Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Mar 4 06:48:39 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
74 https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20
66 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20
48 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20
22 https://admin.fedoraproject.org/updates/FEDORA-2014-2221/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc20
17 https://admin.fedoraproject.org/updates/FEDORA-2014-2452/augeas-1.2.0-1.fc20
13 https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20
12 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20
10 https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2014-2999/perl-CGI-Application-4.50-9.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-3054/python-swiftclient-2.0.2-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-3169/rubygem-activerecord-4.0.0-2.fc20,rubygem-actionpack-4.0.0-3.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-3184/freeradius-3.0.1-4.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-3222/v8-3.14.5.10-6.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-3300/pylint-1.1.0-1.fc20,python-astroid-1.0.1-2.fc20,python-logilab-common-0.61.0-1.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-3338/mediawiki-1.21.6-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3413/gnutls-3.1.20-4.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3365/subversion-1.8.8-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3401/php-sabre-dav-1.8.9-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
111 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-3065/langtable-0.0.24-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-3244/audit-2.3.4-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-3313/colord-1.1.7-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-3292/harfbuzz-0.9.26-1.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-3330/gdisk-0.8.9-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3359/control-center-3.10.3-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3413/gnutls-3.1.20-4.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3361/libdrm-2.4.52-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-3377/nss-util-3.15.5-1.fc20,nss-softokn-3.15.5-2.fc20,nss-3.15.5-1.fc20
The following builds have been pushed to Fedora 20 updates-testing
cabal-rpm-0.8.10-1.fc20
coda-6.9.5-12.fc20
control-center-3.10.3-1.fc20
darktable-1.4.1-2.fc20
eclipse-eclemma-2.2.1-4.fc20
gfal2-python-1.4.1-1.fc20
gloox-1.0.9-2.fc20
gnutls-3.1.20-4.fc20
homebank-4.5.6-1.fc20
httpd-2.4.7-3.fc20
ifuse-1.1.3-1.fc20
iptraf-ng-1.1.4-5.fc20
kpcli-2.4-1.fc20
libcgroup-0.38-8.fc20
libdrm-2.4.52-1.fc20
nemo-2.0.8-9.fc20
nodejs-should-3.1.3-1.fc20
nodeunit-0.8.6-3.fc20
nss-3.15.5-1.fc20
nss-softokn-3.15.5-2.fc20
nss-util-3.15.5-1.fc20
opari2-1.1.2-3.fc20
perl-Devel-Autoflush-0.06-1.fc20
perl-Test-Kwalitee-Extra-0.2.0-2.fc20
php-horde-Horde-Autoloader-2.0.1-5.fc20
php-horde-Horde-Dav-1.0.3-3.fc20
php-pecl-apcu-4.0.4-1.fc20
php-pecl-xdebug-2.2.4-1.fc20
php-phpunit-PHP-TokenStream-1.2.2-1.fc20
php-sabre-dav-1.8.9-1.fc20
php-sabre-vobject-3.1.3-1.fc20
python-squaremap-1.0.3-1.fc20
python-whoosh-2.5.7-1.fc20
python-xdot-0.6-1.fc20
root-5.34.17-1.fc20
rubygem-sequel-4.8.0-1.fc20
rubygem-systemu-2.6.3-1.fc20
snappy-player-0.3.7-1.20131221git4fc7f4bd.fc20
subversion-1.8.8-1.fc20
xsensors-0.72-1.fc20
zeromq-ada-2.1.0-12.24032011git.fc20
Details about builds:
================================================================================
cabal-rpm-0.8.10-1.fc20 (FEDORA-2014-3355)
RPM packaging tool for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.10:
- new diff command replaces cblrpm-diff
- new missingdeps command
- should now work better on RHEL 5 and 6
Changes from 0.8.8 and 0.8.9:
- use .spec file when no .cabal file
- fix: install command now works if dependencies not packaged
- fix: do not re-copy cached tarball each time
- use new shorter hackage2 URL for packages
- filter @ and \ quotes in descriptions
- capitalize start of summary and description
- new prep command (like "fedpkg prep")
- new depends and requires commands list depends or buildrequires
- new builddep command (similar to yum-buildep)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Jens Petersen <petersen at redhat.com> - 0.8.10-1
- new diff command replaces cblrpm-diff script
