Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Feb 9 05:34:14 UTC 2015
The following Fedora 20 Security updates need testing:
Age URL
129 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
81 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20
80 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20
59 https://admin.fedoraproject.org/updates/FEDORA-2014-16494/mutt-1.5.23-4.fc20
57 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
57 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20
52 https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2.fc20
49 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
46 https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.fc20
43 https://admin.fedoraproject.org/updates/FEDORA-2014-17641/dokuwiki-0-0.23.20140929b.fc20
27 https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.fc20
25 https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.fc20
22 https://admin.fedoraproject.org/updates/FEDORA-2015-0773/arc-5.21p-5.fc20
19 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.35.rc3.fc20
18 https://admin.fedoraproject.org/updates/FEDORA-2015-1007/dump-0.4-0.24.b44.fc20
14 https://admin.fedoraproject.org/updates/FEDORA-2015-1162/community-mysql-5.5.41-1.fc20
10 https://admin.fedoraproject.org/updates/FEDORA-2015-1354/firefox-35.0.1-3.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2015-1510/pigz-2.3.3-1.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2015-1699/bugzilla-4.2.13-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2015-1700/puppetlabs-stdlib-4.5.1-2.20150121git7a91f20.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-1728/postgresql-9.3.6-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-1759/ntp-4.2.6p5-20.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-1761/roundcubemail-1.0.5-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-1762/perl-Gtk2-1.2495-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1818/e2fsprogs-1.42.12-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1881/drupal7-path_breadcrumbs-3.2-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1883/libvirt-1.1.3.9-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1871/qpid-cpp-0.30-8.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1886/qemu-1.6.2-13.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
19 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.35.rc3.fc20
10 https://admin.fedoraproject.org/updates/FEDORA-2015-1423/amor-14.12.1-1.fc20,ark-14.12.1-1.fc20,audiocd-kio-14.12.1-1.fc20,blinken-14.12.1-1.fc20,cantor-14.12.1-1.fc20,dragon-14.12.1-1.fc20,filelight-14.12.1-1.fc20,jovie-14.12.1-2.fc20,juk-14.12.1-1.fc20,kaccessible-14.12.1-1.fc20,kalzium-14.12.1-1.fc20,kamera-14.12.1-1.fc20,kanagram-4.14.3-3.fc20,kbruch-14.12.1-1.fc20,kcalc-14.12.1-1.fc20,kcharselect-14.12.1-1.fc20,kcolorchooser-14.12.1-1.fc20,kcron-14.12.1-2.fc20,kdeartwork-14.12.1-1.fc20,kde-baseapps-14.12.1-1.fc20,kde-base-artwork-14.12.1-1.fc20,kdegraphics-mobipocket-14.12.1-1.fc20,kdegraphics-strigi-analyzer-14.12.1-1.fc20,kdegraphics-thumbnailers-14.12.1-1.fc20,kdelibs-4.14.4-2.fc20,kdenetwork-filesharing-14.12.1-1.fc20,kdenetwork-strigi-analyzers-14.12.1-1.fc20,kdepim-4.14.4-2.fc20,kdepimlibs-4.14.4-1.fc20,kdepim-runtime-4.14.4-1.fc20,kdeplasma-addons-4.14.3-3.fc20,kde-runtime-14.12.1-2.fc20,kde-wallpapers-14.12.1-1.fc20,kdf-14.12.1-1.fc20,kdnssd-14.12.1-1.fc20,kfloppy-14.12.1-1.fc20,kgamma-14.12.1-1.fc20,kgeography-14.12.1-1.fc20,kget-14.12.1-1.fc20,kgpg-14.12.1-1.fc20,khangman-4.14.3-3.fc20,kiten-14.12.1-1.fc20,klettres-14.12.1-1.fc20,kmag-14.12.1-1.fc20,kmousetool-14.12.1-1.fc20,kmouth-14.12.1-1.fc20,kmplot-14.12.1-1.fc20,kolourpaint-14.12.1-1.fc20,kopete-14.12.1-1.fc20,kppp-14.12.1-1.fc20,kqtquickcharts-14.12.1-1.fc20,krdc-14.12.1-1.fc20,kremotecontrol-14.12.1-1.fc20,krfb-14.12.1-1.fc20,kruler-14.12.1-1.fc20,ksaneplugin-14.12.1-1.fc20,kscd-14.12.1-1.fc20,ksnapshot-14.12.1-1.fc20,kstars-14.12.1-1.fc20,ksystemlog-14.12.1-2.fc20,kteatime-14.12.1-1.fc20,ktimer-14.12.1-1.fc20,ktouch-14.12.1-1.fc20,kturtle-14.12.1-1.fc20,ktux-14.12.1-1.fc20,kuser-14.12.1-2.fc20,kwalletmanager-14.12.1-1.fc20,kwordquiz-14.12.1-1.fc20,libkcddb-14.12.1-1.fc20,libkcompactdisc-14.12.1-1.fc20,libkdcraw-14.12.1-1.fc20,libkdeedu-14.12.1-3.fc20,libkexiv2-14.12.1-1.fc20,libkipi-14.12.1-1.fc20,libksane-14.12.1-1.fc20,marble-14.12.1-1.fc20,oxygen-icon-theme-14.12.1-1.fc20,pairs-14.12.1-1.fc20,rocs-14.12.1-2.fc20,step-14.12.1-1.fc20,superkaramba-14.12.1-1.fc20,svgpart-14.12.1-1.fc20,sweeper-14.12.1-1.fc20,calligra-2.8.7-4.fc20,digikam-4.6.0-1.fc20.1,kdeedu-data-14.12.1-3.fc20,kde-workspace-4.11.15-3.fc20,kphotoalbum-4.5-4.fc20,subsurface-4.3-1.fc20.1
