Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed May 21 23:33:57 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
28 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-3.fc20
20 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
13 https://admin.fedoraproject.org/updates/FEDORA-2014-6098/rubygem-actionpack-4.0.0-4.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-6258/smb4k-1.1.2-1.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-6276/seamonkey-2.26-1.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-6373/zabbix-2.0.12-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-6440/python-django15-1.5.8-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-6449/python-django-1.6.5-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-6442/python-django14-1.4.13-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-6472/mumble-1.2.6-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6540/php-ZendFramework2-2.2.7-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6586/libvirt-1.1.3.5-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6551/chicken-4.8.0.6-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6520/openstack-neutron-2013.2.3-7.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6554/emacs-24.3-17.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6583/libtiff-4.0.3-15.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6585/moodle-2.5.6-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
5 https://admin.fedoraproject.org/updates/FEDORA-2014-6412/taglib-1.9.1-5.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-6339/squashfs-tools-4.3-4.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-6451/libndp-1.2-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-6468/libxfce4ui-4.10.0-11.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6583/libtiff-4.0.3-15.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6572/libdrm-2.4.54-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6584/selinux-policy-3.12.1-166.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6554/emacs-24.3-17.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6568/ibus-1.5.7-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-6534/xz-5.1.2-9alpha.fc20,supermin-5.1.8-5.fc20
The following builds have been pushed to Fedora 20 updates-testing
apt-0.5.15lorg3.95-10.git522.1.fc20
ardour3-3.5.380-1.fc20
chicken-4.8.0.6-2.fc20
cinnamon-2.2.10-1.fc20
cinnamon-control-center-2.2.8-1.fc20
cinnamon-desktop-2.2.3-1.fc20
cinnamon-settings-daemon-2.2.3-1.fc20
cinnamon-translations-2.2.2-1.fc20
cjs-2.2.1-1.fc20
clustal-omega-1.2.1-2.fc20
diskimage-builder-0.1.15-1.fc20
emacs-24.3-17.fc20
findbugs-contrib-5.2.0-1.fc20
git-1.9.3-1.fc20
goaccess-0.8-1.fc20
ibus-1.5.7-2.fc20
ipvsadm-1.27-2.fc20
libdrm-2.4.54-1.fc20
libtiff-4.0.3-15.fc20
libvirt-1.1.3.5-2.fc20
lynis-1.5.3-1.fc20
mate-themes-extras-1.8.1-1.fc20
moodle-2.5.6-1.fc20
muffin-2.2.5-1.fc20
nemo-2.2.2-1.fc20
nodejs-shelljs-0.3.0-1.fc20
openlibm-0.3-6.fc20
os-refresh-config-0.1.5-1.fc20
owfs-2.9p5-1.fc20
perl-Plack-Middleware-Test-StashWarnings-0.08-1.fc20
piglit-1-0.17.20140414GIT8775223.fc20
rubygem-openscap-0.1.0-4.fc20
selinux-policy-3.12.1-166.fc20
spice-0.12.5-2.fc20
subversion-api-docs-1.8.8-1.fc20
supermin-5.1.8-5.fc20
syntastic-3.4.0-18.fc20
tango-2-18.fc20
thunderbird-lightning-2.6.5-9.fc20
tralics-2.15.1-3.fc20
unrtf-0.21.5-2.fc20
xz-5.1.2-9alpha.fc20
Details about builds:
================================================================================
apt-0.5.15lorg3.95-10.git522.1.fc20 (FEDORA-2014-6581)
Debian's Advanced Packaging Tool with RPM support
--------------------------------------------------------------------------------
Update Information:
Fixes issue with lua patch
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Tom Callaway <spot at fedoraproject.org> - 0.5.14lorg3.95-10.git522.1
- updated lua fix
--------------------------------------------------------------------------------
================================================================================
ardour3-3.5.380-1.fc20 (FEDORA-2014-6557)
Digital Audio Workstation
--------------------------------------------------------------------------------
Update Information:
**Ardour 3.5.380 is a CRITICAL bug fix release. ALL USERS ARE RECOMMENDED TO UPGRADE.**
It includes several absolutely vital fixes for bugs that could lead to audio and MIDI files being irreversibly deleted from disk.
