The following Fedora 20 Security updates need testing: Age URL 54 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20 46 https://admin.fedoraproject.org/updates/FEDORA-2013-19934/openstack-glance-2013.2-2.fc20 41 https://admin.fedoraproject.org/updates/FEDORA-2013-19507/openstack-keystone-2013.2-2.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2013-22042/varnish-3.0.4-2.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2013-22575/subversion-1.8.5-2.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2013-22713/hdapsd-20090401.20131204git401ca60-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2013-22741/zabbix-2.0.9-2.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2013-22730/mod_nss-1.0.8-28.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2013-22754/xen-4.3.1-5.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22827/mingw-openjpeg-1.5.1-5.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22809/net-snmp-5.7.2-16.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2013-22832/ufraw-0.19.2-10.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2013-22854/dcraw-9.19-4.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-22983/munin-2.0.18-2.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-22968/munin-2.0.19-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient-1.8.0-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23034/rubygem-i18n-0.6.4-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23164/php-5.5.7-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23177/samba-4.1.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23197/ack-2.12-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23192/devscripts-2.13.5-2.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 65 https://admin.fedoraproject.org/updates/FEDORA-2013-18447/createrepo-0.9.9-23.fc20 28 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2013-22412/libosinfo-0.2.8-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22527/libbluray-0.4.0-2.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22641/libfm-1.1.3-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22805/gnutls-3.1.17-3.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2013-22837/opus-1.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22956/fedup-dracut-0.8.0-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2013-22973/upower-0.9.23-2.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23100/sqlite-3.8.2-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23111/python-setuptools-1.4.2-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23110/evolution-data-server-3.10.3-1.fc20,evolution-mapi-3.10.3-1.fc20,evolution-3.10.3-1.fc20,evolution-ews-3.10.3-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23099/qtwebkit-2.3.3-2.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23049/libpciaccess-0.13.2-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23038/openssl-1.0.1e-31.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23052/iso-codes-3.49-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23163/openssh-6.4p1-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23185/bluez-5.12-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23168/colord-1.1.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23182/mutter-3.10.2-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23177/samba-4.1.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23169/langtable-0.0.23-1.fc20 The following builds have been pushed to Fedora 20 updates-testing Canna-3.7p3-41.fc20 ack-2.12-1.fc20 apr-1.5.0-2.fc20 apr-util-1.5.3-1.fc20 bluez-5.12-1.fc20 carto-0.9.5-3.fc20 colord-1.1.5-1.fc20 community-mysql-5.5.35-1.fc20 copr-1.15-1.fc20 devscripts-2.13.5-2.fc20 eclipse-linuxtools-2.2.0-1.fc20 ghostscript-9.10-5.fc20 glite-lbjp-common-jp-interface-2.3.9-1.fc20 glite-lbjp-common-maildir-2.3.9-1.fc20 hanazono-fonts-20131208-1.fc20 langtable-0.0.23-1.fc20 libreoffice-4.1.3.2-11.fc20 lynis-1.3.7-1.fc20 mutter-3.10.2-4.fc20 nfs-ganesha-2.0.0-1.fc20 nodejs-xml2js-0.4.0-1.fc20 nodejs-xmlbuilder-1.1.0-1.fc20 openssh-6.4p1-3.fc20 oscap-anaconda-addon-0.3-1.fc20 oxygen-gtk2-1.4.1-1.fc20 oxygen-gtk3-1.3.0-1.fc20 perl-ExtUtils-Typemaps-Default-1.05-1.fc20 php-5.5.7-1.fc20 python-cpopen-1.2.3-5.fc20 qt5-qtbase-5.2.0-0.12.rc1.fc20 qt5-qtdeclarative-5.2.0-0.12.rc1.fc20 qt5-qtdoc-5.2.0-0.10.rc1.fc20 qt5-qtgraphicaleffects-5.2.0-0.10.rc1.fc20 qt5-qtimageformats-5.2.0-0.10.rc1.fc20 qt5-qtmultimedia-5.2.0-0.10.rc1.fc20 qt5-qtquick1-5.2.0-0.10.rc1.fc20 qt5-qtquickcontrols-5.2.0-0.10.rc1.fc20 qt5-qtscript-5.2.0-0.10.rc1.fc20 qt5-qtsvg-5.2.0-0.10.rc1.fc20 qt5-qttools-5.2.0-0.10.rc1.fc20 qt5-qttranslations-5.2.0-0.10.rc1.fc20 qt5-qtwebkit-5.2.0-0.10.rc1.fc20 qt5-qtxmlpatterns-5.2.0-0.10.rc1.fc20 rhythmbox-3.0.1-1.fc20 rubygem-coercible-1.0.0-2.fc20 rubygem-narray-0.6.0.8-6.fc20 rubygem-narray-0.6.0.8-7.fc20 rubygem-narray-0.6.0.8-8.fc20 samba-4.1.3-2.fc20 