- new missingdeps command
- should now work on RHEL 5 and 6: dropped use use of rpmspec
- add a temporary cblrpm-diff compat script
- refresh description
* Mon Feb 10 2014 Jens Petersen <petersen at redhat.com> - 0.8.9-1
- bugfix for error handling dir with spec file
- cblrpm-diff arg is now optional
* Sun Feb 9 2014 Jens Petersen <petersen at redhat.com> - 0.8.8-1
- use .spec file to determine package if no .cabal file (with or without arg)
- bugfix: install command now works if some dependencies not packaged
- bugfix: do not re-copy cached tarball each time
- use new shorter hackage2 URL for packages
- filter @ and \ quotes in descriptions
- capitalize start of summary and description
- new prep command (like "rpmbuild -bp" or "fedpkg prep")
- new depends and requires commands list package depends or buildrequires
- new builddep command (like yum-buildep, but allows missing packages)
--------------------------------------------------------------------------------
================================================================================
coda-6.9.5-12.fc20 (FEDORA-2014-3411)
Coda distributed file system
--------------------------------------------------------------------------------
Update Information:
Fixed service file error (bz1071534)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Neil Horman <nhorman at redhat.com> - 6.9.5-12
- Fixed service file error (bz1071534)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071534 - Typo in codasrv.service start script
https://bugzilla.redhat.com/show_bug.cgi?id=1071534
--------------------------------------------------------------------------------
================================================================================
control-center-3.10.3-1.fc20 (FEDORA-2014-3359)
Utilities to configure the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
A wide assortment of bug fixes:
https://download.gnome.org/sources/gnome-control-center/3.10/gnome-control-center-3.10.3.news
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Debarshi Ray <rishi at fedoraproject.org> - 1:3.10.3-1
- Update to 3.10.3
--------------------------------------------------------------------------------
================================================================================
darktable-1.4.1-2.fc20 (FEDORA-2014-3384)
Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.4.1 and fix missing rpath
Upgrade to 1.4.1
Upgrade to 1.4.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Edouard Bourguignon <madko at linuxed.net> - 1.4.1-2
- Restore rpath for internal lib
* Wed Feb 12 2014 Edouard Bourguignon <madko at linuxed.net> - 1.4.1-1
- Upgrade to 1.4.1
- Remove tools source files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063007 - darktable-1.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1063007
--------------------------------------------------------------------------------
================================================================================
eclipse-eclemma-2.2.1-4.fc20 (FEDORA-2014-3393)
Java code coverage tool plugin for Eclipse
--------------------------------------------------------------------------------
Update Information:
eclipse-eclemma < 2.2.1-4 would be broken on f20 since the OSGi metadata requires jacoco < 0.6.4 (see bundle manifests) , and jacoco is now at 0.6.4. This build has applies the f21 patch 'Relax version requirement on jacoco'.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Mikolaj Izdebski <mizdebsk at redhat.com> - 2.2.1-4
- Relax version requirement on jacoco
* Fri Feb 21 2014 Alexander Kurtakov <akurtako at redhat.com> 2.2.1-3
- Change dependencies to new names and drop deps implied by other dependencies.
--------------------------------------------------------------------------------
================================================================================
gfal2-python-1.4.1-1.fc20 (FEDORA-2014-3376)
Python bindings for gfal 2.0
--------------------------------------------------------------------------------
Update Information:
Release 1.4.1 of gfal2 python bindings, see RELEASE-NOTES for details
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Adrien Devresse <adevress at cern.ch> - 1.4.1-1
- Release 1.4.1 of gfal2 python bindings, see RELEASE-NOTES for details
* Sat Nov 16 2013 Ville Skyttä <ville.skytta at iki.fi> - 1.3.0-2
- Install docs to %{_pkgdocdir} where available (#993774).
- Own doc dirs.