Check out [the upstream announcement](https://community.ardour.org/node/8224) for detailed information.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 14 2014 Nils Philippsen <nils at redhat.com> - 3.5.380-1
- version 3.5.380
--------------------------------------------------------------------------------
================================================================================
chicken-4.8.0.6-2.fc20 (FEDORA-2014-6551)
A practical and portable Scheme system
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2014-3776.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Ricky Elrod <codeblock at fedoraproject.org> - 4.8.0.6-2
- Patch for CVE-2014-3776.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1099613 - CVE-2014-3776 chicken: buffer overflow in "read-u8vector!" procedure leads to DoS or arbitrary code exec
https://bugzilla.redhat.com/show_bug.cgi?id=1099613
--------------------------------------------------------------------------------
================================================================================
cinnamon-2.2.10-1.fc20 (FEDORA-2014-6418)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.10-1
- update to 2.2.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
cinnamon-control-center-2.2.8-1.fc20 (FEDORA-2014-6418)
Utilities to configure the Cinnamon desktop
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.8-1
- update to 2.2.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
cinnamon-desktop-2.2.3-1.fc20 (FEDORA-2014-6418)
Shared code among cinnamon-session, nemo, etc
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.3-1
- update to 2.2.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
cinnamon-settings-daemon-2.2.3-1.fc20 (FEDORA-2014-6418)
The daemon sharing settings from CINNAMON to GTK+/KDE applications
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.3-1
- update to 2.2.3
* Mon May 5 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.2-2
- add patch to add support for upower critical action
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
cinnamon-translations-2.2.2-1.fc20 (FEDORA-2014-6418)
Translations for Cinnamon and Nemo
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.2-1
- update to 2.2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
cjs-2.2.1-1.fc20 (FEDORA-2014-6418)
Javascript Bindings for Cinnamon
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Leigh Scott <leigh123linux at googlemail.com> - 1:2.2.1-1
- update to 2.2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
clustal-omega-1.2.1-2.fc20 (FEDORA-2014-6582)
Clustal Omega is a command-line multiple sequence alignment tool
--------------------------------------------------------------------------------
Update Information:
clustal-omega - command line tool for multiple sequence alignment
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1057766 - Review Request: clustal-omega - command line tool for multiple sequence alignment
https://bugzilla.redhat.com/show_bug.cgi?id=1057766
--------------------------------------------------------------------------------
================================================================================
diskimage-builder-0.1.15-1.fc20 (FEDORA-2014-6575)
Image building tools for OpenStack
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.15
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2014 Ben Nemec <bnemec at redhat.com> - 0.1.15-1
- Update to 0.1.15
- Remove dib-run-parts from this package
- Add dependency on dib-utils (the new home of dib-run-parts)
--------------------------------------------------------------------------------
================================================================================
emacs-24.3-17.fc20 (FEDORA-2014-6554)
GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:
CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 (#1095587)
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Petr Hracek <phracek at redhat.com> - 1:24.3-17
- CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 (#1095587)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095587 - CVE-2014-3423 CVE-2014-3422 CVE-2014-3421 CVE-2014-3424 emacs: multiple temporary file issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1095587
--------------------------------------------------------------------------------
================================================================================
findbugs-contrib-5.2.0-1.fc20 (FEDORA-2014-6566)
Extra findbugs detectors
--------------------------------------------------------------------------------
Update Information:
Update to new version 5.2.0. Full changelog is available at:
http://fb-contrib.sourceforge.net/
Detectors added in v4.8.0:
* [LGO] Lingering Graphics Object
* [CCNE] Compare Class Name Equals
* [CSBTS] CommonsStringBuilderToString
* [CHTH] CommonsHashcodeBuilderToHashcode
* [BRPI] BackportReusePublicIdentifiers
* [CU] Clone Usability
Detectors added in v5.0.0:
* [CVAA] ContraVariant Array Assignment
* [CAAL] Confusing Array As List
* [UMTP] Unbound Method Template Parameter
* [NPMC] Non Productive Method Call
* [ICA] Invalid Constant Argument
Detectors added in v5.2.0:
* [CNC] Collection Naming Confusion
* [PME] Poor Mans Enum
* [UP] Unused Parameter
* [CD] Circular Dependencies
* [MUC] Modifying Unmodifiable Collection
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 5 2014 Richard Fearn <richardfearn at gmail.com> - 5.2.0-1
- Update to 5.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068959 - Update fb-contrib to 5.2.0
https://bugzilla.redhat.com/show_bug.cgi?id=1068959
--------------------------------------------------------------------------------
================================================================================
git-1.9.3-1.fc20 (FEDORA-2014-6556)
Fast Version Control System
--------------------------------------------------------------------------------
Update Information:
Minor upstream bugfixes.
