Fedora 20 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Mon Apr 14 22:49:37 UTC 2014


The following Fedora 20 Security updates need testing:
 Age  URL
 107  https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20
  53  https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-4691/a2ps-4.14-23.fc20
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-4769/ansible-1.5.4-1.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-4903/openstack-keystone-2013.2.3-2.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-4892/cacti-0.8.8b-5.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5018/smb4k-1.1.1-2.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5006/json-c-0.11-6.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5002/python-django-horizon-2013.2.3-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5015/elfutils-0.158-3.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-4683/libvpx-1.3.0-4.fc20
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-4774/gnome-shell-3.10.4-3.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-4995/mutter-3.10.4-2.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5015/elfutils-0.158-3.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5000/NetworkManager-0.9.9.0-35.git20131003.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-5006/json-c-0.11-6.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-4991/libwebp-0.3.1-3.fc20


The following builds have been pushed to Fedora 20 updates-testing

    NetworkManager-0.9.9.0-35.git20131003.fc20
    ReviewBoard-1.7.24-1.fc20
    armadillo-4.200.0-1.fc20
    bind-dyndb-ldap-4.3-1.fc20
    copr-cli-1.32-1.fc20
    elfutils-0.158-3.fc20
    homerun-1.2.3-1.fc20
    ibus-table-1.5.0.20140409-1.fc20
    jd-2.8.8-0.2.beta140329.fc20
    json-c-0.11-6.fc20
    lcgdm-1.8.8-4.fc20
    libcdr-0.0.16-1.fc20
    libsolv-0.6.0-0.git05baf54.fc20
    libwebp-0.3.1-3.fc20
    mirall-1.5.3-3.fc20
    mutter-3.10.4-2.fc20
    nss_wrapper-1.0.2-1.fc20
    nwchem-6.3.2-9.fc20
    oxygen-gtk2-1.4.5-1.fc20
    oxygen-gtk3-1.3.5-1.fc20
    perl-DBIx-Class-0.08250-3.fc20
    perl-Starlet-0.21-2.fc20
    php-pear-1.9.4-25.fc20
    pynag-0.8.5-1.fc20
    python-django-horizon-2013.2.3-1.fc20
    python-djblets-0.7.29-1.fc20
    rpmrebuild-2.11-1.fc20
    rubygem-cairo-1.12.9-1.fc20
    rubygem-domain_name-0.5.18-2.fc20
    rubygem-hikidoc-0.1.0-1.fc20
    rubygem-mini_portile-0.5.3-1.fc20
    rubygem-sequel-4.9.0-1.fc20
    rubygem-unf-0.1.4-2.fc20
    selinux-policy-3.12.1-153.fc20
    smb4k-1.1.1-2.fc20
    spacefm-0.9.4-1.fc20
    supybot-fedora-0.2.14-3.fc20
    watchdog-5.13-10.fc20
    wfut-1.1.0-15.fc20
    wine-1.7.16-2.fc20
    wordpress-3.8.2-1.fc20
    xorg-x11-drv-synaptics-1.7.4-6.fc20
    yash-2.36-1.fc20

Details about builds:


================================================================================
 NetworkManager-0.9.9.0-35.git20131003.fc20 (FEDORA-2014-5000)
 Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:

Backport several fixes from upstream
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Jiří Klimeš <jklimes at redhat.com> - 0.9.9.0-35.git20131003
- wifi: fix possible crash in Wi-Fi utils (rh #1086132)
* Tue Apr  8 2014 Thomas Haller <thaller at redhat.com> - 0.9.9.0-34.git20131003
- fix nm-online returning success wrongly (rh #1054364)
- fix crash in NMSecretAgent dispose (rh #1061911)
- fix adding addresses with extended address flags for older kernels (rh #1063885)
- cli: show maximum bitrate in MBit/s (rh #1080474)
- fix hanging pending action queued-state-lock (rh #1084556)
- core: emit PropertyChanged signal for ActiveConnection when disconnecting
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1054364 - nm-online returns success with no network connectivity
        https://bugzilla.redhat.com/show_bug.cgi?id=1054364
  [ 2 ] Bug #1061911 - [abrt] NetworkManager-0.9.9.0-20.git20131003.fc20: _g_log_abort: Process /usr/sbin/NetworkManager was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=1061911
  [ 3 ] Bug #1063885 - NetworkManager does not assign an IP address after last F20 update
        https://bugzilla.redhat.com/show_bug.cgi?id=1063885
  [ 4 ] Bug #1080474 - nmcli device wifi list shows wrong unit for rate column
        https://bugzilla.redhat.com/show_bug.cgi?id=1080474
  [ 5 ] Bug #1084556 - Fix balancing of queued-state-lock pending action
        https://bugzilla.redhat.com/show_bug.cgi?id=1084556
--------------------------------------------------------------------------------


