Fedora 20 updates-testing report

Sat Apr 18 09:58:09 UTC 2015

The following Fedora 20 Security updates need testing:
 Age  URL
 137  https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20
 126  https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
 117  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
  73  https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
  72  https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
  70  https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20
  55  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  40  https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
  35  https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-4587/qt5-qtwebkit-5.4.1-4.fc20
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-4551/qtwebkit-2.3.4-6.fc20
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-4556/libzip-0.11.2-5.fc20
  15  https://admin.fedoraproject.org/updates/FEDORA-2015-5398/thunderbird-31.6.0-1.fc20
  15  https://admin.fedoraproject.org/updates/FEDORA-2015-5390/mingw-libtasn1-3.8-2.fc20
  10  https://admin.fedoraproject.org/updates/FEDORA-2015-5723/firefox-37.0.1-1.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-5809/chrony-1.31.1-1.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-5864/zarafa-7.1.12-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-5910/netcf-0.2.8-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-6006/python-virtualenv-12.0.7-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5997/openstack-neutron-2013.2.4-8.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5972/yourls-1.7-3.20150410gitabc7d6c.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5969/gnupg2-2.0.27-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-6010/python-2.7.5-16.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6084/icu-50.1.2-12.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6279/cherokee-1.2.103-6.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6280/wesnoth-1.12.2-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6294/kernel-3.19.4-100.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6315/qt5-qtbase-5.4.1-9.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6401/proftpd-1.3.4e-2.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6349/spatialite-tools-4.1.1-12.fc20,sqlite-3.8.9-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6357/java-1.8.0-openjdk-1.8.0.45-31.b13.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6397/java-1.7.0-openjdk-1.7.0.79-2.5.5.0.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6399/php-5.5.24-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5874/ntp-4.2.6p5-22.fc20

The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  55  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-5859/testdisk-6.14-4.fc20,ntfs-3g-2015.3.14-1.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-5809/chrony-1.31.1-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5969/gnupg2-2.0.27-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-6007/pcre-8.33-9.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-6010/python-2.7.5-16.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6084/icu-50.1.2-12.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6389/rpm-4.11.3-3.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6317/python-slip-0.6.1-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6349/spatialite-tools-4.1.1-12.fc20,sqlite-3.8.9-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6294/kernel-3.19.4-100.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6333/linux-firmware-20150410-47.gitec89525b.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20

The following builds have been pushed to Fedora 20 updates-testing

    GeoIP-1.6.5-1.fc20
    GeoIP-GeoLite-data-2015.04-1.fc20
    anki-2.0.32-1.fc20
    arm-none-eabi-gcc-cs-4.9.2-3.fc20
    arm-none-eabi-newlib-2.2.0_1-1.fc20
    check-mk-1.2.6p1-1.fc20
    cherokee-1.2.103-6.fc20
    clufter-0.11.0-1.fc20
    cmockery2-1.3.9-1.fc20
    devscripts-2.15.3-1.fc20
    docker-io-1.6.0-0.1.rc6.fc20
    drupal7-features-2.5-1.fc20
    fedpkg-1.20-1.fc20
    geoipupdate-2.2.1-2.fc20
    globus-net-manager-0.8-1.fc20
    ibus-table-1.9.5-1.fc20
    java-1.7.0-openjdk-1.7.0.79-2.5.5.0.fc20
    java-1.8.0-openjdk-1.8.0.45-31.b13.fc20
    kernel-3.19.4-100.fc20
    kubernetes-0.14.2-0.2.gitd577db9.fc20
    ldapvi-1.7-20.fc20
    libkindrv-0.1.2-1.fc20
    libticables2-1.3.4-3.fc20
    libticonv-1.1.4-5.fc20
    linux-firmware-20150410-47.gitec89525b.fc20
    ltrace-0.7.2-10.fc20
    lwtools-4.11-1.fc20
    ntp-4.2.6p5-22.fc20
    opendmarc-1.3.1-12.fc20
    osbs-0.3-1.fc20
    pcp-3.10.4-1.fc20
    perl-File-Find-Rule-Perl-1.15-1.fc20
    php-5.5.24-1.fc20
    php-Raven-0.11.0-1.fc20
    php-aws-sdk-2.8.0-1.fc20
    php-horde-Horde-Auth-2.1.7-1.fc20
    php-horde-Horde-Http-2.1.5-1.fc20
    php-horde-Horde-Idna-1.0.2-1.fc20
    php-horde-Horde-Image-2.3.0-1.fc20
    php-horde-Horde-Itip-2.1.0-1.fc20
    php-horde-Horde-Kolab-Storage-2.1.3-1.fc20
    php-horde-Horde-Mime-2.8.1-1.fc20
    php-horde-Horde-Mime-Viewer-2.1.0-1.fc20
    php-horde-Horde-Rpc-2.1.4-1.fc20
    php-horde-Horde-Util-2.5.5-1.fc20
    php-psr-http-message-0.10.1-1.fc20
    phpMyAdmin-4.4.2-1.fc20
    proftpd-1.3.4e-2.fc20
    python-cached_property-1.1.0-1.fc20
    python-exif-2.0.2-1.fc20
    python-inotify-0.9.5-1.fc20
    python-jenkins-0.4.5-1.fc20
    python-munch-2.0.2-2.fc20
    python-pyramid-fas-openid-0.3.8-1.fc20
    python-re2-1.0.4-1.fc20
    python-slip-0.6.1-1.fc20
    qhexedit2-0.6.5-1.fc20
    qt5-qtbase-5.4.1-9.fc20
    qupzilla-1.8.6-4.fc20
    realmd-0.14.6-6.fc20
    rpkg-1.33-1.fc20
    rpm-4.11.3-3.fc20
    rubygem-rhc-1.35.3-1.fc20
    rubygem-text-1.3.1-1.fc20
    salt-2014.7.4-4.fc20
    spatialite-tools-4.1.1-12.fc20
    sqlite-3.8.9-1.fc20
    thunderbird-enigmail-1.8.2-1.fc20
    tig-2.1.1-1.fc20
    tzdata-2015c-1.fc20
    vertica-python-0.3.6-1.fc20
    virt-manager-1.0.1-6.fc20
    wesnoth-1.12.2-1.fc20
    xdaliclock-2.42-1.fc20
    xl2tpd-1.3.6-10.fc20

