Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Oct 20 09:57:23 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
171 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
65 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20
40 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20
40 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20
24 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20
17 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-12475/python-oauth2-1.5.211-8.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-12530/bugzilla-4.2.11-1.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-2.20141007git6a28c29b.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2014-12719/perl-Mojolicious-5.49-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-12910/sysklogd-1.5-18.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-13040/rubygem-httpclient-2.4.0-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-13063/devscripts-2.14.10-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-13030/drupal7-7.32-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-12991/deluge-1.3.10-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-13013/php-5.5.18-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13302/php-ZendFramework2-2.3.3-2.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2014-12309/gdb-7.7.1-20.fc20
The following builds have been pushed to Fedora 20 updates-testing
antimicro-2.7-1.fc20
drupal7-crumbs-2.2-1.fc20
drupal7-metatag-1.4-1.fc20
drupal7-token-1.5-4.fc20
globus-gram-audit-4.3-2.fc20
golang-github-docker-libtrust-0-0.1.gitd273ef2.fc20
icecat-31.1.1-1.fc20
nodejs-strip-json-comments-1.0.2-1.fc20
php-ZendFramework2-2.3.3-2.fc20
php-doctrine-annotations-1.2.1-1.fc20
Details about builds:
================================================================================
antimicro-2.7-1.fc20 (FEDORA-2014-13297)
Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:
new upstream release (#1126553)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 18 2014 Jeff Backus <jeff.backus at gmail.com> - 2.7-1
- new upstream release (#1126553)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1126553 - antimicro-2.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1126553
--------------------------------------------------------------------------------
================================================================================
drupal7-crumbs-2.2-1.fc20 (FEDORA-2014-13307)
The ultimate breadcrumbs module
--------------------------------------------------------------------------------
Update Information:
## [7.x-2.2](https://www.drupal.org/node/2349045)
* Fix #2347993: Forum breadcrumb not displaying correctly. Wrong substring index in PluginCollection::analyzePluginMethods().
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.2-1
- Updated to 2.2 (BZ #1150460)
- Removed RPM README b/c it only explained common Drupal workflow
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150460 - drupal7-crumbs-2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150460
--------------------------------------------------------------------------------
================================================================================
drupal7-metatag-1.4-1.fc20 (FEDORA-2014-13299)
Adds support and an API to implement meta tags
--------------------------------------------------------------------------------
Update Information:
## [7.x-1.4](https://www.drupal.org/node/2353917)
The "I thought I fixed that last time" release. This fully resolves two issues that were mistakenly marked as fixed in 7.x-1.3, and sincerest apologies for the delay in providing a stable release.
* Issue #2353079 by DamienMcKenna: Fixed Views integration, for real this time.
* Issue #2344877 by DamienMcKenna: Fixed Panels integration, for real this time.
## [7.x-1.3](https://www.drupal.org/node/2352439)
This resolves a critical issue for any sites using Metatag:Views, plus fixes integration with Panels and Feeds with the API changes in 1.0. This is a recommended release for all sites.
* Issue #2350967 by das-peter, DamienMcKenna: Fatal error occurred loading any View that did not have meta tags assigned.
* Issue #2344877 by DamienMcKenna, Mau PalantÃr, libelle2000: Fixed Panels integration.
* By DamienMcKenna: metatag_metatags_load()'s documentation was incorrect.
* Issue #2347193 by DamienMcKenna: Updated Feeds integration to be compatible with the new data structures in 1.0, and revision_id problems.
## [7.x-1.2](https://www.drupal.org/node/2350757)
Several important bugs from 1.0 are fixed in this release, so updating is recommended for all sites.
* Two critical bugs affecting translated nodes and translations were resolved.
* Views integration has been updated to work with the 1.0 API.
* Tag dependencies were fixed (a regression in 1.0 vs 1.0-rc2), and the Twitter Cards dependencies have been greatly improved.
* Two new meta tags for use with Google+ and a few missing Twitter Cards tags were added.
* Issue #2343909 by DamienMcKenna: Unable to update meta tags on nodes that didn't contain translations.
* Issue #2185791 by DamienMcKenna: Improved logic for deciding which meta tag values to use for the current language; new advanced option allows loading of the entity's default language's values if nothing else matches.
* Issue #2346159 by DamienMcKenna: Fixed tag dependencies, which were broken in 1.0.
* Issue #2346153 by DamienMcKenna: Added Twitter app 'name' tags, misc improvements to Twitter Cards code.
* Issue #2185791 by DamienMcKenna: Changed the no-values-to-load entity language default logic so that the default language values will be loaded unless disabled.
* Issue #1304038 by DamienMcKenna: Indicate in the README.txt how to disable output for the three meta tags output by Drupal core by default.
* Issue #2350129 by DamienMcKenna: Added a Drush command for clearing Metatag's caches.
* Issue #2341795 by DamienMcKenna: Updated Metatag:Views to be compatible with the new form data structure in 1.0.
* Issue #2292043 by eric.chenchao, DamienMcKenna: Added Google+ 'itemprop' meta tags.