================================================================================
 ReviewBoard-1.7.24-1.fc20 (FEDORA-2014-5042)
 Web-based code review tool
--------------------------------------------------------------------------------
Update Information:

http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/

Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Stephen Gallagher <sgallagh at redhat.com> 1.7.24-1
- - New upstream bugfix release 1.7.24
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24
* Wed Apr  9 2014 Stephen Gallagher <sgallagh at redhat.com> 1.7.23-1
- New upstream bugfix release 1.7.23
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23
--------------------------------------------------------------------------------


================================================================================
 armadillo-4.200.0-1.fc20 (FEDORA-2014-4978)
 Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:

This is latest stable release that features:
   * faster transpose of sparse matrices
   * more efficient handling of aliasing during matrix multiplication
   * faster inverse of matrices marked as diagonal

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 José Matos <jamatos at fedoraproject.org> - 4.200.0-1
- update to 4.200.0
--------------------------------------------------------------------------------


================================================================================
 bind-dyndb-ldap-4.3-1.fc20 (FEDORA-2014-4990)
 LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:

Update to upstream version 4.3.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Petr Spacek <pspacek redhat com> 4.3-1
- update to 4.3
--------------------------------------------------------------------------------


================================================================================
 copr-cli-1.32-1.fc20 (FEDORA-2014-4985)
 Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:

Initial release of new package after split of all Copr packages.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1077792 - Review Request: copr-cli - Command line interface for COPR
        https://bugzilla.redhat.com/show_bug.cgi?id=1077792
--------------------------------------------------------------------------------


================================================================================
 elfutils-0.158-3.fc20 (FEDORA-2014-5015)
 A collection of utilities and DSOs to handle compiled objects
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw.
Update to 0.158. Support for aarch64. Unwinder support for i386, x86_64, s390, s390x, ppc and ppc64. Add eu-stack.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Mark Wielaard <mjw at redhat.com> - 0.158-3
- Add elfutils-0.158-CVE-2014-0172.patch (#1085729)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1085663 - CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
        https://bugzilla.redhat.com/show_bug.cgi?id=1085663
--------------------------------------------------------------------------------


================================================================================
 homerun-1.2.3-1.fc20 (FEDORA-2014-5005)
 KDE Application Launcher
--------------------------------------------------------------------------------
Update Information:

Homerun update made on master by Rex Dieter
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Rex Dieter <rdieter at fedoraproject.org> 1.2.3-1
- 1.2.3
--------------------------------------------------------------------------------


================================================================================
 ibus-table-1.5.0.20140409-1.fc20 (FEDORA-2014-5027)
 The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:

Make toggling pinyin mode with the right shift key work, Make usage of engine name and dconf key consistent, Don’t switch off pinyin mode in clear()
Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Mike FABIAN <mfabian at redhat.com> - 1.5.0.20140409-1
- Make toggling pinyin mode with the right shift key work
- Don’t try to colour system phrases and user phrases differently in pinyin mode
- Resolves: rhbz#1084684
- Don’t switch off pinyin mode in clear()
- Make usage of engine name and dconf key consistent
* Wed Apr  2 2014 Mike FABIAN <mfabian at redhat.com> - 1.5.0.20140402-1
- Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1084684 - [abrt] ibus-table: table.py:670:ap_candidate:TypeError: unorderable types: str() < int()
        https://bugzilla.redhat.com/show_bug.cgi?id=1084684
--------------------------------------------------------------------------------


================================================================================
 jd-2.8.8-0.2.beta140329.fc20 (FEDORA-2014-5001)
 A 2ch browser
--------------------------------------------------------------------------------
Update Information:

New version 2.8.8 beta140329 is released, including rokka handling
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 2.8.8-0.2.beta140329
- 2.8.8 beta140329
* Thu Feb  6 2014 Mamoru TASAKA <mtasaka at fedoraproject.org>
- Update to the latest trunk
--------------------------------------------------------------------------------


================================================================================
 json-c-0.11-6.fc20 (FEDORA-2014-5006)
 A JSON implementation in C
--------------------------------------------------------------------------------
Update Information:

Address CVE-2013-6370 and CVE-2013-6371.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Susi Lehtola <jussilehtola at fedoraproject.org> - 0.11-7
- Address CVE-2013-6371 and CVE-2013-6370 (BZ #1085676 and #1085677).
- Enabled rdrand support.
* Mon Feb 10 2014 Susi Lehtola <jussilehtola at fedoraproject.org> - 0.11-6
- Bump spec.
* Sat Dec 21 2013 Ville Skyttä <ville.skytta at iki.fi> - 0.11-5
- Run test suite during build.
- Drop empty NEWS from docs.
* Tue Sep 10 2013 Susi Lehtola <jussilehtola at fedoraproject.org> - 0.11-4
- Remove default warning flags so that package builds on EPEL as well.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1032311 - CVE-2013-6371 json-c: hash collision DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=1032311
  [ 2 ] Bug #1032322 - CVE-2013-6370 json-c: buffer overflow if size_t is larger than int
        https://bugzilla.redhat.com/show_bug.cgi?id=1032322
--------------------------------------------------------------------------------


================================================================================
 lcgdm-1.8.8-4.fc20 (FEDORA-2014-5039)
 LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:

Patches for dpm-listspaces
Backported patch for GLOBUS_THREAD_MODEL
Update for new upstream release 1.8.8
Update for new upstream release 1.8.8
Backported patch for GLOBUS_THREAD_MODEL
Update for new upstream release 1.8.8
Update for new upstream release 1.8.8
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Alejandro Alvarez <aalvarez at cern.ch> - 1.8.8-4
- Patch: LCGDM-1380 and LCGDM-1386
--------------------------------------------------------------------------------


================================================================================
 libcdr-0.0.16-1.fc20 (FEDORA-2014-4986)
 A library providing ability to interpret and import CorelDRAW drawings
--------------------------------------------------------------------------------
Update Information:

New upstream release.
Adds support for files created by Corel Draw X7. Fixes some bugs related to closed paths with multiple components.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 David Tardon <dtardon at redhat.com> - 0.0.16-1
- new upstream release
* Wed Apr  9 2014 David Tardon <dtardon at redhat.com> - 0.0.15-2
- generate man pages
* Sat Apr  5 2014 David Tardon <dtardon at redhat.com> - 0.0.15-1
- new upstream release
* Thu Feb 13 2014 David Tardon <dtardon at redhat.com> - 0.0.14-6
- rebuild for new ICU
--------------------------------------------------------------------------------


================================================================================
 libsolv-0.6.0-0.git05baf54.fc20 (FEDORA-2014-5013)
 Package dependency solver
--------------------------------------------------------------------------------
Update Information:

new version
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Jan Silhan <jsilhan at redhat.com> - 0.6.0-0.git05baf54
- Rebase to 0.6.0, upstream commit 05baf54.
--------------------------------------------------------------------------------


================================================================================
 libwebp-0.3.1-3.fc20 (FEDORA-2014-4991)
 Library and tools for the WebP graphics format
--------------------------------------------------------------------------------
Update Information:

Fixing endian checks to make the decoder working correctly on s390.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Jaromir Capik <jcapik at redhat.com> - 0.3.1-3
- Fixing endian checks (#962091)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #962091 - Build fail on s390*
        https://bugzilla.redhat.com/show_bug.cgi?id=962091
--------------------------------------------------------------------------------


================================================================================
 mirall-1.5.3-3.fc20 (FEDORA-2014-4984)
 The ownCloud Client
--------------------------------------------------------------------------------
Update Information:

Use system qtlockedfile and qtsingleapplication instead of bundled ones
Fixed by Ville Skyttä 
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 20 2014 Ville Skyttä <ville.skytta at iki.fi> - 1.5.3-3
- Use system qtlockedfile and qtsingleapplication instead of bundled ones
--------------------------------------------------------------------------------


================================================================================
 mutter-3.10.4-2.fc20 (FEDORA-2014-4995)
 Window and compositing manager based on Clutter
--------------------------------------------------------------------------------
Update Information:

Backport patch to prevent crash with overly large windows (#1043659)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Florian Müllner <fmuellner at redhat.com> - 3.10.4-2
- Backport patch to prevent crash with overly large windows (#1043659)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1043659 - [abrt] gnome-shell-3.10.2.1-3.fc20: cogl_object_unref: Process /usr/bin/gnome-shell was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=1043659
--------------------------------------------------------------------------------


================================================================================
 nss_wrapper-1.0.2-1.fc20 (FEDORA-2014-5008)
 A wrapper for the user, group and hosts NSS API
--------------------------------------------------------------------------------
Update Information:

Update to version 1.0.2.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 - Andreas Schneider <asn at redhat.com> - 1.0.2-1
- Update to version 1.0.2.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1078824 - NSS_WRAPPER_HOSTS doesn't work with fqdn,getent ahostsv4, getent ahostsv6
        https://bugzilla.redhat.com/show_bug.cgi?id=1078824
--------------------------------------------------------------------------------


================================================================================
 nwchem-6.3.2-9.fc20 (FEDORA-2014-5034)
 Delivering High-Performance Computational Chemistry to Science
--------------------------------------------------------------------------------
Update Information:

removed bundling of BLAS, LAPACK, GA
Delivering High-Performance Computational Chemistry to Science
Delivering High-Performance Computational Chemistry to Science
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #984605 - Review Request: nwchem - Delivering High-Performance Computational Chemistry
        https://bugzilla.redhat.com/show_bug.cgi?id=984605
--------------------------------------------------------------------------------


================================================================================
 oxygen-gtk2-1.4.5-1.fc20 (FEDORA-2014-4976)
 Oxygen GTK+2 theme
--------------------------------------------------------------------------------
Update Information:

oxygen-gtk2 1.4.5

Improvements include:

- fix bluring behind tooltips in KDE on 64 bits machines
- improve detection of empty areas for window dragging
- re-enabling shadows behind menus and window background for recent libreoffice versions
- fix calculation of the tabs area, that was creating infinite repaint loop under certain conditions

oxygen-gtk3 1.3.5

Improvements include:

- fixed bugs similar to the ones found for gtk2 engine and described above
- made more widgets 'transparent' via css, to get the proper background gradient behind
- fix crash with menubar animations when invalid menubar was passed
- remove use of some deprecated code for gtk3-3.11
- fixed updates for treeviews embedded in scrolled-windows
- added (still not perfect) support for firefox compiled against gtk3


https://projects.kde.org/news/260
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1.4.5-1
- oxygen-gtk2-1.4.5
* Sat Mar  8 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1.4.4-1
- oxygen-gtk2-1.4.4
* Fri Jan 24 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1.4.3-1
- oxygen-gtk2-1.4.3
--------------------------------------------------------------------------------


================================================================================
 oxygen-gtk3-1.3.5-1.fc20 (FEDORA-2014-4976)
 Oxygen GTK+3 theme
--------------------------------------------------------------------------------
Update Information:

oxygen-gtk2 1.4.5

Improvements include:

- fix bluring behind tooltips in KDE on 64 bits machines
- improve detection of empty areas for window dragging
- re-enabling shadows behind menus and window background for recent libreoffice versions
- fix calculation of the tabs area, that was creating infinite repaint loop under certain conditions

oxygen-gtk3 1.3.5

Improvements include:

- fixed bugs similar to the ones found for gtk2 engine and described above
- made more widgets 'transparent' via css, to get the proper background gradient behind
- fix crash with menubar animations when invalid menubar was passed
- remove use of some deprecated code for gtk3-3.11
- fixed updates for treeviews embedded in scrolled-windows
- added (still not perfect) support for firefox compiled against gtk3


https://projects.kde.org/news/260
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1:1.3.5-1
- oxygen-gtk3-1.3.5
* Sat Mar  8 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1:1.3.4-1
- oxygen-gtk3-1.3.4
--------------------------------------------------------------------------------


================================================================================
 perl-DBIx-Class-0.08250-3.fc20 (FEDORA-2014-4996)
 Extensible and flexible object <-> relational mapper
--------------------------------------------------------------------------------
Update Information:

This release restores internal test suite compatibility with sqlite 3.8.2.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Petr Pisar <ppisar at redhat.com> - 0.08250-3
- Adapt to new sqlite-3.8.2 exception messages (bug #1085336)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1085336 - perl-DBIx-Class-0.08250-2.fc21 FTBFS
        https://bugzilla.redhat.com/show_bug.cgi?id=1085336
--------------------------------------------------------------------------------


================================================================================
 perl-Starlet-0.21-2.fc20 (FEDORA-2014-4980)
 Simple, high-performance PSGI/Plack HTTP server
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.21-2
- Add BR: perl(Plack::Test) (RHBZ#1085230).
- Minor spec file modernization.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1085230 - perl-Starlet-0.21-1.fc21 FTBFS
        https://bugzilla.redhat.com/show_bug.cgi?id=1085230
--------------------------------------------------------------------------------