--------------------------------------------------------------------------------
================================================================================
gloox-1.0.9-2.fc20 (FEDORA-2014-3383)
A rock-solid, full-featured Jabber/XMPP client C++ library
--------------------------------------------------------------------------------
Update Information:
Add requires gnutls-devel and libidn-devel into -devel subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Pavel Alexeev <Pahan at Hubbitus.info> - 1:1.0.9-2
- Add Requires: gnutls-devel, libidn-devel into devel package bz#1034988.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1034988 - gloox-devel should require gnutls-devel and libidn-devel
https://bugzilla.redhat.com/show_bug.cgi?id=1034988
--------------------------------------------------------------------------------
================================================================================
gnutls-3.1.20-4.fc20 (FEDORA-2014-3413)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Added fix for CVE-2014-0092
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 27 2014 Nikos Mavrogiannopoulos <nmav at redhat.com> - 3.1.20-4
- fixes CVE-2014-0092 (#1071795)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1069865 - CVE-2014-0092 gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)
https://bugzilla.redhat.com/show_bug.cgi?id=1069865
--------------------------------------------------------------------------------
================================================================================
homebank-4.5.6-1.fc20 (FEDORA-2014-3370)
Free easy personal accounting for all
--------------------------------------------------------------------------------
Update Information:
New upstream version 4.5.6, fix rhbz #1071915 and spec cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Filipe Rosset <rosset.filipe at gmail.com> - 4.5.6-1
- New upstream version 4.5.6, fix rhbz #1071915 and spec cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071915 - homebank-4.5.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1071915
--------------------------------------------------------------------------------
================================================================================
httpd-2.4.7-3.fc20 (FEDORA-2014-3353)
Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This update contains the latest release of the Apache HTTP Server, version 2.4.7.
Numerous bug fixes and minor enhancements are included; for more information see:
http://www.apache.org/dist/httpd/CHANGES_2.4.7
- fix graceful restart using legacy actions
- Create drop directory for systemd snippets
- use 2048-bit RSA key with SHA-256 signature in dummy certificate
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 20 2014 Jan Kaluza <jkaluza at redhat.com> - 2.4.7-3
- fix graceful restart using legacy actions
- Create drop directory for systemd snippets
- use 2048-bit RSA key with SHA-256 signature in dummy certificate
* Thu Dec 12 2013 Joe Orton <jorton at redhat.com> - 2.4.7-2
- conflict with pre-1.5.0 APR
- fix sslsninotreq patch
* Wed Nov 27 2013 Joe Orton <jorton at redhat.com> - 2.4.7-1
- update to 2.4.7 (#1034071)
* Fri Nov 22 2013 Joe Orton <jorton at redhat.com> - 2.4.6-10
- switch to requiring system-logos-httpd (#1031288)
* Tue Nov 12 2013 Joe Orton <jorton at redhat.com> - 2.4.6-9
- change mmnisa to drop "-" altogether
* Tue Nov 12 2013 Joe Orton <jorton at redhat.com> - 2.4.6-8
- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide
for transition
* Fri Nov 1 2013 Jan Kaluza <jkaluza at redhat.com> - 2.4.6-7
- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1034071 - httpd-2.4.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1034071
[ 2 ] Bug #1071859 - upgradepath: Fedora 19 has a newer httpd version than Fedora 20
https://bugzilla.redhat.com/show_bug.cgi?id=1071859
--------------------------------------------------------------------------------
================================================================================
ifuse-1.1.3-1.fc20 (FEDORA-2014-3400)
Mount Apple iPhone and iPod touch devices
--------------------------------------------------------------------------------
Update Information:
Changes:
- Updated to compile with latest libimobiledevice
- New command line options --documents and --container (obsoletes --appid)
- Handle error condition caused by pending iOS7+ trust dialog
- Minor fixes and changes
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Peter Robinson <pbrobinson at fedoraproject.org> 1.1.3-1
- New upstream 1.1.3 release
--------------------------------------------------------------------------------
================================================================================
iptraf-ng-1.1.4-5.fc20 (FEDORA-2014-3373)
A console-based network monitoring utility
--------------------------------------------------------------------------------
Update Information:
fix for bug 1020552
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Alejandro Pérez <aeperezt at fedoraproject.org> - 1.1.4-5
- fix bug 1020552
rpm report /var/lock/ipraf-ng is missing
fix dates on changelog
added missing file iptraf-nf-tmpfiles.conf
* Tue Dec 3 2013 Nikola Pajkovsky <npajkovs at redhat.com> - 1.1.4-4
- iptraf-ng-1.1.4-4
Fedora start using -Werror=format-security and iptraf-ng had some
parts where error compilation was trigged.
