Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Mar 12 16:36:20 UTC 2015
The following Fedora 20 Security updates need testing:
Age URL
100 https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20
89 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
89 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20
80 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
77 https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.fc20
58 https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.fc20
57 https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.fc20
36 https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
35 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
33 https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20
25 https://admin.fedoraproject.org/updates/FEDORA-2015-2104/drupal7-views-3.10-1.fc20
18 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
14 https://admin.fedoraproject.org/updates/FEDORA-2015-2600/echoping-6.1-0.beta.r434svn.1.fc20
12 https://admin.fedoraproject.org/updates/FEDORA-2015-2826/drupal7-entity-1.6-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2015-3211/dokuwiki-0-0.24.20140929c.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2015-3201/xterm-297-2.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2015-3205/libmspack-0.5-0.1.alpha.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2015-3204/putty-0.64-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2015-3253/gnupg-1.4.19-2.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2015-3329/phpMyAdmin-4.3.11.1-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-3372/freexl-1.0.0i-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-3366/librsync-1.0.0-1.fc20,csync2-1.34-15.fc20,duplicity-0.6.25-3.fc20,rdiff-backup-1.2.8-14.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.5-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-3573/qt-creator-3.2.2-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-3590/icu-50.1.2-11.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-3594/kernel-3.18.9-100.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
18 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.5-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-3577/elfutils-0.161-6.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2015-3590/icu-50.1.2-11.fc20
The following builds have been pushed to Fedora 20 updates-testing
converseen-0.9.1-1.fc20
elfutils-0.161-6.fc20
gnofract4d-3.14.1-9.fc20
icu-50.1.2-11.fc20
kernel-3.18.9-100.fc20
libmatekbd-1.8.1-1.fc20
marco-1.8.3-1.fc20
mate-screensaver-1.8.1-3.fc20
nodejs-window-size-0.1.0-2.fc20
perl-Params-Validate-1.18-1.fc20
python-rhsm-1.14.2-1.fc20
qt-creator-3.2.2-2.fc20
subscription-manager-1.14.2-1.fc20
texstudio-2.9.0-1.fc20
Details about builds:
================================================================================
converseen-0.9.1-1.fc20 (FEDORA-2015-3586)
A batch image conversion tool written in C++ with Qt4 and Magick++
--------------------------------------------------------------------------------
Update Information:
Rebuilt for new upstream version 0.9.1, fixes rhbz #1199061, #1197790
Rebuilt for new upstream version 0.9.0, fixes rhbz #1170952
Rebuilt for new upstream version 0.8.4, fixes rhbz #1148306
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Filipe Rosset <rosset.filipe at gmail.com> - 0.9.1-1
- Rebuilt for new upstream version 0.9.1, fixes rhbz #1199061, #1197790
* Wed Feb 18 2015 Filipe Rosset <rosset.filipe at gmail.com> - 0.9.0-1
- Rebuilt for new upstream version 0.9.0, fixes rhbz #1170952
* Thu Oct 2 2014 Filipe Rosset <rosset.filipe at gmail.com> - 0.8.4-1
- Rebuilt for new upstream version 0.8.4, fixes rhbz #1148306
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199061 - converseen-0.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1199061
[ 2 ] Bug #1197790 - [abrt] converseen: ref(): converseen killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1197790
[ 3 ] Bug #1170952 - converseen-0.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1170952
[ 4 ] Bug #1148306 - converseen-0.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1148306
--------------------------------------------------------------------------------
================================================================================
elfutils-0.161-6.fc20 (FEDORA-2015-3577)
A collection of utilities and DSOs to handle compiled objects
--------------------------------------------------------------------------------
Update Information:
Consider sh_addralign 0 as 1 for golang binaries. Copy relocations are allowed in PIE executables. Fix .debug_type offset for sig8 lookup in dwarf_formref_die.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Mark Wielaard <mjw at redhat.com> - 0.161-6
- Add elfutils-0.161-copyreloc.patch.