Details about builds:

================================================================================
 GeoIP-1.6.5-1.fc20 (FEDORA-2015-6378)
 Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:

This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.

The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.

The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.

In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  2 2015 Paul Howarth <paul at city-fan.org> - 1.6.5-1
- Update to 1.6.5
  - Fixed a segmentation fault in geoiplookup when the utility was passed an
    invalid database (#1180874)
  - Additional validation was added for the size used in the creation of the
    index cache (#832913)
  - Changed the code to only look up country codes by using functions that
    ensure that we do not try to look past the end of an array (GitHub #53)
* Fri Feb 20 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-4
- Databases now unbundled to the GeoIP-GeoLite-data package
- Drop long-unused perl helper scripts
- Add explicit pkgconfig dependency for EL-5 build
- Drop timestamp hack for configure, no longer needed
* Tue Feb 10 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-3
- Sub-package the data; going forward, this would be better as a separate
  package, since it has separate upstream releases than the library
* Fri Feb  6 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-2
- Only require geoipupdate prior to F-22, for back-compatibility
- Use %license where possible
- GeoIP-devel provides geoip-devel as well as obsoleting it
- Update bundled databases
* Thu Jan 29 2015 Philip Prindeville <philipp at fedoraproject.org> - 1.6.4-1
- Require geoipupdate per Paul
* Tue Jan 20 2015 Philip Prindeville <philipp at fedoraproject.org> - 1.6.4-0
- Version bump to 1.6.4 per bz #1158667 (okay, that bug was for 1.6.3)
- Remove geoipupdate as it will be moving into its own package
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun  6 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Feb 25 2014 Paul Howarth <paul at city-fan.org> - 1.5.1-4
- Add %check, so we can run tests by building using --with tests
- Update databases from upstream
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
        https://bugzilla.redhat.com/show_bug.cgi?id=832913
  [ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
        https://bugzilla.redhat.com/show_bug.cgi?id=1174002
  [ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1180874
  [ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
        https://bugzilla.redhat.com/show_bug.cgi?id=1189934
  [ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
        https://bugzilla.redhat.com/show_bug.cgi?id=1158667
  [ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
        https://bugzilla.redhat.com/show_bug.cgi?id=1186889
  [ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
        https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------

================================================================================
 GeoIP-GeoLite-data-2015.04-1.fc20 (FEDORA-2015-6378)
 Free GeoLite IP geolocation country database
--------------------------------------------------------------------------------
Update Information:

This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.

The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.

The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.

In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
        https://bugzilla.redhat.com/show_bug.cgi?id=832913
  [ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
        https://bugzilla.redhat.com/show_bug.cgi?id=1174002
  [ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1180874
  [ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
        https://bugzilla.redhat.com/show_bug.cgi?id=1189934
  [ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
        https://bugzilla.redhat.com/show_bug.cgi?id=1158667
  [ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
        https://bugzilla.redhat.com/show_bug.cgi?id=1186889
  [ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
        https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------

================================================================================
 anki-2.0.32-1.fc20 (FEDORA-2015-6331)
 Flashcard program for using space repetition learning
--------------------------------------------------------------------------------
Update Information:

Update to new bugfix upstream release 2.0.32.

Please see http://www.ankisrs.net/docs/changes.html for details.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  5 2015 Christian Krause <chkr at fedoraproject.org> - 2.0.32-1
- Update to new upstream version 2.0.32 (BZ 1205471)
- Move icon to %{_datadir}/icons/hicolor/scalable/apps
- Modify svg icon to use only the subset of the SVG specification
  which is implemented by Qt's SVG library
- Add keywords to desktop file
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205471 - anki-2.0.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1205471
--------------------------------------------------------------------------------

================================================================================
 arm-none-eabi-gcc-cs-4.9.2-3.fc20 (FEDORA-2015-6288)
 GNU GCC for cross-compilation for arm-none-eabi target
--------------------------------------------------------------------------------
Update Information:

gcc replaced with vanilla gcc release, updated to 4.9.2, compile  fixes, newlib updated to 2.2.0_1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1166416 - gcc selects wrong library for thumb support
        https://bugzilla.redhat.com/show_bug.cgi?id=1166416
  [ 2 ] Bug #1178520 - Compilation doesn't work
        https://bugzilla.redhat.com/show_bug.cgi?id=1178520
  [ 3 ] Bug #1184242 - replace old CodeSourcery with official GCC version
        https://bugzilla.redhat.com/show_bug.cgi?id=1184242
  [ 4 ] Bug #1185119 - /usr/include/features.h:1:0: internal compiler error
        https://bugzilla.redhat.com/show_bug.cgi?id=1185119
--------------------------------------------------------------------------------