202b2e7b27a1 Makefile: add -Werror=format-security
Resolved: #1037133
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1020552 - iptraf-ng rpm installs /var/lock/iptraf-ng but should really be using the tmpfiles.d mechanism
https://bugzilla.redhat.com/show_bug.cgi?id=1020552
--------------------------------------------------------------------------------
================================================================================
kpcli-2.4-1.fc20 (FEDORA-2014-3390)
KeePass Command Line Interface (CLI) / interactive shell
--------------------------------------------------------------------------------
Update Information:
Updated to 2.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Matias Kreder <delete at fedoraproject.org> 2.4-1
- Updated to 2.4
--------------------------------------------------------------------------------
================================================================================
libcgroup-0.38-8.fc20 (FEDORA-2014-3396)
Library to control and monitor control groups
--------------------------------------------------------------------------------
Update Information:
Parser extended to parse group IDs with \,% and @ character
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 jchaloup <jchaloup at redhat.com> - 0.38-8
- resolves: #1018839
lex.l update: add \,% and @ character into regexp for ID
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018839 - @ character indide on name of service break cgconfigparser
https://bugzilla.redhat.com/show_bug.cgi?id=1018839
--------------------------------------------------------------------------------
================================================================================
libdrm-2.4.52-1.fc20 (FEDORA-2014-3361)
Direct Rendering Manager runtime library
--------------------------------------------------------------------------------
Update Information:
libdrm 2.4.52 - needed to build newer mesa
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 8 2014 Adel Gadllah <adel.gadllah at gmail.com> 2.4.52-1
- libdrm 2.4.52
--------------------------------------------------------------------------------
================================================================================
nemo-2.0.8-9.fc20 (FEDORA-2014-3382)
File manager for Cinnamon
--------------------------------------------------------------------------------
Update Information:
- remove tracker support (bz 1071601) so search works
- fix adwaita-nemo theme issue (bz 1066547)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.0.8-9
- remove tracker support (bz 1071601) so search works
- fix adwaita-nemo theme issue (bz 1066547)
* Thu Feb 20 2014 Adam Williamson <awilliam at redhat.com> - 2.0.8-8
- rebuild against updated tracker
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071601 - File search only returns results from indexed locations
https://bugzilla.redhat.com/show_bug.cgi?id=1071601
[ 2 ] Bug #1066547 - [FIX] Theme css warning
https://bugzilla.redhat.com/show_bug.cgi?id=1066547
--------------------------------------------------------------------------------
================================================================================
nodejs-should-3.1.3-1.fc20 (FEDORA-2014-3379)
A test framework agnostic BDD-style assertions for Node.js
--------------------------------------------------------------------------------
Update Information:
update to upstream release 3.1.3
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 3.1.3-1
- update to upstream release 3.1.3
--------------------------------------------------------------------------------
================================================================================
nodeunit-0.8.6-3.fc20 (FEDORA-2014-3386)
Easy asynchronous unit testing framework for Node.js
--------------------------------------------------------------------------------
Update Information:
fix broken symlink
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #968607 - Review Request: nodeunit - Easy asynchronous unit testing framework for Node.js
https://bugzilla.redhat.com/show_bug.cgi?id=968607
--------------------------------------------------------------------------------
================================================================================
nss-3.15.5-1.fc20 (FEDORA-2014-3377)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.15.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.5_release_notes
A full list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.15.5&product=NSS
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.5-1
- Update to nss-3.15.5 - Resolves: Bug 1066877
- Pick fix for same files in two packages that can create rpm conflict
- Move cert9.db, key4.db, and pkcs11.txt and their man pages to the main package where they rightfully belong
* Sat Feb 8 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.4-3
- Revert previous change that moved some sysinit manpages
- Restore nss-sysinit manpages tar archives to %files sysinit
- Removing spurious wildcard entry was the only change needed
* Sun Feb 2 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.4-2
- Selective merge fom master to pick up various fixes
- Update pem sources to latest from nss-pem upstream
- Pick up pem fixes verified on RHEL and applied upstream
- Fix a problem where same files in two rpms created rpm conflict
- All man pages are listed by name so there shouldn't be wildcard inclusion
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066877 - nss-3.15.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1066877
[ 2 ] Bug #1071679 - Define -DMP_USE_UINT_DIGIT in lib/freebl/Makefile for Linux x86
https://bugzilla.redhat.com/show_bug.cgi?id=1071679
--------------------------------------------------------------------------------
