Fedora 21 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Jan 8 23:33:47 UTC 2015
The following Fedora 21 Security updates need testing:
Age URL
50 https://admin.fedoraproject.org/updates/FEDORA-2014-15342/rubygem-actionpack-4.1.5-2.fc21
49 https://admin.fedoraproject.org/updates/FEDORA-2014-15413/rubygem-sprockets-2.12.1-3.fc21
27 https://admin.fedoraproject.org/updates/FEDORA-2014-16782/mutt-1.5.23-7.fc21
26 https://admin.fedoraproject.org/updates/FEDORA-2014-16880/libhtp-0.5.16-1.fc21
26 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21
21 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21
17 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21
14 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21
12 https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.20140929b.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-0046/smack-4.0.6-1.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-0078/drupal6-flag-2.1-3.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0301/exiv2-0.24-4.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0322/owasp-esapi-java-2.1.0-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0331/xen-4.4.1-12.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0432/gd-2.1.0-8.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0415/curl-7.37.0-12.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
12 https://admin.fedoraproject.org/updates/FEDORA-2014-17633/llvm-3.5.0-6.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-0091/gawk-4.1.1-6.fc21
2 https://admin.fedoraproject.org/updates/FEDORA-2015-0227/dbus-1.8.14-1.fc21
2 https://admin.fedoraproject.org/updates/FEDORA-2015-0204/man-db-2.6.7.1-13.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0271/gnutls-3.3.11-2.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0312/gupnp-av-0.12.7-1.fc21,gssdp-0.14.11-1.fc21,gupnp-0.20.13-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0266/libxshmfence-1.2-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-0301/exiv2-0.24-4.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0440/lz4-r127-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0415/curl-7.37.0-12.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0420/libxcb-1.11-3.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-0357/setup-2.9.0-3.fc21
The following builds have been pushed to Fedora 21 updates-testing
asymptote-2.32-5.fc21
batik-1.8-0.16.svn1230816.fc21
blosc-1.5.2-1.fc21
curl-7.37.0-12.fc21
gd-2.1.0-8.fc21
globus-common-15.27-1.fc21
globus-gridftp-server-7.18-1.fc21
globus-xio-5.2-1.fc21
gtksourceview3-3.14.3-1.fc21
libxcb-1.11-3.fc21
lz4-r127-1.fc21
mate-notification-daemon-1.8.1-2.fc21
mate-power-manager-1.8.1-2.fc21
perl-CHI-0.59-1.fc21
perl-Inline-Struct-0.18-1.fc21
perl-POSIX-strftime-Compiler-0.41-1.fc21
perl-Params-Validate-1.16-1.fc21
perl-Test-CheckManifest-1.29-1.fc21
perl-WWW-OrangeHRM-Client-0.9.1-1.fc21
pg-semver-0.5.0-2.fc21
python-blosc-1.2.4-1.fc21
python-pandas-0.15.2-1.fc21
python-pyroute2-0.3.4-1.fc21
Details about builds:
================================================================================
asymptote-2.32-5.fc21 (FEDORA-2015-0421)
Descriptive vector graphics language
--------------------------------------------------------------------------------
Update Information:
Fix asymptote to use eps2write.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Tom Callaway <spot at fedoraproject.org> 2.32-5
- actually apply fix
* Tue Jan 6 2015 Tom Callaway <spot at fedoraproject.org> 2.32-4
- use eps2write instead of epswrite (upstream bug 180)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177875 - asymptote is using an output device deprecated by ghostscript
https://bugzilla.redhat.com/show_bug.cgi?id=1177875
--------------------------------------------------------------------------------
================================================================================
batik-1.8-0.16.svn1230816.fc21 (FEDORA-2015-0412)
Scalable Vector Graphics for Java
--------------------------------------------------------------------------------
Update Information:
Split css jars into subpackage to make it possible to require only it when needed.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 8 2014 Alexander Kurtakov <akurtako at redhat.com> 1.8-0.16.svn1230816
- Split css in subpackage.