* Sat Feb 21 2015 Till Maas <opensource at till.name> - 0.161-5
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Sat Feb 7 2015 Mark Wielaard <mjw at redhat.com> - 0.161-4
- Add elfutils-0.161-addralign.patch (#1189928)
* Thu Feb 5 2015 Mark Wielaard <mjw at redhat.com> - 0.161-3
- Add elfutils-0.161-formref-type.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196571 - Consider sh_addralign 0 as 1
https://bugzilla.redhat.com/show_bug.cgi?id=1196571
--------------------------------------------------------------------------------
================================================================================
gnofract4d-3.14.1-9.fc20 (FEDORA-2015-3572)
Gnofract 4D is a Gnome-based program to draw fractals
--------------------------------------------------------------------------------
Update Information:
This update prevents more crashes due to reference counting and NULL pointer dereference bugs in gnofract4d.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Jerry James <loganjerry at gmail.com> - 3.14.1-9
- Update -refcount patch to fix bz 1199824
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199824 - [abrt] gnofract4d: image_buffer(): python2.7 killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1199824
--------------------------------------------------------------------------------
================================================================================
icu-50.1.2-11.fc20 (FEDORA-2015-3590)
International Components for Unicode
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-6585, CVE-2014-6591
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Eike Rathke <erack at redhat.com> - 50.1.2-11
- TestTwoDigitYear build fix
- Resolves: rhbz#1184811 CVE-2014-6585 CVE-2014-6591
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489)
https://bugzilla.redhat.com/show_bug.cgi?id=1183645
[ 2 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)
https://bugzilla.redhat.com/show_bug.cgi?id=1183646
--------------------------------------------------------------------------------
================================================================================
kernel-3.18.9-100.fc20 (FEDORA-2015-3594)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.18.9 stable update contains a number of important fixes across the tree.
Update to the latest stable upstream release, Linux v3.18.8. Numerous fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Justin M. Forbes <jforbes at fedoraproject.org> - 3.18.9-100
- Linux v3.18.9
* Mon Mar 2 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch to fix nfsd soft lockup (rhbz 1185519)
- Enable ET131X driver (rhbz 1197842)
* Sat Feb 28 2015 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix Panda on ARMv7 crash on boot
* Fri Feb 27 2015 Josh Boyer <jwboyer at fedoraproject.org - 3.18.8-100
- Linux v3.18.8
* Thu Feb 26 2015 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions (rhbz 1196581 1196595)
* Wed Feb 25 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947)
* Tue Feb 24 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Fix ext4 remount with journal_checksum option (rhbz 1190933)
* Mon Feb 23 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch for HID i2c from Seth Forshee (rhbz 1188439)
- CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178)
* Mon Feb 16 2015 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864 1192079)
- CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196581 - CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions
https://bugzilla.redhat.com/show_bug.cgi?id=1196581
[ 2 ] Bug #1193907 - CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG()
https://bugzilla.redhat.com/show_bug.cgi?id=1193907
[ 3 ] Bug #1189864 - kernel: potential memory corruption (denial of service) in vhost/scsi driver
https://bugzilla.redhat.com/show_bug.cgi?id=1189864
[ 4 ] Bug #1192519 - CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1192519
--------------------------------------------------------------------------------
================================================================================
libmatekbd-1.8.1-1.fc20 (FEDORA-2015-3591)
Libraries for mate kbd
--------------------------------------------------------------------------------
Update Information:
update to latest release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-1
- update to 1.8.1 release
--------------------------------------------------------------------------------
================================================================================
marco-1.8.3-1.fc20 (FEDORA-2015-3591)
MATE Desktop window manager
--------------------------------------------------------------------------------
Update Information:
update to latest release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.3-1
- update to 1.8.3 release
- remove upstreamed patches
- add BR zenity, drop mate-dialogs
--------------------------------------------------------------------------------
================================================================================
mate-screensaver-1.8.1-3.fc20 (FEDORA-2015-3587)
MATE Screensaver
--------------------------------------------------------------------------------
Update Information:
- fix polish translation rhbz (#1199754)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 10 2015 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-3
- fix polish translation rhbz (#1199754)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199754 - Please apply the upstream patch (Polish translation, time format)
https://bugzilla.redhat.com/show_bug.cgi?id=1199754
--------------------------------------------------------------------------------
================================================================================
nodejs-window-size-0.1.0-2.fc20 (FEDORA-2015-3579)
Get the height and width of the terminal in a node.js environment
--------------------------------------------------------------------------------
Update Information:
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1194950 - Review Request: nodejs-window-size - Get the height and width of the terminal in a node.js environment
https://bugzilla.redhat.com/show_bug.cgi?id=1194950
--------------------------------------------------------------------------------
================================================================================
perl-Params-Validate-1.18-1.fc20 (FEDORA-2015-3567)
Params-Validate Perl module
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 24 2015 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.18-1
- Upstream update.
