The following Fedora 20 Security updates need testing: Age URL 38 https://admin.fedoraproject.org/updates/FEDORA-2013-17866/chicken-4.8.0.4-4.fc20 27 https://admin.fedoraproject.org/updates/FEDORA-2013-18705/phpMyAdmin-3.5.8.2-1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2013-19934/openstack-glance-2013.2-2.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2013-20138/mantis-1.2.15-3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2013-20216/python-setuptools-0.9.8-2.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-19507/openstack-keystone-2013.2-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20749/python-djblets-0.7.23-1.fc20,ReviewBoard-1.7.17-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20687/krb5-1.11.3-29.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20779/wireshark-1.10.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20662/gnutls-3.1.16-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2013-19861/libcomps-0.1.4-4.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2013-20219/perl-Socket-2.013-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2013-20216/python-setuptools-0.9.8-2.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2013-20393/phonon-4.6.0-9.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2013-20475/libevdev-0.4.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20513/xorg-x11-drv-ati-7.2.0-3.20131101git3b38701.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20522/highlight-3.16.1-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20610/soprano-2.9.4-2.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20596/gupnp-0.20.8-1.fc20,gssdp-0.14.6-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20573/iso-codes-3.48-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20780/libbluray-0.4.0-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20751/kbd-1.15.5-10.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20701/initial-setup-0.3.10-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20687/krb5-1.11.3-29.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20662/gnutls-3.1.16-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20254/gnome-abrt-0.3.3-2.fc20,abrt-2.1.9-1.fc20,libreport-2.1.9-1.fc20,satyr-0.11-1.fc20 The following builds have been pushed to Fedora 20 updates-testing ReviewBoard-1.7.17-1.fc20 alienarena-7.66-1.fc20 ardour3-3.5.74-1.fc20 azureus-5.1.0.0-1.fc20 cmocka-0.3.2-1.fc20 drupal7-backup_migrate-2.8-1.fc20 drupal7-rules-2.6-1.fc20 hplip-3.13.11-1.fc20 kamoso-2.0.2-13.fc20 kbd-1.15.5-10.fc20 krb5-1.11.3-29.fc20 libbluray-0.4.0-1.fc20 libguestfs-1.24.1-2.fc20 libltc-1.1.2-1.fc20 mingw-hidapi-0.7.0-2.a88c724.fc20 mlpack-1.0.7-1.fc20 netcdf-4.3.0-6.fc20 ocaml-camlidl-1.05-19.fc20.1 open-vm-tools-9.4.0-1.fc20 openlmi-tools-0.9-3.fc20 perl-Coro-6.32-1.fc20 php-pear-HTTP-OAuth-0.3.1-1.fc20 python-alchimia-0.4-3.fc20 python-chai-0.4.5-1.fc20 python-djblets-0.7.23-1.fc20 qemu-1.6.1-1.fc20 recoll-1.19.8-1.fc20 rubygem-cinch-2.0.10-1.fc20 rubygem-equalizer-0.0.7-2.fc20 rubygem-ice_nine-0.10.0-2.fc20 rubygem-rails_autolink-1.1.4-2.fc20 rubygem-redis-namespace-1.3.1-1.fc20 rubygem-shoulda-context-1.1.6-1.fc20 sddm-0.2.0-0.19.20130914git50ca5b20.fc20 slingshot-0.8.1p-11.fc20 tcpflow-1.4.0-2.fc20 tetex-elsevier-0.1.20090917-11.fc20 thunderbird-lightning-2.6.2-3.fc20 tortoisehg-2.10-1.fc20 tubo-5.0.10-2.fc20 wireshark-1.10.3-2.fc20 xfce4-session-4.10.1-3.fc20 Details about builds: ================================================================================ ReviewBoard-1.7.17-1.fc20 (FEDORA-2013-20749) Web-based code review tool -------------------------------------------------------------------------------- Update Information: - New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes: * Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. * Added a 'X-Frame-Options' header to prevent clickjacking. - New Features: * Remove the need for SSH keys for GitHub repositories. * Improved validation for GitHub repositories. * Added support for permissions on Local Sites. - Performance Improvements: * Reduced query counts on all pages. * Reduced query counts in the web API when returning empty lists. - Extensibility: * Extensions using the ``configure_extension`` view an now pass in a custom ``template_name`` pointing to a template for the configuration page, if it needs additional customization. * Enabling, disabling or reconfiguring extensions will now invalidate the caches for pages, ensuring that hooks will take affect. * Extension configuration now works properly on subdirectory installs. - Bug Fixes: * Fixed showing private review requests on a submitter page. * The description for submitted or discarded review requests is now shown on the diff viewer. * Discarding, reopening and then closing a review request no longer makes the review request private. * Fixed a naming conflict with older PyCrypto packages, such as the default package on CentOS 6.4. * Users with the 'can_change_status' permission no longer need the 'can_edit_reviewrequest' permission in order to close or reopen review requests. * Switching a repository from using a hosting service to Custom no longer reverts back to the hosting service. * Fixed editing a repository if its associated hosting service can't be loaded (such as if an extension providing that hosting service is disabled). * Many diff validation errors weren't being shown on the New Review Request page, generating 500 errors instead. * Fixed caching issues with the Blocks field on review requests. * Editing JSON text fields in the administration UI now works, validates, and won't result in warnings in the log. * Fixed breakages with looking up URLs internally with Local Sites. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.7.17-1 - New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes: * Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. * Added a 'X-Frame-Options' header to prevent clickjacking. - New Features: * Remove the need for SSH keys for GitHub repositories. * Improved validation for GitHub repositories. * Added support for permissions on Local Sites. - Performance Improvements: * Reduced query counts on all pages. * Reduced query counts in the web API when returning empty lists. - Extensibility: * Extensions using the ``configure_extension`` view an now pass in a custom ``template_name`` pointing to a template for the configuration page, if it needs additional customization. * Enabling, disabling or reconfiguring extensions will now invalidate the caches for pages, ensuring that hooks will take affect. * Extension configuration now works properly on subdirectory installs. - Bug Fixes: * Fixed showing private review requests on a submitter page. * The description for submitted or discarded review requests is now shown on the diff viewer. * Discarding, reopening and then closing a review request no longer makes the review request private. * Fixed a naming conflict with older PyCrypto packages, such as the default package on CentOS 6.4. * Users with the 'can_change_status' permission no longer need the 'can_edit_reviewrequest' permission in order to close or reopen review requests. * Switching a repository from using a hosting service to Custom no longer reverts back to the hosting service. * Fixed editing a repository if its associated hosting service can't be loaded (such as if an extension providing that hosting service is disabled). * Many diff validation errors weren't being shown on the New Review Request page, generating 500 errors instead. * Fixed caching issues with the Blocks field on review requests. * Editing JSON text fields in the administration UI now works, validates, and won't result in warnings in the log. * Fixed breakages with looking up URLs internally with Local Sites. * Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.7.16-2 - Update Djblets version * Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 1.7.15-2 - New upstream bugfix release 1.7.16 - Fixes a breakage when accessing the Review Group Users resource - Fixes pagination in dashboard and similar pages * Thu Oct 10 2013 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.7.15-1 - New upstream security release 1.7.15 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/ - Resolves: CVE-2013-4410 - Fixes access-control problems with REST API - Resolves: CVE-2013-4411 - Fixes URL processing allowing unauthorized users to view review lists -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1027010 -------------------------------------------------------------------------------- ================================================================================ alienarena-7.66-1.fc20 (FEDORA-2013-20783) Multiplayer retro sci-fi deathmatch game -------------------------------------------------------------------------------- Update Information: Add appdata, update to 7.66. Updated autotools to 2.69 and added License: tag to alienarena-data package. Added aarch64 by autoconf 2.69 and added License: entry to alienarena-data package -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 7.66-1 - update to 7.66 - add appdata file (bz 1023990) * Wed Sep 4 2013 Chandler Wilkerson <chwilk@xxxxxxxx> - 7.65-5 - Added aarch64 patch pending upstream move to autoconf 2.69 in next release (bz 924982) - Tweaked license line of alienarena-data package to match license text. (bz 888201) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023990 - Appdata file for Alien Arena https://bugzilla.redhat.com/show_bug.cgi?id=1023990 [ 2 ] Bug #924982 - alienarena: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=924982 [ 3 ] Bug #888201 - Alienarena-data (Game data) is non-commercial use https://bugzilla.redhat.com/show_bug.cgi?id=888201 -------------------------------------------------------------------------------- ================================================================================ ardour3-3.5.74-1.fc20 (FEDORA-2013-20094) Digital Audio Workstation -------------------------------------------------------------------------------- Update Information: Add ardour v3.x and libltc to Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #929044 - Ardour version 3 package request https://bugzilla.redhat.com/show_bug.cgi?id=929044 [ 2 ] Bug #1022255 - Review Request: libltc - Linear/Longitudinal Time Code (LTC) Library https://bugzilla.redhat.com/show_bug.cgi?id=1022255 [ 3 ] Bug #1007099 - Review Request: ardour3 - Digital Audio Workstation https://bugzilla.redhat.com/show_bug.cgi?id=1007099 -------------------------------------------------------------------------------- ================================================================================ azureus-5.1.0.0-1.fc20 (FEDORA-2013-20767) A BitTorrent Client -------------------------------------------------------------------------------- Update Information: Upgrade to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 5 2013 David Juran <djuran@xxxxxxxxxx> - 5.1.0.0-1 - upgrade to 5.1.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1019019 - you need submit azureus-5.1.0.0-1.fc20 to bodhi reach Fedora 20 https://bugzilla.redhat.com/show_bug.cgi?id=1019019 -------------------------------------------------------------------------------- ================================================================================ cmocka-0.3.2-1.fc20 (FEDORA-2013-20770) Lightweight library to simplify and generalize unit tests for C -------------------------------------------------------------------------------- Update Information: Update to cmocka 0.3.2. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 0.3.2-1 - Update to version 0.3.2. - Include API documentation. -------------------------------------------------------------------------------- ================================================================================ drupal7-backup_migrate-2.8-1.fc20 (FEDORA-2013-20769) Database backup, restore, and migrate module for Drupal 7 -------------------------------------------------------------------------------- Update Information: - Update to upstream 2.8 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2128465 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.8-1 - Update to upstream 2.8 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2128465 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027127 - drupal7-backup_migrate-2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1027127 -------------------------------------------------------------------------------- ================================================================================ drupal7-rules-2.6-1.fc20 (FEDORA-2013-20782) It allows site administrators to define conditionally executed actions -------------------------------------------------------------------------------- Update Information: - Update to upstream 2.6 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2123171 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.6-1 - Update to upstream 2.6 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2123171 * Thu Sep 26 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.5-1 - Update to upstream 2.5 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2092781 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024829 - drupal7-rules-2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1024829 -------------------------------------------------------------------------------- ================================================================================ hplip-3.13.11-1.fc20 (FEDORA-2013-20752) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: New upstream release which adds support for several new printers. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Jiri Popelka <jpopelka@xxxxxxxxxx> - 3.13.11-1 - 3.13.11 * Tue Oct 15 2013 Jaromír Končický <jkoncick@xxxxxxxxxx> - 3.13.10-1 - 3.13.10: 8 patches applied upstream, big changes in tmp and log dirs, removed hp-mkuri - Fixed Incorrect IEEE 1284 MFG value for LaserJet Professional P1102 (bug #1018826). -------------------------------------------------------------------------------- ================================================================================ kamoso-2.0.2-13.fc20 (FEDORA-2013-20778) Application for taking pictures and videos from a webcam -------------------------------------------------------------------------------- Update Information: Fixed missing icons. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 2.0.2-13 - Requires: oxygen-icon-theme (#986964) -------------------------------------------------------------------------------- References: [ 1 ] Bug #986964 - all Kamoso icons are missing https://bugzilla.redhat.com/show_bug.cgi?id=986964 -------------------------------------------------------------------------------- ================================================================================ kbd-1.15.5-10.fc20 (FEDORA-2013-20751) Tools for configuring the console (keyboard, virtual terminals, etc.) -------------------------------------------------------------------------------- Update Information: Added PAM config for vlock. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 1.15.5-10 - Add PAM config for vlock Resolves: #913309 -------------------------------------------------------------------------------- References: [ 1 ] Bug #913309 - vlock doesn't have a PAM configuration https://bugzilla.redhat.com/show_bug.cgi?id=913309 -------------------------------------------------------------------------------- ================================================================================ krb5-1.11.3-29.fc20 (FEDORA-2013-20687) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: This update incorporates a backported fix to make libgssapi_krb5's credential import routines work better, which is needed by newer versions of gssproxy, and corrects a packaging error which resulted in the /etc/gss directory not being owned by any packages. Further, it incorporates a fix for a possible remotely-triggered crash in KDCs which are configured to serve multiple realms at once (CVE-2013-1418). -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-29 - incorporate upstream patch for remote crash of KDCs which serve multiple realms simultaneously (RT#7756, CVE-2013-1418) * Mon Nov 4 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-28 - drop patch to add additional access() checks to ksu - they add to breakage when non-FILE: caches are in use (#1026099), shouldn't be resulting in any benefit, and clash with proposed changes to fix its cache handling * Tue Oct 22 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-27 - add some minimal description to the top of the wrapper scripts we use when starting krb5kdc and kadmind to describe why they exist (tooling) * Wed Oct 16 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-26 - create and own /etc/gss (#1019937) * Tue Oct 15 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-25 - pull up fix for importing previously-exported credential caches in the gssapi library (RT# 7706, #1019420) * Mon Oct 14 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-24 - backport the callback to use the libkrb5 prompter when we can't load PEM files for PKINIT (RT#7590, includes part of #965721/#1016690) - extract the rest of the fix #965721/#1016690 from the changes for RT#7680 * Mon Oct 14 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-23 - fix trigger scriptlet's invocation of sed (#1016945) * Fri Oct 4 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-22 - rebuild with keyutils 1.5.8 (part of #1012043) * Wed Oct 2 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-21 - switch to the version of persistent-keyring that was just merged to master (RT#7711), along with related changes to kinit (RT#7689) - go back to setting default_ccache_name to a KEYRING type * Mon Sep 30 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-20 - pull up fix for not calling a kdb plugin's check-transited-path method before calling the library's default version, which only knows how to read what's in the configuration file (RT#7709, #1013664) * Thu Sep 26 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-19 - configure --without-krb5-config so that we don't pull in the old default ccache name when we want to stop setting a default ccache name at configure- time * Wed Sep 25 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-18 - fix broken dependency on awk (should be gawk, rdieter) * Wed Sep 25 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-17 - add missing dependency on newer keyutils-libs (#1012034) * Tue Sep 24 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-16 - back out setting default_ccache_name to the new default for now, resetting it to the old default while the kernel/keyutils bits get sorted (sgallagh) * Mon Sep 23 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-15 - add explicit build-time dependency on a version of keyutils that's new enough to include keyctl_get_persistent() (more of #991148) * Thu Sep 19 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-14 - incorporate Simo's updated backport of his updated persistent-keyring changes (more of #991148) * Fri Sep 13 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-13 - don't break during %check when the session keyring is revoked * Fri Sep 13 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.3-12 - pull the newer F21 defaults back to F20 (sgallagh) * Mon Sep 9 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> - only apply the patch to autocreate /run/user/0 when we're hard-wiring the default ccache location to be under it; otherwise it's unnecessary * Mon Sep 9 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.11.3-11 - don't let comments intended for one scriptlet become part of the "script" that gets passed to ldconfig as part of another one (Mattias Ellert, #1005675) * Fri Sep 6 2013 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.11.3-10 - incorporate Simo's backport of his persistent-keyring changes (#991148) - restore build-time default DEFCCNAME on Fedora 21 and later and EL, and instead set default_ccache_name in the default krb5.conf's [libdefaults] section (#991148) - on releases where we expect krb5.conf to be configured with a default_ccache_name, add it whenever we upgrade from an older version of the package that wouldn't have included it in its default configuration file (#991148) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026942 - CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash https://bugzilla.redhat.com/show_bug.cgi?id=1026942 -------------------------------------------------------------------------------- ================================================================================ libbluray-0.4.0-1.fc20 (FEDORA-2013-20780) Library to access Blu-Ray disks for video playback -------------------------------------------------------------------------------- Update Information: Upstream changelog : http://git.videolan.org/gitweb.cgi/libbluray.git/?p=libbluray.git;a=blob_plain;f=ChangeLog;hb=0.4.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 20 2013 Xavier Bachelot <xavier@xxxxxxxxxxxx> 0.4.0-1 - Update to 0.4.0. - Fix rpath issues with some test utilities. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1015755 - current version is 0.4.0 https://bugzilla.redhat.com/show_bug.cgi?id=1015755 -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.24.1-2.fc20 (FEDORA-2013-20761) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: Adds new features from upstream virt-builder. New stable branch version 1.24.1. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.24.1-2 - Backport virt-builder features from upstream at users [multiple] requests. - Use git to manage patches, add copy-patches.sh script. - +BR flex & bison. - +BR xz-devel (for liblzma) to accelerate virt-builder. * Fri Nov 1 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.24.1-1 - New upstream version 1.24.1. * Tue Oct 22 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.24.0-2 - Don't use versioned jar file (RHBZ#1022133). * Sat Oct 19 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.24.0-1 - New upstream version 1.24.0. * Tue Oct 15 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.33-1 - New upstream version 1.23.33. * Mon Oct 14 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.32-1 - New upstream version 1.23.32. * Sun Oct 13 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.31-1 - New upstream version 1.23.31. * Fri Oct 11 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.30-1 - New upstream version 1.23.30. * Tue Oct 8 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.28-1 - New upstream version 1.23.28. * Mon Oct 7 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.27-1 - New upstream version 1.23.27. * Fri Oct 4 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.25-1 - New upstream version 1.23.25. - Add virt-builder and its dependencies. * Mon Sep 30 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.23-2 - New upstream version 1.23.23. - Remove patch which is now upstream. * Thu Sep 12 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.23.22-2 - Add patch to debug parallel tests. -------------------------------------------------------------------------------- ================================================================================ libltc-1.1.2-1.fc20 (FEDORA-2013-20094) Linear/Longitudinal Time Code (LTC) Library -------------------------------------------------------------------------------- Update Information: Add ardour v3.x and libltc to Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #929044 - Ardour version 3 package request https://bugzilla.redhat.com/show_bug.cgi?id=929044 [ 2 ] Bug #1022255 - Review Request: libltc - Linear/Longitudinal Time Code (LTC) Library https://bugzilla.redhat.com/show_bug.cgi?id=1022255 [ 3 ] Bug #1007099 - Review Request: ardour3 - Digital Audio Workstation https://bugzilla.redhat.com/show_bug.cgi?id=1007099 -------------------------------------------------------------------------------- ================================================================================ mingw-hidapi-0.7.0-2.a88c724.fc20 (FEDORA-2013-20760) Library for communicating with USB and Bluetooth HID devices -------------------------------------------------------------------------------- Update Information: Initial build of mingw-hidapi package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1022317 - Review Request: mingw-hidapi - Library for communicating with USB and Bluetooth HID devices https://bugzilla.redhat.com/show_bug.cgi?id=1022317 -------------------------------------------------------------------------------- ================================================================================ mlpack-1.0.7-1.fc20 (FEDORA-2013-20784) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information: Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 3 2013 Ryan Curtin <gth671b@xxxxxxxxxxxxxxx> - 1.0.7-1 - Update to latest stable release. -------------------------------------------------------------------------------- ================================================================================ netcdf-4.3.0-6.fc20 (FEDORA-2013-20756) Libraries for the Unidata network Common Data Form -------------------------------------------------------------------------------- Update Information: Enable hdf4 support -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 4 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.3.0-6 - Enable hdf4 support -------------------------------------------------------------------------------- ================================================================================ ocaml-camlidl-1.05-19.fc20.1 (FEDORA-2013-20758) Stub code generator and COM binding for Objective Caml -------------------------------------------------------------------------------- Update Information: Add META file. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1.05-19.fc20.1 - Add META file (RHBZ#1026991). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026991 - ocaml-camlidl does not install META file for use with findlib https://bugzilla.redhat.com/show_bug.cgi?id=1026991 -------------------------------------------------------------------------------- ================================================================================ open-vm-tools-9.4.0-1.fc20 (FEDORA-2013-20774) Open Virtual Machine Tools for virtual machines hosted on VMware -------------------------------------------------------------------------------- Update Information: New stable version 9.4.0 from upstream. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Ravindra Kumar <ravindrakumar@xxxxxxxxxx> - 9.4.0-1 - Package new upstream version open-vm-tools-9.4.0-1280544. - Added CUSTOM_PROCPS_NAME=procps and -Wno-deprecated-declarations for version 9.4.0. -------------------------------------------------------------------------------- ================================================================================ openlmi-tools-0.9-3.fc20 (FEDORA-2013-20785) Set of CLI tools for Openlmi providers -------------------------------------------------------------------------------- Update Information: - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-3 - fix passing instance references to method call * Wed Nov 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-2 - fix instance deletion * Mon Nov 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-1 - upgrade to v0.9 * Wed Oct 23 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.8-1 - upgrade to v0.8 -------------------------------------------------------------------------------- ================================================================================ perl-Coro-6.32-1.fc20 (FEDORA-2013-20768) The only real threads in perl -------------------------------------------------------------------------------- Update Information: This release fixes possible NULL pointer derefence with Perl 5.18. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 6.32-1 - 6.32 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027095 - perl-Coro-6.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=1027095 -------------------------------------------------------------------------------- ================================================================================ php-pear-HTTP-OAuth-0.3.1-1.fc20 (FEDORA-2013-20786) Implementation of the OAuth spec -------------------------------------------------------------------------------- Update Information: Upstream Changelog: API changes: * added $body parameter to HTTP_OAuth_Provider::__construct() * added HTTP_OAuth_Provider::setBody() * renamed HTTP_OAuth_Provider::getPostData() to getBody() * made HTTP_OAuth_Provider::getBody() public New features and bugs fixed: * Fixed PEAR #17806. DELETE method is not supported. * Fixed PEAR #18574. Avoid try-catch-rethrow. * Fixed PEAR #18701. Only variables should be passed by reference. * Fixed PEAR #18425. Array keys not decoded in HTTP_OAuth_Provider. * Fixed PEAR #18431. Handle PUT requests better in HTTP_OAuth_Provider. * Fixed PEAR #20106. rawBodyData always included in provider request. * Fixed PEAR #20107. Handle multiple query params with same name as array. * Added LICENSE file. * Include README in package file. * Fixed reset() call in MessageTest in unit tests. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.3.1-1 - Update to 0.3.1 (alpha) - License file is provided in tarball - Drop patch merged upstream * Sat Nov 2 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.3.0-1 - update to 0.3.0 (alpha) - add explicit spec License - open issues for missing License file and failed test -------------------------------------------------------------------------------- ================================================================================ python-alchimia-0.4-3.fc20 (FEDORA-2013-20764) A Python library that integrates Twisted with SqlAlchemy -------------------------------------------------------------------------------- Update Information: alchimia lets you use most of the SQLAlchemy-core API with Twisted, it does not allow you to use the ORM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1019428 - Review Request: python-alchimia - A Python library that integrates Twisted with SqlAlchemy https://bugzilla.redhat.com/show_bug.cgi?id=1019428 -------------------------------------------------------------------------------- ================================================================================ python-chai-0.4.5-1.fc20 (FEDORA-2013-20772) Easy to use mocking/stub framework -------------------------------------------------------------------------------- Update Information: Import python-chai -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024259 - Review Request: python-chai - Easy to use mocking/stub framework https://bugzilla.redhat.com/show_bug.cgi?id=1024259 -------------------------------------------------------------------------------- ================================================================================ python-djblets-0.7.23-1.fc20 (FEDORA-2013-20749) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information: - New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes: * Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. * Added a 'X-Frame-Options' header to prevent clickjacking. - New Features: * Remove the need for SSH keys for GitHub repositories. * Improved validation for GitHub repositories. * Added support for permissions on Local Sites. - Performance Improvements: * Reduced query counts on all pages. * Reduced query counts in the web API when returning empty lists. - Extensibility: * Extensions using the ``configure_extension`` view an now pass in a custom ``template_name`` pointing to a template for the configuration page, if it needs additional customization. * Enabling, disabling or reconfiguring extensions will now invalidate the caches for pages, ensuring that hooks will take affect. * Extension configuration now works properly on subdirectory installs. - Bug Fixes: * Fixed showing private review requests on a submitter page. * The description for submitted or discarded review requests is now shown on the diff viewer. * Discarding, reopening and then closing a review request no longer makes the review request private. * Fixed a naming conflict with older PyCrypto packages, such as the default package on CentOS 6.4. * Users with the 'can_change_status' permission no longer need the 'can_edit_reviewrequest' permission in order to close or reopen review requests. * Switching a repository from using a hosting service to Custom no longer reverts back to the hosting service. * Fixed editing a repository if its associated hosting service can't be loaded (such as if an extension providing that hosting service is disabled). * Many diff validation errors weren't being shown on the New Review Request page, generating 500 errors instead. * Fixed caching issues with the Blocks field on review requests. * Editing JSON text fields in the administration UI now works, validates, and won't result in warnings in the log. * Fixed breakages with looking up URLs internally with Local Sites. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.7.23-1 - New upstream release 0.7.23 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS * djblets.webapi: * Added a has_list_access_permissions function, which is used to determine access to a list resource. - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.22.NEWS * djblets.extensions: * AJAX_SERIAL is updated when extensions are enabled/disabled or their configuration changes, allowing templates using AJAX_SERIAL as part of their cache to invalidate. * djblets.siteconfig: * Reduced query counts for installs using siteconfig. * djblets.webapi: * Reduced query counts when returning payloads for list resources with no entries. * Common attribute lookups on WebAPIResource are now cached. - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.23.NEWS * djblets.extensions: * Fix URL errors when configuring extensions with a custom SITE_ROOT. * djblets.util.fields: * JSONFields can now be safely edited through the administration UI, complete with validation. * jquery.gravy: * Fixed hiding the pencil icons on an inlineEditor when disabled. * Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 0.7.21-1 - New upstream bugfix release 0.7.21 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS - Added a has_list_access_permissions function, which is used to determine access to a list resource. * Fri Oct 11 2013 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.7.20-1 - New upstream bugfix release 0.7.20 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.20.NEWS - Fixed regression with pagination on the datagrid * Thu Oct 10 2013 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.7.19-1 - New upstream security release 0.7.19 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.19.NEWS - Resolves: CVE-2013-4409 - Resolves unsanitized eval() vulnerability -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1027010 -------------------------------------------------------------------------------- ================================================================================ qemu-1.6.1-1.fc20 (FEDORA-2013-20776) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Reduce CPU usage when audio is playing (bz #1017644) * Base on qemu 1.6.1 tarball * ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604) * ksmtuned: Fix committed_memory when no qemu running (bz #1012610) * Make sure bridge helper is setuid (bz #1017660) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 2:1.6.1-1 - Reduce CPU usage when audio is playing (bz #1017644) - Base on qemu 1.6.1 tarball - ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604) - ksmtuned: Fix committed_memory when no qemu running (bz #1012610) - Make sure bridge helper is setuid (bz #1017660) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1017644 - PATCH: fix qemu using 50% host cpu when audio is playing https://bugzilla.redhat.com/show_bug.cgi?id=1017644 -------------------------------------------------------------------------------- ================================================================================ recoll-1.19.8-1.fc20 (FEDORA-2013-20750) Desktop full text search tool with Qt GUI -------------------------------------------------------------------------------- Update Information: Update to latest upstream release recoll 1.19.8, will hopefully fix some bugs too. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Terje Rosten <terje.rosten@xxxxxxx> - 1.19.8-1 - 1.19.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #980947 - [abrt] recoll-1.19.4-2.fc18: inflate_table: Process /usr/bin/recoll was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=980947 [ 2 ] Bug #989483 - [abrt] recoll-1.19.4-2.fc19: deallocate: Process /usr/bin/recollindex was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=989483 [ 3 ] Bug #995796 - [abrt] recoll-1.19.4-2.fc18: operator delete: Process /usr/bin/recollindex was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=995796 [ 4 ] Bug #979371 - [abrt] recoll-1.19.4-2.fc18: deallocate: Process /usr/bin/recollindex was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=979371 [ 5 ] Bug #995699 - [abrt] recoll-1.19.4-2.fc18: std::_Rb_tree<std::string, std::pair<std::string const, std::string>, std::_Select1st<std::pair<std::string const, std::string> >, std::less<std::string>, std::allocator<std::pair<std::string const, std::string> > ... https://bugzilla.redhat.com/show_bug.cgi?id=995699 -------------------------------------------------------------------------------- ================================================================================ rubygem-cinch-2.0.10-1.fc20 (FEDORA-2013-20775) An IRC Bot Building Framework -------------------------------------------------------------------------------- Update Information: Rebased on Cinch 2.0.10. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 2.0.10-1 - Rebased on Cinch 2.0.10. -------------------------------------------------------------------------------- ================================================================================ rubygem-equalizer-0.0.7-2.fc20 (FEDORA-2013-20765) Module to define equality, equivalence and inspection methods -------------------------------------------------------------------------------- Update Information: First Fedora release. rubygem-equalizer is a module to define equality, equivalence and inspection methods. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025930 - Review Request: rubygem-equalizer - Module to define equality, equivalence and inspection methods https://bugzilla.redhat.com/show_bug.cgi?id=1025930 -------------------------------------------------------------------------------- ================================================================================ rubygem-ice_nine-0.10.0-2.fc20 (FEDORA-2013-20781) Deep Freeze Ruby Objects -------------------------------------------------------------------------------- Update Information: New Fedora package. This gem allows developers to deep freeze Ruby objects. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025928 - Review Request: rubygem-ice_nine - Deep Freeze Ruby Objects https://bugzilla.redhat.com/show_bug.cgi?id=1025928 -------------------------------------------------------------------------------- ================================================================================ rubygem-rails_autolink-1.1.4-2.fc20 (FEDORA-2013-20766) Automatic generation of HTML links in texts -------------------------------------------------------------------------------- Update Information: New Fedora package. This is an extraction of the `auto_link` method from rails. The `auto_link` method was removed from Rails in version Rails 3.1. This gem is meant to bridge the gap for people migrating. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1018010 - Review Request: rubygem-rails_autolink - Automatic generation of HTML links in texts https://bugzilla.redhat.com/show_bug.cgi?id=1018010 -------------------------------------------------------------------------------- ================================================================================ rubygem-redis-namespace-1.3.1-1.fc20 (FEDORA-2013-20757) Namespaces Redis commands -------------------------------------------------------------------------------- Update Information: New Fedora package. rubygem-redis-namespace adds a Redis::Namespace class which can be used to namespace calls to Redis. This is useful when using a single instance of Redis with multiple, different applications. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025984 - Review Request: rubygem-redis-namespace - Namespaces Redis commands https://bugzilla.redhat.com/show_bug.cgi?id=1025984 -------------------------------------------------------------------------------- ================================================================================ rubygem-shoulda-context-1.1.6-1.fc20 (FEDORA-2013-20773) Context framework extracted from Shoulda -------------------------------------------------------------------------------- Update Information: This update removes deprecation warnings with Rails 4. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026732 - rubygem-shoulda-context-1.1.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1026732 -------------------------------------------------------------------------------- ================================================================================ sddm-0.2.0-0.19.20130914git50ca5b20.fc20 (FEDORA-2013-20753) QML based X11 desktop manager -------------------------------------------------------------------------------- Update Information: Added a patch to fix PAM support -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Martin Briza <mbriza@xxxxxxxxxx> - 0.2.0-0.19.20130914git50ca5b20 - Patch cleanup * Tue Nov 5 2013 Martin Briza <mbriza@xxxxxxxxxx> - 0.2.0-0.18.20130914git50ca5b20 - Cmake magic * Tue Nov 5 2013 Martin Briza <mbriza@xxxxxxxxxx> - 0.2.0-0.17.20130914git50ca5b20 - Rewritten the authentication stack to work right with PAM * Tue Oct 15 2013 Martin Briza <mbriza@xxxxxxxxxx> - 0.2.0-0.16.20130914git50ca5b20 - Fixed the Fedora theme wallpaper path * Tue Oct 15 2013 Martin Briza <mbriza@xxxxxxxxxx> - 0.2.0-0.15.20130914git50ca5b20 - Added XDMCP support patch - Modified the config to reflect the added XDMCP support (disabled by default) * Tue Oct 15 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-0.14.20130914git50ca5b20 - sddm.conf: CurrentTheme=fedora * Mon Oct 14 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-0.13.20130914git50ca5b20 - include standard theme/config here, Obsoletes: kde-settings-sddm - sddm.conf: SessionCommand=/etc/X11/xinit/Xsession * Mon Oct 14 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-0.12.20130914git50ca5b20 - -themes: Obsoletes: sddm ... for upgrade path * Mon Oct 14 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-0.11.20130914git50ca5b20 - -themes subpkg * Sat Sep 21 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-0.10.20130914git50ca5b20 - use %_qt4_importdir, %systemd_requires macros - own %_datadir/apps/sddm - fix Release - drop explicit Requires: pam (let rpm autodeps handle it) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1008951 - New KDE session starts just after Logout https://bugzilla.redhat.com/show_bug.cgi?id=1008951 -------------------------------------------------------------------------------- ================================================================================ slingshot-0.8.1p-11.fc20 (FEDORA-2013-20771) A Newtonian strategy game -------------------------------------------------------------------------------- Update Information: Add appdata file. Fix URL. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.8.1p-11 - Fix URL, BZ 1023983. - Add appdata file, BZ 1023986. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023986 - Appdata file for slingshot https://bugzilla.redhat.com/show_bug.cgi?id=1023986 [ 2 ] Bug #1023983 - Possibly incorrect URL for slingshot https://bugzilla.redhat.com/show_bug.cgi?id=1023983 -------------------------------------------------------------------------------- ================================================================================ tcpflow-1.4.0-2.fc20 (FEDORA-2013-20755) Network traffic recorder -------------------------------------------------------------------------------- Update Information: Update to latest upstream release tcpflow 1.4.0. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Terje Rosten <terje.rosten@xxxxxxx> - 1.4.0-2 - Add patches to build on arm * Mon Oct 21 2013 Terje Rosten <terje.rosten@xxxxxxx> - 1.4.0-1 - 1.4.0 -------------------------------------------------------------------------------- ================================================================================ tetex-elsevier-0.1.20090917-11.fc20 (FEDORA-2013-20777) Elsevier LaTeX style files and documentation -------------------------------------------------------------------------------- Update Information: fix install tree; follow f20 unversioned doc change -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> - 0.1.20090917-11 - Use the actual texlive local tree, not the documented one (#971778). * Sun Nov 3 2013 Ville Skyttä <ville.skytta@xxxxxx> - 0.1.20090917-10 - Honor setups with unversioned doc dirs (#993901). -------------------------------------------------------------------------------- References: [ 1 ] Bug #971778 - tetex-elsevier after an update still in a "wrong" path https://bugzilla.redhat.com/show_bug.cgi?id=971778 [ 2 ] Bug #993901 - tetex-elsevier possibly affected by F-20 unversioned docdir change https://bugzilla.redhat.com/show_bug.cgi?id=993901 -------------------------------------------------------------------------------- ================================================================================ thunderbird-lightning-2.6.2-3.fc20 (FEDORA-2013-20763) The calendar extension to Thunderbird -------------------------------------------------------------------------------- Update Information: Add upstream patch to fix caldav sync -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 4 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.2-3 - Add upstream patch to fix caldav sync * Wed Oct 30 2013 Jan Horak <jhorak@xxxxxxxxxx> - 2.6.2-2 - Update to 2.6.2 * Fri Sep 20 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6-1 - Drop alarm patch - Drop -fpermissive - Update to 2.6 - Exclude arm architecture -------------------------------------------------------------------------------- ================================================================================ tortoisehg-2.10-1.fc20 (FEDORA-2013-20759) Mercurial GUI command line tool thg -------------------------------------------------------------------------------- Update Information: https://bitbucket.org/tortoisehg/thg/wiki/ReleaseNotes#!tortoisehg-210 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Mads Kiilerich <mads@xxxxxxxxxxxxx> - 2.10-1 - tortoisehg 2.10 -------------------------------------------------------------------------------- ================================================================================ tubo-5.0.10-2.fc20 (FEDORA-2013-20762) Library to thread process std-in/std-err/std-out from fork() child -------------------------------------------------------------------------------- Update Information: *Update to 5.0.10 *'example' and 'tuboexec' binaries are now packaged *Added glib2-devel BR New package. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 5.0.10-2 - Added glib2-devel BR * Wed Nov 6 2013 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 5.0.10-1 - Update to 5.0.10 - 'example' and 'tuboexec' binaries are now packaged -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016807 - Review Request: tubo - Library to thread process std-in/std-err/std-out from fork() child https://bugzilla.redhat.com/show_bug.cgi?id=1016807 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.3-2.fc20 (FEDORA-2013-20779) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: Harden dumpcap capabilities * Ver. 1.10.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.3-2 - harden dumpcap capabilities * Sat Nov 2 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-1 - Ver. 1.10.3 - Dropped upsteamed patch no. 13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026534 - CVE-2013-6336 wireshark: IEEE 802.15.4 dissector crash (wnpa-sec-2013-61) https://bugzilla.redhat.com/show_bug.cgi?id=1026534 [ 2 ] Bug #1026538 - CVE-2013-6337 wireshark: NBAP dissector crash (wnpa-sec-2013-62) https://bugzilla.redhat.com/show_bug.cgi?id=1026538 [ 3 ] Bug #1026539 - CVE-2013-6338 wireshark: SIP dissector crash (wnpa-sec-2013-63) https://bugzilla.redhat.com/show_bug.cgi?id=1026539 [ 4 ] Bug #1026540 - CVE-2013-6339 wireshark: ActiveMQ OpenWire dissector large loop (wnpa-sec-2013-64) https://bugzilla.redhat.com/show_bug.cgi?id=1026540 [ 5 ] Bug #1026541 - CVE-2013-6340 wireshark: TCP dissector crash (wnpa-sec-2013-65) https://bugzilla.redhat.com/show_bug.cgi?id=1026541 -------------------------------------------------------------------------------- ================================================================================ xfce4-session-4.10.1-3.fc20 (FEDORA-2013-20754) Xfce session manager -------------------------------------------------------------------------------- Update Information: Fix suspend/hibernate/poweroff support. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 5 2013 Kevin Fenzi <kevin@xxxxxxxxx> 4.10.1-3 - Add patch for better systemd support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1012650 - Hibernate and standby are disabled since upgrading to Fedora 20 https://bugzilla.redhat.com/show_bug.cgi?id=1012650 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