================================================================================
 php-pear-1.9.4-25.fc20 (FEDORA-2014-5011)
 PHP Extension and Application Repository framework
--------------------------------------------------------------------------------
Update Information:

- Expand path in macros.pear
- Install macros to /usr/lib/rpm/macros.d
- Fix typo in pear man page
- Only enable needed extensions for pear/pecl commands

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Remi Collet <rcollet at redhat.com> 1:1.9.4-25
- only enable needed extensions for pear/pecl commands
- fix typo in pear man page
* Tue Feb 11 2014 Remi Collet <rcollet at redhat.com> 1:1.9.4-24
- Expand path in macros.pear
- Install macros to /usr/lib/rpm/macros.d where available
--------------------------------------------------------------------------------


================================================================================
 pynag-0.8.5-1.fc20 (FEDORA-2014-5036)
 Python modules and utilities for Nagios plugins and configuration
--------------------------------------------------------------------------------
Update Information:

Updated to latest upstream version
New upstream version
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Tomas Edwardsson <tommi at tommi.org> 0.8.5-1
- Updated to latest upstream version
* Mon Jan  6 2014 Tomas Edwardsson <tommi at tommi.org> 0.7.0-2
- Update invalid changelog entries
* Sat Nov  2 2013 Tomas Edwardsson <tommi at tommi.org> 0.7.0-1
- New upstream version
--------------------------------------------------------------------------------


================================================================================
 python-django-horizon-2013.2.3-1.fc20 (FEDORA-2014-5002)
 Django application for talking to Openstack
--------------------------------------------------------------------------------
Update Information:

rebase to 2013.2.3, fix cve-2014-0157
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Matthias Runge <mrunge at redhat.com> - 2013.2.3-1
- rebase to 2013.2.3
- fix CVE-2014-0157 (rhbz#1085825)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1082858 - CVE-2014-0157 OpenStack: XSS in Horizon orchestration dashboard when using a malicious template
        https://bugzilla.redhat.com/show_bug.cgi?id=1082858
--------------------------------------------------------------------------------


================================================================================
 python-djblets-0.7.29-1.fc20 (FEDORA-2014-5042)
 A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:

http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/

Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Stephen Gallagher <sgallagh at redhat.com> 0.7.29-1
- New upstream release 0.7.29
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.29.NEWS
--------------------------------------------------------------------------------


================================================================================
 rpmrebuild-2.11-1.fc20 (FEDORA-2014-4983)
 A tool to build rpm file from rpm database
--------------------------------------------------------------------------------
Update Information:

New package from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Anderson Silva <ansilva at redhat.com> - 2.11-1
- New package from upstream.
--------------------------------------------------------------------------------


================================================================================
 rubygem-cairo-1.12.9-1.fc20 (FEDORA-2014-5020)
 Ruby bindings for cairo
--------------------------------------------------------------------------------
Update Information:

New version 1.12.9 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.12.9-1
- 1.12.9
--------------------------------------------------------------------------------


================================================================================
 rubygem-domain_name-0.5.18-2.fc20 (FEDORA-2014-4987)
 Domain Name manipulation library for Ruby
--------------------------------------------------------------------------------
Update Information:

New version 0.5.18 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.5.18-2
- Support Minitest 5+
* Mon Apr  7 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.5.18-1
- 0.5.18
--------------------------------------------------------------------------------


================================================================================
 rubygem-hikidoc-0.1.0-1.fc20 (FEDORA-2014-4989)
 Text-to-HTML conversion tool for web writers
--------------------------------------------------------------------------------
Update Information:

New version 0.1.0 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.1.0-1
- 0.1.0
--------------------------------------------------------------------------------


================================================================================
 rubygem-mini_portile-0.5.3-1.fc20 (FEDORA-2014-5025)
 Simplistic port-like solution for developers
--------------------------------------------------------------------------------
Update Information:

New version 0.5.3 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.5.3-1
- 0.5.3
--------------------------------------------------------------------------------


================================================================================
 rubygem-sequel-4.9.0-1.fc20 (FEDORA-2014-5007)
 The Database Toolkit for Ruby
--------------------------------------------------------------------------------
Update Information:

Upgrade to sequel 4.9.0
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Alejandro Pérez <aeperezt at fedoraproject.org> - 4.9.0-1
- Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1083982 - rubygem-sequel-4.9.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1083982
--------------------------------------------------------------------------------