================================================================================
 arm-none-eabi-newlib-2.2.0_1-1.fc20 (FEDORA-2015-6288)
 C library intended for use on arm-none-eabi embedded systems
--------------------------------------------------------------------------------
Update Information:

gcc replaced with vanilla gcc release, updated to 4.9.2, compile  fixes, newlib updated to 2.2.0_1
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Michal Hlavinka <mhlavink at redhat.com> - 2.2.0_1-1
- newlib updated to 2.2.0_1
* Mon Jun  9 2014 Michal Hlavinka <mhlavink at redhat.com> - 2.1.0-5
- fix FTBFS (#1105970)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.1.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1166416 - gcc selects wrong library for thumb support
        https://bugzilla.redhat.com/show_bug.cgi?id=1166416
  [ 2 ] Bug #1178520 - Compilation doesn't work
        https://bugzilla.redhat.com/show_bug.cgi?id=1178520
  [ 3 ] Bug #1184242 - replace old CodeSourcery with official GCC version
        https://bugzilla.redhat.com/show_bug.cgi?id=1184242
  [ 4 ] Bug #1185119 - /usr/include/features.h:1:0: internal compiler error
        https://bugzilla.redhat.com/show_bug.cgi?id=1185119
--------------------------------------------------------------------------------

================================================================================
 check-mk-1.2.6p1-1.fc20 (FEDORA-2015-6328)
 A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:

New upstream release: 1.2.6p1
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Andrea Veri <averi at fedoraproject.org> - 1.2.6p1-1
- New upstream release.
* Tue Apr  7 2015 Andrea Veri <averi at fedoraproject.org> - 1.2.6-1
- New upstream release. Source0 is now generated directly from Git
  as Check-Mk's upstream has decided to not include source code files
  (.cc, .c) for livestatus, mkeventd and waitmax anymore on the tarballs
  they release. We want to have these binaries built during the RPM build,
  thus the need to repack the tarball with the procedure outlined above.
- Include the 02-Downtime-Struct-Update patch to prevent Nagios to core dump
  when a downtime is set. This was caused by a change on the downtime struct
  applied in the course of Nagios 3's development. Thanks Mike Battersby for
  the patch. (BZ: #1083003)
- Filter the /usr/bin/bash require on EL 6 as it's available under /bin/bash,
  additionally fix the /usr/bin/pnp shebang from the plugins/unitrends_backup file
  as that is a non-existent binary file, upstream probably meant php.
- PLUGINSDIR on the check_mk_agent binary file is set to be
  %{_datadir}/check-mk-agent/plugins, make sure all the plugins are installed
  there and not on %{_datadir}/check_mk/plugins instead.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1083003 - Nagios SIGSEGV on (internal to nagios) scheduled log rotate if livestatus module is loaded and a downtime is set
        https://bugzilla.redhat.com/show_bug.cgi?id=1083003
--------------------------------------------------------------------------------

================================================================================
 cherokee-1.2.103-6.fc20 (FEDORA-2015-6279)
 Flexible and Fast Webserver
--------------------------------------------------------------------------------
Update Information:

Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Pavel Lisý <pali at fedoraproject.org> - 1.2.103-6
- Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
- Resolves bz 1094901 - cherokee: script and/or trigger should not directly enable systemd units
- Resolves bz  959170 - cherokee-worker and cherokee-admin want to use execstack (EL5)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.103-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.103-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1114461
  [ 2 ] Bug #1094901 - cherokee: script and/or trigger should not directly enable systemd units
        https://bugzilla.redhat.com/show_bug.cgi?id=1094901
--------------------------------------------------------------------------------

================================================================================
 clufter-0.11.0-1.fc20 (FEDORA-2015-6256)
 Tool/library for transforming/analyzing cluster configuration formats
--------------------------------------------------------------------------------
Update Information:

bump upstream package
bump upstream package (incl. several bugfixes, e.g., rhbz#1207345)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Jan Pokorný <jpokorny+rpm-clufter at fedoraproject.org> - 0.11.0-1
- bump upstream package
* Wed Apr  8 2015 Jan Pokorný <jpokorny+rpm-clufter at fedoraproject.org> - 0.10.4-1
- bump upstream package
--------------------------------------------------------------------------------

================================================================================
 cmockery2-1.3.9-1.fc20 (FEDORA-2015-6255)
 Lightweight C unit testing framework
--------------------------------------------------------------------------------
Update Information:

Minor bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Luis Pabón, Jr. <lpabon at redhat.com> - 1.3.9-1
- Minor bug fixes
--------------------------------------------------------------------------------

================================================================================
 devscripts-2.15.3-1.fc20 (FEDORA-2015-6310)
 Scripts for Debian Package maintainers
--------------------------------------------------------------------------------
Update Information:

Update to version 2.15.3, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.3_changelog for details.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Sandro Mani <manisandro at gmail.com> - 2.15.3-1
- Update to 2.15.3
--------------------------------------------------------------------------------