terminology-0.4.0-1.fc20 vdsm-4.13.2-0.fc20 vdsm-4.13.2-1.fc20 wireshark-1.10.3-9.fc20 wxsqlite3-3.0.6.1-1.fc20 xorg-x11-proto-devel-7.7-8.fc20 xorg-x11-xtrans-devel-1.3.2-2.fc20 Details about builds: ================================================================================ Canna-3.7p3-41.fc20 (FEDORA-2013-23162) A Japanese character set input system. -------------------------------------------------------------------------------- Update Information: Fix an error when building with -Werror=format-security -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Akira TAGOH <tagoh@xxxxxxxxxx> - 3.7p3-41 - Fix an error when building with -Werror=format-security. (#1037008) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037008 - Canna FTBFS if "-Werror=format-security" flag is used https://bugzilla.redhat.com/show_bug.cgi?id=1037008 -------------------------------------------------------------------------------- ================================================================================ ack-2.12-1.fc20 (FEDORA-2013-23197) Grep-like text finder -------------------------------------------------------------------------------- Update Information: This verison of ack prevents the --pager, --regex and --output options from being used from project-level ackrc files. It is possible to execute malicious code with these options, and we want to prevent the security risk of acking through a potentially malicious codebase, such as one downloaded from an Internet site or checked out from a code repository. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 2.12-1 - Update to 2.12 - fixes BZ#1040228, BZ#1040229, CVE request http://www.openwall.com/lists/oss-security/2013/12/10/10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040228 - ack: code execution via .ackrc file https://bugzilla.redhat.com/show_bug.cgi?id=1040228 -------------------------------------------------------------------------------- ================================================================================ apr-1.5.0-2.fc20 (FEDORA-2013-23183) Apache Portable Runtime library -------------------------------------------------------------------------------- Update Information: This update includes the latest releases of APR (1.5.0) and APR-util (1.5.3), including various bug fixes and enhancements. For more information, see: http://www.apache.org/dist/apr/CHANGES-APR-1.5 http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.5 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 26 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.5.0-2 - update to 1.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031391 - apr-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1031391 -------------------------------------------------------------------------------- ================================================================================ apr-util-1.5.3-1.fc20 (FEDORA-2013-23183) Apache Portable Runtime Utility library -------------------------------------------------------------------------------- Update Information: This update includes the latest releases of APR (1.5.0) and APR-util (1.5.3), including various bug fixes and enhancements. For more information, see: http://www.apache.org/dist/apr/CHANGES-APR-1.5 http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.5 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 26 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.5.3-1 - update to 1.5.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031391 - apr-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1031391 -------------------------------------------------------------------------------- ================================================================================ bluez-5.12-1.fc20 (FEDORA-2013-23185) Bluetooth utilities -------------------------------------------------------------------------------- Update Information: This update adds upstream support for the PS3 Sixaxis joypad, and fixes many crasher bugs. This update fixes a couple of crasher bugs, and re-adds support for the iCade. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Bastien Nocera <bnocera@xxxxxxxxxx> 5.12-1 - Update to 5.12 - Sixaxis PS3 joypad support is now upstream * Tue Dec 10 2013 Bastien Nocera <bnocera@xxxxxxxxxx> 5.11-2 - Add crasher fixes (rhbz #1027365) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027365 - [abrt] bluez-5.10-2.fc20: _IO_default_xsputn: Process /usr/libexec/bluetooth/bluetoothd was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1027365 -------------------------------------------------------------------------------- ================================================================================ carto-0.9.5-3.fc20 (FEDORA-2013-22858) Mapnik style sheet compiler -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 5 2013 Tom Hughes <tom@xxxxxxxxxx> - 0.9.5-3 - Fix xml2js dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 [ 2 ] Bug #1040191 - nodejs-xmlbuilder-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1040191 [ 3 ] Bug #1036915 - Review Request: nodejs-xmlbuilder - An XML builder for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=1036915 -------------------------------------------------------------------------------- ================================================================================ colord-1.1.5-1.fc20 (FEDORA-2013-23168) Color daemon -------------------------------------------------------------------------------- Update Information: - New upstream version - Do not crash when moving the sensor position during calibration - Do not crash with zero-sized ICC file - Do not create legacy locations - Ensure the ICC version is set when creating from the EDID - Ensure the parsed EDID strings are valid UTF-8 - Fix crash when using cd_color_get_blackbody_rgb() - Never add USB hubs as scanner devices even if tagged - Never create color managed webcam devices -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Richard Hughes <richard@xxxxxxxxxxx> 1.1.5-1 - New upstream version - Do not crash when moving the sensor position during calibration - Do not crash with zero-sized ICC file - Do not create legacy locations - Ensure the ICC version is set when creating from the EDID - Ensure the parsed EDID strings are valid UTF-8 - Fix crash when using cd_color_get_blackbody_rgb() - Never add USB hubs as scanner devices even if tagged - Never create color managed webcam devices -------------------------------------------------------------------------------- References: [ 1 ] Bug #973792 - [abrt] colord-1.0.0-1.fc19: cd_main_start_calibration_cb: Process /usr/libexec/colord-session was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=973792 -------------------------------------------------------------------------------- ================================================================================ community-mysql-5.5.35-1.fc20 (FEDORA-2013-23172) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: Update to MySQL 5.5.35, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 9 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.35-1 - Update to MySQL 5.5.35, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html -------------------------------------------------------------------------------- ================================================================================ copr-1.15-1.fc20 (FEDORA-2013-23187) Cool Other Package Repo -------------------------------------------------------------------------------- Update Information: Resolves: #1030493 - [cli] check that at least one chroot is entered Resolves: #1028235 - add disclaimer about repos - improvements to copr-cli -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.15-1 - [frontend] smarter package name parsing - [frontend] extend range to allow 0 - handle default timeout on backend - initial support for SCL - [backend] create word readable files in result directory - [backend] print tracebacks - [frontend] monitor: display only pkg name w/o version - [doc] update api docs - [doc] update copr-cli manpage - [cli] list only name, description and instructions - [cli] add support for build status & build monitor - [frontend] add build status to API - [playbook] do not overwrite mockchain - [backend] add spece between options - [backend] pass mock options correctly - [frontend] support markdown in description and instructions - [backend] Add macros to mockchain define arguments - [backend] Pass copr username and project name to MockRemote - [backend] Handle additional macro specification in MockRemote - [frontend] monitor: show results per package - [frontend] add favicon - [backend] quote strings before passing to mockchain - send chroots with via callback to frontend - [cli] change cli to new api call - enhance API documentation - add yum_repos to coprs/user API call - [frontend] provide link to description of allowed content - [backend] we pass just one chroot - [backend] - variable play is not defined - if createrepo fail, run it again - [cron] fix syntax error - [man] state that --chroot for create command is required - [spec] enable tests - [howto] add note about upgrading db schema - [frontend]: add copr monitor - [tests]: replace test_allowed_one - [tests]: fix for BuildChroots & new backend view - [frontend] rewrite backend view to use Build <-> Chroot relation - [frontend] add Build <-> Chroot relation - 1030493 - [cli] check that at least one chroot is entered - [frontend] typo - fixup! [tests]: fix test_build_logic to handle BuildChroot - fixup! [frontend] add ActionsLogic - [tests]: fix test_build_logic to handle BuildChroot - [spec] enable/disable test using variable - add migration script - add table build_chroot - [frontend] skip legal-flag actions when dumping waiting actions - [frontend] rewrite backend view to use Build <-> Chroot