10 https://admin.fedoraproject.org/updates/FEDORA-2015-1398/selinux-policy-3.12.1-197.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2015-1448/koji-1.9.0-10.fc20.gitcd45e886
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2015-1606/ibus-1.5.9-9.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2015-1635/highlight-3.21-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1822/libbluray-0.7.0-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1846/libdvdread-5.0.2-1.fc20,libdvdnav-5.0.3-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1384/cairo-1.14.0-2.fc20
The following builds have been pushed to Fedora 20 updates-testing
cairo-1.14.0-2.fc20
drupal7-ctools-1.6-1.fc20
drupal7-panels-3.5-2.fc20
drupal7-path_breadcrumbs-3.2-1.fc20
golang-googlecode-goprotobuf-0-0.12.git7f07925.fc20
libvirt-1.1.3.9-1.fc20
qemu-1.6.2-13.fc20
wide-dhcpv6-20080615-13.1.fc20
Details about builds:
================================================================================
cairo-1.14.0-2.fc20 (FEDORA-2015-1384)
A 2D graphics library
--------------------------------------------------------------------------------
Update Information:
Update to 1.14.0
EDITED to add patch to fix bug 1183242
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Kevin Fenzi <kevin at scrye.com> 1.14.0-2
- Add patch to fix crashes in dot. Fixes bug #1183242
* Sun Nov 23 2014 Kalev Lember <kalevlember at gmail.com> - 1.14.0-1
- Update to 1.14.0
* Tue Oct 14 2014 Kalev Lember <kalevlember at gmail.com> - 1.13.1-0.5.git337ab1f
- Minor spec file cleanup:
- Drop manual -devel subpackage deps
- Tighten deps with the _isa macro
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.13.1-0.4.git337ab1f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jul 11 2014 Peter Robinson <pbrobinson at fedoraproject.org> 1.13.1-0.3.git337ab1f
- Enable make check but don't (currently) fail the build on failure
* Fri Jun 6 2014 Peter Robinson <pbrobinson at fedoraproject.org> 1.13.1-0.2.git337ab1f
- Compile with -flto -ffat-lto-objects CFLAGS to fix FTBFSF with gcc 4.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183242 - Random crashes in dot
https://bugzilla.redhat.com/show_bug.cgi?id=1183242
[ 2 ] Bug #1134141 - [abrt] midori: _cairo_bentley_ottmann_tessellate_rectangular.lto_priv.119(): midori killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1134141
[ 3 ] Bug #1162894 - [abrt] webkitgtk: _cairo_bentley_ottmann_tessellate_rectangular.lto_priv.119(): GtkLauncher killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1162894
[ 4 ] Bug #1181222 - [abrt] liferea: _cairo_bentley_ottmann_tessellate_rectangular.lto_priv.119(): liferea killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1181222
[ 5 ] Bug #1152451 - cairo-1.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1152451
--------------------------------------------------------------------------------
================================================================================
drupal7-ctools-1.6-1.fc20 (FEDORA-2015-1887)
Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:
## 7.x-1.6
* Issue #2415709 by maximpodorov: Use drupal_static_fast pattern in ctools_get_plugins()
* Issue #813754 by mrjmd, japerry, DamienMcKenna, Michelle, anon, hiphip: Ability to set variant machine name in Panels UI
* Issue #1596720 by joel_osc: Undefined property: stdClass::$nid in ctools_node_created_content_type_render()
* Issue #2288741 by dobe, mrjmd, japerry: Title Headings
* Issue #2410815 by DamienMcKenna, mrjmd: Access plugin for node comments
* Issue #1928054 by mrjmd, yannickoo, Dave Reid, magicmyth: Field formatter settings with CTools content_type entity_field plugin
* Issue #2400915 by DamienMcKenna, japerry: Hardcode the last released CTools version in the info file
* Issue #1909408 by gmclelland, mrjmd: ctools_modal_form_wrapper returns form array instead of ajax_commands array
* Issue #2307025 by chemical, mrjmd: jQuery object always represent value true whether object is empty or not
* Issue #1760384 by DamienMcKenna, meba: Update node_view.inc to execute the normal Drupal hooks
* Issue #1907242 by mrjmd, logaritmisk: Strict check if ctools_context_handler_render is returning FALSE
* Issue #2328787 by Elijah Lynn, mrjmd: In ctools_block_content_type_render() if (empty($block)) is never true
* Issue #1844086 by mrjmd, InternetDevels: display content type when adding existing node
* Issue #2062603 by dixon_, Michelle: Provide user links content type plugin
* Issue #2396171 by plopesc: Pass Plugin info array to hook_plugin() implementations
* Issue #2058501 by dixon_: Provide comment links content type plugin
* Issue #2247071 by ohthehugemanatee, DamienMcKenna: Add option for Page Site Name pane to link to the homepage
