Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Mar 21 09:39:51 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
83 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20
65 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20
30 https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20
29 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20
27 https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-3778/jansson-2.6-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3887/lighttpd-1.4.35-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3874/perltidy-20130922-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3860/imapsync-1.584-2.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3915/squid-3.3.12-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3818/udisks-1.0.4-13.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4112/tigervnc-1.3.0-14.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4106/thunderbird-24.4.0-1.fc20,firefox-28.0-3.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4135/k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4118/rubygem-rack-ssl-1.3.2-9.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4163/moodle-2.5.5-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
128 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-3884/libosinfo-0.2.9-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-4019/lcms2-2.6-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-3999/dnf-0.4.18-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-4021/gnome-shell-3.10.4-2.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-4052/fftw-3.3.4-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-4064/audit-2.3.5-1.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-4085/libevdev-0.6-4.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4115/pango-1.36.1-3.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-4112/tigervnc-1.3.0-14.fc20
The following builds have been pushed to Fedora 20 updates-testing
MySQL-zrm-3.0-2.fc20
am-utils-6.1.5-30.fc20
armadillo-4.100.2-1.fc20
boinc-client-7.2.42-1.gitdd0d630.fc20
docker-registry-0.6.6-1.fc20
firefox-28.0-3.fc20
gdal-1.10.1-2.fc20
gettext-commons-0.9.6-10.fc20
gimagereader-2.92-1.fc20
gnonlin-1.2.0-1.fc20
gstreamer1-plugins-good-1.2.3-2.fc20
guile-2.0.10-1.fc20
httpress-1.1.0-1.fc20
java-1.8.0-openjdk-1.8.0.0-0.34.b132.fc20
jlatexmath-1.0.3-1.fc20
jna-4.1.0-4.fc20
k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20
kakasi-2.3.6-1.fc20
libkgapi-2.1.0-1.fc20
libykneomgr-0.0.2-3.fc20
mate-document-viewer-1.6.2-2.fc20
mirall-1.5.3-2.fc20
mlpack-1.0.8-2.fc20
moodle-2.5.5-1.fc20
openscap-1.0.7-1.fc20
pango-1.36.1-3.fc20
parboiled-1.1.6-2.fc20
pcp-3.9.1-1.fc20
perl-Exporter-Tiny-0.036-2.fc20
perl-GDGraph-1.48-1.fc20
perl-Import-Into-1.002001-1.fc20
perl-Set-Tiny-0.01-1.fc20
perl-Test-API-0.004-2.fc20
perl-Test-Deep-0.112-1.fc20
php-pecl-redis-2.2.5-1.fc20
postgresql-9.3.4-1.fc20
python-behave-1.2.3-11.fc20
python-bugzilla2fedmsg-0.1.3-1.fc20
python-pyramid-mako-1.0a2-2.fc20
qemu-1.6.2-1.fc20
qtkeychain-0.3.0-1.fc20
quiterss-0.15.2-1.fc20
rubygem-kramdown-1.3.3-1.fc20
rubygem-rack-ssl-1.3.2-9.fc20
spamassassin-3.4.0-3.fc20
telepathy-gabble-0.18.2-1.fc20
thunderbird-24.4.0-1.fc20
tigervnc-1.3.0-14.fc20
xsane-0.999-10.fc20
xtv-1.0-2.fc20
Details about builds:
================================================================================
MySQL-zrm-3.0-2.fc20 (FEDORA-2014-4108)
MySQL backup manager
--------------------------------------------------------------------------------
Update Information:
- Update to 3.0
- Abort if out of space on restore
Update to 2.2.0:
- Add mail-policy option
- Add windows-backup/restore-port options
- Add exclude-pattern option
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Orion Poplawski <orion at cora.nwra.com> - 3.0-2
- Abort if out of space on restore
* Tue Mar 18 2014 Orion Poplawski <orion at cora.nwra.com> - 3.0-1
- Update to 3.0
--------------------------------------------------------------------------------
================================================================================
am-utils-6.1.5-30.fc20 (FEDORA-2014-4162)
Automount utilities including an updated version of Amd
--------------------------------------------------------------------------------
Update Information:
- make am-utils work with autofs (since NFSv2 client is disabled) and add misc bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Ian Kent <ikent at redhat.com> - 5:6.1.5-30
- bz1074376 - am-utils will no longer start due to missing NFSv2
- dont background autofs umount.