================================================================================
 docker-io-1.6.0-0.1.rc6.fc20 (FEDORA-2015-6373)
 Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:

build @rhatdan/fedora-1.6 commit#b27feb4
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.6.0-0.1.rc6
- build @rhatdan/fedora-1.6 commit#b27feb4
- moved GOTRACEBACK=crash to unitfile
--------------------------------------------------------------------------------

================================================================================
 drupal7-features-2.5-1.fc20 (FEDORA-2015-6366)
 Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.5 release for bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Jared Smith <jsmith at fedoraproject.org> - 2.5-1
- Update to upstream 2.5 release for bug fixes
- Upstream changelog for this release: https://www.drupal.org/node/2470129
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1211416 - drupal7-features-2.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1211416
--------------------------------------------------------------------------------

================================================================================
 fedpkg-1.20-1.fc20 (FEDORA-2015-6403)
 Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:

Updates to the fedpkg package:

* Hijack load_kojisession to catch auth problems
* Upload source files with our preferred hash
* For rawhide use fedora-rawhide-* mock config instead of fedora-devel-*

Updates to the rpkg package:
* New mockbuild options: --no-clean --no-cleanup-after
* Catch ssl auth problems and print more helpful messages
* New exception - rpkgAuthError to allow clients detect auth problems
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Pavol Babincak <pbabinca at redhat.com> - 1.20-1
- Bash completion for mockbuild --no-clean* options (pbabinca)
- Hijack load_kojisession to catch auth problems (pbabinca)
- Upload source files with our preferred hash (bochecha)
- pass keyword args as keyword args (mikeb)
- For rawhide use fedora-rawhide-* mock config instead of fedora-devel-*
  (pbabinca)
* Thu Dec 18 2014 Pavol Babincak <pbabinca at redhat.com> - 1.19-2
- Remove python-offtrac from {build,}requires (rhbz#1157793)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1181637 - RFE: Please add --no-clean, --no-cleanup-after options to mockbuild
        https://bugzilla.redhat.com/show_bug.cgi?id=1181637
  [ 2 ] Bug #985182 - expired certificate should say how to fix it
        https://bugzilla.redhat.com/show_bug.cgi?id=985182
--------------------------------------------------------------------------------

================================================================================
 geoipupdate-2.2.1-2.fc20 (FEDORA-2015-6378)
 Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
--------------------------------------------------------------------------------
Update Information:

This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.

The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.

The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.

In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
        https://bugzilla.redhat.com/show_bug.cgi?id=832913
  [ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
        https://bugzilla.redhat.com/show_bug.cgi?id=1174002
  [ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1180874
  [ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
        https://bugzilla.redhat.com/show_bug.cgi?id=1189934
  [ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
        https://bugzilla.redhat.com/show_bug.cgi?id=1158667
  [ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
        https://bugzilla.redhat.com/show_bug.cgi?id=1186889
  [ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
        https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------

================================================================================
 globus-net-manager-0.8-1.fc20 (FEDORA-2015-6285)
 Globus Toolkit - Network Manager
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit update:
* globus-net-manager (0.8)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Mattias Ellert <mattias.ellert at fysast.uu.se> - 0.8-1
- GT6 update (fix for attr not being used on connect)
--------------------------------------------------------------------------------

================================================================================
 ibus-table-1.9.5-1.fc20 (FEDORA-2015-6385)
 The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:

update to 1.9.5; Don’t strip space when parsing phrases from a source table
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Mike FABIAN <mfabian at redhat.com> - 1.9.5-1
- update to 1.9.5
- Don’t strip space when parsing phrases from a source table
- Resolves: rhbz#1211208
--------------------------------------------------------------------------------

================================================================================
 java-1.7.0-openjdk-1.7.0.79-2.5.5.0.fc20 (FEDORA-2015-6397)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

Updated to security icedtea-forest7 2.5.5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek <jvanek at redhat.com> - 1:1.7.0.75-2.5.5.0
- repacked sources
* Thu Apr  9 2015 Jiri Vanek <jvanek at redhat.com> - 1:1.7.0.75-2.5.5.0
- Bump to 2.5.5 using OpenJDK 7u79 b14.
- Update OpenJDK tarball creation comments
- Drop AArch64 version of RH1191652 HotSpot patch as included upstream.
- added Patch406: fixPtraceInclude.patch, Patch404: rh1191652-hotspot.patch
  Patch405: rh1191652-jdk.patch
--------------------------------------------------------------------------------

================================================================================
 java-1.8.0-openjdk-1.8.0.45-31.b13.fc20 (FEDORA-2015-6357)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

Updated to security update u45
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek <jvanek at redhat.com> - 1:1.8.0.45-31.b13
- repacked sources
- added Patch204: zero-interpreter-fix.patch
* Tue Apr  7 2015 Jiri Vanek <jvanek at redhat.com> - 1:1.8.0.45-30.b13
- updated to security u45
- deleted hotspot-build-j-directive.patch
- adapted generate_source_tarball.sh, removeSunEcProvider-RH1154143.patch,
  repackReproduciblePolycies.sh
* Thu Feb 12 2015 Jiri Vanek <jvanek at redhat.com> - 1:1.8.0.25-4.b12
- policies repacked to stop spamming yum update
- added and used source20 repackReproduciblePolycies.sh
- added mehanism to force priority size
--------------------------------------------------------------------------------

================================================================================
 kernel-3.19.4-100.fc20 (FEDORA-2015-6294)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