================================================================================
nss-softokn-3.15.5-2.fc20 (FEDORA-2014-3377)
Network Security Services Softoken Module
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.15.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.5_release_notes
A full list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.15.5&product=NSS
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.5-2
- Resolves: Bug 1071679 - Define -DMP_USE_UINT_DIGIT in lib/freebl/Makefile for Linux x86
- Patch contributed by Stephan Bergmann
- Fixes segmentation fault when signing on i686 that occurs in Rawhide
* Fri Feb 28 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.5-1
- Update to nss-3.15.1 - Resolves: Bug 1066877
* Fri Feb 28 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.4-2
- Display processor information as part of the build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066877 - nss-3.15.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1066877
[ 2 ] Bug #1071679 - Define -DMP_USE_UINT_DIGIT in lib/freebl/Makefile for Linux x86
https://bugzilla.redhat.com/show_bug.cgi?id=1071679
--------------------------------------------------------------------------------
================================================================================
nss-util-3.15.5-1.fc20 (FEDORA-2014-3377)
Network Security Services Utilities Library
--------------------------------------------------------------------------------
Update Information:
Update to nss-3.15.5
For a description of new functionality and notable fixes refer to
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.5_release_notes
A full list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.15.5&product=NSS
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Elio Maldonado <emaldona at redhat.com> - 3.15.5-1
- Update to nss-3.15.5 - Resolves: Bug 1066877
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066877 - nss-3.15.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1066877
[ 2 ] Bug #1071679 - Define -DMP_USE_UINT_DIGIT in lib/freebl/Makefile for Linux x86
https://bugzilla.redhat.com/show_bug.cgi?id=1071679
--------------------------------------------------------------------------------
================================================================================
opari2-1.1.2-3.fc20 (FEDORA-2014-3389)
An OpenMP runtime performance measurement instrumenter
--------------------------------------------------------------------------------
Update Information:
OPARI2 is a source-to-source instrumentation tool for OpenMP and hybrid codes. It surrounds OpenMP directives and runtime library calls with calls to the POMP2 measurement interface.
OPARI2 will provide you with a new initialization method that allows for multi-directory and parallel builds as well as the usage of pre-instrumented libraries. Furthermore, an efficient way of tracking parent-child relationships was added. Additionally, we extended OPARI2 to support instrumentation of OpenMP 3.0 tied tasks.
--------------------------------------------------------------------------------
================================================================================
perl-Devel-Autoflush-0.06-1.fc20 (FEDORA-2014-3387)
Set autoflush from the command line
--------------------------------------------------------------------------------
Update Information:
This release changes build script only. We deliver this update to keep pace with upstream versions.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Petr Pisar <ppisar at redhat.com> - 0.06-1
- 0.06 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071325 - perl-Devel-Autoflush-0.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1071325
--------------------------------------------------------------------------------
================================================================================
perl-Test-Kwalitee-Extra-0.2.0-2.fc20 (FEDORA-2014-3372)
Run Kwalitee tests including optional indicators
--------------------------------------------------------------------------------
Update Information:
This is the first Fedora release of perl-Test-Kwalitee-Extra.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1070671 - Review Request: perl-Test-Kwalitee-Extra - Run Kwalitee tests including optional indicators
https://bugzilla.redhat.com/show_bug.cgi?id=1070671
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Autoloader-2.0.1-5.fc20 (FEDORA-2014-3381)
Horde Autoloader
--------------------------------------------------------------------------------
Update Information:
VObject 3 got a major overhaul, and much better built-in support for all kinds of properties and escaping.
This version fixes the most important bugs, specifically Issue #19.
To do this, a few backwards compatibility breaks had to be made. This document describes each of them, as well as all the new features.
New features overview:
* Serializer now properly deals with escaped commas and semi-colons.
* Properties and Parameters now have a getParts() method to grab multiple values.
* You can now simply set PHP DateTime objects on DATE-TIME properties.
* Properties such as CALSCALE, VERSION and PRODID will automatically be added.
* RFC6868 is used to serialize parameters.
* Methods to generate jCard and jCal objects.
* Parsing of vCard 2.1 is much, much better, including support for the broken vCards Microsoft generates if the FORGIVING option is on.
* The add() methods now return the objects that have been created.
* A brand new parser that reads from streams, lowering memory usage.
* Components now have an easy to use remove() method.
* Every property, parameter and component has a reference to the document.
* Binary properties are automatically decoded.
* Added a jCard and jCal parser.
