Fedora 21 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Apr 23 16:13:23 UTC 2015
The following Fedora 21 Security updates need testing:
Age URL
106 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
82 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21
75 https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21
45 https://admin.fedoraproject.org/updates/FEDORA-2015-3505/389-ds-base-1.3.3.9-1.fc21
27 https://admin.fedoraproject.org/updates/FEDORA-2015-4689/quassel-0.11.0-2.fc21
21 https://admin.fedoraproject.org/updates/FEDORA-2015-5216/mailman-2.1.20-1.fc21
14 https://admin.fedoraproject.org/updates/FEDORA-2015-5823/zarafa-7.1.12-1.fc21
14 https://admin.fedoraproject.org/updates/FEDORA-2015-5872/netcf-0.2.8-1.fc21
13 https://admin.fedoraproject.org/updates/FEDORA-2015-5929/qpid-cpp-0.32-1.fc21.1
12 https://admin.fedoraproject.org/updates/FEDORA-2015-6002/yourls-1.7-3.20150410gitabc7d6c.fc21
12 https://admin.fedoraproject.org/updates/FEDORA-2015-6005/asterisk-11.17.1-1.fc21
12 https://admin.fedoraproject.org/updates/FEDORA-2015-5979/krb5-1.12.2-16.fc21
10 https://admin.fedoraproject.org/updates/FEDORA-2015-6087/icu-52.1-6.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6364/qt5-qtbase-5.4.1-9.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6377/ruby-2.1.6-27.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6252/qt-4.8.6-28.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6387/realmd-0.15.2-2.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-5830/ntp-4.2.6p5-30.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6295/wesnoth-1.12.2-1.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6392/cherokee-1.2.103-6.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6510/dpkg-1.16.16-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6424/ax25-tools-0.0.10-0.12.rc2.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6441/FlightGear-data-3.2.0-2.fc21,FlightGear-3.2.0-2.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6550/mksh-50f-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6670/xen-4.4.2-3.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6661/qt3-3.3.8b-63.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6728/curl-7.37.0-14.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6615/xulrunner-37.0.2-1.fc21,firefox-37.0.2-1.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
12 https://admin.fedoraproject.org/updates/FEDORA-2015-5979/krb5-1.12.2-16.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6322/geoclue2-2.1.10-2.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6325/libgweather-3.14.4-1.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6382/python-slip-0.6.1-1.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6332/dnf-plugins-core-0.1.5-2.fc21,dnf-0.6.4-5.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-6387/realmd-0.15.2-2.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6544/perl-Encode-2.73-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6538/gnome-bluetooth-3.14.1-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-6499/pkgconfig-0.28-8.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6728/curl-7.37.0-14.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6576/crda-3.18_2015.04.06-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6565/telepathy-glib-0.24.1-1.fc21,telepathy-logger-0.8.0-8.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6575/mobile-broadband-provider-info-1.20150421git-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-6615/xulrunner-37.0.2-1.fc21,firefox-37.0.2-1.fc21
The following builds have been pushed to Fedora 21 updates-testing
community-mysql-5.6.24-1.fc21
curl-7.37.0-14.fc21
dock-1.2.0-1.fc21
gambas3-3.7.1-1.fc21
ibus-anthy-1.5.6-6.fc21
perl-DBD-ODBC-1.52-1.fc21
python-requests-2.6.0-1.fc21
python-urllib3-1.10.3-1.fc21
qt5-qtdeclarative-5.4.1-3.fc21
vagrant-libvirt-0.0.24-4.fc21
Details about builds:
================================================================================
community-mysql-5.6.24-1.fc21 (FEDORA-2015-6698)
MySQL client programs and shared libraries
--------------------------------------------------------------------------------
Update Information:
Update to 5.6.24
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 9 2015 Honza Horak <hhorak at redhat.com> - 5.6.24-1
- Update to 5.6.24
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1209282 - community-mysql-5.6.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1209282
--------------------------------------------------------------------------------
================================================================================
curl-7.37.0-14.fc21 (FEDORA-2015-6728)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- require credentials to match for NTLM re-use (CVE-2015-3143)
- fix invalid write with a zero-length host name in URL (CVE-2015-3144)
- fix invalid write in cookie path sanitization code (CVE-2015-3145)
- close Negotiate connections when done (CVE-2015-3148)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 22 2015 Kamil Dudka <kdudka at redhat.com> 7.37.0-14
- require credentials to match for NTLM re-use (CVE-2015-3143)
- fix invalid write with a zero-length host name in URL (CVE-2015-3144)
- fix invalid write in cookie path sanitization code (CVE-2015-3145)
- close Negotiate connections when done (CVE-2015-3148)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1213351 - CVE-2015-3148 curl: "Negotiate" not treated as connection-oriented
https://bugzilla.redhat.com/show_bug.cgi?id=1213351
[ 2 ] Bug #1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated
https://bugzilla.redhat.com/show_bug.cgi?id=1213306
[ 3 ] Bug #1213335 - CVE-2015-3144 curl: host name out of boundary memory access
https://bugzilla.redhat.com/show_bug.cgi?id=1213335
[ 4 ] Bug #1213347 - CVE-2015-3145 curl: cookie parser out of boundary memory access
https://bugzilla.redhat.com/show_bug.cgi?id=1213347
--------------------------------------------------------------------------------
================================================================================
dock-1.2.0-1.fc21 (FEDORA-2015-6697)
Improved builder for Docker images
--------------------------------------------------------------------------------
Update Information:
new upstream release 1.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 21 2015 Tomas Tomecek <ttomecek at redhat.com> - 1.2.0-1
- new upstream release 1.2.0
--------------------------------------------------------------------------------
================================================================================
gambas3-3.7.1-1.fc21 (FEDORA-2015-6730)
IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:
Update to 3.7.1. This release is notable because all of the "examples" moved out of the source and into an upstream Gambas repository (think CPAN).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 13 2015 Tom Callaway <spot at fedoraproject.org> - 3.7.1-1
- update to 3.7.1
* Fri Jan 23 2015 Marek Kasik <mkasik at redhat.com> 3.6.1-3
- Rebuild (poppler-0.30.0)
--------------------------------------------------------------------------------
================================================================================
ibus-anthy-1.5.6-6.fc21 (FEDORA-2015-6704)
The Anthy engine for IBus input platform
--------------------------------------------------------------------------------
Update Information:
Fixed segv when ibus-anthy cannot communicate with ibus-dconf.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 22 2015 Takao Fujiwara <tfujiwar at redhat.com> - 1.5.6-6
- Resolved #1214092 Updated ibus-anthy-HEAD.patch
- Added with_appdata macro and removed with_python_pkg macro
* Wed Mar 25 2015 Richard Hughes <rhughes at redhat.com> - 1.5.6-5
- Add the AppData file to the right built RPM, in this case we have to install
ibus-anthy-python rather than the main package in gnome-software.
- It turns out adding the AppData file to spec files is a great way to fix these
kinds of bugs. :)
* Wed Mar 25 2015 Richard Hughes <rhughes at redhat.com> - 1.5.6-4
- Use an AppStream file compatible with F22 also.
* Wed Mar 25 2015 Richard Hughes <rhughes at redhat.com> - 1.5.6-3
- Register as an AppStream component.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214092 - [abrt] ibus-anthy-python: factory.py:55:__init__:NameError: global name 'sys' is not defined
https://bugzilla.redhat.com/show_bug.cgi?id=1214092
--------------------------------------------------------------------------------
================================================================================
perl-DBD-ODBC-1.52-1.fc21 (FEDORA-2015-6706)
ODBC Driver for DBI
--------------------------------------------------------------------------------
Update Information:
Updated to upstream version 1.52.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 20 2015 Jan Holcapek <holcapek at gmail.com> - 1.52-1
- Updated to upstream version 1.52.
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.50-5
- Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1212025 - perl-DBD-ODBC-1.52 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1212025
--------------------------------------------------------------------------------
================================================================================
python-requests-2.6.0-1.fc21 (FEDORA-2015-6721)
HTTP library, written in Python, for human beings
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 22 2015 Ralph Bean <rbean at redhat.com> - 2.6.0-1
- new version
- Remove patch for CVE-2015-2296, now included in the upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1202077 - python-requests-2.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1202077
--------------------------------------------------------------------------------
================================================================================
python-urllib3-1.10.3-1.fc21 (FEDORA-2015-6721)
Python HTTP library with thread-safe connection pooling and file post
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 22 2015 Ralph Bean <rbean at redhat.com> - 1.10.3-1
- new version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1202077 - python-requests-2.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1202077
--------------------------------------------------------------------------------
================================================================================
qt5-qtdeclarative-5.4.1-3.fc21 (FEDORA-2015-6715)
Qt5 - QtDeclarative component
--------------------------------------------------------------------------------
Update Information:
This update fixes qt5-qtdeclarative to work on x86 machines without SSE2, and may improve performance on SSE2-enabled 32-bit x86 machines.
The update builds a non-SSE2 version of libQt5Qml with the SSE2-only JIT disabled. It also builds an SSE2 version of libQt5Qml that has the JIT enabled as before, and in addition enables the -msse2 and -mfpmath=sse flags that were previously missing. The runtime linker ld.so automatically picks the correct libQt5Qml build for your hardware.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 22 2015 Kevin Kofler <Kevin at tigcc.ticalc.org> - 5.4.1-3
- fix non-sse2 support (kde#346244) and optimize sse2 binaries
* Fri Feb 27 2015 Rex Dieter <rdieter at fedoraproject.org> - 5.4.1-2
- rebuild (gcc5)
--------------------------------------------------------------------------------
================================================================================
vagrant-libvirt-0.0.24-4.fc21 (FEDORA-2015-6731)
libvirt provider for Vagrant
--------------------------------------------------------------------------------
Update Information:
Fix upstream bug #347: Wait for libvirt to shutdown the domain
This fix will prevent Vagrant to discard your project's configuration on vagrant halt.
Latest release of vagrant-libvirt plugin.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 21 2015 Josef Stribny <jstribny at redhat.com> - 0.0.24-4
- Fix: Wait for libvirt to shutdown the domain
--------------------------------------------------------------------------------
More information about the test
mailing list