- check fh on umount succeeded.
- handle ENOENT umount return for autofs mounts.
- fix get_nfs_version() message.
- fix debug log deadlock.
- linux umount wait on ebusy.
- make sure to remove nodes in the proper order when going down.
- fix handle failed umount on exit.
- fix autofs proto version define.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1074376 - am-utils will no longer start due to missing NFSv2
https://bugzilla.redhat.com/show_bug.cgi?id=1074376
--------------------------------------------------------------------------------
================================================================================
armadillo-4.100.2-1.fc20 (FEDORA-2014-4125)
Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:
Update armadillo to the latest stable version.
It has new features, like a better support for sparse matrices. For further details about the improvements in this version see the news section in the website regarding versions 4.000, 4.000.4, 4.100 and 4.100.2.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 14 2014 José Matos <jamatos at fedoraproject.org> - 4.100.2-1
- update to 4.100.2
* Sun Mar 2 2014 José Matos <jamatos at fedoraproject.org> - 4.100.0-1
- update to 4.100.0
* Sat Jan 25 2014 José Matos <jamatos at fedoraproject.org> - 4.000.2-1
- update to 4.000.2
* Fri Jan 10 2014 José Matos <jamatos at fedoraproject.org> - 4.000.0-2
- add mex_interface to documentation (demonstration of how to connect
Armadillo with MATLAB/Octave mex functions)
* Thu Jan 9 2014 José Matos <jamatos at fedoraproject.org> - 4.000.0-1
- update to 4.000.0
- dropped boost dependency and added arpack
- remove reference to boost in the comments
--------------------------------------------------------------------------------
================================================================================
boinc-client-7.2.42-1.gitdd0d630.fc20 (FEDORA-2014-4174)
The BOINC client core
--------------------------------------------------------------------------------
Update Information:
Update to 7.2.42
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Mattia Verga <mattia.verga at tiscali.it> - 7.2.42-1.gitdd0d630
- Upgrade to 7.2.42
--------------------------------------------------------------------------------
================================================================================
docker-registry-0.6.6-1.fc20 (FEDORA-2014-4154)
Registry server for Docker
--------------------------------------------------------------------------------
Update Information:
- Upstream release 0.6.6
- jinja2 fix
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Marek Goldmann <mgoldman at redhat.com> - 0.6.6-1
- Upstream release 0.6.6
- docker-registry cannot import module jinja2, RHBZ#1077630
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1076483 - docker-registry-0.6.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1076483
[ 2 ] Bug #1077630 - docker-registry cannot import module jinja2
https://bugzilla.redhat.com/show_bug.cgi?id=1077630
--------------------------------------------------------------------------------
================================================================================
firefox-28.0-3.fc20 (FEDORA-2014-4106)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
New upstream version - Firefox 28.0, Thunderbird 24.4.0.
It needs a new nspr-4.10.4 package, so please give karma to those updates:
https://admin.fedoraproject.org/updates/FEDORA-2014-4071/nspr-4.10.4-1.fc19
https://admin.fedoraproject.org/updates/FEDORA-2014-4067/nspr-4.10.4-1.fc20
Thanks!
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Martin Stransky <stransky at redhat.com> - 28.0-3
- Arm build fix
* Wed Mar 19 2014 Martin Stransky <stransky at redhat.com> - 28.0-2
- NSS version up, disable arm for now
* Tue Mar 18 2014 Martin Stransky <stransky at redhat.com> - 28.0-1
- Update to 28.0
* Thu Mar 6 2014 Martin Stransky <stransky at redhat.com> - 27.0.1-2
- Removed needless build patch
--------------------------------------------------------------------------------
================================================================================
gdal-1.10.1-2.fc20 (FEDORA-2014-4125)
GIS file format library
--------------------------------------------------------------------------------
Update Information:
Update armadillo to the latest stable version.