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/1.9.3.txt
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/1.9.2.txt
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/1.9.1.txt
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 19 2014 Jon Ciesla <limburgher at gmail.com> - 1.9.3-1
- Update to 1.9.3
--------------------------------------------------------------------------------
================================================================================
goaccess-0.8-1.fc20 (FEDORA-2014-6565)
Apache Log Analyzer
--------------------------------------------------------------------------------
Update Information:
Changes to GoAccess 0.8 - Tuesday, May 20, 2014
* Added APT-HTTP to the list of browsers.
* Added data persistence and ability to load data from disk.
* Added IE11 to the list of browsers.
* Added IEMobile to the list of browsers.
* Added multiple command line options.
* Added Nagios check_http to the list of browsers.
* Added parsing progress metrics - total requests / requests per second.
* Added the ability to parse a GeoLiteCity.dat to get the city given an IPv4.
* Change the way the configuration file is parsed. This will parse all configuration options under ~/.goaccessrc or the specified config file and will feed getopt_long with the extracted key/value pairs. This also allows the ability to have comments on the config file which won't be overwritten.
* Ensure autoconf determines the location of ncurses headers.
* Fixed issue where geo_location_data was NULL.
* Fixed issue where GoAccess did not run without a tty allocated to it.
* Fixed potential memory leak on --log-file realpath().
* Fixed Solaris build errors.
* Implemented an on-memory hash database using Tokyo Cabinet. This implementation allows GoAccess not to rely on GLib's hash table if one is needed.
* Implemented large file support using an on-disk B+ Tree database. This implementation allows GoAccess not to hold everything in memory but instead it uses an on-disk B+ Tree database.
* Trimmed leading and trailing whitespaces from keyphrases module.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Christopher Meng <rpm at cicku.me> - 0.8-1
- Update to 0.8
--------------------------------------------------------------------------------
================================================================================
ibus-1.5.7-2.fc20 (FEDORA-2014-6568)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
This update fixes the width of ibus-setup GUI.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Takao Fujiwara <tfujiwar at redhat.com> - 1.5.7-2
- Updated ibus-HEAD.patch for width of ibus-setup.
--------------------------------------------------------------------------------
================================================================================
ipvsadm-1.27-2.fc20 (FEDORA-2014-6561)
Utility to administer the Linux Virtual Server
--------------------------------------------------------------------------------
Update Information:
Fix ipvsadm list_daemon to show backup sync daemon
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Ryan O'Hara <rohara at redhat.com> - 1.27-2
- Fix ipvsadm list_daemon to show backup sync daemon
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1099688 - ipvsadm does not show backup daemon
https://bugzilla.redhat.com/show_bug.cgi?id=1099688
--------------------------------------------------------------------------------
================================================================================
libdrm-2.4.54-1.fc20 (FEDORA-2014-6572)
Direct Rendering Manager runtime library
--------------------------------------------------------------------------------
Update Information:
libdrm 2.4.54
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 3 2014 Dennis Gilmore <dennis at ausil.us> 2.4.54-1
- libdrm 2.4.54
--------------------------------------------------------------------------------
================================================================================
libtiff-4.0.3-15.fc20 (FEDORA-2014-6583)
Library of functions for manipulating TIFF format image files
--------------------------------------------------------------------------------
Update Information:
Add upstream patches for CVE-2013-4243 (#996832)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Petr Hracek <phracek at redhat.com> - 4.0.3-15
- Add upstream patches for CVE-2013-4243 (#996832)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996832 - CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=996832
--------------------------------------------------------------------------------