- BR: perl(Test::Version).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196050 - perl-Params-Validate-1.18 testsuite failure on f20
https://bugzilla.redhat.com/show_bug.cgi?id=1196050
--------------------------------------------------------------------------------
================================================================================
python-rhsm-1.14.2-1.fc20 (FEDORA-2015-3570)
A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:
* Logging configuration for subscription-manager can now be modified through a configuration file
* Suppressed some irrelevant warnings
* Allow use of activation keys during migration
* Bugfixes for firstboot
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2015 Alex Wood <awood at redhat.com> 1.14.2-1
- 1195446: Only set global socket timeout on RHEL 5. (alikins at redhat.com)
- Cleanup up connection logging. (alikins at redhat.com)
* Fri Feb 6 2015 Devan Goodwin <dgoodwin at rm-rf.ca> 1.14.1-1
- 976855: build_py now populates version.py with ver (alikins at redhat.com)
- 1187587: Correct project URL in spec file. (awood at redhat.com)
--------------------------------------------------------------------------------
================================================================================
qt-creator-3.2.2-2.fc20 (FEDORA-2015-3573)
Cross-platform IDE for Qt
--------------------------------------------------------------------------------
Update Information:
Add SSH host key verification to built-in SSH client.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Sandro Mani <manisandro at gmail.com> - 3.2.2-2
- Add SSH host key verification to built-in SSH client (#1161655)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1161654 - qt-creator: no SSH host key verification in built-in SSH client
https://bugzilla.redhat.com/show_bug.cgi?id=1161654
--------------------------------------------------------------------------------
================================================================================
subscription-manager-1.14.2-1.fc20 (FEDORA-2015-3570)
Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:
* Logging configuration for subscription-manager can now be modified through a configuration file
* Suppressed some irrelevant warnings
* Allow use of activation keys during migration
* Bugfixes for firstboot
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Alex Wood <awood at redhat.com> 1.14.2-1
- Move to fileConfig based logging. (alikins at redhat.com)
- Ignore glib warnings about class properties. (alikins at redhat.com)
- log level updates, mostly info->debug. (alikins at redhat.com)
- Condense virt fact logging to one info level entry. (alikins at redhat.com)
- Log to info when we update facts. (alikins at redhat.com)
- Change branding 'nothing-happened' logs to debug. (alikins at redhat.com)
- Condense cert_sorter logged info. (alikins at redhat.com)
- Change most cache related log msgs to debug level. (alikins at redhat.com)
- Make D-Bus related log entries debug level. (alikins at redhat.com)
- Change heal logging to be more concise. (alikins at redhat.com)
- Add log friendy str version of Identity (alikins at redhat.com)
- 1133647: Fix messageWindow deprecation warning. (alikins at redhat.com)
- 1183382: Fix test case to work with dateutil 2. (alikins at redhat.com)
- Revert "Added check for /etc/oracle-release in hwprobe" (alikins at redhat.com)
- 1196416: Migration should not need credentials with activation keys
(awood at redhat.com)
- 1196385: Add --activation-key option to migration man page.
(awood at redhat.com)
- 1196418: Add bash completion for --activation-key in migration.
(awood at redhat.com)
- Update spec to point to github / new project website. (dgoodwin at redhat.com)
- Quiet "Whoever translated calendar*" warnings. (alikins at redhat.com)
- Stop 'recently-used.xbel' warnings, disable mru (alikins at redhat.com)
- 1154375: Allow use of activation keys during migration. (awood at redhat.com)
- 1191237: Fix proxy "test connection" in firstboot. (alikins at redhat.com)
- 1191237: Make proxy config "save" work in firstboot. (alikins at redhat.com)
- 1191241: Handle network starting after subman does. (alikins at redhat.com)
- 1145077, disabled column wrapping during redirects (jmolet at redhat.com)
- Add syslog logging handler. (alikins at redhat.com)
- 1191237: Fix problems exitting firstboot on errors (alikins at redhat.com)
- 1163398, fixing rhsm-icon --help descriptions (jmolet at redhat.com)
* Fri Feb 6 2015 Devan Goodwin <dgoodwin at rm-rf.ca> 1.14.1-1
- 976855: populate a "version.py" at build time (alikins at redhat.com)
- Fixed typo in subscription-manager-gui (crog at redhat.com)
- 1186386: Provide one and only one Red Hat CA to Docker. (awood at redhat.com)
- 1114117: Stop collecting subs info by default. (alikins at redhat.com)
- 1184940: Update container plugin config. (dgoodwin at redhat.com)
- 1183122: Fix KeyErrors building dbus ent status (alikins at redhat.com)
- 884285: Needs to maintain loop for dbus calls (wpoteat at redhat.com)
--------------------------------------------------------------------------------
================================================================================
texstudio-2.9.0-1.fc20 (FEDORA-2015-3585)
A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:
- update to version 2.9.0
- http://texstudio.sourceforge.net/manual/current/usermanual_en.html#SECTIONNEW290
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2015 Johannes Lips <hannes at fedoraproject.org> 2.9.0-1
- Update to latest upstream version 2.9.0
- changelog cleaned up
--------------------------------------------------------------------------------
More information about the test
mailing list