It has new features, like a better support for sparse matrices. For further details about the improvements in this version see the news section in the website regarding versions 4.000, 4.000.4, 4.100 and 4.100.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 15 2014 Volker Fröhlich <volker27 at gmx.at> - 1.10.1-2
- Rebuild for Armadillo 4
--------------------------------------------------------------------------------
================================================================================
gettext-commons-0.9.6-10.fc20 (FEDORA-2014-4144)
Java internationalization (i18n) library
--------------------------------------------------------------------------------
Update Information:
Fixed bugs #1022100,#1068087
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Anish Patil <apatil at redhat.com> - 0.9.6-10
- Fixed bugs #1022100,#1068087
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1022100 - gettext-commons: remove versioned jars from %{_javadir}
https://bugzilla.redhat.com/show_bug.cgi?id=1022100
[ 2 ] Bug #1068087 - gettext-commons: Switch to java-headless (build)requires
https://bugzilla.redhat.com/show_bug.cgi?id=1068087
--------------------------------------------------------------------------------
================================================================================
gimagereader-2.92-1.fc20 (FEDORA-2014-4126)
OCR application
--------------------------------------------------------------------------------
Update Information:
Update to release 2.92, see https://github.com/manisandro/gImageReader/blob/master/NEWS for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Sandro Mani <manisandro at gmail.com> - 2.92-1
- Update to 2.92
--------------------------------------------------------------------------------
================================================================================
gnonlin-1.2.0-1.fc20 (FEDORA-2014-4153)
GStreamer extension library for non-linear editing
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Jon Ciesla <limburgher at gmail.com> - 1.2.0-1
- 1.2.0.
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-good-1.2.3-2.fc20 (FEDORA-2014-4113)
GStreamer plugins with good code and licensing
--------------------------------------------------------------------------------
Update Information:
Rebuild for libvpx ABI break. See #1068664
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 13 2014 Wim Taymans <wtaymans at redhat.com> - 1.2.3-2
- Rebuild for libvpx ABI break. See #1068664
- fix doc build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068664 - Upgrading libvpx from 1.2.0 to 1.3.0 causes buffer overflow in "vp8enc" GStreamer 0.10 element
https://bugzilla.redhat.com/show_bug.cgi?id=1068664
--------------------------------------------------------------------------------
================================================================================
guile-2.0.10-1.fc20 (FEDORA-2014-4114)
A GNU implementation of Scheme for application extensibility
--------------------------------------------------------------------------------
Update Information:
This is update to the latest upstream stable release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Miroslav Lichvar <mlichvar at redhat.com> - 5:2.0.10-1
- update to 2.0.10
- update slibcat building for slib 3b4
- disable auto-compilation when building slibcat
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1076513 - [abrt] gnucash: vm_error_stack_overflow(): gnucash killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1076513
--------------------------------------------------------------------------------
================================================================================
httpress-1.1.0-1.fc20 (FEDORA-2014-4124)
HTTP stress & benchmark utility
--------------------------------------------------------------------------------
Update Information:
Initial version of the 1.1.0 version of the package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062282 - Review Request: httpress - HTTP stress & benchmark utility
https://bugzilla.redhat.com/show_bug.cgi?id=1062282
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.0-0.34.b132.fc20 (FEDORA-2014-4111)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
This OpenJDK package corresponds to the official Java 8 release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 11 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.34.b132
- Include jdeps and jjs for aarch64. These are present in b128.
* Mon Mar 10 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.33.b132
- Update aarch64 tarball to the latest upstream release
* Fri Mar 7 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.32.b132
- Fix `java -version` output
* Fri Mar 7 2014 Jiri Vanek <jvanek at redhat.com> - 1:1.8.0.0-0.31.b132
- updated to rc4 aarch64 tarball
- outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch
patch2021 system-libpng-aarch64.patch
* Thu Mar 6 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.30.b132
- Update to b132
* Thu Mar 6 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.29.b129
- Fix typo in STRIP_POLICY
* Mon Mar 3 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.28.b129
- Remove redundant debuginfo files
- Generate complete debug information for libjvm
* Tue Feb 25 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.27.b129
- Fix non-headless libraries
* Tue Feb 25 2014 Jiri Vanek <jvanek at redhat.com> - 1:1.8.0.0-0.26.b129
- Fix incorrect Requires
* Thu Feb 13 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.26.b129
- Add -headless subpackage based on java-1.7.0-openjdk
- Add abrt connector support
- Add -accessibility subpackage
* Thu Feb 13 2014 Omair Majid <omajid at redhat.com> - 1:1.8.0.0-0.26.b129
- Update to b129.
