William Benton <willb at redhat.com> - 2.10.2-1
- upstream version 2.10.2
* Thu Sep 12 2013 William Benton <willb at redhat.com> - 2.10.1-4
- updated upstream source location (thanks to Antoine Gourlay for the observation)
* Wed Sep 11 2013 William Benton <willb at redhat.com> - 2.10.1-3
- Fixes to build and install on F19
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.10.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Mar 16 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.10.1-1
- New upstream releae
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Jan 7 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.10.0-1
- New upstream release
- Add patch to use system aQuate-bnd.jar file
* Thu Dec 13 2012 Jochen Schmitt <s4504kr at omega.in.herr-schmitt.de> - 2.10.0-0.5
- New upstream release
* Fri Dec 7 2012 Jochen Schmitt <Jochen herr-schmitt de> - 2.10.0-0.3
- New upstream release
--------------------------------------------------------------------------------
================================================================================
sssd-1.11.1-3.fc20 (FEDORA-2013-19061)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Fixed Global Catalog failover
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 8 2013 Jakub Hrozek <jhrozek at redhat.com> - 1.11.1-3
- Fix failover from Global Catalog to LDAP in case GC is not available
--------------------------------------------------------------------------------
================================================================================
sugar-portfolio-44-1.fc20 (FEDORA-2013-19091)
A simple tool for generating slide show from starred Journal entries
--------------------------------------------------------------------------------
Update Information:
Update to v44
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 29 2013 Kalpa Welivitigoda <callkalpa at gmail.com> 44-1
- release 44
--------------------------------------------------------------------------------
================================================================================
sxiv-1.1.1-1.fc20 (FEDORA-2013-19073)
Simple (or small or suckless) X Image Viewer
--------------------------------------------------------------------------------
Update Information:
sxiv now handles non-ascii characters properly.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Petr Šabata <contyk at redhat.com> - 1.1.1-1
- 1.1.1 bump
--------------------------------------------------------------------------------
================================================================================
vfrnav-20130920-1.fc20 (FEDORA-2013-19069)
VFR/IFR Navigation
--------------------------------------------------------------------------------
Update Information:
update to 20130920
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 23 2013 Thomas Sailer <t.sailer at alumni.ethz.ch> - 20130920-1
- update to 20130920
--------------------------------------------------------------------------------
================================================================================
voms-api-java-2.0.10-4.fc20 (FEDORA-2013-19080)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
Disable tests that fail due to expired CRL in sources.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.0.10-4
- Disable CRL tests (the CRL in the sources has expired)
--------------------------------------------------------------------------------
================================================================================
vrq-1.0.96-5.fc20 (FEDORA-2013-19072)
Verilog tool framework with plugins for manipulating source code
--------------------------------------------------------------------------------
Update Information:
Fix versioned docdirs
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2013 Shakthi Kannan <shakthimaan at fedoraproject.org> - 1.0.96-5
- Fix bz #992864
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.96-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #992864 - vrq: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=992864
--------------------------------------------------------------------------------
================================================================================
xinetd-2.3.15-9.fc20 (FEDORA-2013-19070)
A secure replacement for inetd
--------------------------------------------------------------------------------
Update Information:
Let systemd handle, if NetworkManager-wait-online is needed.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jan Synáček <jsynacek at redhat.com> - 2:2.3.15-9
- xinetd should not depend on NetworkManager-wait-online
- Resolves: #1002294
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1002294 - xinetd should not depend on NetworkManager-wait-online
https://bugzilla.redhat.com/show_bug.cgi?id=1002294
--------------------------------------------------------------------------------
More information about the test
mailing list