================================================================================
 rubygem-unf-0.1.4-2.fc20 (FEDORA-2014-5003)
 Wrapper library to bring Unicode Normalization Form support to Ruby/JRuby
--------------------------------------------------------------------------------
Update Information:

New version 0.1.4 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.1.4-2
- Support Minitest 5.x
* Wed Apr  9 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.1.4-1
- 0.1.4
--------------------------------------------------------------------------------


================================================================================
 selinux-policy-3.12.1-153.fc20 (FEDORA-2014-4933)
 SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:

- Change hsperfdata_root to have as user_tmp_t
- Allow rsyslog low-level network access
- Fix use_nfs_home_dirs/use_samba_home_dirs for xdm_t to allow append .xsession-errors by lightdm
- nslcd wants chown capability
- Fix Multiple same specifications for /var/named/chroot/dev/zero
- Add labels for /var/named/chroot_sdb/dev devices
- Add support for strongimcv
- Use kerberos_keytab_domains in auth_use_nsswitch
- Update auth_use_nsswitch to make all these types as kerberos_keytab_domain to
- Allow net_raw cap for neutron_t and send sigkill to dnsmasq
- Fix ntp_filetrans_named_content for sntp-kod file
- Add httpd_dbus_sssd boolean
- Dontaudit exec insmod in boinc policy
- Rename kerberos_keytab_domain to kerberos_keytab_domains
- Add kerberos_keytab_domain()
- Fix kerberos_keytab_template()
- Make all domains which use kerberos as kerberos_keytab_domain
- Allow kill capability to winbind_t
- varnishd wants chown capability
- update ntp_filetrans_named_content() interface
- Add additional fixes for neutron_t. #1083335
- Dontaudit getattr on proc_kcore_t
- Allow pki_tomcat_t to read ipa lib files
- Allow named_filetrans_domain to create /var/cache/ibus with correct labelign
- Allow init_t run /sbin/augenrules
- Add dev_unmount_sysfs_fs and sysnet_manage_ifconfig_run interfaces
- Allow unpriv SELinux user to use sandbox
- Add default label for /tmp/hsperfdata_root
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-153
- Back port puppet fixes from rawhide
- Allow automount to getattr all files
- openvpn_can_network_connect boolean set default on
- Allow conman to resolve DNS and use user ptys
- update pegasus_openlmi_admin_t policy
- Allow docker to status any unit file and allow it to start generic unit files
- Additional perms for gear domain
* Tue Apr  8 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-152
- Change hsperfdata_root to have as user_tmp_t
- Allow rsyslog low-level network access
- Fix use_nfs_home_dirs/use_samba_home_dirs for xdm_t to allow append .xsession-errors by lightdm
- nslcd wants chown capability
* Fri Apr  4 2014 Lukas Vrabec <lvrabec at redhat.com> 3.12.1-151
- Fix Multiple same specifications for /var/named/chroot/dev/zero
- Add labels for /var/named/chroot_sdb/dev devices
- Add support for strongimcv
- Use kerberos_keytab_domains in auth_use_nsswitch
- Update auth_use_nsswitch to make all these types as kerberos_keytab_domain to
- Allow net_raw cap for neutron_t and send sigkill to dnsmasq
- Fix ntp_filetrans_named_content for sntp-kod file
- Add httpd_dbus_sssd boolean
- Dontaudit exec insmod in boinc policy
- Rename kerberos_keytab_domain to kerberos_keytab_domains
- Add kerberos_keytab_domain()
- Fix kerberos_keytab_template()
- Make all domains which use kerberos as kerberos_keytab_domain
- Allow kill capability to winbind_t
* Wed Apr  2 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-150
- varnishd wants chown capability
- update ntp_filetrans_named_content() interface
- Add additional fixes for neutron_t. #1083335
- Dontaudit getattr on proc_kcore_t
- Allow pki_tomcat_t to read ipa lib files
- Allow named_filetrans_domain to create /var/cache/ibus with correct labelign
- Allow init_t run /sbin/augenrules
- Add dev_unmount_sysfs_fs and sysnet_manage_ifconfig_run interfaces
- Allow unpriv SELinux user to use sandbox
- Add default label for /tmp/hsperfdata_root
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1012426 - Combine puppet_t and puppetmaster_t domains
        https://bugzilla.redhat.com/show_bug.cgi?id=1012426
  [ 2 ] Bug #1084744 - SELinux is preventing /usr/sbin/openvpn from 'name_connect' accesses on the tcp_socket .
        https://bugzilla.redhat.com/show_bug.cgi?id=1084744
  [ 3 ] Bug #1077689 - Allow certmonger to write CSR for IPA
        https://bugzilla.redhat.com/show_bug.cgi?id=1077689
  [ 4 ] Bug #1078783 - SELinux prevents certmonger from accessing /etc/pki/pki-tomcat/alias
        https://bugzilla.redhat.com/show_bug.cgi?id=1078783
  [ 5 ] Bug #1079236 - SELinux is preventing /usr/bin/python3.3 from 'execute' accesses on the file .
        https://bugzilla.redhat.com/show_bug.cgi?id=1079236
  [ 6 ] Bug #1079239 - SELinux is preventing /usr/bin/vmware-user-suid-wrapper from read, write access on the chr_file .
        https://bugzilla.redhat.com/show_bug.cgi?id=1079239
  [ 7 ] Bug #1079568 - SELinux is preventing /opt/google/chrome/nacl_helper from 'lock' accesses on the unix_stream_socket .
        https://bugzilla.redhat.com/show_bug.cgi?id=1079568
  [ 8 ] Bug #1080413 - SELinux is preventing /usr/bin/evince-thumbnailer from 'append' accesses on the file .
        https://bugzilla.redhat.com/show_bug.cgi?id=1080413
  [ 9 ] Bug #1080551 - SELinux is preventing /usr/sbin/chronyd from 'write' accesses on the sock_file .
        https://bugzilla.redhat.com/show_bug.cgi?id=1080551
  [ 10 ] Bug #1080978 - SELinux is preventing /usr/bin/kdm from using the 'signull' accesses on a process.
        https://bugzilla.redhat.com/show_bug.cgi?id=1080978
  [ 11 ] Bug #1081602 - SELinux is preventing /opt/google/chrome/nacl_helper from 'execute' accesses on the file .
        https://bugzilla.redhat.com/show_bug.cgi?id=1081602
  [ 12 ] Bug #1083335 - nova baremetal instances fail to find image to boot when selinux is set to enforcing
        https://bugzilla.redhat.com/show_bug.cgi?id=1083335
  [ 13 ] Bug #1083576 - SELinux is preventing /usr/sbin/winbindd from using the 'kill' capabilities.
        https://bugzilla.redhat.com/show_bug.cgi?id=1083576
  [ 14 ] Bug #1084696 - SELinux is preventing /usr/sbin/nslcd from using the 'chown' capabilities.
        https://bugzilla.redhat.com/show_bug.cgi?id=1084696
  [ 15 ] Bug #1084698 - SELinux is preventing /usr/sbin/lightdm from 'append' accesses on the file .xsession-errors.
        https://bugzilla.redhat.com/show_bug.cgi?id=1084698
--------------------------------------------------------------------------------