* Using the convert() method you can convert between vCard 2.1, 3.0 and 4.0.
* A new cli tool with validate, repair, color and convert commands.
The horde packages have been adapted to continue to use php-sabredav-Sabre_VObject version 2.1.3.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 20 2014 Remi Collet <remi at fedoraproject.org> - 2.0.1-5
- new autoloader patch for SabreDAV and VObject
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056122 - php-sabre-vobject "does not properly escape multiline property values"
https://bugzilla.redhat.com/show_bug.cgi?id=1056122
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Dav-1.0.3-3.fc20 (FEDORA-2014-3381)
Horde library for WebDAV, CalDAV, CardDAV
--------------------------------------------------------------------------------
Update Information:
VObject 3 got a major overhaul, and much better built-in support for all kinds of properties and escaping.
This version fixes the most important bugs, specifically Issue #19.
To do this, a few backwards compatibility breaks had to be made. This document describes each of them, as well as all the new features.
New features overview:
* Serializer now properly deals with escaped commas and semi-colons.
* Properties and Parameters now have a getParts() method to grab multiple values.
* You can now simply set PHP DateTime objects on DATE-TIME properties.
* Properties such as CALSCALE, VERSION and PRODID will automatically be added.
* RFC6868 is used to serialize parameters.
* Methods to generate jCard and jCal objects.
* Parsing of vCard 2.1 is much, much better, including support for the broken vCards Microsoft generates if the FORGIVING option is on.
* The add() methods now return the objects that have been created.
* A brand new parser that reads from streams, lowering memory usage.
* Components now have an easy to use remove() method.
* Every property, parameter and component has a reference to the document.
* Binary properties are automatically decoded.
* Added a jCard and jCal parser.
* Using the convert() method you can convert between vCard 2.1, 3.0 and 4.0.
* A new cli tool with validate, repair, color and convert commands.
The horde packages have been adapted to continue to use php-sabredav-Sabre_VObject version 2.1.3.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 20 2014 Remi Collet <remi at fedoraproject.org> - 1.0.3-3
- requires php-pear(Sabre_VObject) (as php-sabre-vobject is 3.1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056122 - php-sabre-vobject "does not properly escape multiline property values"
https://bugzilla.redhat.com/show_bug.cgi?id=1056122
--------------------------------------------------------------------------------
================================================================================
php-pecl-apcu-4.0.4-1.fc20 (FEDORA-2014-3380)
APC User Cache
--------------------------------------------------------------------------------
Update Information:
Upstream Release notes:
- Fix deadlocking due to destroyed locks
- Fix various compatibility bugs
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 1 2014 Remi Collet <remi at fedoraproject.org> - 4.0.4-1
- Update to 4.0.4 (beta)
--------------------------------------------------------------------------------
================================================================================
php-pecl-xdebug-2.2.4-1.fc20 (FEDORA-2014-3391)
PECL package for debugging PHP scripts
--------------------------------------------------------------------------------
Update Information:
Upstream Release notes - Fri, Feb 28, 2014 - xdebug 2.2.4
Fixed bugs:
- Fixed bug #785: Profiler does not handle closures and call_user_func_array well.
- Fixed bug #963: Xdebug waits too long for response from remote client
- Fixed bug #976: XDebug crashes if current varibles scope contains COM object.
- Fixed bug #978: Inspection of array with negative keys fails
- Fixed bug #979: property_value -m 0 should mean all bytes, not 0 bytes
- Fixed bug #987: Hidden property names not shown.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Remi Collet <remi at fedoraproject.org> - 2.2.4-1
- Update to 2.2.4 (stable)
- move documentation in pecl_docdir
- cleanups
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHP-TokenStream-1.2.2-1.fc20 (FEDORA-2014-3366)
Wrapper around PHP tokenizer extension
--------------------------------------------------------------------------------
Update Information:
- fixed issue #31 function name used as typehint for first argument
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Remi Collet <remi at fedoraproject.org> - 1.2.2-1
- Update to 1.2.2
--------------------------------------------------------------------------------
================================================================================
php-sabre-dav-1.8.9-1.fc20 (FEDORA-2014-3401)
WebDAV Framework for PHP
--------------------------------------------------------------------------------
Update Information:
This release fixes a security issue and an issue related to large files in SabreDAV.