* Issue #2341795 by DamienMcKenna: Fixed Views previews.
* Issue #2289139 by maijs, DamienMcKenna: Allow each Views display to have different meta tag values.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.4-1
- Updated to 1.4 (BZ #1150459)
- Removed RPM README b/c it only explained common Drupal workflow
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150459 - drupal7-metatag-1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150459
--------------------------------------------------------------------------------
================================================================================
drupal7-token-1.5-4.fc20 (FEDORA-2014-13296)
Provides a user interface for the Token API and some missing core tokens
--------------------------------------------------------------------------------
Update Information:
RPM-only release. Spec cleanup.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.5-4
- Spec cleanup
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-audit-4.3-2.fc20 (FEDORA-2014-13298)
Globus Toolkit - GRAM Jobmanager Auditing
--------------------------------------------------------------------------------
Update Information:
Remove unexpanded configure macro.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 19 2014 Mattias Ellert <mattias.ellert at fysast.uu.se> - 4.3-2
- Remove unexpanded configure macro
--------------------------------------------------------------------------------
================================================================================
golang-github-docker-libtrust-0-0.1.gitd273ef2.fc20 (FEDORA-2014-13293)
Library for managing authentication and authorization
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1154165 - initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154165 - Review Request: golang-github-docker-libtrust - Library for managing authentication and authorization
https://bugzilla.redhat.com/show_bug.cgi?id=1154165
--------------------------------------------------------------------------------
================================================================================
icecat-31.1.1-1.fc20 (FEDORA-2014-13304)
GNU version of Firefox browser
--------------------------------------------------------------------------------
Update Information:
Update to 31.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 16 2014 Antonio Trande <sagitterATfedoraproject.org> - 31.1.1-1
- Update to 31.1.1
- New bundled files (bz#1153135)
- Static sub-package is not built anymore
- Man-page updated
- Spyblock addon included
--------------------------------------------------------------------------------
================================================================================
nodejs-strip-json-comments-1.0.2-1.fc20 (FEDORA-2014-13301)
Strip comments from JSON
--------------------------------------------------------------------------------
Update Information:
Upstream has released new version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 19 2014 Anish Patil <apatil at redhat.com> - 1.0.2-1
- Upstream has released new version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1153965 - nodejs-strip-json-comments-1.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1153965
--------------------------------------------------------------------------------
================================================================================
php-ZendFramework2-2.3.3-2.fc20 (FEDORA-2014-13302)
Zend Framework 2
--------------------------------------------------------------------------------
Update Information:
Security release
* ZF2014-05, which mititages null byte poisoning of the password provided for LDAP authentication, thus prevening unauthorized LDAP binding. This corrects for unpatched versions of PHP (versions 5.5.11 and below, 5.4.27 and below, and any prior releases).
* ZF2014-06, which mitigates null byte poisoning of quoted SQL values provided to the sqlsrv extension, thus preventing a potential SQL injection vector.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 17 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.3.3-2
- Drop php-gmp dependency from Math component (BZ #1152440)
- Fix tests' autoloader
* Fri Oct 10 2014 Remi Collet <remi at fedoraproject.org> - 2.3.3-1
- Update to 2.3.3
- fix SQL injection with SqlSrv ZF2014-05 CVE-2014-8088 #1151276
- fix null byte issue on Ldap connect ZF2014-06 CVE-2014-8089 #1151277
* Wed Aug 20 2014 Remi Collet <remi at fedoraproject.org> - 2.3.2-1
- Update to 2.3.2
- tests from github
- run test suite during build
* Sun Jul 20 2014 Remi Collet <remi at fedoraproject.org> - 2.3.1-3
- composer dependencies
- add missing license
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 20 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.3.1-1
- Updated to 2.3.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151276 - CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
https://bugzilla.redhat.com/show_bug.cgi?id=1151276
[ 2 ] Bug #1151277 - CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)
https://bugzilla.redhat.com/show_bug.cgi?id=1151277
--------------------------------------------------------------------------------
================================================================================
php-doctrine-annotations-1.2.1-1.fc20 (FEDORA-2014-13303)
PHP docblock annotations parser library
--------------------------------------------------------------------------------
Update Information:
## [v1.2.1](https://github.com/doctrine/annotations/releases/tag/v1.2.1)
* [38: fixes doctrine/common#326](https://github.com/doctrine/annotations/pull/38)
* [39: Remove superfluous NS](https://github.com/doctrine/annotations/pull/39)
* [41: Warn if load_comments is not enabled.](https://github.com/doctrine/annotations/pull/41)
* [42: Clean up unused uses](https://github.com/doctrine/annotations/pull/42)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 19 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.2.1-1
- Updated to 1.2.1 (BZ #1146910)
- %license usage
* Thu Jul 17 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.2.0-2
- Removed skipping of test (php-phpunit-PHPUnit-MockObject patched to fix issue)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146910 - php-doctrine-annotations-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1146910
--------------------------------------------------------------------------------
More information about the test
mailing list