The 3.19.4 stable release contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Justin M. Forbes <jforbes at fedoraproject.org> - 3.19.4-100
- Linux v3.19.4
* Thu Apr  2 2015 Josh Boyer <jwboyer at fedoraproject.org>
- DoS against IPv6 stacks due to improper handling of RA (rhbz 1203712 1208491)
* Wed Apr  1 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Backport patch to fix tg3 deadlock (rhbz 1207789)
- Fix gssproxy (rhbz 1203913)
- CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196266 - CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120)
        https://bugzilla.redhat.com/show_bug.cgi?id=1196266
  [ 2 ] Bug #1203712 - CVE-2015-2922 kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.
        https://bugzilla.redhat.com/show_bug.cgi?id=1203712
--------------------------------------------------------------------------------

================================================================================
 kubernetes-0.14.2-0.2.gitd577db9.fc20 (FEDORA-2015-6330)
 Container cluster management
--------------------------------------------------------------------------------
Update Information:

Bump to upstream d577db99873cbf04b8e17b78f17ec8f3a27eca30
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 12 2015 jchaloup <jchaloup at redhat.com> - 0.14.2-0.2.gitd577db9
- Bump to upstream d577db99873cbf04b8e17b78f17ec8f3a27eca30
* Wed Apr  8 2015 jchaloup <jchaloup at redhat.com> - 0.14.2-0.1.git2719194
- Bump to upstream 2719194154ffd38fd1613699a9dd10a00909957e
  Use etcd-2.0.8 and higher
* Tue Apr  7 2015 jchaloup <jchaloup at redhat.com> - 0.14.1-0.2.gitd2f4734
- Bump to upstream d2f473465738e6b6f7935aa704319577f5e890ba
* Thu Apr  2 2015 jchaloup <jchaloup at redhat.com> - 0.14.1-0.1.gita94ffc8
- Bump to upstream a94ffc8625beb5e2a39edb01edc839cb8e59c444
* Wed Apr  1 2015 jchaloup <jchaloup at redhat.com> - 0.14.0-0.2.git8168344
- Bump to upstream 81683441b96537d4b51d146e39929b7003401cd5
* Tue Mar 31 2015 jchaloup <jchaloup at redhat.com> - 0.14.0-0.1.git9ed8761
- Bump to upstream 9ed87612d07f75143ac96ad90ff1ff68f13a2c67
- Remove [B]R from devel branch until the package has stable API
* Mon Mar 30 2015 jchaloup <jchaloup at redhat.com> - 0.13.2-0.6.git8a7a127
- Bump to upstream 8a7a127352263439e22253a58628d37a93fdaeb2
--------------------------------------------------------------------------------

================================================================================
 ldapvi-1.7-20.fc20 (FEDORA-2015-6319)
 An interactive LDAP client
--------------------------------------------------------------------------------
Update Information:

Add popt-devel BR even for RHEL-7 (#1161952)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Matej Cepl <mcepl at redhat.com> - 1.7-20
- Add popt-devel BR even for RHEL-7 (#1161952)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1161952 - Please add EPEL7 branch
        https://bugzilla.redhat.com/show_bug.cgi?id=1161952
--------------------------------------------------------------------------------

================================================================================
 libkindrv-0.1.2-1.fc20 (FEDORA-2015-6410)
 Driver for controlling robotic arms by Kinova
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1210004 - Review Request: libkindrv - Driver for controlling robotic arms by Kinova
        https://bugzilla.redhat.com/show_bug.cgi?id=1210004
--------------------------------------------------------------------------------

================================================================================
 libticables2-1.3.4-3.fc20 (FEDORA-2015-6309)
 Texas Instruments link cables library
--------------------------------------------------------------------------------
Update Information:

Texas Instruments link cables library
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1186501 - Review Request: libticables2 - Texas Instruments link cables library
        https://bugzilla.redhat.com/show_bug.cgi?id=1186501
--------------------------------------------------------------------------------

================================================================================
 libticonv-1.1.4-5.fc20 (FEDORA-2015-6336)
 Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
Update Information:

Texas Instruments calculators charsets library
Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1186494 - Review Request: libticonv - Texas Instruments calculators charsets library
        https://bugzilla.redhat.com/show_bug.cgi?id=1186494
--------------------------------------------------------------------------------

================================================================================
 linux-firmware-20150410-47.gitec89525b.fc20 (FEDORA-2015-6333)
 Firmware files used by the Linux kernel
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream git snapshot.
Update to the latest upstream git snapshot.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Josh Boyer <jwboyer at fedoraproject.org> 20150415-47.gitec89525b
- Fix conflict with ivtv-firmware (rhbz 1203385)
* Fri Apr 10 2015 Josh Boyer <jwboyer at fedoraproject.org> 20150415-46.gitec89525b
- Update to the latest upstream git snapshot
* Thu Mar 19 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Ship the cx18x firmware files (rhbz 1203385)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203385 - Please include cx18 firmware in the linux-firmware package
        https://bugzilla.redhat.com/show_bug.cgi?id=1203385
--------------------------------------------------------------------------------

================================================================================
 ltrace-0.7.2-10.fc20 (FEDORA-2015-6351)
 Tracks runtime library calls from dynamically linked executables
--------------------------------------------------------------------------------
Update Information:

- Fix memory errors when %p is used in a formatting string in printf-like calls.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 16 2015 Petr Machata <pmachata at redhat.com> - 0.7.2-10
- Add an upstream patch that fixes memory errors when %p is used in a
  formatting string in printf-like calls.
  (ltrace-0.7.2-static-free.patch)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1212314 - [abrt] ltrace: type_pointer_destroy(): ltrace killed by SIGABRT
        https://bugzilla.redhat.com/show_bug.cgi?id=1212314
--------------------------------------------------------------------------------

================================================================================
 lwtools-4.11-1.fc20 (FEDORA-2015-6411)
 Cross-development tool chain for Motorola 6809 and Hitachi 6309
--------------------------------------------------------------------------------
Update Information:

Update for version 4.11 from upstream
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 John W. Linville <linville at tuxdriver.com> 4.11-1
- Update for version 4.11 from upstream
* Wed Feb  4 2015 John W. Linville <linville at tuxdriver.com> 4.10-2
- Use license macro for files containing license information
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1211726 - lwtools-4.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1211726
--------------------------------------------------------------------------------

================================================================================
 ntp-4.2.6p5-22.fc20 (FEDORA-2015-5874)
 The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-1799, CVE-2015-1798, #1210324
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-22
- fix generation of MD5 keys with ntp-keygen on big-endian systems (#1210324)
* Wed Apr  8 2015 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-21
- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack
  (CVE-2015-1799)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199435 - CVE-2015-1799 ntp: authentication doesn't protect symmetric associations against DoS attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1199435
  [ 2 ] Bug #1199430 - CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key crypto
        https://bugzilla.redhat.com/show_bug.cgi?id=1199430
  [ 3 ] Bug #1210324 - ntp: ntp-keygen may generate non-random symmetric keys on big-endian systems
        https://bugzilla.redhat.com/show_bug.cgi?id=1210324
--------------------------------------------------------------------------------

================================================================================
 opendmarc-1.3.1-12.fc20 (FEDORA-2015-6312)
 A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
--------------------------------------------------------------------------------
Update Information:

- Added libspf2-devel to BuildRequires
- libspf2 support now provided for all branches
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 13 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-12
- Added libspf2-devel to BuildRequires
- libspf2 support now provided for all branches
* Thu Apr  9 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-11
- Added --with-libspf2 support for all branches except EL5
* Fri Apr  3 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-10
- policycoreutils now only required for EL5
* Mon Mar 30 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-9
- policycoreutils* now only required for Fedora and EL6+
- Added --with-sql-backend configure support
- Changed a few macros
* Sun Mar 29 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-8
- removed unecessary Requires packages
- moved libbsd back to BuildRequires
- removed unecessary %defattr
- added support for BSD and Sendmail in place of %doc
- Changed some opendmarc macro usages
* Sat Mar 28 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-7
- added (armv7hl-32) to Requires where necessary
- added sendmail-milter to Requires
- moved libbsd from BuildRequires to Requires
- added policycoreutils and policycoreutils-python to Requires(post)
* Sat Mar 28 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-6
- Removed uneeded _pkgdocdir reference
* Fri Mar 27 2015 Steve Jenkins <steve at stevejenkins.com> - 1.3.1-5
- Combined systemd and SysV spec files using conditionals
- Set AuthservID configuration option to HOSTNAME by default
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #905304 - Review Request: OpenDMARC - Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
        https://bugzilla.redhat.com/show_bug.cgi?id=905304
--------------------------------------------------------------------------------

================================================================================
 osbs-0.3-1.fc20 (FEDORA-2015-6386)
 Python module and command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:

New upstream release
Update to latest git version.
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
Update to latest git version.
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
Update to latest git version.
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205201 - [abrt] osbs: __init__.py:2320:resolve:ImportError: 'module' object has no attribute 'run'
        https://bugzilla.redhat.com/show_bug.cgi?id=1205201
  [ 2 ] Bug #1203801 - Review Request: osbs -  Python module and command line client for OpenShift Build Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1203801
--------------------------------------------------------------------------------

================================================================================
 pcp-3.10.4-1.fc20 (FEDORA-2015-6253)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:

Update to latest PCP, pcp-webjs and Vector sources.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Nathan Scott <nathans at redhat.com> - 3.10.4-1
- Update to latest PCP, pcp-webjs and Vector sources.
- Packaging improvements after re-review (BZ 1204467)
- Start pmlogger/pmie independent of persistent state (BZ 1185755)
- Fix cron error reports for disabled pmlogger service (BZ 1208699)
- Incorporate Vector from Netflix (https://github.com/Netflix/vector)
- Sub-packages for pcp-webjs allowing choice and reducing used space.
* Wed Mar  4 2015 Dave Brolley <brolley at redhat.com> - 3.10.3-2
- papi 5.4.1 rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204467 - Please re-review for packaging mistakes
        https://bugzilla.redhat.com/show_bug.cgi?id=1204467
  [ 2 ] Bug #1185755 - "systemctl start pmlogger" does nothing unless pmlogger.service is also enabled
        https://bugzilla.redhat.com/show_bug.cgi?id=1185755
--------------------------------------------------------------------------------

================================================================================
 perl-File-Find-Rule-Perl-1.15-1.fc20 (FEDORA-2015-6321)
 Common rules for searching for Perl things
--------------------------------------------------------------------------------
Update Information:

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.15-1
- Upstream update.
- Reflect Source0: having changed.
- Rework spec to reflect upstream changes.
--------------------------------------------------------------------------------

================================================================================
 php-5.5.24-1.fc20 (FEDORA-2015-6399)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

16 Apr 2015, **PHP 5.5.24**

Apache2handler:
* Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema)

Core:
* Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)
* Fixed bug #67626 (User exceptions not properly handled in streams). (Julian)
* Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk)
* Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
* Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)
* Additional fix for bug #69152 (Type confusion vulnerability in exception::getTraceAsString). (Stas)
* Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing). (Nikita)
* Fixed bug #69221 (Segmentation fault when using a generator in combination with an Iterator). (Nikita)
* Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability). (Stas)
* Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions). (Stas)

Curl:
* Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)
* Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)

Date:
* Export date_get_immutable_ce so that it can be used by extensions. (Derick Rethans)
* Fixed bug #69336 (Issues with "last day of <monthname>"). (Derick Rethans)

Enchant:
* Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows builds). (Anatol)

Fileinfo:
* Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault). (Anatol Belski)

Filter:
* Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored unless other flags are used). (Jeff Welch)
* Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff Welch)

Mbstring:
* Fixed bug #68846 (False detection of CJK Unified Ideographs Extension E). (Masaki Kagaya)

OPCache
* Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)
* Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)

OpenSSL:
* Fixed bug #67403 (Add signatureType to openssl_x509_parse).
* Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)

Phar:
* Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar). (Mike)
* Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)
* Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)
* Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing ".tar"). (Mike)
* Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)
* Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode). (Stas)

Postgres:
* Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352) (Laruence)

SPL:
* Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)

SOAP:
* Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected, regression)). (thomas at shadowweb dot org, Laruence)

SQLITE:
* Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception). (Dan Ackroyd)
* Fixed bug #69287 (Upgrade bundled sqlite to 3.8.8.3). (Anatol)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2015 Remi Collet <remi at fedoraproject.org> 5.5.24-1
- Update to 5.5.24
  http://www.php.net/releases/5_5_24.php
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1185900 - CVE-2015-1351 php: use after free in opcache extension
        https://bugzilla.redhat.com/show_bug.cgi?id=1185900
  [ 2 ] Bug #1185904 - CVE-2015-1352 php: NULL pointer dereference in pgsql extension
        https://bugzilla.redhat.com/show_bug.cgi?id=1185904
--------------------------------------------------------------------------------

================================================================================
 php-Raven-0.11.0-1.fc20 (FEDORA-2015-6376)
 A PHP client for Sentry
--------------------------------------------------------------------------------
Update Information:

0.11.0
------

- New configuration parameter: 'release'
- New configuration parameter: 'message_limit'
- New configuration parameter: 'curl_ssl_version'
- New configuration parameter: 'curl_ipv4'
- New configuration parameter: 'verify_ssl'
- Updated remote endpoint to use modern project-based path.
- Expanded default sanitizer support to include 'auth_pw' attribute.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 12 2015 Shawn Iwinski <shawn.iwinski at gmail.com> - 0.11.0-1
- Updated to 0.11.0 (BZ #1205685)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205685 - php-Raven-0.11.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1205685
--------------------------------------------------------------------------------

================================================================================
 php-aws-sdk-2.8.0-1.fc20 (FEDORA-2015-6276)
 Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:

## 2.8.0 - 2015-04-09

See the [Upgrading Guide](https://github.com/aws/aws-sdk-php/blob/master/UPGRADING.md)
for details about any changes you may need to make to your code for this upgrade.

* `Aws\MachineLearning` - Added support for the Amazon Machine Learning service.
* `Aws\WorkSpaces` - Added support for the Amazon WorkSpaces service.
* `Aws\Ecs` - Added support for the ECS service scheduler operations.
* `Aws\S3` - Added support for the `getBucketNotificationConfiguration` and `putBucketNotificationConfiguration` operations to the `S3Client` to replace the, now deprecated, `getBucketNotification` and `putBucketNotification` operations.
* [BC] `Aws\Lambda` - Added support for the new AWS Lambda API, which has been changed based on customer feedback during Lambda's preview period.
* `Aws\Common` - Deprecated "facades". They will not be present in Version 3 of the SDK.
* `Aws\Common` - Added `getAwsErrorCode`, `getAwsErrorType` and `getAwsRequestId` methods to the `ServiceResponseException` to be forward-compatible with Version 3 of the SDK.

## 2.7.27 - 2015-04-07

* `Aws\DataPipeline` - Added support for `DeactivatePipeline`
* `Aws\ElasticBeanstalk` - Added support for `AbortEnvironmentUpdate`

## 2.7.26 - 2015-04-02

* `Aws\CodeDeploy` - Added support deployments to on-premises instances.
* `Aws\Rds` - Added support for the `DescribeCertificates` operation.
* `Aws\ElasticTranscoder` - Added support for protecting content with PlayReady Digital Rights Management (DRM).

## 2.7.25 - 2015-03-26

* `Aws\ElasticTranscoder` - Added support for job timing.
* `Aws\Iam` - Added `NamedPolicy` to `GetAccountAuthorizationDetails`.
* `Aws\OpsWorks` - Added `BlockDeviceMapping` support.

## 2.7.24 - 2015-03-24

* `Aws\S3` - Added support for cross-region replication.
* `Aws\S3` - Added support for ["Requester Pays" buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html).