* Issue #1652060 by mrfelton, andrewmacpherson: 'Disable Drupal blocks/regions' setting doesn't work when blocks are placed into regions with systems other than core blocks
* Issue #2231535 by izus: Show which module provides a page
* Issue #2399033 by niko-, japerry: In string length access plugin "Equal to" option not work
* Issue #2381681 by maximpodorov: Incorrect unbinding in dependent.js
* Issue #2336985 by Dave Reid: ctools_entity_field_content_type_render() unnecessarily alters field deltas
* Issue #1686868 by gantenx, iSylence: Keyword subtitution in exposed filter form
* Issue #870938 by DamienMcKenna, lokapujya: Add new permission for controlling imports
* Issue #2228083 by AndrewsizZ: Delete not needed element from array in existing node plugin
* Issue #2397709 by maximpodorov, kristiaanvandeneynde: Set #tree property in the proper place
* Issue #2380253 by japerry, pc-wurm: Remove deprecated views_content_views_content_type_content_type() function
* Issue #1300562 by DamienMcKenna, smk-ka, zilverdistel: More control over wizard trail theming
* Issue #2155443 by das-peter: Enhancement of content type "List of related terms" (term_list)
* Issue #2063977 by maximpodorov: Broken form data generated by _ctools_context_selector()
* Issue #2186167 by maximpodorov: Undefined index notices in context-admin.inc
* Issue #1901946 by bangpound: ctools_export_ui_list_form argument should be passed by reference
* Issue #2207881 by tim.plunkett: Allow menu items with %ctools_js to work with drupal_valid_path()
* Issue #1163168 by kobee: Custom string context substitution
* Issue #1058786 by vgoodvin, Stevel, rooby: Caveat About Plugin Name Length and Export UI
* Issue #2059039 by B-Prod: Fallback behavior for user edit page omits the category parameter
* Issue #1820882 by DamienMcKenna: Make node revisions use the node_view display
* Issue #2273025 by alextdk: Fatal error in user context settings form
* Issue #1771088 by jenlampton, IshaDakota: Provide equivalent content pane for comment-wrapper.tpl.php content
* Issue #1532054 by dubois: Term from View Relationship problems
* Issue #2152405 by das-peter: ctools_fields_get_field_formatter_settings_form() not fully compatible to field_ui
* Issue #2168849 by jhedstrom: Add a selection rule based on whether a node is in a book or not
* Issue #2070217 by DYdave: Pass Entity Field Panes display settings to field formatters: offset, limit and reversed
* Minor whitespace JS cleanup related to #805704
* Issue #1823834 by prinds, jerrylow, joelpittet: Modal windows disable keyboard shortcuts in firefox and chrome
* Issue #1313368 by pfrenssen: remove $GLOBALS['lock'] usage in ctools_flush_caches()
* Issue #2296553 by DamienMcKenna: Pane plugin for displaying the taxonomy term's name
* Issue #2222543 by tom friedhof: hook_block_view_MODULE_DELTA_alter not called when placing blocks in panels
* Issue #954942 by Jorrit, MegaChriz, merlinofchaos: Fatal error: Call to undefined method stdClass::is_type() in includes/context.inc on line 147
* Issue #2374831 by korgik: set weight of Parent item if Panel menu item is default tab
* Issue #1948278 by MiSc, maximpodorov, gmclelland: Get an edit link for the view panes in Page Manger
* Issue #1669756 by dawehner, gmclelland, tim.plunkett: Provide a contextual link for view panes
* Issue #1630820 by maximpodorov, andypost, Dave Reid, japerry, mikeytown2: entity_field_value is completely broken
* Issue #2319515 by mrjmd, Silicon.Valet: Entity id context placeholder form (for use with panels preview)
* Issue #742832 by pounard, c960657, das-peter: ctools_plugin_load_includes() can set cache on every request
* Issue #2012188 by joelpittet, hefox, mpotter: IPE tries getting title for removed entity fields content, resulting in PHP warning
* Issue #2312505 by dsnopek: Views panes using invalid Views display option "more_link" (is actually called "use_more")
* Issue #1565782 by djdevin, adam-delaney: Exclude fields for Allowed Settings Fields Override
* Issue #2055785 by roberttstephens, mpotter, dsnopek: Modal window top and left style values are incorrect after resizing
* Issue #1978378 by Samvel, dsnopek: Page title check plained twice
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 7 2015 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.6-1
- Updated to 1.6 (BZ #1187880)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187880 - drupal7-ctools-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1187880
--------------------------------------------------------------------------------
================================================================================
drupal7-panels-3.5-2.fc20 (FEDORA-2015-1879)
Allows a site administrator to create customized layouts