* XEE issue: Previous SabreDAV versions had a security issue, if running on the following PHP versions: PHP 5.3, older than 5.3.23, PHP 5.4, older than 5.4.13, PHP 5.5 is not affected by this.
* Large file support: It was also discovered that SabreDAV can often not serve files larger than 2GB, due to a bug in PHP's fpassthru method. If you ran into this issue, update sabredav. We are now no longer using fpasshtru.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Remi Collet <remi at fedoraproject.org> - 1.8.9-1
- update to 1.8.9
* Thu Feb 20 2014 Remi Collet <remi at fedoraproject.org> - 1.8.8-2
- drop max version for VObject
--------------------------------------------------------------------------------
================================================================================
php-sabre-vobject-3.1.3-1.fc20 (FEDORA-2014-3381)
Library to parse and manipulate iCalendar and vCard objects
--------------------------------------------------------------------------------
Update Information:
VObject 3 got a major overhaul, and much better built-in support for all kinds of properties and escaping.
This version fixes the most important bugs, specifically Issue #19.
To do this, a few backwards compatibility breaks had to be made. This document describes each of them, as well as all the new features.
New features overview:
* Serializer now properly deals with escaped commas and semi-colons.
* Properties and Parameters now have a getParts() method to grab multiple values.
* You can now simply set PHP DateTime objects on DATE-TIME properties.
* Properties such as CALSCALE, VERSION and PRODID will automatically be added.
* RFC6868 is used to serialize parameters.
* Methods to generate jCard and jCal objects.
* Parsing of vCard 2.1 is much, much better, including support for the broken vCards Microsoft generates if the FORGIVING option is on.
* The add() methods now return the objects that have been created.
* A brand new parser that reads from streams, lowering memory usage.
* Components now have an easy to use remove() method.
* Every property, parameter and component has a reference to the document.
* Binary properties are automatically decoded.
* Added a jCard and jCal parser.
* Using the convert() method you can convert between vCard 2.1, 3.0 and 4.0.
* A new cli tool with validate, repair, color and convert commands.
The horde packages have been adapted to continue to use php-sabredav-Sabre_VObject version 2.1.3.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056122 - php-sabre-vobject "does not properly escape multiline property values"
https://bugzilla.redhat.com/show_bug.cgi?id=1056122
--------------------------------------------------------------------------------
================================================================================
python-squaremap-1.0.3-1.fc20 (FEDORA-2014-3404)
SquareMap for wxPython
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.3; drop alpha tag; change macros according to recent packaging guide changes
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Robert Kuska <rkuska at redhat.com> - 1.0.3-1
- Update to 1.0.3, drop alphatag since squaremap is in final state
- Change macros according to recent change in python packaging guide
--------------------------------------------------------------------------------
================================================================================
python-whoosh-2.5.7-1.fc20 (FEDORA-2014-3364)
Fast, pure-Python full text indexing, search, and spell checking library
--------------------------------------------------------------------------------
Update Information:
Update source to 2.5.7; Change macros to reflect recent changes in python packaging guide
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Robert Kuska <rkuska at redhat.com> - 2.5.7-1
- Update to 2.5.7, change macros according to latest packaging docs
--------------------------------------------------------------------------------
================================================================================
python-xdot-0.6-1.fc20 (FEDORA-2014-3398)
Interactive viewer for Graphviz dot files
--------------------------------------------------------------------------------
Update Information:
Update from 0.5 to recently-released 0.6 to pull in fix for 1067887, along with various other changes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 David Malcolm <dmalcolm at redhat.com> - 0.6-1
- 0.6
* Tue Sep 24 2013 David Malcolm <dmalcolm at redhat.com> - 0.5-4
- generalize egg-info glob to work with older pythons
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1067887 - [abrt] python-xdot: xdot.py:493:read_number:ValueError: invalid literal for int() with base 10: '442.5'
https://bugzilla.redhat.com/show_bug.cgi?id=1067887
--------------------------------------------------------------------------------
================================================================================
root-5.34.17-1.fc20 (FEDORA-2014-3385)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
ROOT 5.34.17
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 26 2014 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.34.17-1
- Update to 5.34.17
--------------------------------------------------------------------------------
================================================================================
rubygem-sequel-4.8.0-1.fc20 (FEDORA-2014-3378)
The Database Toolkit for Ruby
--------------------------------------------------------------------------------
Update Information:
upgrade to sequel 4.8.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1060487 - rubygem-sequel-4.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1060487
--------------------------------------------------------------------------------
================================================================================
rubygem-systemu-2.6.3-1.fc20 (FEDORA-2014-3410)
Universal capture of stdout and stderr and handling of child process pid
--------------------------------------------------------------------------------
Update Information:
Upgrade to 2.6.3 (bz#1066935)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Julian C. Dunn <jdunn at aquezada.com> - 2.6.3-1
- Upgrade to 2.6.3 (bz#1066935)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066935 - rubygem-systemu-2.6.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1066935
--------------------------------------------------------------------------------
================================================================================
snappy-player-0.3.7-1.20131221git4fc7f4bd.fc20 (FEDORA-2014-3394)
An open-source Gnome media player
--------------------------------------------------------------------------------
Update Information:
New commit from upstream.
--------------------------------------------------------------------------------
================================================================================
subversion-1.8.8-1.fc20 (FEDORA-2014-3365)
A Modern Concurrent Version Control System
--------------------------------------------------------------------------------
Update Information:
This update includes the latest stable release of Subversion, fixing a security issue (CVE-2014-0032):
Subversion's mod_dav_svn Apache HTTPD server module will crash when it receives an OPTIONS request against the server root and Subversion is configured to handle the server root and SVNListParentPath is on.
This can lead to a DoS. There are no known instances of this problem being exploited in the wild, but the details of how to exploit it have been disclosed on the Subversion development mailing list.
For more information, see:
https://subversion.apache.org/security/CVE-2014-0032-advisory.txt
A number of client-side bug fixes are included in this update:
* fix automatic relocate for wcs not at repository root
* wc: improve performance when used with SQLite 3.8
* copy: fix some scenarios that broke the working copy
* move: fix errors when moving files between an external and the parent working copy
* log: resolve performance regression in certain scenarios
* merge: decrease work to detect differences between 3 files
* commit: don't change file permissions inappropriately
* commit: fix assertion due to invalid pool lifetime
* version: don't cut off the distribution version on Linux
* flush stdout before exiting to avoid information being lost
* status: fix missing sentinel value on warning codes
* update/switch: improve some WC db queries that may return incorrect results depending on how SQLite is built
Server-side bugfixes:
* reduce memory usage during checkout and export
* fsfs: create rep-cache.db with proper permissions
* mod_dav_svn: prevent crashes with SVNListParentPath on (CVE-2014-0032)
* mod_dav_svn: fix SVNAllowBulkUpdates directive merging
* mod_dav_svn: include requested property changes in reports
* svnserve: correct default cache size in help text
* svnadmin dump: reduce size of dump files with '--deltas'
* resolve integer underflow that resulted in infinite loops
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Joe Orton <jorton at redhat.com> - 1.8.8-1
- update to 1.8.8
* Thu Jan 23 2014 Joe Orton <jorton at redhat.com> - 1.8.5-4
- fix _httpd_mmn expansion in absence of httpd-devel
* Mon Jan 6 2014 Joe Orton <jorton at redhat.com> - 1.8.5-3
- fix permissions of /run/svnserve (#1048422)
* Tue Dec 10 2013 Joe Orton <jorton at redhat.com> - 1.8.5-2
- don't drop -Wall when building swig Perl bindings (#1037341)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062042 - CVE-2014-0032 subversion: mod_dav_svn crash when handling certain requests with SVNListParentPath on
https://bugzilla.redhat.com/show_bug.cgi?id=1062042
--------------------------------------------------------------------------------
================================================================================
xsensors-0.72-1.fc20 (FEDORA-2014-3397)
An X11 interface to lm_sensors
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #797330 - Review request: xsensors - An X11 interface to lm_sensors
https://bugzilla.redhat.com/show_bug.cgi?id=797330
--------------------------------------------------------------------------------
================================================================================
zeromq-ada-2.1.0-12.24032011git.fc20 (FEDORA-2014-3368)
Ada binding for zeromq
--------------------------------------------------------------------------------
Update Information:
Fix library finalization. https://github.com/persan/zeromq-Ada/issues/10
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Pavel Zhukov <landgraf at fedoraproject.org> - 2.1.0-12.24032011git
- Fix library finalization. https://github.com/persan/zeromq-Ada/issues/10
--------------------------------------------------------------------------------
More information about the test
mailing list