================================================================================
 smb4k-1.1.1-2.fc20 (FEDORA-2014-5018)
 The SMB/CIFS Share Browser for KDE
--------------------------------------------------------------------------------
Update Information:

Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch. This release fixes a crash bug and a potential security issue
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 28 2014 Sérgio Basto <sergio at serjux.com> - 1.1.1-2
- Fix internal broken dependencies.
* Thu Mar 27 2014 Sérgio Basto <sergio at serjux.com> - 1.1.1-1
- Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch.
  This release fixes a crash bug and a potential security issue (rhbz #1079820)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1079819 - CVE-2014-2581 smb4k: potential credential cache leak fixed in version 1.1.1
        https://bugzilla.redhat.com/show_bug.cgi?id=1079819
--------------------------------------------------------------------------------


================================================================================
 spacefm-0.9.4-1.fc20 (FEDORA-2014-5019)
 Multi-panel tabbed file and desktop manager
--------------------------------------------------------------------------------
Update Information:

New version 0.9.4 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.9.4-1
- 0.9.4
--------------------------------------------------------------------------------


================================================================================
 supybot-fedora-0.2.14-3.fc20 (FEDORA-2014-5010)
 Plugin for Supybot to interact with Fedora services
--------------------------------------------------------------------------------
Update Information:

Include python-arrow.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Ralph Bean <rbean at redhat.com> - 0.2.14-3
- Requires on python-arrow, because we need it now.
* Mon Apr  7 2014 Ralph Bean <rbean at redhat.com> - 0.2.14-2
- BR on python2-devel for fancy macros.
* Mon Apr  7 2014 Ian Weller <iweller at redhat.com> - 0.2.14-1
- Version 0.2.14
--------------------------------------------------------------------------------