================================================================================
libvirt-1.1.3.5-2.fc20 (FEDORA-2014-6586)
Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:
* Fix xen hvm VNC port (bz #1094262)
* CVE-2014-0179: Unsafe XML parsing (bz #1094792, bz #1088290)
* Fix failure to start xen instances (rackspace in particular) (bz #1098376)
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 19 2014 Cole Robinson <crobinso at redhat.com> - 1.1.3.5-2
- Fix xen hvm VNC port (bz #1094262)
- CVE-2014-0179: Unsafe XML parsing (bz #1094792, bz #1088290)
- Fix failure to start xen instances (rackspace in particular) (bz #1098376)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1088290 - CVE-2014-0179 libvirt: unsafe parsing of XML documents allows libvirt DoS and/or arbitrary file read
https://bugzilla.redhat.com/show_bug.cgi?id=1088290
--------------------------------------------------------------------------------
================================================================================
lynis-1.5.3-1.fc20 (FEDORA-2014-6564)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
* 1.5.3 (2014-05-19)
New:
- Support for zypper package manager
- Gather installed packages with Zypper on SuSE systems [PKGS-728]
- Check for vulnerable packages with Zypper package manager [PKGS-7330]
Changes:
- Check for aide.conf also in /etc [FINT-4315]
- Adjusted screen output for unreliable NTP peers [TIME-3120]
- Adjusted check kernel test for non-Linux systems [KRNL-5730]
- Improved screen output on AIX systems with echo command
* 1.5.2 (2014-05-05)
New:
- Support for runlevel in binaries test
Changes:
- Added suggestion for kernel availability check [KRNL-5788]
- Added suggestion for services at startup and proper binary call [BOOT-5180]
- Added suggestion to configure accounting on FreeBSD [ACCT-2754]
- Added suggestion to configure Linux process accounting [ACCT-9622]
- Several new controls listed on website
- Adjusted hardening index if total score was zero
- Added suggestion for auditd.conf file [ACCT-9632]
- Removed suggestion for audit log file [ACCT-9634]
- Removed warning from NTP falsetickers test, added data to report [TIME-3132]
- Removed warning from NTP selected time source test [TIME-3124]
* 1.5.1 (2014-04-22)
Changes:
- Extended reporting with running databases and frameworks
- Adjusted Oracle status in test [DBS-1840]
- Extended grsecurity test [RBAC-6272]
- Redirect rpcinfo errors to /dev/null
- Adjusted color scheme
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Christopher Meng <rpm at cicku.me> - 1.5.3-1
- Update to 1.5.3
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-1.8.1-1.fc20 (FEDORA-2014-6560)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
- update to 1.8.1
- Blue-Submarine: update to GTK 3.12
- Green-Submarine: update to GTK 3.12
- Gnome-Cupertino: update to GTK 3.10
- Smoothly: update to GTK 3.10
- Smootly-Black: update to GTK 3.10
- GnomishBeige: complete GTK3-3.10
- DeloreanDark: update to GTK3-3.10
- drop Cologne theme, get rid of xfce theme engine
- several improvements
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 19 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-1
- update to 1.8.1 release
* Sun May 18 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.0.2
- drop forgoten gtk-xfce-engine requires
* Sun May 18 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.0.1
- update to 1.8.0 release
- Blue-Submarine: update to GTK 3.12
- Green-Submarine: update to GTK 3.12
- Gnome-Cupertino: update to GTK 3.10
- Smoothly: update to GTK 3.10
- Smootly-Black: update to GTK 3.10
- GnomishBeige: complete GTK3-3.10
- DeloreanDark: update to GTK3-3.10
- drop Cologne theme, get rid of xfce theme engine
- several improvements
--------------------------------------------------------------------------------
================================================================================
moodle-2.5.6-1.fc20 (FEDORA-2014-6585)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Moodle upstream has released versions 2.7, 2.6.3, 2.5.6, and 2.4.10 to fix the following security flaws:
CVE-2014-0213 MSA-14-0014: Cross-site request forgery possible in Assignment
CVE-2014-0214 MSA-14-0015: Web service token expiry issue for MoodleMobile
CVE-2014-0215 MSA-14-0016: Anonymous student identity revealed in assignment
CVE-2014-0216 MSA-14-0017: File access issue in HTML block
CVE-2014-0217 MSA-14-0018: Information leak in courses
CVE-2014-0218 MSA-14-0019: Reflected XSS in URL downloader repository
For a full summary and patch links, refer to the following:
http://seclists.org/oss-sec/2014/q2/329
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Jon Ciesla <limburgher at gmail.com> - 2.5.6-1
- CVE-2014-0213, CVE-2014-0214, CVE-2014-0215, CVE-2014-0216,
- CVE-2014-0217, CVE-2014-0218
- Drop upstreamed tinymce patch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1099766 - CVE-2014-0218 CVE-2014-0213 CVE-2014-0215 CVE-2014-0214 CVE-2014-0217 CVE-2014-0216 moodle: upstream 2.7, 2.6.3, 2.5.6, and 2.4.10 security fixes [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1099766
[ 2 ] Bug #1099765 - CVE-2014-0218 CVE-2014-0213 CVE-2014-0215 CVE-2014-0214 CVE-2014-0217 CVE-2014-0216 moodle: upstream 2.7, 2.6.3, 2.5.6, and 2.4.10 security fixes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1099765
--------------------------------------------------------------------------------
================================================================================
muffin-2.2.5-1.fc20 (FEDORA-2014-6418)
Window and compositing manager based on Clutter
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.5-1
- update to 2.2.5
* Tue May 20 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.4-1
- update to 2.2.4
* Thu May 15 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.3-3
- patch to remove unused binaries to clean debug package
* Wed May 14 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.3-2
- remove unused binaries (bz 1097542)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
nemo-2.2.2-1.fc20 (FEDORA-2014-6418)
File manager for Cinnamon
--------------------------------------------------------------------------------
Update Information:
- Latest package releases.
- Totally remove all trace of the muffin binary as people moan when it fails to work in other DE's.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.2.2-1
- update to 2.2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097542 - [abrt] muffin killed by SIGSEGV in cogl_texture_get_width at ./cogl-texture.c:220
https://bugzilla.redhat.com/show_bug.cgi?id=1097542
[ 2 ] Bug #1098246 - Window Alert from other Workspace Does Not Allow Click
https://bugzilla.redhat.com/show_bug.cgi?id=1098246
[ 3 ] Bug #1098797 - System Settings/Backgrounds - toolbars appear in random order after the first opening
https://bugzilla.redhat.com/show_bug.cgi?id=1098797
--------------------------------------------------------------------------------
================================================================================
nodejs-shelljs-0.3.0-1.fc20 (FEDORA-2014-6549)
Portable Unix shell commands for Node.js
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
openlibm-0.3-6.fc20 (FEDORA-2014-6589)
High quality system independent, open source libm
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089500 - Review Request: openlibm - High quality system independent, open source libm
https://bugzilla.redhat.com/show_bug.cgi?id=1089500
--------------------------------------------------------------------------------
================================================================================
os-refresh-config-0.1.5-1.fc20 (FEDORA-2014-6550)
Refresh system configuration
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 9 2014 Ben Nemec <bnemec at redhat.com> - 0.1.5-1
- Update to 0.1.5
- Add dependency on new dib-utils package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1086476 - /opt/stack/os-config-refresh is searched for scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1086476
[ 2 ] Bug #1086494 - os-refresh-config calls dib-run-parts, which is not installed
https://bugzilla.redhat.com/show_bug.cgi?id=1086494
--------------------------------------------------------------------------------
================================================================================
owfs-2.9p5-1.fc20 (FEDORA-2014-6555)
1-Wire Virtual File System
--------------------------------------------------------------------------------
Update Information:
This update brings following changes:
- improved support of DS2409 (Microlan) hubs
- owserver-to-owserver communication is not longer susceptible to loops
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2014 Tomasz Torcz <ttorcz at fedoraproject.org> - 2.9p5-1
- latest upstream release
--------------------------------------------------------------------------------
================================================================================
perl-Plack-Middleware-Test-StashWarnings-0.08-1.fc20 (FEDORA-2014-6591)
Test your application's warnings
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.08-1
- Upstream update.
--------------------------------------------------------------------------------
================================================================================
piglit-1-0.17.20140414GIT8775223.fc20 (FEDORA-2014-6579)
Collection of automated tests for OpenGL implementations
--------------------------------------------------------------------------------
Update Information:
Except I have created condition incorrectly.
importlib is since python 2.7 in the standard library, no need to import it.
Put ExcludeArch back for ppc64 and missing python-importlib Require
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 19 2014 Matěj Cepl <mcepl at redhat.com> - 1-0.17.20140414GIT8775223
- Except I have created condition incorrectly.
* Fri May 16 2014 Matěj Cepl <mcepl at redhat.com> - 1-0.16.20140414GIT8775223
- importlib is since python 2.7 in the standard library, no need to
import it.
* Thu May 15 2014 Matěj Cepl <mcepl at redhat.com> - 1-0.15.20140414GIT8775223
- Put ExcludeArch back for ppc64.
- Add python-importlib Require
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1098113 - missing lib/ include
https://bugzilla.redhat.com/show_bug.cgi?id=1098113
[ 2 ] Bug #1098170 - summary.py tries to access the "templates" dir in current dir
https://bugzilla.redhat.com/show_bug.cgi?id=1098170
--------------------------------------------------------------------------------
================================================================================
rubygem-openscap-0.1.0-4.fc20 (FEDORA-2014-6574)
A FFI wrapper around the OpenSCAP library
--------------------------------------------------------------------------------
Update Information:
A new package born!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1090188 - Review Request: rubygem-openscap - A FFI wrapper around the OpenSCAP library
https://bugzilla.redhat.com/show_bug.cgi?id=1090188
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.12.1-166.fc20 (FEDORA-2014-6584)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
Allow cockpit to bind to its port
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-166
- Allow cockpit to bind to its port
- Add fixes for squid which is configured to run with more than one worker.
- geard seems to do a lot of relabeling
- Allow system_mail_t to append to munin_var_lib_t
- Allow mozilla_plugin to read alsa_rw_ content
- Dontaudit attempts to read fixed disk
- Add MCS/MLS Constraints to kernel keyring, also add MCS Constraints to ipc, sem.msgq, shm
- Allow seunshare domains to getattr on all executables
* Fri May 16 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-165
- More fixes for OpenStack
* Fri May 16 2014 Miroslav Grepl <mgrepl at redhat.com> 3.12.1-164
- Add openstack fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1097531 - SELinux is preventing /usr/bin/bash from 'getattr' accesses on the file .
https://bugzilla.redhat.com/show_bug.cgi?id=1097531
[ 2 ] Bug #1088753 - SELinux boolean: secure_mode_policyload can be disabled when it was turned on
https://bugzilla.redhat.com/show_bug.cgi?id=1088753
[ 3 ] Bug #1096490 - SELinux breaks ulogd at system startup, but manually start ulogd works
https://bugzilla.redhat.com/show_bug.cgi?id=1096490
--------------------------------------------------------------------------------
================================================================================
spice-0.12.5-2.fc20 (FEDORA-2014-6559)
Implements the SPICE protocol
--------------------------------------------------------------------------------
Update Information:
Update to latest spice-server stable release
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 19 2014 Christophe Fergeau <cfergeau at redhat.com> 0.12.5-2
- Add missing BuildRequires in order to enable Opus support
* Mon May 19 2014 Christophe Fergeau <cfergeau at redhat.com> 0.12.5-1
- Update to new 0.12.5 release
--------------------------------------------------------------------------------
================================================================================
subversion-api-docs-1.8.8-1.fc20 (FEDORA-2014-6593)
Subversion API documentation
--------------------------------------------------------------------------------
Update Information:
Rebuild against current stable.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 Bojan Smojver <bojan at rexursive.com> 1.8.8-1
- bump up to 1.8.8
--------------------------------------------------------------------------------
================================================================================
supermin-5.1.8-5.fc20 (FEDORA-2014-6534)
Tool for creating supermin appliances
--------------------------------------------------------------------------------
Update Information:
New upstream version 5.1.8.
Enable support for xz-compressed kernel modules.
Fix handling of filenames with spaces.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 21 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.8-5
- Add patch to fix RPM handler when filenames may contain spaces.
* Mon May 19 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.8-4
- Skip execstack test on Fedora 20 (ARM only).
* Fri May 16 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.8-3
- BR xz-static & xz-devel packages, to support xz-compressed kernel modules.
* Fri May 9 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.8-1
- New upstream version 5.1.8.
- Remove patches which are now upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1099862 - supermin: internal error: assertion failed at rpm.ml, line 227, char 11
https://bugzilla.redhat.com/show_bug.cgi?id=1099862
--------------------------------------------------------------------------------
================================================================================
syntastic-3.4.0-18.fc20 (FEDORA-2014-6576)
A vim plugins to check syntax for programming languages
--------------------------------------------------------------------------------
Update Information:
Update to rev 3.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 jonathan MERCIER <bioinfornatics at gmail.com> - 3.4.0-18
- Update to rev 3.4.0
--------------------------------------------------------------------------------
================================================================================
tango-2-18.fc20 (FEDORA-2014-6570)
The Developer's Library for D
--------------------------------------------------------------------------------
Update Information:
update to latest rev
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 20 2014 jonathan MERCIER <bioinfornatics at gmail.com> - 2-18
- update to latest rev
* Sun Mar 9 2014 jonathan MERCIER <bioinfornatics at gmail.com> - 2-17
- Update to latest rev
* Wed Oct 30 2013 Jonathan MERCIER <bioinfornatics at gmail.com> - 2-16
- exclude arm
* Thu Oct 24 2013 Jonathan MERCIER <bioinfornatics at gmail.com> - 2-15
- Update to rev ff2b1d3
* Sun Aug 4 2013 "Jonathan Mercier" <"Jonathan Mercier at gmail dot org"> - 2-14
- Update to rev 667c566
* Mon Jun 10 2013 Jonathan MERCIER <bioinfornatics at fedoraproject dot org> - 2-13
- Update to rev 96fea24
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-2.6.5-9.fc20 (FEDORA-2014-6563)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
Update to 2.6.5
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 14 2014 Orion Poplawski <orion at cora.nwra.com> - 2.6.5-9
- Update to 2.6.5
* Fri Jan 31 2014 Orion Poplawski <orion at cora.nwra.com> - 2.6.4-8
- Fix build with -Werror=format-security (bug #1037355)
--------------------------------------------------------------------------------
================================================================================
tralics-2.15.1-3.fc20 (FEDORA-2014-6580)
LaTeX to XML translator
--------------------------------------------------------------------------------
Update Information:
LaTeX to XML translator
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000445 - Review Request: tralics - LaTeX to XML translator
https://bugzilla.redhat.com/show_bug.cgi?id=1000445
--------------------------------------------------------------------------------
================================================================================
unrtf-0.21.5-2.fc20 (FEDORA-2014-6547)
RTF (Rich Text Format) to other formats converter
--------------------------------------------------------------------------------
Update Information:
don't alter conf file location.
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 18 2014 Rahul Sundaram <sundaram at fedoraproject.org> - 0.21.5-2
- don't alter conf file location (rhbz#1060513)
* Mon Apr 7 2014 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.21.5-1
- Upstream release 0.21.5 (RHBZ #979619)
- Update URL for HTTPS
- Enable tests in %check
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1060513 - conf files are not found
https://bugzilla.redhat.com/show_bug.cgi?id=1060513
--------------------------------------------------------------------------------
================================================================================
xz-5.1.2-9alpha.fc20 (FEDORA-2014-6534)
LZMA compression utilities
--------------------------------------------------------------------------------
Update Information:
New upstream version 5.1.8.
Enable support for xz-compressed kernel modules.
Fix handling of filenames with spaces.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 16 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.2-9alpha
- Add a -static subpackage (see RHBZ#547011).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1099862 - supermin: internal error: assertion failed at rpm.ml, line 227, char 11
https://bugzilla.redhat.com/show_bug.cgi?id=1099862
--------------------------------------------------------------------------------
More information about the test
mailing list