relation - [frontend] add ActionsLogic - [frontend] create BuildChroot objects on new build - [frontend] add Build <-> Chroot relation - [frontend] add StatusEnum - [frontend] fix name -> coprname typo - [frontend] remove unused imports - [frontend] add missing json import - [backend] rework ip address extraction - ownership of /etc/copr should be just normal - [backend] - wrap up returning action in "action" blok - [backend] rename backend api url - [backend] handle "rename" action - [backend] handle "delete" action - base handling of actions - move callback to frontend to separate object - secure waiting_actions with password - pick only individual builds - make address, where we send legal flags, configurable - send email to root after legal flag have been raised * Fri Nov 8 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.14-1 - 1028235 - add disclaimer about repos - fix pagination - fix one failing test * Wed Nov 6 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.13-1 - suggest correct name of repo file - we could not use releasever macro - no need to capitalize Projects - another s/copr/project - add link to header for sign-in - fix failing tests - UX - let textarea will full widht of box - UX - make background of hovered builds darker - generate yum repo for each chroot of copr - align table header same way as ordinary rows - enable resulting repo and disable gpgchecks * Mon Nov 4 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.12-1 - do not send parameters when we neither need them nor use them - authenticate using api login, not using username - disable editing name of project - Add commented out WTF_CSRF_ENABLED = True to configs - Use new session for each test - fix test_coprs_general failures - fix test_coprs_builds failures - Add WTF_CSRF_ENABLED = False to unit test config - PEP8 fixes - Fix compatibility with wtforms 0.9 - typo s/submited/submitted/ - UX - show details of build only after click - add link to FAQ to footer - UX - add placeholders - UX - add asterisk to required fields - dynamicly generate url for home - add footer * Sat Oct 26 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.11-1 - catch IOError from libravatar if there is no network * Fri Oct 25 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.10-1 - do not normalize url - specify full prefix of http - execute playbook using /usr/bin/ansible-playbook - use ssh transport - check after connection is made - add notes about debuging mockremote - clean up instance even when worker fails - normalize paths before using - do not use exception variable - operator should be preceded and followed by space - remove trailing whitespace - convert comment to docstring - use ssh transport - do not create new ansible connection, reuse self.conn - run copr-be.py as copr - s/Copr/Project/ where we use copr in meaning of projects - number will link to those coprs, to which it refers - run log and jobgrab as copr user - log event to log file - convert comment into docstring - use unbufferred output for copr-be.py - hint how to set ec2 variables - document sleeptime - document copr_url for copr-cli - document how to set api key for copr-cli - do not create list of list - document SECRET_KEY variable - make note how to become admin - instruct people to install selinux with frontend * Thu Oct 3 2013 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.9-1 - prune old builds - require python-decorator - remove requirements.txt - move TODO-backend to our wiki - create pid file in /var/run/copr-backend - add backend service file for systemd - remove daemonize option in config - use python logging - create pid file in /var/run by default - do not create destdir - use daemon module instead of home brew function - fix default location of copr-be.conf - 2 tests fixed, one still failing - fix failing test test_fail_on_missing_dash - fixing test_fail_on_nonexistent_copr test - run frontend unit tests when building package - Adjust URLs in the unit-tests to their new structure - Adjust the CLI to call the adjuste endpoint of the API - Adjust API endpoint to reflects the UI endpoints in their url structure - First pass at adding fedmsg hooks. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030493 - copr-cli create does not work https://bugzilla.redhat.com/show_bug.cgi?id=1030493 [ 2 ] Bug #1028235 - RFE: Disclaimer similar to r.f.o https://bugzilla.redhat.com/show_bug.cgi?id=1028235 -------------------------------------------------------------------------------- ================================================================================ devscripts-2.13.5-2.fc20 (FEDORA-2013-23192) Scripts for Debian Package maintainers -------------------------------------------------------------------------------- Update Information: Fix code execution flaw in uscan, CVE request: http://www.openwall.com/lists/oss-security/2013/12/11/4 Update to release 2.13.5, see http://ftp-master.metadata.debian.org/changelogs//main/d/devscripts/devscripts_2.13.5_changelog for details. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Sandro Mani <manisandro@xxxxxxxxx> - 2.13.5-2 - Add upstream patch to fix arbitrary command execution when using USCAN_EXCLUSION (rhbz#1040266, debian#731849) * Thu Dec 5 2013 Sandro Mani <manisandro@xxxxxxxxx> - 2.13.5-1 - Update to 2.13.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040266 - devscripts: code execution flaw in uscan https://bugzilla.redhat.com/show_bug.cgi?id=1040266 -------------------------------------------------------------------------------- ================================================================================ eclipse-linuxtools-2.2.0-1.fc20 (FEDORA-2013-23184) Linux specific Eclipse plugins -------------------------------------------------------------------------------- Update Information: Updates to Linux Tools 2.2 final.. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 2.2.0-1 - Update to Linux Tools 2.2.0 tag. * Mon Nov 18 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 2.2.0-0.1.gitd2973ee - Update to Linux Tools 2.2.0 snapshot. -------------------------------------------------------------------------------- ================================================================================ ghostscript-9.10-5.fc20 (FEDORA-2013-23170) A PostScript interpreter and renderer -------------------------------------------------------------------------------- Update Information: This update fixes some bugs that could cause ghostscript to crash while printing. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Tim Waugh <twaugh@xxxxxxxxxx> 9.10-5 - Use upstream patches to fix gs segfaults (bug #1026428, bug #1039718). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036428 - gs segfault while printing https://bugzilla.redhat.com/show_bug.cgi?id=1036428 [ 2 ] Bug #1039718 - [abrt] ghostscript-9.10-4.fc19: igc_reloc_struct_ptr: Process /usr/bin/gs was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1039718 -------------------------------------------------------------------------------- ================================================================================ glite-lbjp-common-jp-interface-2.3.9-1.fc20 (FEDORA-2013-23167) Public API to JP service internal interface -------------------------------------------------------------------------------- Update Information: Definition of interfaces required to build plugins for Job Provenance services and implementation of minimal library of support functions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039296 - Review Request: glite-lbjp-common-jp-interface - Public API to JP service internal interface https://bugzilla.redhat.com/show_bug.cgi?id=1039296 -------------------------------------------------------------------------------- ================================================================================ glite-lbjp-common-maildir-2.3.9-1.fc20 (FEDORA-2013-23196) Single-purpose implementation of maildir-like queue -------------------------------------------------------------------------------- Update Information: Single-purpose implementation of maildir-like queue. It is used to pass data from gLite Bookkeeping server to Job Provenance. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039293 - Review Request: glite-lbjp-common-maildir - Single-purpose implementation of maildir-like queue https://bugzilla.redhat.com/show_bug.cgi?id=1039293 -------------------------------------------------------------------------------- ================================================================================ hanazono-fonts-20131208-1.fc20 (FEDORA-2013-23188) Japanese Mincho-typeface TrueType font -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Akira TAGOH <tagoh@xxxxxxxxxx> - 20131208-1 - New upstream release. (#1039477) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039477 - hanazono-fonts-20131208 is available https://bugzilla.redhat.com/show_bug.cgi?id=1039477 -------------------------------------------------------------------------------- ================================================================================ langtable-0.0.23-1.fc20 (FEDORA-2013-23169) Guessing reasonable defaults for locale, keyboard layout, territory, and language. -------------------------------------------------------------------------------- Update Information: Change English language name from Oriya to Odia. fix typo in locale and territory for Malay add entries for several layouts known to be non-ASCII by systemd/s-c-k (patch by Adam Williamson) -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.23-1 - Change English translation for or from “Oriya” to “Odia” (Resolves: rhbz#1039496) - Some new translations and translation fixes from CLDR * Wed Dec 4 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.22-1 - Fix typo in territory and locale