--------------------------------------------------------------------------------
================================================================================
jlatexmath-1.0.3-1.fc20 (FEDORA-2014-4141)
Java API to display mathematical formulas written in LaTeX
--------------------------------------------------------------------------------
Update Information:
Update version to 1.0.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Clément David <c.david86 at gmail.com> - 1.0.3-1
- Update version to 1.0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063745 - jlatexmath-1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1063745
--------------------------------------------------------------------------------
================================================================================
jna-4.1.0-4.fc20 (FEDORA-2014-4178)
Pure Java access to native libraries
--------------------------------------------------------------------------------
Update Information:
update to 4.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 10 2014 Roland Grunberg <rgrunber at redhat.com> - 4.0.0-4
- fix updated depmap
* Fri Jan 10 2014 Roland Grunberg <rgrunber at redhat.com> - 4.0.0-3
- Update depmap calls and fix tests compilation issue.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 6 2013 Levente Farkas <lfarkas at lfarkas.org> - 4.0-1
- Update to 4.0
--------------------------------------------------------------------------------
================================================================================
k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20 (FEDORA-2014-4135)
Graphical Directory Statistics for Used Disk Space
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2014-2527
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege at land.ru> - 2.7.0-0.14.20101010git6c0a9e6
- kdebase-devel turn into kde-baseapps-devel (BR).
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege at land.ru> - 2.7.0-0.13.20101010git6c0a9e6
- Add (now) mandatory cmake BuildRequires.
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege at land.ru> - 2.7.0-0.12.20101010git6c0a9e6
- Fix bogus date (Tue Dec 16 2010 -> Thu Dec 16 2010).
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege at land.ru> - 2.7.0-0.11.20101010git6c0a9e6
- Fix CVE-2014-2527.
- Delete defatr entry in files section.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077059 - CVE-2014-2527 CVE-2014-2528 kdirstat: insufficient quote escaping leading to arbitrary command execution
https://bugzilla.redhat.com/show_bug.cgi?id=1077059
--------------------------------------------------------------------------------
================================================================================
kakasi-2.3.6-1.fc20 (FEDORA-2014-4170)
A Japanese character set conversion filter
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Akira TAGOH <tagoh at redhat.com> - 2.3.6-1
- New upstream release. (#1077558)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077558 - kakasi-2.3.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1077558
--------------------------------------------------------------------------------
================================================================================
libkgapi-2.1.0-1.fc20 (FEDORA-2014-4145)
Library to access to Google services
--------------------------------------------------------------------------------
Update Information:
New stable release of LibKGAPI.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Dan Vrátil <dvratil at redhat.com> - 2.1.0-1
- 2.1.0
--------------------------------------------------------------------------------
================================================================================
libykneomgr-0.0.2-3.fc20 (FEDORA-2014-4157)
YubiKey NEO Manager C Library
--------------------------------------------------------------------------------
Update Information:
Initial package of libykneomgr
--------------------------------------------------------------------------------
================================================================================
mate-document-viewer-1.6.2-2.fc20 (FEDORA-2014-4148)
Document viewer
--------------------------------------------------------------------------------
Update Information:
- djvu: Fix case sensitive search
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-2
- fix rhbz (#999912)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999912 - MATE document viewer (Atril): case-sensitive search impossible, DjVu search broken
https://bugzilla.redhat.com/show_bug.cgi?id=999912
--------------------------------------------------------------------------------
================================================================================
mirall-1.5.3-2.fc20 (FEDORA-2014-3985)
The ownCloud Client
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Joseph Marrero <jmarrero at fedoraproject.org> - 1.5.3-2
- Updated Obsoletes for each subpackage
* Sun Mar 16 2014 Joseph Marrero <jmarrero at fedoraproject.org> - 1.5.3-1
- Update to latest Upstream version
- Merge owncloud-csync and mirall as upstream has done
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077803 - [abrt] mirall: QString::free(): owncloud killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1077803
--------------------------------------------------------------------------------
================================================================================
mlpack-1.0.8-2.fc20 (FEDORA-2014-4125)
Scalable, fast C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Update armadillo to the latest stable version.
It has new features, like a better support for sparse matrices. For further details about the improvements in this version see the news section in the website regarding versions 4.000, 4.000.4, 4.100 and 4.100.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 José Matos <jamatos at fedoraproject.org> - 1.0.8-2
- Rebuild for Armadillo 4.1 on Fedora 19, 20 and rawhide.