--------------------------------------------------------------------------------
Update Information:
The Panels module allows a site administrator to create customized layouts for
multiple uses. At its core it is a drag and drop content manager that lets you
visually design a layout and place content within that layout. Integration with
other systems allows you to create nodes that use this, landing pages that use
this, and even override system pages such as taxonomy and the node page so that
you can customize the layout of your site with very fine grained permissions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1101308 - Review Request: drupal7-panels - The Panels module allows a site administrator to create customized layouts
https://bugzilla.redhat.com/show_bug.cgi?id=1101308
[ 2 ] Bug #1187881 - drupal7-panels-3.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1187881
--------------------------------------------------------------------------------
================================================================================
drupal7-path_breadcrumbs-3.2-1.fc20 (FEDORA-2015-1881)
Allows creation of custom breadcrumbs for any page using contexts
--------------------------------------------------------------------------------
Update Information:
[SA-CONTRIB-2015-037 - Access Bypass](https://www.drupal.org/node/2420139)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 7 2015 Shawn Iwinski <shawn.iwinski at gmail.com> - 3.2-1
- Updated to 3.2 (BZ #1190389; SA-CONTRIB-2015-037)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1190134 - drupal: access bypass vulnerability in Path Breadcrumbs module (SA-CONTRIB-2015-037)
https://bugzilla.redhat.com/show_bug.cgi?id=1190134
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goprotobuf-0-0.12.git7f07925.fc20 (FEDORA-2015-1891)
Go support for Google protocol buffers
--------------------------------------------------------------------------------
Update Information:
Extend Provides for proto/testdata
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 8 2015 jchaloup <jchaloup at redhat.com> - 0-0.12.git7f07925
- Extend Provides for proto/testdata
related: #1018057
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018057 - Review Request: golang-googlecode-goprotobuf - Go support for Google protocol buffers
https://bugzilla.redhat.com/show_bug.cgi?id=1018057
--------------------------------------------------------------------------------
================================================================================
libvirt-1.1.3.9-1.fc20 (FEDORA-2015-1883)
Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 1.1.3.9
* CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects (bz #1185769)
* CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 7 2015 Cole Robinson <crobinso at redhat.com> - 1.1.3.9-1
- Rebased to version 1.1.3.9
- CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save
images and snapshots objects (bz #1185769)
- CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1184431 - CVE-2015-0236 libvirt: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects
https://bugzilla.redhat.com/show_bug.cgi?id=1184431
[ 2 ] Bug #1176176 - CVE-2014-8136 libvirt: local denial of service in qemu/qemu_driver.c
https://bugzilla.redhat.com/show_bug.cgi?id=1176176
--------------------------------------------------------------------------------
================================================================================
qemu-1.6.2-13.fc20 (FEDORA-2015-1886)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* Fix qemu_bh_schedule race condition (bz #1165315)
* CVE-2014-8106: cirrus: insufficient blit region checks
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 7 2015 Cole Robinson <crobinso at redhat.com> - 2:1.6.2-13
- Fix qemu_bh_schedule race condition (bz #1165315)
- CVE-2014-8106: cirrus: insufficient blit region checks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169454 - CVE-2014-8106 qemu: cirrus: insufficient blit region checks
https://bugzilla.redhat.com/show_bug.cgi?id=1169454
--------------------------------------------------------------------------------
================================================================================
wide-dhcpv6-20080615-13.1.fc20 (FEDORA-2015-1888)
DHCP Client and Server for IPv6
--------------------------------------------------------------------------------
Update Information:
DHCPv6 Prefix Delegation client that works on PPP
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #956147 - Review Request: wide-dhcpv6 - DHCPv6 Prefix Delegation client that works on PPP
https://bugzilla.redhat.com/show_bug.cgi?id=956147
--------------------------------------------------------------------------------
More information about the test
mailing list