--------------------------------------------------------------------------------
================================================================================
blosc-1.5.2-1.fc21 (FEDORA-2015-0438)
A high performance compressor optimized for binary data
--------------------------------------------------------------------------------
Update Information:
Update to latest version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl> - 1.5.2-1
- Update to 1.5.2 (#1115808)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1115808 - blosc-1.5.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1115808
[ 2 ] Bug #1116894 - python-blosc-1.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1116894
--------------------------------------------------------------------------------
================================================================================
curl-7.37.0-12.fc21 (FEDORA-2015-0415)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- reject CRLFs in URLs passed to proxy (CVE-2014-8150)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Kamil Dudka <kdudka at redhat.com> 7.37.0-12
- reject CRLFs in URLs passed to proxy (CVE-2014-8150)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()
https://bugzilla.redhat.com/show_bug.cgi?id=1178692
--------------------------------------------------------------------------------
================================================================================
gd-2.1.0-8.fc21 (FEDORA-2015-0432)
A graphics library for quick creation of PNG or JPEG images
--------------------------------------------------------------------------------
Update Information:
Previous patch of #1076676 introduced memory leak.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Jozef Mlich <jmlich at redhat.com - 2.1.0-8
- Resolves: #1076676 CVE-2014-2497
Previous patch indroduced memory leak. Using upstream version.
https://bitbucket.org/libgd/gd-libgd/commits/463c3bd09bfe8e924e19acad7a2a6af16953a704
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1076676 - CVE-2014-2497 gd: NULL pointer dereference in gdImageCreateFromXpm()
https://bugzilla.redhat.com/show_bug.cgi?id=1076676
--------------------------------------------------------------------------------
================================================================================
globus-common-15.27-1.fc21 (FEDORA-2015-0439)
Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:
Updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Mattias Ellert <mattias.ellert at fysast.uu.se> - 15.27-1
- GT6 update (globus_list_from_string)
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-7.18-1.fc21 (FEDORA-2015-0439)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Mattias Ellert <mattias.ellert at fysast.uu.se> - 7.18-1
- GT6 update (net mgr support)
--------------------------------------------------------------------------------
================================================================================
globus-xio-5.2-1.fc21 (FEDORA-2015-0439)
Globus Toolkit - Globus XIO Framework
--------------------------------------------------------------------------------
Update Information:
Updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.2-1
- GT6 update (GLOBUS_XIO_GET_STRING_OPTIONS, GLOBUS_XIO_GET_DRIVER_NAME)
--------------------------------------------------------------------------------
================================================================================
gtksourceview3-3.14.3-1.fc21 (FEDORA-2015-0413)
A library for viewing source files
--------------------------------------------------------------------------------
Update Information:
Update to 3.14.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 David King <amigadave at amigadave.com> - 3.14.3-1
- Update to 3.14.3
--------------------------------------------------------------------------------
================================================================================
libxcb-1.11-3.fc21 (FEDORA-2015-0420)
A C binding to the X11 protocol
--------------------------------------------------------------------------------
Update Information:
Clean up SPEC file, enable XInput extension (#1177701)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Simone Caronni <negativo17 at gmail.com> - 1.11-3
- Clean up SPEC file, fix rpmlint warnings.
- Enable XInput extension (#1177701).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177701 - Packaging bug: libxcb-xinput does not get packaged
https://bugzilla.redhat.com/show_bug.cgi?id=1177701
--------------------------------------------------------------------------------
================================================================================
lz4-r127-1.fc21 (FEDORA-2015-0440)
Extremely fast compression algorithm
--------------------------------------------------------------------------------
Update Information:
- Fixed a bug in LZ4 HC streaming mode
- New lz4frame API integrated into liblz4
- Fixed a GCC 4.9 bug on highest performance settings
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 pjp <pjp at fedoraproject.org> - r127-1
- Fixed a bug in LZ4 HC streaming mode
- New lz4frame API integrated into liblz4
- Fixed a GCC 4.9 bug on highest performance settings
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176911 - lz4-127 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1176911
[ 2 ] Bug #1170243 - [abrt] lz4: LZ4HC_InsertAndFindBestMatch(): lz4 killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1170243
--------------------------------------------------------------------------------
================================================================================
mate-notification-daemon-1.8.1-2.fc21 (FEDORA-2015-0427)
Notification daemon for MATE Desktop
--------------------------------------------------------------------------------
Update Information:
- fixed-logic-in-a-couple-of-places
- rhbz (#1142441)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-2
- fixed-logic-in-a-couple-of-places
- rhbz (#1142441)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1142441 - [abrt] mate-notification-daemon: notify_stack_set_location(): mate-notification-daemon killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1142441
--------------------------------------------------------------------------------
================================================================================
mate-power-manager-1.8.1-2.fc21 (FEDORA-2015-0417)
MATE power management service
--------------------------------------------------------------------------------
Update Information:
- fix mate-power-manager brightness pop-up is a blank square
- rhbz (#1142224)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-2
- fix mate-power-manager brightness pop-up is a blank square
- rhbz (#1142224)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1142224 - mate-power-manager brightness pop-up is a blank square
https://bugzilla.redhat.com/show_bug.cgi?id=1142224
--------------------------------------------------------------------------------
================================================================================
perl-CHI-0.59-1.fc21 (FEDORA-2015-0414)
Unified cache handling interface
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.59-1
- Upstream update.