--------------------------------------------------------------------------------
================================================================================
moodle-2.5.5-1.fc20 (FEDORA-2014-4163)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Fixes for CVE-2014-0122, CVE-2014-0123, CVE-2014-0124, CVE-2014-0125, CVE-2014-0126, CVE-2014-0127, CVE-2014-0129.
http://docs.moodle.org/dev/Moodle_2.6.2_release_notes
http://docs.moodle.org/dev/Moodle_2.5.5_release_notes
http://docs.moodle.org/dev/Moodle_2.4.9_release_notes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Jon Ciesla <limburgher at gmail.com> - 2.5.5-1
- Fix for CVE-2014-0122, CVE-2014-0123, CVE-2014-0124,
- CVE-2014-0125, CVE-2014-0126, CVE-2014-0127, CVE-2014-0129
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077823 - CVE-2014-0129 CVE-2014-0127 CVE-2014-0126 CVE-2014-0125 CVE-2014-0124 CVE-2014-0123 CVE-2014-0122 moodle: upstream 2.6.2, 2.5.5, and 2.4.9 fixes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1077823
[ 2 ] Bug #1077824 - CVE-2014-0129 CVE-2014-0127 CVE-2014-0126 CVE-2014-0125 CVE-2014-0124 CVE-2014-0123 CVE-2014-0122 moodle: upstream 2.6.2, 2.5.5, and 2.4.9 fixes [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1077824
--------------------------------------------------------------------------------
================================================================================
openscap-1.0.7-1.fc20 (FEDORA-2014-4130)
Set of open source libraries enabling integration of the SCAP line of standards
--------------------------------------------------------------------------------
Update Information:
upgrade
upgrade
upgrade
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Šimon Lukašík <slukasik at redhat.com> - 1.0.7-1
- upgrade
* Wed Mar 19 2014 Šimon Lukašík <slukasik at redhat.com> - 1.0.6-1
- upgrade
* Fri Mar 14 2014 Šimon Lukašík <slukasik at redhat.com> - 1.0.5-1
- upgrade
--------------------------------------------------------------------------------
================================================================================
pango-1.36.1-3.fc20 (FEDORA-2014-4115)
System for layout and rendering of internationalized text
--------------------------------------------------------------------------------
Update Information:
Fix a crash in pango_ot_info_get()
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Akira TAGOH <tagoh at redhat.com> - 1.36.1-3
- Backport a patch to fix a crash in pango_ot_info_get() (#1053798)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1053798 - [abrt] gimp: pango_ot_info_get(): gimp-2.8 killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1053798
--------------------------------------------------------------------------------
================================================================================
parboiled-1.1.6-2.fc20 (FEDORA-2014-4166)
Java/Scala library providing parsing of input text based on PEGs
--------------------------------------------------------------------------------
Update Information:
add scala support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 gil cattaneo <puntogil at libero.it> 1.1.6-2
- add scala support
* Tue Nov 26 2013 gil cattaneo <puntogil at libero.it> 1.1.6-1
- update to 1.1.6 rhbz#1034875
--------------------------------------------------------------------------------
================================================================================
pcp-3.9.1-1.fc20 (FEDORA-2014-4172)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
New upstream feature release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Nathan Scott <nathans at redhat.com> - 3.9.1-1
- Update to latest PCP sources.
--------------------------------------------------------------------------------
================================================================================
perl-Exporter-Tiny-0.036-2.fc20 (FEDORA-2014-4164)
An exporter with the features of Sub::Exporter but only core dependencies
--------------------------------------------------------------------------------
Update Information:
This is the first Fedora/EPEL release of perl-Exporter-Tiny.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077295 - Review Request: perl-Exporter-Tiny - An exporter with the features of Sub::Exporter but only core dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1077295
--------------------------------------------------------------------------------
================================================================================
perl-GDGraph-1.48-1.fc20 (FEDORA-2014-4116)
Graph generation package for Perl
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 18 2014 Ralf Corsépius <corsepiu at fedoraproject.org> - 1:1.48-1
- Upstream update.
- Reflect Source0: having changed.
- Modernize spec.