## 2.7.23 - 2015-03-19

* `Aws\ElasticTranscoder` - API update to support AppliedColorSpaceConversion.
* `Aws\CloudSearchDomain` - Adding 504 status code to retry list.

## 2.7.22 - 2015-03-12

* `Aws\CloudFront` - Fixed #482, which affected pre-signing CloudFront URLs.
* `Aws\CloudTrail` - Added support for the `LookupEvents` operation.
* `Aws\CloudWatchLogs` - Added ordering parameters to the `DescribeLogStreams`
* `Aws\Ec2` - Added pagination parameters to the `DescribeSnapshots` operation

## 2.7.21 - 2015-03-04

* `Aws\CognitoSync` - Added support for Amazon Cognito Streams.

## 2.7.20 - 2015-02-23

* `Aws\DataPipeline` - Added support for pipeline tagging via the `AddTags` and `RemoveTags` operations.
* `Aws\Route53` - Added support for the `GetHostedZoneCount` and `ListHostedZonesByName` operations.

## 2.7.19 - 2015-02-20

* `Aws\CloudFront` - Added support for origin paths in web distributions.
* `Aws\Ecs` - Added support for specifying volumes and mount points. Also
* `Aws\ElasticTranscoder` - Added support for cross-regional resource warnings.
* `Aws\Route53Domains` - Add iterators for `ListDomains` and `ListOperations`.
* `Aws\Ssm` - Added support for the **Amazon Simple Systems Management Service (SSM)**.
* `Aws\Sts` - Added support for regional endpoints. switched the client to use a JSON protocol.
* Changed our CHANGELOG format. ;-)

## 2.7.18 - 2015-02-12

* Added support for named and managed policies to the IAM client.
* Added support for tagging operations to the Route 53 Domains client.
* Added support for tagging operations to the ElastiCache client.
* Added support for the Scan API for secondary indexes to the DynamoDB client.
* Added forward compatibility for the `'credentials'`, `'endpoint'`, and `'http'` configuration options.
* Made the `marshalValue()` and `unmarshalValue()` methods public in the DynamoDB Marshaler.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 12 2015 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.8.0-1
- Updated to 2.8.0 (BZ #1192383)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1192383 - php-aws-sdk-2.8.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1192383
--------------------------------------------------------------------------------

================================================================================
 php-horde-Horde-Auth-2.1.7-1.fc20 (FEDORA-2015-6264)
 Horde Authentication API
--------------------------------------------------------------------------------
Update Information:

**Horde_Auth 2.1.7**
* [jan] Improve salt generation for Blowfish hashes.

**Horde_Http 2.1.5**
* [jan] Allow to pass Horde_Url objects as URI (Bug #13897).

**Horde_Idna 1.0.2**
* [mms] Use intl extension, if installed, and fallback to a locally-patched version of the true/php-punycode package.

**Horde_Image 2.3.0**
* [jan] Fix transparent rectangles in SVG backend.
* [jan] Fix setting background color in SVG backend.
* [jan] Add 'ratio' parameter to Horde_Image_Effect_Imagick_LiquidResize.
* [jan] Fix catching exceptions from imagick extension.
* [jan] Complete the backends' capabilities properties.
* [jan] Fix SVG and SWF backends.
* [jan] Fix setting background color in Horde_Image_Swf constructor.
* [jan] Send Content-Type header in Horde_Image_Svg#display().
* [jan] Improve arc rendering with Im backend.
* [jan] Enable antialiasing in GD backend if available.
* [jan] Implement Horde_Image_Imagick::arc().
* [jan] Fix rounded rectangle drawing with GD backend.
* [jan] Fix transparency issues with GD backend.
* [jan] Fix autoloading of effect classes.
* [jan] Fix border effect with GD driver.
* [jan] Don't error out in effects if a logger hasn't been set.
* [jan] Make getImageAtIndex() always return an image.
* [jan] Don't error our when calling unsupported manipulation methods.
* [jan] Make Horde_Image::arcPoints() work with any angles.
* [jan] Fix some HTML color name to RGB value mappings.
* [jan] Add Horde_Image_Rgb class and remove $horde_image_rgb_colors global.
* [jan] Add Null driver for basics like just displaying the image.
* [mjr] Fix incorrect color renderings in certain situations.

**Horde_Itip 2.1.0**
* [mjr] Add support for iTip resonses to vTodo requests.

**Horde_Kolab_Storage 2.1.3**
* [jan] Fix deleting object attachments from cache (Bug #13268).

**Horde_Mime 2.8.1**
* [mms] Ignore broken headers when parsing header text.

**Horde_Mime_Viewer 2.1.0**
* [mms] Add optional support to determine if link text is a hostname when doing phishing analysis for the HTML driver.

**Horde_Rpc 2.1.4**
* [mjr] Fix fatal error when using pecl_http2.
* [mjr] Fix possible PHP error when returning HTTP 500 response.

**Horde_Util 2.5.5**
* [mms] Fix handling broken text input with all multibyte drivers.

--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Remi Collet <remi at fedoraproject.org> - 2.1.7-1
- Update to 2.1.7
- add provides php-composer(horde/horde-auth)
- add dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------

================================================================================
 php-horde-Horde-Http-2.1.5-1.fc20 (FEDORA-2015-6264)
 Horde HTTP libraries
--------------------------------------------------------------------------------
Update Information: