The following Fedora 20 Security updates need testing: Age URL 49 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20 42 https://admin.fedoraproject.org/updates/FEDORA-2013-19934/openstack-glance-2013.2-2.fc20 37 https://admin.fedoraproject.org/updates/FEDORA-2013-19507/openstack-keystone-2013.2-2.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2013-22042/varnish-3.0.4-2.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22396/ganglia-3.6.0-3.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22377/seamonkey-2.22.1-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22352/drupal6-6.29-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22393/ruby-2.0.0.353-16.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22652/xdialog-2.3.1-13.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22667/openstack-nova-2013.2-4.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22557/nbd-3.5-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22586/python-django-horizon-2013.2-4.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22565/maradns-2.0.07d-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22575/subversion-1.8.5-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22649/monitorix-3.4.0-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22645/tuxcut-5.0-15.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22713/hdapsd-20090401.20131204git401ca60-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22722/rootfiles-8.1-16.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22741/zabbix-2.0.9-2.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22700/lynis-1.3.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22730/mod_nss-1.0.8-28.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22754/xen-4.3.1-5.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22756/nss-3.15.3-2.fc20,nss-softokn-3.15.3-1.fc20,nss-util-3.15.3-1.fc20,nspr-4.10.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22827/mingw-openjpeg-1.5.1-5.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22809/net-snmp-5.7.2-16.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22832/ufraw-0.19.2-10.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22860/qt-4.8.5-12.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22847/qt3-3.3.8b-54.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22854/dcraw-9.19-4.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 61 https://admin.fedoraproject.org/updates/FEDORA-2013-18447/createrepo-0.9.9-23.fc20 23 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22293/lxde-common-0.5.5-0.9.20110328git87c368d7.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22412/libosinfo-0.2.8-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22527/libbluray-0.4.0-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22638/dnf-0.4.9-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22641/libfm-1.1.3-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22657/kdelibs-4.11.3-3.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22714/hawkey-0.4.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22748/langtable-0.0.22-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22756/nss-3.15.3-2.fc20,nss-softokn-3.15.3-1.fc20,nss-util-3.15.3-1.fc20,nspr-4.10.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22837/opus-1.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22860/qt-4.8.5-12.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22805/gnutls-3.1.17-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22810/webkitgtk-2.2.3-1.fc20,webkitgtk3-2.2.3-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22800/python-blivet-0.23.8-1.fc20,anaconda-20.25.14-1.fc20 The following builds have been pushed to Fedora 20 updates-testing argyllcms-1.6.2-1.fc20 carto-0.9.5-3.fc20 cbmc-4.6-1.20131201svn.fc20 cego-2.19.13-1.fc20 dcraw-9.19-4.fc20 git-ftp-0.9.0-1.fc20 gnome-color-manager-3.10.1-2.fc20 high-scale-lib-1.1.4-1.fc20 ibus-input-pad-1.4.1-1.fc20 input-pad-1.0.3-1.fc20 irssi-0.8.16-0.3.rc1.fc20 libexplain-1.2-3.fc20 libguestfs-1.24.1-5.fc20 luajit-2.0.2-7.fc20 mirrorbrain-2.17.0-3.fc20 nodejs-mbtiles-0.4.0-1.fc20 nodejs-xml2js-0.4.0-1.fc20 nodejs-xmlbuilder-1.0.2-2.fc20 ocserv-0.2.1-6.fc20 openlmi-tools-0.9-11.fc20 opus-1.1-1.fc20 php-twig-Twig-1.15.0-1.fc20 php-twig-ctwig-1.15.0-1.fc20 python-fmn-web-0.1.4-2.fc20 python3-bsddb3-6.0.1-1.fc20 qt-4.8.5-12.fc20 qt3-3.3.8b-54.fc20 rodent-icon-theme-5.0-3.fc20 rubygem-inflecto-0.0.2-1.fc20 salt-api-0.8.3-1.fc20 simple-mtpfs-0.2-1.fc20 sofia-sip-1.12.11-8.fc20 springframework-3.1.4-2.fc20 squeak-vm-4.10.2.2614-9.fc20 t1lib-5.1.2-14.fc20 ufraw-0.19.2-10.fc20 xfce4-whiskermenu-plugin-1.2.2-1.fc20 yad-0.25.1-1.fc20 yum-3.4.3-120.fc20 Details about builds: ================================================================================ argyllcms-1.6.2-1.fc20 (FEDORA-2013-22277) ICC compatible color management system -------------------------------------------------------------------------------- Update Information: - Update to 1.6.2 - Added "dark region emphasis" -V parameter to targen and colprof - Changed i1d3 driver to be more forgiving of EEProm checksum calculation - Fixed "edges don't match" bug in printarg when -iCM -h -s/-S used. - Fixed bug in -H flag in chartread, dispcal, dispread, illumread & spotread - Fixed bug in dispcal black point optimization to err on the black side - Fixed bug introduced into ColorMunki (spectro) reflective measurement - Fixed major bug in illumread - result was being corrupted. - Fixed problem with TV encoded output and dispread -E -k/-K -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 26 2013 Richard Hughes <rhughes@xxxxxxxxxx> - 1.6.2-1 - Update to 1.6.2 - Added "dark region emphasis" -V parameter to targen and colprof - Changed i1d3 driver to be more forgiving of EEProm checksum calculation - Fixed "edges don't match" bug in printarg when -iCM -h -s/-S used. - Fixed bug in -H flag in chartread, dispcal, dispread, illumread & spotread - Fixed bug in dispcal black point optimization to err on the black side - Fixed bug introduced into ColorMunki (spectro) reflective measurement - Fixed major bug in illumread - result was being corrupted. - Fixed problem with TV encoded output and dispread -E -k/-K -------------------------------------------------------------------------------- ================================================================================ carto-0.9.5-3.fc20 (FEDORA-2013-22858) Mapnik style sheet compiler -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Tom Hughes <tom@xxxxxxxxxx> - 0.9.5-3 - Fix xml2js dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 -------------------------------------------------------------------------------- ================================================================================ cbmc-4.6-1.20131201svn.fc20 (FEDORA-2013-22848) Bounded Model Checker for ANSI-C and C++ programs -------------------------------------------------------------------------------- Update Information: Updated to 4.6 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 1 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject.org> - 4.6-1.20131201svn - Updated to upstream 4.6 release -------------------------------------------------------------------------------- ================================================================================ cego-2.19.13-1.fc20 (FEDORA-2013-22833) A relational and transactional database -------------------------------------------------------------------------------- Update Information: cego 22.11.2013 2.19.13 Further corrections for CegoDatabaseManager::useObject method numTries was not increased correctly.. cego 21.11.2013 2.19.13 Optimization for CegoTableManager::deleteDataTable The index evaluation was not correct, so the faster deletion strategy for tables without index objects was not used. cego 15.11.2013 2.19.12 Fixed a lock handling bug in CegoDatabaseManager An illegal V() operation was called in case of eceeding lock counts. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Christopher Meng <rpm@xxxxxxxx> - 2.19.13-1 - New release. -------------------------------------------------------------------------------- ================================================================================ dcraw-9.19-4.fc20 (FEDORA-2013-22854) Tool for decoding raw image data from digital cameras -------------------------------------------------------------------------------- Update Information: This update hardens dcraw against corrupt input files which might trigger a division by zero, an infinite loop, or a null pointer dereference otherwise. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Nils Philippsen <nils@xxxxxxxxxx> - 9.19-4 - harden against corrupt input files (CVE-2013-1438) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1002714 - CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws https://bugzilla.redhat.com/show_bug.cgi?id=1002714 -------------------------------------------------------------------------------- ================================================================================ git-ftp-0.9.0-1.fc20 (FEDORA-2013-22844) Git powered FTP client written as shell script -------------------------------------------------------------------------------- Update Information: Bump to new upstream release. -------------------------------------------------------------------------------- ================================================================================ gnome-color-manager-3.10.1-2.fc20 (FEDORA-2013-22277) Color management tools for GNOME -------------------------------------------------------------------------------- Update Information: - Update to 1.6.2 - Added "dark region emphasis" -V parameter to targen and colprof - Changed i1d3 driver to be more forgiving of EEProm checksum calculation - Fixed "edges don't match" bug in printarg when -iCM -h -s/-S used. - Fixed bug in -H flag in chartread, dispcal, dispread, illumread & spotread - Fixed bug in dispcal black point optimization to err on the black side - Fixed bug introduced into ColorMunki (spectro) reflective measurement - Fixed major bug in illumread - result was being corrupted. - Fixed problem with TV encoded output and dispread -E -k/-K -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Richard Hughes <rhughes@xxxxxxxxxx> - 3.10.1-2 - Fix calibration when using new versions of ArgyllCMS -------------------------------------------------------------------------------- ================================================================================ high-scale-lib-1.1.4-1.fc20 (FEDORA-2013-22840) A collection of Concurrent and Highly Scalable Utilities -------------------------------------------------------------------------------- Update Information: Initial import (#865893). -------------------------------------------------------------------------------- References: [ 1 ] Bug #865893 - Review Request: high-scale-lib - A collection of Concurrent and Highly Scalable Utilities https://bugzilla.redhat.com/show_bug.cgi?id=865893 -------------------------------------------------------------------------------- ================================================================================ ibus-input-pad-1.4.1-1.fc20 (FEDORA-2013-22856) Input Pad for IBus -------------------------------------------------------------------------------- Update Information: Integrated the new release. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.4.1-1 - Bumped to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ input-pad-1.0.3-1.fc20 (FEDORA-2013-22861) On-screen Input Pad to Send Characters with Mouse -------------------------------------------------------------------------------- Update Information: Integrated a new release. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.0.3-1 - Bumped to 1.0.3 -------------------------------------------------------------------------------- ================================================================================ irssi-0.8.16-0.3.rc1.fc20 (FEDORA-2013-22853) Modular text mode IRC client with Perl scripting -------------------------------------------------------------------------------- Update Information: This is an update that fixes build with the -Werror=format-security. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2013 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 0.8.16-0.3.rc1 - Fixed change log * Wed Dec 4 2013 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 0.8.16-0.2.rc1 - Fixed compilation with -Werror=format-security Resolves: rhbz#1037139 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037139 - irssi FTBFS if "-Werror=format-security" flag is used https://bugzilla.redhat.com/show_bug.cgi?id=1037139 -------------------------------------------------------------------------------- ================================================================================ libexplain-1.2-3.fc20 (FEDORA-2013-22845) Library functions to explain system call errors -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.2-3 - Install docs into %{_pkgdocdir} (RHBZ #993957). - Use %configure instead of ./configure. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1001236 - roundup : duplicate documentation files / potentially conflicting https://bugzilla.redhat.com/show_bug.cgi?id=1001236 -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.24.1-5.fc20 (FEDORA-2013-22849) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: Rebuild for PPC, and include a fix for new btrfs which requires --force option to work. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.24.1-5 - Rebuild to push change to PPC (secondary arches) RHBZ#1036742. - Backport upstream (but not 1.24) patch to workaround changed btrfs behaviour. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036742 - Disable libguestfs tests on PPC https://bugzilla.redhat.com/show_bug.cgi?id=1036742 -------------------------------------------------------------------------------- ================================================================================ luajit-2.0.2-7.fc20 (FEDORA-2013-22732) Just-In-Time Compiler for Lua -------------------------------------------------------------------------------- Update Information: * New package: luajit - Just-In-Time Compiler for Lua * Fixed executable binaries -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035661 - Review Request: luajit - Just-In-Time Compiler for Lua https://bugzilla.redhat.com/show_bug.cgi?id=1035661 -------------------------------------------------------------------------------- ================================================================================ mirrorbrain-2.17.0-3.fc20 (FEDORA-2013-22859) A download redirector and metalink generator -------------------------------------------------------------------------------- Update Information: New package inclusion. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035935 - Review Request: mirrorbrain - A download redirector and metalink generator https://bugzilla.redhat.com/show_bug.cgi?id=1035935 -------------------------------------------------------------------------------- ================================================================================ nodejs-mbtiles-0.4.0-1.fc20 (FEDORA-2013-22834) Utilities and tilelive integration for the MBTiles format -------------------------------------------------------------------------------- Update Information: Update node modules to latest version -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Tom Hughes <tom@xxxxxxxxxx> - 0.4.0-1 - Update to 0.4.0 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1038960 - nodejs-mbtiles-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1038960 -------------------------------------------------------------------------------- ================================================================================ nodejs-xml2js-0.4.0-1.fc20 (FEDORA-2013-22858) Simple XML to JavaScript object converter -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 25 2013 Tom Hughes <tom@xxxxxxxxxx> - 0.4.0-1 - Update to 0.4.0 upstream release - Update to latest nodejs packaging standards -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 -------------------------------------------------------------------------------- ================================================================================ nodejs-xmlbuilder-1.0.2-2.fc20 (FEDORA-2013-22858) An XML builder for Node.js -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 -------------------------------------------------------------------------------- ================================================================================ ocserv-0.2.1-6.fc20 (FEDORA-2013-22838) OpenConnect SSL VPN server -------------------------------------------------------------------------------- Update Information: Added openconnect VPN server -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027770 - Review Request: ocserv - OpenConnect SSL VPN server https://bugzilla.redhat.com/show_bug.cgi?id=1027770 -------------------------------------------------------------------------------- ================================================================================ openlmi-tools-0.9-11.fc20 (FEDORA-2013-22852) Set of CLI tools for Openlmi providers -------------------------------------------------------------------------------- Update Information: fix indication unique name fix blocking timeout when receiving indication fix compulsory call order of LMIIndicationListener methods fixed LMIShell naming fixed interactive connect(), when -i option present fix missing log messages in connect() fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix missing log messages in connect() fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fixed LMIShell naming fixed interactive connect(), when -i option present fix missing log messages in connect() fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix missing log messages in connect() fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. fix instance comparision fix passing method params - fix instance deletion - fix passing LMIInstance argumetns to method calls Upgrade to v0.9. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-11 - fix indication unique name * Fri Dec 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-10 - fix blocking timeout when receiving indication * Wed Dec 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-9 - fix compulsory call order of LMIIndicationListener methods * Tue Dec 3 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-8 - fix interactive connect when run with -i * Tue Dec 3 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-7 - unify LMIShell naming * Mon Dec 2 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-6 - fix missing log messages in connect() * Wed Nov 20 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-5 - fix passing method params * Wed Nov 20 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-4 - fix instance comparision * Wed Nov 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-3 - fix passing instance references to method call * Wed Nov 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-2 - fix instance deletion * Mon Nov 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.9-1 - upgrade to v0.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035693 - lmishell does not return success or error status message when connecting to CIMOM https://bugzilla.redhat.com/show_bug.cgi?id=1035693 -------------------------------------------------------------------------------- ================================================================================ opus-1.1-1.fc20 (FEDORA-2013-22837) An audio codec for use in low-delay speech and audio communication -------------------------------------------------------------------------------- Update Information: After more than two years of development, we have released Opus 1.1. This includes: * new analysis code and tuning that significantly improves encoding quality, especially for variable-bitrate (VBR), * automatic detection of speech or music to decide which encoding mode to use * surround with good quality at 128 kbps for 5.1 and usable down to 48 kbps * speed improvements on all architectures, especially ARM, where decoding uses around 40% less CPU and encoding uses around 30% less CPU. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.1-1 - 1.1 release * Tue Dec 3 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.1-0.3rc3 - Update to 1.1-rc3 * Thu Nov 28 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.1-0.2rc2 - Update to 1.1-rc2 * Tue Nov 26 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.1-0.1rc - Update to 1.1-rc -------------------------------------------------------------------------------- ================================================================================ php-twig-Twig-1.15.0-1.fc20 (FEDORA-2013-22835) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information: Updated to 1.15.0 This version comes with new functions: max and min, a new filter: round, and a new function: source. It also fixes some issues with the C extension when using the sandbox. Last, but not the least, the Template::getAttribute() works better when one of your classes uses __call() and throws a BadMethodCallException exception when the method is not supported. Release blog post: http://blog.twig.sensiolabs.org/post/69155402481/twig-1-15-0-released -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.15.0-1 - Updated to 1.15.0 (BZ #1038972) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1038972 - php-twig-Twig-1.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1038972 -------------------------------------------------------------------------------- ================================================================================ php-twig-ctwig-1.15.0-1.fc20 (FEDORA-2013-22842) Extension to improve performance of Twig -------------------------------------------------------------------------------- Update Information: Version 1.15.0 (2013-12-06) * fixed the C extension sandbox behavior when get or set is prepend to method name -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.15.0-1 - Update to 1.15.0 (stable) - install doc in pear doc_dir (this is not from pecl channel) -------------------------------------------------------------------------------- ================================================================================ python-fmn-web-0.1.4-2.fc20 (FEDORA-2013-22851) Frontend Web Application for Fedora Notifications -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037899 - Review Request: python-fmn-web - Frontend Web Application for Fedora Notifications https://bugzilla.redhat.com/show_bug.cgi?id=1037899 -------------------------------------------------------------------------------- ================================================================================ python3-bsddb3-6.0.1-1.fc20 (FEDORA-2013-22850) Python 3 bindings for BerkleyDB -------------------------------------------------------------------------------- Update Information: Update package to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ qt-4.8.5-12.fc20 (FEDORA-2013-22860) Qt toolkit -------------------------------------------------------------------------------- Update Information: Qt Project Security Advisory: XML Entity Expansion Denial of Service (CVE-2013-4549) See also http://lists.qt-project.org/pipermail/announce/2013-December/000036.html -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.8.5-12 - XML Entity Expansion Denial of Service (CVE-2013-4549) * Wed Oct 9 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.8.5-11 - Discover printers shared by CUPS 1.6 (#980952) -------------------------------------------------------------------------------- ================================================================================ qt3-3.3.8b-54.fc20 (FEDORA-2013-22847) The shared library for the Qt 3 GUI toolkit -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2013-4549 (XML Entity Expansion Denial of Service) in Qt 3. See the Qt Project Security Advisory for details: http://lists.qt-project.org/pipermail/announce/2013-December/000036.html -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 3.3.8b-54 - backport CVE-2013-4549 fix from Qt 4 -------------------------------------------------------------------------------- ================================================================================ rodent-icon-theme-5.0-3.fc20 (FEDORA-2013-22846) SVG scalable icon theme by Rodent -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016803 - Review Request: rodent-icon-theme - SVG scalable icon theme by Rodent https://bugzilla.redhat.com/show_bug.cgi?id=1016803 -------------------------------------------------------------------------------- ================================================================================ rubygem-inflecto-0.0.2-1.fc20 (FEDORA-2013-22863) Inflector for strings -------------------------------------------------------------------------------- Update Information: First Fedora release. This software provides Ruby developers with simple ways to inflect strings. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036836 - Review Request: rubygem-inflecto - Inflector for strings https://bugzilla.redhat.com/show_bug.cgi?id=1036836 -------------------------------------------------------------------------------- ================================================================================ salt-api-0.8.3-1.fc20 (FEDORA-2013-22857) A web api for to access salt the parallel remote execution system -------------------------------------------------------------------------------- Update Information: Updating to minor release 0.8.3 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Andrew Niemantsverdriet <andrewniemants@xxxxxxxxx> - Minor bugfix version release -------------------------------------------------------------------------------- ================================================================================ simple-mtpfs-0.2-1.fc20 (FEDORA-2013-22836) Fuse-based MTP driver -------------------------------------------------------------------------------- Update Information: Upgrade to v0.2 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Peter Hatina <phatina@xxxxxxxxxx> - 0.2-1 - upgrade to v0.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #971878 - /tmp on tmpfs breaks simple-mtpfs https://bugzilla.redhat.com/show_bug.cgi?id=971878 -------------------------------------------------------------------------------- ================================================================================ sofia-sip-1.12.11-8.fc20 (FEDORA-2013-22839) Sofia SIP User-Agent library -------------------------------------------------------------------------------- Update Information: Add patch to fix compiler error. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 1.12.11-8 - Add patch to fix compiler error. (#981056) -------------------------------------------------------------------------------- References: [ 1 ] Bug #981056 - F19 rebuild broke sofia-sip https://bugzilla.redhat.com/show_bug.cgi?id=981056 -------------------------------------------------------------------------------- ================================================================================ springframework-3.1.4-2.fc20 (FEDORA-2013-22862) Spring Java Application Framework -------------------------------------------------------------------------------- Update Information: fix FTBFS in rawhide (f20). -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 gil cattaneo <puntogil@xxxxxxxxx> 0:3.1.4-2 - fix for rhbz: 993376, 953977 - switch to XMvn - disable derby (partial), and jopt-simple support - enable castor and jruby support * Thu Dec 5 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 0:3.1.4-1 - Update to 3.1.4 - Add BR xmlunit - Change wstx-asl to woodstox-core-asl * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0:3.1.1-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #993376 - springframework: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=993376 -------------------------------------------------------------------------------- ================================================================================ squeak-vm-4.10.2.2614-9.fc20 (FEDORA-2013-22855) The Squeak virtual machine -------------------------------------------------------------------------------- Update Information: This is an update that fixes compilation with -Werror=format-security. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 4.10.2.2614-9 - Fixed compilation with -Werror=format-security Resolves: rhbz#1037336 - Fixed bogus dates in changelog (best effort) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037336 - squeak-vm FTBFS if "-Werror=format-security" flag is used https://bugzilla.redhat.com/show_bug.cgi?id=1037336 -------------------------------------------------------------------------------- ================================================================================ t1lib-5.1.2-14.fc20 (FEDORA-2013-22864) PostScript Type 1 font rasterizer -------------------------------------------------------------------------------- Update Information: This is an update that fixes building with -Werror=format-security. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 5.1.2-14 - Fixed building with -Werror=format-security Resolves: rhbz#1037346 - Fixed bogus dates in changelog (best effort) - Removed rpaths -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037346 - t1lib FTBFS if "-Werror=format-security" flag is used https://bugzilla.redhat.com/show_bug.cgi?id=1037346 -------------------------------------------------------------------------------- ================================================================================ ufraw-0.19.2-10.fc20 (FEDORA-2013-22832) Raw image data retrieval tool for digital cameras -------------------------------------------------------------------------------- Update Information: This update hardens ufraw against corrupt input files which might trigger a division by zero, an infinite loop, or a null pointer dereference otherwise. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Nils Philippsen <nils@xxxxxxxxxx> - 0.19.2-10 - harden against corrupt input files (CVE-2013-1438) * Tue Dec 3 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.19.2-9 - rebuild (exiv2) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1002714 - CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws https://bugzilla.redhat.com/show_bug.cgi?id=1002714 -------------------------------------------------------------------------------- ================================================================================ xfce4-whiskermenu-plugin-1.2.2-1.fc20 (FEDORA-2013-22843) An alternate application launcher for Xfce -------------------------------------------------------------------------------- Update Information: new upstream release 1.2.2.. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037768 - Whisker Menu 1.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1037768 -------------------------------------------------------------------------------- ================================================================================ yad-0.25.1-1.fc20 (FEDORA-2013-22865) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information: Update to 0.25.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Elder Marco <eldermarco@xxxxxxxxxxxxxxxxx> - 0.25.1-1 - Update to 0.25.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1006030 - yad-0.25.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1006030 -------------------------------------------------------------------------------- ================================================================================ yum-3.4.3-120.fc20 (FEDORA-2013-22841) RPM package installer/updater/manager -------------------------------------------------------------------------------- Update Information: Fix a regression in -119 Update to latest HEAD -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Zdenek Pavlas <zpavlas@xxxxxxxxxx> - 3.4.3-120 - Revert the use of float timestamps as it triggers repomd != metalink. * Wed Dec 4 2013 Zdenek Pavlas <zpavlas@xxxxxxxxxx> - 3.4.3-119 - docs only: group_command=objects is the distro default. - Parse float timestamps as valid, for global timestamp. - Add check_config_file_age, so we can turn that off for rhsm repos. BZ 103544 - Better doc. comment for re_primary_filename(). * Thu Nov 21 2013 James Antill <james at fedoraproject.org> - 3.4.3-118 - Update to latest HEAD. - Don't use the provide for distroverpkg if it's the name of the pkg. BZ 1002977. - Use the provides as-is when we do use it. BZ 1002977. - Fix the man page formatting for ! explanation in repolist, so it can be read. - Add deltarpm_metadata_percentage config. so people can configure MD download. * Tue Nov 19 2013 James Antill <james at fedoraproject.org> - 3.4.3-117 - Update to latest HEAD. - Fix autocheck_running_kernel config. * Mon Nov 18 2013 James Antill <james at fedoraproject.org> - 3.4.3-116 - Update to latest HEAD. - Add installed for groups pkg. lists on transaction output. BZ 1031374. - Add autocheck_running_kernel config. so people can turn it off. - Add upgrade_group_objects_upgrade config. so people can turn it off. - Add distupgrade command as alias for distro-sync, to be compat. with zypper. * Fri Nov 15 2013 James Antill <james at fedoraproject.org> - 3.4.3-115 - Update to latest HEAD. - Use makecache systemd timer on f20, maybe use it on f19 too? - installonlypkgs: remove unneeded provides, add "installonlypkg(kernel)" - docs: Suggest "--" when using "-<pkg>" to exclude packages. BZ 1026598. - applydeltarpm: turn fork() failure to MiscError. BZ 1028334. * Sun Nov 10 2013 James Antill <james at fedoraproject.org> - 3.4.3-114 - Update to latest HEAD. - Fixup always turning cron/makecache systemd stuff off. - _readRawRepoFile: return only valid (ini, section_id). BZ 1018795. - Same-mirror retry on refused connections. Helps BZ 853432. * Thu Oct 31 2013 James Antill <james at fedoraproject.org> - 3.4.3-113 - Update to latest HEAD. - Mostly backwards compat. change to how distroverpkg config. works. BZ 1002977. * Wed Oct 30 2013 James Antill <james at fedoraproject.org> - 3.4.3-112 - Update to latest HEAD. - Actually run the groups update config. when not in objects mode. BZ 1002439. - Implement pkg.remote_url for YumLocalPackage. BZ 1016148. - UpdateNotice.xml(): sanitize pkg['epoch']. BZ 1020540. - yum-cron: support download/install with update_messages==False. BZ 1018068. - Fix some bugs in setopt for repo config. entries. BZ 1023595. - Add loop limit for depsolving. BZ 1017840. - Add yum-makecache systemd service, force network updates on for better UI. * Mon Oct 7 2013 James Antill <james at fedoraproject.org> - 3.4.3-111 - Update to latest HEAD. - More reliable po.localpath file:// URL test. BZ 1004089 - Disable drpms for local repositories. BZ 1007097 - docs: fix formatting of "yum swap" examples. BZ 1009154 - Move disableplugin checks to before we load the conf/module - Set repo_error.repo attr also when filelists DL fails - Fix the "repo failed" message - docs: update "yum check" extra args description. BZ 1014993 - unlink_f(): handle ENOENT, EPERM, EACCES, EROFS. BZ 1015647, BZ 975619 * Fri Sep 6 2013 James Antill <james at fedoraproject.org> - 3.4.3-110 - Update to latest HEAD. - Add cache check to repolist, using "!". Document repoinfo. - Add epoch to updateinfo xml output. - Add missing translation hooks for ignored -c option message. - Try to smooth out the edge cases for cacheReq not ever updating data. * Wed Sep 4 2013 James Antill <james at fedoraproject.org> - 3.4.3-109 - Update to latest HEAD. - update /etc/yum-cron-hourly.conf. BZ 1002623 - Tweak y-c-t and history redo msg. BZ 974576. - docs: $arch does not map 1:1 to uname(2) arch. BZ 1003554 - checkMD: re-check when xattr matches but size==0. BZ 1002494 * Wed Aug 28 2013 James Antill <james at fedoraproject.org> - 3.4.3-108 - Update to latest HEAD. - Use new comps. mock objects to re-integrate group removal. BZ 996866. - Add "weak" comps. groups, for installed groups. - Add msg. to help users deal with RepoError failures. BZ 867389. - Give msgs about install/trans. obsoletes a higher priority. BZ 991080. - waitForLock() raises YumBaseError. BZ 1001154. * Sun Aug 25 2013 James Antill <james at fedoraproject.org> - 3.4.3-107 - Update to latest HEAD. - Pass requirement to compare_proviers so we can use provides version compare. - Show conf. file in yum-cron error message. - Add mark convert messages. - Fix logging level regression, -d9 works again. - Override users umask for groups files, so users can read it. BZ 982361. - Fix downgrade keeping .reason, note that remove+install doesn't. BZ 961938. - Inherit reason from install package into txmbr. BZ BZ 961938. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039052 - [Errno -1] repomd.xml does not match metalink for updates https://bugzilla.redhat.com/show_bug.cgi?id=1039052 [ 2 ] Bug #1016148 - yum localinstall throws: ValueError: <any rpm> has no attribute basepath https://bugzilla.redhat.com/show_bug.cgi?id=1016148 [ 3 ] Bug #1020540 - yum.update_md.UpdateNotice.xml() does not sanitize pkg['epoch'] with the to_xml() function https://bugzilla.redhat.com/show_bug.cgi?id=1020540 [ 4 ] Bug #1018068 - RFE: yum-cron: Need to turn off update notifications https://bugzilla.redhat.com/show_bug.cgi?id=1018068 [ 5 ] Bug #1023595 - yum-config-manager --setopt doesn't work with dotted repoids https://bugzilla.redhat.com/show_bug.cgi?id=1023595 [ 6 ] Bug #1026598 - yum install @somegroup -somepackage causes error https://bugzilla.redhat.com/show_bug.cgi?id=1026598 [ 7 ] Bug #1028334 - Yum traceback when spawnl(applydeltarpm) hits resource limits https://bugzilla.redhat.com/show_bug.cgi?id=1028334 [ 8 ] Bug #1035440 - subscription-manager yum plugin makes yum refresh all RHSM repos. on every command. https://bugzilla.redhat.com/show_bug.cgi?id=1035440 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