- Fix bogus %changelog entry.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078010 - perl-GDGraph is outdated
https://bugzilla.redhat.com/show_bug.cgi?id=1078010
--------------------------------------------------------------------------------
================================================================================
perl-Import-Into-1.002001-1.fc20 (FEDORA-2014-4175)
Import packages into other packages
--------------------------------------------------------------------------------
Update Information:
This update provides additional functionality required by some other modules, such as Test::Modern.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 12 2014 Paul Howarth <paul at city-fan.org> - 1.002001-1
- Update to 1.002001
- Allow specifying by caller level, as well as specifying file, line, and
version
- Fix tests and Makefile.PL to support perl 5.6
- This release by HAARG -> update source URL
- Specify all dependencies
- Make %files list more explicit
--------------------------------------------------------------------------------
================================================================================
perl-Set-Tiny-0.01-1.fc20 (FEDORA-2014-4123)
Simple sets of strings
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078074 - Review Request: perl-Set-Tiny - Simple sets of strings
https://bugzilla.redhat.com/show_bug.cgi?id=1078074
--------------------------------------------------------------------------------
================================================================================
perl-Test-API-0.004-2.fc20 (FEDORA-2014-4149)
Test a list of subroutines provided by a module
--------------------------------------------------------------------------------
Update Information:
This is the first Fedora/EPEL release of perl-Test-API.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077192 - Review Request: perl-Test-API - Test a list of subroutines provided by a module
https://bugzilla.redhat.com/show_bug.cgi?id=1077192
--------------------------------------------------------------------------------
================================================================================
perl-Test-Deep-0.112-1.fc20 (FEDORA-2014-4143)
Extremely flexible deep comparison
--------------------------------------------------------------------------------
Update Information:
This update provides additional functionality, as required by some modules such as Test::Modern.
There are also some documentation fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 30 2013 Paul Howarth <paul at city-fan.org> - 0.112-1
- Update to 0.112
- When printing diagnostics, differentiate the type of a blessed object from
the name of the class itself (CPAN RT#78288)
- Typo fixes
- Fixes to clarity and accuracy of documentation
- Add metadata links to repo and issue tracker
- Added obj_isa for testing ->isa without falling back to ref($x)
- Added the *experimental* ":v1" export group to skip importing Isa, isa, and
blessed
--------------------------------------------------------------------------------
================================================================================
php-pecl-redis-2.2.5-1.fc20 (FEDORA-2014-4147)
Extension for communicating with the Redis key-value store
--------------------------------------------------------------------------------
Update Information:
Upstream release notes, phpredis 2.2.5:
This is a minor release with several bug fixes as well as additions to support new commands that have been introduced to Redis since our last release.
A special thanks to everyone who helps the project by commenting on issues and submitting pull requests!
* [NEW] Support for the BITPOS command
* [NEW] Connection timeout option for RedisArray (@MikeToString)
* [NEW] A _serialize method, to complement our existing _unserialize method
* [NEW] Support for the PUBSUB command
* [NEW] Support for SCAN, SSCAN, HSCAN, and ZSCAN
* [NEW] Support for the WAIT command
* [FIX] Handle the COPY and REPLACE arguments for the MIGRATE command
* [DOC] Fix syntax error in documentation for the SET command (@mithunsatheesh)
* [DOC] Homebrew documentation instructions (@mathias)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Remi Collet <remi at fedoraproject.org> - 2.2.5-1
- Update to 2.2.5
* Thu Mar 13 2014 Remi Collet <remi at fedoraproject.org> - 2.2.4-2
- cleanups
- move doc in pecl_docdir
- run upstream tests only with --with tests option
--------------------------------------------------------------------------------
================================================================================
postgresql-9.3.4-1.fc20 (FEDORA-2014-4140)
PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:
update to 9.3.4 minor version per release notes:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Jozef Mlich <jmlich at redhat.com> - 9.3.4-1
- update to 9.3.4 minor version per release notes:
http://www.postgresql.org/docs/9.3/static/release-9-3-4.html
--------------------------------------------------------------------------------
================================================================================
python-behave-1.2.3-11.fc20 (FEDORA-2014-4156)
Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:
Another fix for RHBZ# 1067388 by Vadim Rutkovsky
Add two patches provided by Vadim Rutkovsky (fix #1058371 and #1067388)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Matěj Cepl <mcepl at redhat.com> - 1.2.3-11