================================================================================
 watchdog-5.13-10.fc20 (FEDORA-2014-5021)
 Software and/or Hardware watchdog daemon
--------------------------------------------------------------------------------
Update Information:

Updates for enabled selinux and for system startup / network manager requirements for watchdog ping test.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Ales Ledvinka <aledvink at redhat.com> - 5.13-10
- build version bump to resolve conflict of present build with discarded result.
* Thu Nov  7 2013 Ales Ledvinka <aledvink at redhat.com> - 5.13-9
- SELinux: Add /usr/libexec/watchdog/scripts/ for test-bin and repair-bin to inherit from.
- systemd: service with network available dependency
- systemd: correct cgroup for realtime settings
- Document SELinux and systemd.
* Thu Oct 24 2013 Ales Ledvinka <aledvink at redhat.com> - 5.13-5
- SELinux: do not reopen descriptors for reading when only appending.
* Fri Aug  9 2013 Richard W.M. Jones <rjones at redhat.com> - 5.13-4
- Fix License field (software is GPLv2+, not "GPL+").
* Thu Aug  8 2013 Richard W.M. Jones <rjones at redhat.com> - 5.13-3
- Rename README.Fedora to README.RHEL on RHEL.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1085759 - System fails to boot when network watchdog enabled
        https://bugzilla.redhat.com/show_bug.cgi?id=1085759
--------------------------------------------------------------------------------


================================================================================
 wfut-1.1.0-15.fc20 (FEDORA-2014-4979)
 Software updater tool for WorldForge applications
--------------------------------------------------------------------------------
Update Information:

Rebuilt because of libgcj ABI break
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 10 2014 Martin Preisler <mpreisle at redhat.com> - 1.1.0-15
- Rebuilt because of libgcj ABI break
--------------------------------------------------------------------------------


================================================================================
 wine-1.7.16-2.fc20 (FEDORA-2014-5040)
 A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:

1.7.16
* More regression test fixes.
* String arrays better supported in the IDL compiler.
* Initial stubs for DirectX Video Acceleration.
* Various bug fixes.

1.7.15
* New Task Scheduler service.
* Many regression test fixes.
* Support for exception unwinding in VBScript.
* Various bug fixes.

1.7.14
* More Task Scheduler support.
* Improvements for AVI encoding support.
* More VisualBasic interfaces in MSXML.
* Support for deflate content encoding in Wininet.
* Some fixes for monochrome printers.
* Various bug fixes.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.7.16-2
- explicitly require libpng (fixes rhbz#1085075)
* Mon Apr  7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.7.16-1
- version upgrade
* Mon Mar 24 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.7.15-1
- version upgrade
* Sat Mar  8 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.7.14-1
- version upgrade
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1055315 - wine-1.7.14 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1055315
  [ 2 ] Bug #1085075 - Wine uses libpng, but the RPM package does not depend on it
        https://bugzilla.redhat.com/show_bug.cgi?id=1085075
--------------------------------------------------------------------------------


================================================================================
 wordpress-3.8.2-1.fc20 (FEDORA-2014-5029)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

Upstream announcement: http://wordpress.org/news/2014/04/wordpress-3-8-2/
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Remi Collet <remi at fedoraproject.org> - 3.8.2-1
- update to 3.8.2 Security Release
- fix privilege escalation issue  CVE-2014-0165
- fix authentication bypass issue CVE-2014-0166
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1085858 - CVE-2014-0166 wordpress: authentication bypass via forged cookies
        https://bugzilla.redhat.com/show_bug.cgi?id=1085858
  [ 2 ] Bug #1085866 - CVE-2014-0165 wordpress: privilege escalation issue allowing contributors to publish posts
        https://bugzilla.redhat.com/show_bug.cgi?id=1085866
--------------------------------------------------------------------------------


================================================================================
 xorg-x11-drv-synaptics-1.7.4-6.fc20 (FEDORA-2014-4988)
 Xorg X11 Synaptics touchpad input driver
--------------------------------------------------------------------------------
Update Information:

Add L440 and X1 Carbon tags/config to enable the top softwarebutton area
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  9 2014 Peter Hutterer <peter.hutterer at redhat.com> 1.7.4-6
- Add L440 and X1 Carbon tags/config
--------------------------------------------------------------------------------


================================================================================
 yash-2.36-1.fc20 (FEDORA-2014-5035)
 Yet Another SHell
--------------------------------------------------------------------------------
Update Information:

New version 2.36 is released.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------



More information about the test mailing list