- Reflect upstream URL having changed.
--------------------------------------------------------------------------------
================================================================================
perl-Inline-Struct-0.18-1.fc21 (FEDORA-2015-0410)
Manipulate C structures directly from Perl
--------------------------------------------------------------------------------
Update Information:
A new release of Inline::Struct is available for Fedora.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Petr Šabata <contyk at redhat.com> - 0.18-1
- 0.18 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178392 - perl-Inline-Struct-0.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1178392
--------------------------------------------------------------------------------
================================================================================
perl-POSIX-strftime-Compiler-0.41-1.fc21 (FEDORA-2015-0441)
GNU C library compatible strftime for loggers and servers
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.41-1
- Upstream update.
- Remove BR: perl(CPAN::Meta), BR: perl(CPAN::Meta::Prereqs).
--------------------------------------------------------------------------------
================================================================================
perl-Params-Validate-1.16-1.fc21 (FEDORA-2015-0408)
Params-Validate Perl module
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.16-1
- Upstream update.
- Reflect upstream changes.
--------------------------------------------------------------------------------
================================================================================
perl-Test-CheckManifest-1.29-1.fc21 (FEDORA-2015-0434)
Check if your Manifest matches your distro
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.29-1
- Upstream update.
--------------------------------------------------------------------------------
================================================================================
perl-WWW-OrangeHRM-Client-0.9.1-1.fc21 (FEDORA-2015-0409)
Client for OrangeHRM
--------------------------------------------------------------------------------
Update Information:
This release make a check for successful log in more robust.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Petr Pisar <ppisar at redhat.com> - 0.9.1-1
- 0.9.1 bump
--------------------------------------------------------------------------------
================================================================================
pg-semver-0.5.0-2.fc21 (FEDORA-2015-0426)
A semantic version data type for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Fix issues found by review
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1173683 - Review Request: pg-semver - A semantic version data type for PostgreSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1173683
--------------------------------------------------------------------------------
================================================================================
python-blosc-1.2.4-1.fc21 (FEDORA-2015-0438)
Python wrapper for the blosc high performance compressor
--------------------------------------------------------------------------------
Update Information:
Update to latest version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl> - 1.2.4-1
- Update to 1.2.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1115808 - blosc-1.5.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1115808
[ 2 ] Bug #1116894 - python-blosc-1.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1116894
--------------------------------------------------------------------------------
================================================================================
python-pandas-0.15.2-1.fc21 (FEDORA-2015-0444)
Python library providing high-performance data analysis tools
--------------------------------------------------------------------------------
Update Information:
This is a minor release from 0.15.1 and includes a large number of bug fixes along with several new features, enhancements, and performance improvements. A small number of API changes were necessary to fix existing bugs. We recommend that all users upgrade to this version.
Full details: http://pandas.pydata.org/pandas-docs/version/0.15.2/whatsnew.html#v0-15-2-december-12-2014
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 17 2014 Sergio Pascual <sergiopr at fedoraproject.org> - 0.15.2-1
- New release of pandas 0.15.2
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.4-1.fc21 (FEDORA-2015-0419)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Network namespaces support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 8 2015 Peter V. Saveliev <peter at svinota.eu> 0.3.4-1
- Network namespaces support
- Veth, tuntap
- Route metrics
--------------------------------------------------------------------------------
More information about the test
mailing list