- Another fix for RHBZ# 1067388 by Vadim Rutkovsky
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1067388 - Python-behave crashes when html report is created with invalid chars are present in error message
https://bugzilla.redhat.com/show_bug.cgi?id=1067388
[ 2 ] Bug #1058371 - RFE: Support embedding of videos and custom captions
https://bugzilla.redhat.com/show_bug.cgi?id=1058371
--------------------------------------------------------------------------------
================================================================================
python-bugzilla2fedmsg-0.1.3-1.fc20 (FEDORA-2014-4122)
Consume BZ messages over STOMP and republish to fedmsg
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078946 - Review Request: python-bugzilla2fedmsg - Consume BZ messages over STOMP and republish to fedmsg
https://bugzilla.redhat.com/show_bug.cgi?id=1078946
--------------------------------------------------------------------------------
================================================================================
python-pyramid-mako-1.0a2-2.fc20 (FEDORA-2014-4107)
Mako template bindings for the Pyramid web framework
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078315 - Review Request: python-pyramid-mako - Mako template bindings for the Pyramid web framework
https://bugzilla.redhat.com/show_bug.cgi?id=1078315
--------------------------------------------------------------------------------
================================================================================
qemu-1.6.2-1.fc20 (FEDORA-2014-4134)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* Fix bogus libcacard dep on gluster (bz #987441)
* Fix mouse with -display gtk -vga qxl (bz #1051724)
* Change gtk quit accelerator to ctrl+shift+q (bz #1062393)
* Fix crash during virtio-scsi hotplug (bz #1051611)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Cole Robinson <crobinso at redhat.com> - 2:1.6.2-1
- Fix bogus libcacard dep on gluster (bz #987441)
- Fix mouse with -display gtk -vga qxl (bz #1051724)
- Change gtk quit accelerator to ctrl+shift+q (bz #1062393)
- Fix crash during virtio-scsi hotplug (bz #1051611)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987441 - libcacard has bogus dependency on glusterfs
https://bugzilla.redhat.com/show_bug.cgi?id=987441
[ 2 ] Bug #1051724 - "qemu-kvm -vga qxl" pushes mouse pointer to top/left outside of qemu console window
https://bugzilla.redhat.com/show_bug.cgi?id=1051724
[ 3 ] Bug #1062393 - switch to new default gtk gui brings hypersensitivity to ^Q => quit
https://bugzilla.redhat.com/show_bug.cgi?id=1062393
[ 4 ] Bug #1051611 - [abrt] qemu-system-x86: virtio_scsi_push_event(): qemu-system-x86_64 killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1051611
--------------------------------------------------------------------------------
================================================================================
qtkeychain-0.3.0-1.fc20 (FEDORA-2014-3985)
A password store library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 16 2014 <jmarrero at fedoraproject.org> 0.3.0-1
- Update to latest upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077803 - [abrt] mirall: QString::free(): owncloud killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1077803
--------------------------------------------------------------------------------
================================================================================
quiterss-0.15.2-1.fc20 (FEDORA-2014-4155)
RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 TI_Eugene <ti.eugene at gmail.com> - 0.15.2-1
- Version bump
--------------------------------------------------------------------------------
================================================================================
rubygem-kramdown-1.3.3-1.fc20 (FEDORA-2014-4181)
Fast, pure-Ruby Markdown-superset converter
--------------------------------------------------------------------------------
Update Information:
New version 1.3.3 is relesed.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.3.3-1
- 1.3.3
--------------------------------------------------------------------------------
================================================================================
rubygem-rack-ssl-1.3.2-9.fc20 (FEDORA-2014-4118)
Force SSL/TLS in your app
--------------------------------------------------------------------------------
Update Information:
Handle bad URIs gracefully (CVE-2014-2538).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Vít Ondruch <vondruch at redhat.com> - 1.3.2-9
- Handle bad URIs gracefully (CVE-2014-2538).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078612 - CVE-2014-2538 rubygem rack-ssl: URL error display XSS
https://bugzilla.redhat.com/show_bug.cgi?id=1078612
--------------------------------------------------------------------------------
================================================================================
spamassassin-3.4.0-3.fc20 (FEDORA-2014-4171)
Spam filter for email which can be invoked from mail delivery agents
--------------------------------------------------------------------------------
Update Information:
Update to 3.4.0 upstream release with more rules and checks. Also fixes various bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Kevin Fenzi <kevin at scrye.com> 3.4.0-3
- Cleaned up spec, added conditionals to build on el again.
* Sun Feb 16 2014 Kevin Fenzi <kevin at scrye.com> 3.4.0-2
- Simplify systemd unit file. Thanks misc. Fixes bug #1065762
* Tue Feb 11 2014 Kevin Fenzi <kevin at scrye.com> 3.4.0-1
- Update to 3.4.0
* Sun Feb 2 2014 Kevin Fenzi <kevin at scrye.com> 3.3.2-19
- Use pgrep -f for full command line. Fixes bug #1057926
- Patch to use gnupg2 instead of gnupg1. Fixes bug #1055593
- Use pgrep for spampd as well. Fixes bug #1058976
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1055593 - Installing spamassassin breaks gnome-keyring PGP integration due to dependency on old gnupg
https://bugzilla.redhat.com/show_bug.cgi?id=1055593
[ 2 ] Bug #1058976 - Adjust /usr/share/spamassassin/sa-update.cron to changes in spampd
https://bugzilla.redhat.com/show_bug.cgi?id=1058976
[ 3 ] Bug #1057926 - sa-update does not run with amavisd
https://bugzilla.redhat.com/show_bug.cgi?id=1057926
--------------------------------------------------------------------------------
================================================================================
telepathy-gabble-0.18.2-1.fc20 (FEDORA-2014-4158)
A Jabber/XMPP connection manager
--------------------------------------------------------------------------------
Update Information:
Update to 0.18.2. Changes include:
* don't try to cancel a source ID twice, which issues a critical warning in GLib 2.39
* fix failure to build with recent (Markdown-based) gtk-doc
* plugin loader: don't crash if g_dir_open() fails twice.
* fix a crash in 1-1 Tubes on 64-bit machines
* fix enum cast warnings under clang
* add a regression test for fd.o #68829
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2014 Brian Pepple <bpepple at fedoraproject.org> - 0.18.2-1
- Update to 0.18.2.
* Tue Nov 5 2013 Debarshi Ray <rishi at fedoraproject.org> - 0.18.1-2
- Explicitly state python in the shebang
--------------------------------------------------------------------------------
================================================================================
thunderbird-24.4.0-1.fc20 (FEDORA-2014-4106)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
New upstream version - Firefox 28.0, Thunderbird 24.4.0.
It needs a new nspr-4.10.4 package, so please give karma to those updates:
https://admin.fedoraproject.org/updates/FEDORA-2014-4071/nspr-4.10.4-1.fc19
https://admin.fedoraproject.org/updates/FEDORA-2014-4067/nspr-4.10.4-1.fc20
Thanks!
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 18 2014 Jan Horak <jhorak at redhat.com> - 24.4.0-1
- Update to 24.4.0
--------------------------------------------------------------------------------
================================================================================
tigervnc-1.3.0-14.fc20 (FEDORA-2014-4112)
A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2014-0011, a ZRLE decoding heap-based buffer overflow in vncviewer.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Tim Waugh <twaugh at redhat.com> 1.3.0-14
- Fixed heap-based buffer overflow (CVE-2014-0011, bug #1050928).
* Mon Feb 10 2014 Tim Waugh <twaugh at redhat.com> 1.3.0-13
- Clearer xstartup file (bug #923655).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1050928 - CVE-2014-0011 tigervnc: ZRLE decoding heap-based buffer overflow in vncviewer
https://bugzilla.redhat.com/show_bug.cgi?id=1050928
--------------------------------------------------------------------------------
================================================================================
xsane-0.999-10.fc20 (FEDORA-2014-4128)
X Window System front-end for the SANE scanner interface
--------------------------------------------------------------------------------
Update Information:
This update fixes a crash that could occur when receiving signals in short succession. Additionally, it fixes issues found during source code analysis.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Nils Philippsen <nils at redhat.com> - 0.999-10
- fix signal handling (#1073698)
- fix issues found during static analysis that don't require far-reaching
refactoring
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1073698 - [abrt] xsane: sane_dll_close(): xsane killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1073698
--------------------------------------------------------------------------------
================================================================================
xtv-1.0-2.fc20 (FEDORA-2014-4167)
A file manager for the Linux console/xterm
--------------------------------------------------------------------------------
Update Information:
Added Properties dialog box
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1052040 - Review Request: xtv - A file manager for the Linux console/xterm
https://bugzilla.redhat.com/show_bug.cgi?id=1052040
--------------------------------------------------------------------------------
More information about the test
mailing list