for ms (Resolves: rhbz#1038109) - add ba, chm, kv, sah, syc, udm, xal - add entries for more keyboard layouts known to be non-ASCII -------------------------------------------------------------------------------- References: [ 1 ] Bug #1038109 - [ms] typo in territory and locale for Malay language (causes error when selecting Malay in the language selection screen in Anaconda) https://bugzilla.redhat.com/show_bug.cgi?id=1038109 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.1.3.2-11.fc20 (FEDORA-2013-23179) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Corrected connector layout after reload -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.1.3.2-11 - Resolves: rhbz#1039902 Corrected connector layout after reload * Wed Dec 4 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.1.3.2-10 - Resolves: rhbz#912529 Kerkis SmallCaps shown instead of Kerkis Regular - Resolves: rhbz#1038189 refresh printer list when print dialog launched * Tue Dec 3 2013 David Tardon <dtardon@xxxxxxxxxx> - 1:4.1.3.2-9 - rhbz#1000893 do not pull in unneeded packages * Wed Nov 27 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.1.3.2-8 - Related: rhbz#1032774 bodge around reported NULL - Resolves: rhbz#1030009 SwXTextDocument crash at exit - Resolves: rhbz#1035092 no shortcut key for Italian 'Tools' menu * Fri Nov 22 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.1.3.2-7 - Resolves: rhbz#958300 fix GTK non Latin keyboard layout shortcuts - Resolves: rhbz#977068 fix qt/kde crash -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039902 - Draw and Impress do not load connector skew properly and consequently break documents on saving https://bugzilla.redhat.com/show_bug.cgi?id=1039902 -------------------------------------------------------------------------------- ================================================================================ lynis-1.3.7-1.fc20 (FEDORA-2013-23173) Security and system auditing tool -------------------------------------------------------------------------------- Update Information: * 1.3.7 (2013-12-10) New: - Function FileExists() and SearchItem() Changes: - Adjusted yum-security check [PKGS-7386] - Improved check for iptables binary check - Extended report with the tests executed and skipped * 1.3.6 (2013-12-03) New: - Support for the dntpd time daemon - New Apache test for modules [HTTP-6632] - Apache test for mod_evasive [HTTP-6640] - Apache test for mod_qos [HTTP-6641] - Apache test for mod_spamhaus [HTTP-6642] - Apache test for ModSecurity [HTTP-6643] - Check for installed package audit tool [PKGS-7398] - Added initial support for new pkgng and related tools [PKGS-7381] - Check for ssh-keyscan binary - ZFS support for FreeBSD [FILE-6330] - Test for passwordless accounts [AUTH-9283] - Initial OS support for DragonFly BSD - Initial OS support for TrueOS (FreeBSD based) - Initial OS support for elementary OS (Luna) - GetHostID for DragonFly, FreeBSD, NetBSD and OpenBSD - Check for DHCP client [NETW-3030] - Initial support for OSSEC (system integrity) [FINT-4328] - New parameter --log-file to adjust log file location - New function IsRunning() to check status of processes - New function RealFilename() to determine file name - New function CheckItem() for parsing files - New function ReportManual() and ReportException() to simplify code - New function DirectoryExists() to check existence of a directory - Support for dntpd [TIME-3104] Changes: - Extended pf checks for FreeBSD/OpenBSD and others [FIRE-4518] - Extended test to gather listening network ports for Linux [NETW-3012] - Adjusted lsof statement to ignore warnings (e.g. fuse) [LOGG-2180] [LOGG-2190] - Added suggestion for discovered shells on FreeBSD [AUTH-9218] - Extended core dump test with additional details [KRNL-5820] - Properly display suggestion if portaudit is not installed [PKGS-7382] - Ignore message if no packages are installed (pkg_info) [PKGS-7320] - Also try using apt-check on Debian systems [PKGS-7392] - Adjusted logging for RPM binary on systems not using it [PKGS-7308] - Extended search in cron directories for rdate/ntpdate [TIME-3104] - Adjusted PHP check to find ini files [PHP-2211] - Skip Apache test for NetBSD [HTTP-6622] - Skip test http version check for NetBSD [HTTP-6624] - Additional check to surpress sort error [HTTP-6626] - Improved the way binaries are checked (less disk reads) - Adjusted ReportWarning() function to skip impact rating - Improved report on screen by leaving out date/time and type - Redirect errors while checking for OpenSSL version - Extended reporting with firewall status and software - Adjusted naming of some operating systems to make them more consistent - Extended update check by using host binary if dig is not installed - Count number of installed binaries/packages and report them - Report about log rotation tool and status - Updated man page Belated update after 4 years. Belated update after 4 years. Belated update after 4 years. Update. * 1.3.6 (2013-12-03) New: - Support for the dntpd time daemon - New Apache test for modules [HTTP-6632] - Apache test for mod_evasive [HTTP-6640] - Apache test for mod_qos [HTTP-6641] - Apache test for mod_spamhaus [HTTP-6642] - Apache test for ModSecurity [HTTP-6643] - Check for installed package audit tool [PKGS-7398] - Added initial support for new pkgng and related tools [PKGS-7381] - Check for ssh-keyscan binary - ZFS support for FreeBSD [FILE-6330] - Test for passwordless accounts [AUTH-9283] - Initial OS support for DragonFly BSD - Initial OS support for TrueOS (FreeBSD based) - Initial OS support for elementary OS (Luna) - GetHostID for DragonFly, FreeBSD, NetBSD and OpenBSD - Check for DHCP client [NETW-3030] - Initial support for OSSEC (system integrity) [FINT-4328] - New parameter --log-file to adjust log file location - New function IsRunning() to check status of processes - New function RealFilename() to determine file name - New function CheckItem() for parsing files - New function ReportManual() and ReportException() to simplify code - New function DirectoryExists() to check existence of a directory - Support for dntpd [TIME-3104] Changes: - Extended pf checks for FreeBSD/OpenBSD and others [FIRE-4518] - Extended test to gather listening network ports for Linux [NETW-3012] - Adjusted lsof statement to ignore warnings (e.g. fuse) [LOGG-2180] [LOGG-2190] - Added suggestion for discovered shells on FreeBSD [AUTH-9218] - Extended core dump test with additional details [KRNL-5820] - Properly display suggestion if portaudit is not installed [PKGS-7382] - Ignore message if no packages are installed (pkg_info) [PKGS-7320] - Also try using apt-check on Debian systems [PKGS-7392] - Adjusted logging for RPM binary on systems not using it [PKGS-7308] - Extended search in cron directories for rdate/ntpdate [TIME-3104] - Adjusted PHP check to find ini files [PHP-2211] - Skip Apache test for NetBSD [HTTP-6622] - Skip test http version check for NetBSD [HTTP-6624] - Additional check to surpress sort error [HTTP-6626] - Improved the way binaries are checked (less disk reads) - Adjusted ReportWarning() function to skip impact rating - Improved report on screen by leaving out date/time and type - Redirect errors while checking for OpenSSL version - Extended reporting with firewall status and software - Adjusted naming of some operating systems to make them more consistent - Extended update check by using host binary if dig is not installed - Count number of installed binaries/packages and report them - Report about log rotation tool and status - Updated man page Belated update after 4 years. Belated update after 4 years. Belated update after 4 years. Update. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 Christopher Meng <rpm@xxxxxxxx> - 1.3.7-1 - Update to 1.3.7 * Wed Dec 4 2013 Christopher Meng <rpm@xxxxxxxx> - 1.3.6-1 - Update to 1.3.6 * Tue Nov 26 2013 Christopher Meng <rpm@xxxxxxxx> - 1.3.5-1 - Update to 1.3.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040173 - lynis-1.3.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1040173 [ 2 ] Bug #469317 - Review request: lynis - Security and system auditing tool https://bugzilla.redhat.com/show_bug.cgi?id=469317 [ 3 ] Bug #1037866 - lynis-1.3.5-1.fc19.noarch: broken permissions https://bugzilla.redhat.com/show_bug.cgi?id=1037866 -------------------------------------------------------------------------------- ================================================================================ mutter-3.10.2-4.fc20 (FEDORA-2013-23182) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: This update should make onscreen keyboards work again -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Matthias Clasen <mclasen@xxxxxxxxxx> - 3.10.2-4 - Include a fix for on-screen keyboards * Mon Dec 9 2013 Matthias Clasen <mclasen@xxxxxxxxxx> - 3.10.2-3 - Include a fix for lingering shadows -------------------------------------------------------------------------------- References: [ 1 ] Bug #1019073 - Focus is getting removed from the target window https://bugzilla.redhat.com/show_bug.cgi?id=1019073 -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.0.0-1.fc20 (FEDORA-2013-23193) Ganesha NFS Server -------------------------------------------------------------------------------- Update Information: NFS-Ganesha is a user mode NFS server supporting NFSv4, NFSv3, and 9P -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026337 - Review Request: nfs-ganesha — a user-mode file server for NFS (v3, 4.0,4.1 pNFS) https://bugzilla.redhat.com/show_bug.cgi?id=1026337 -------------------------------------------------------------------------------- ================================================================================ nodejs-xml2js-0.4.0-1.fc20 (FEDORA-2013-22858) Simple XML to JavaScript object converter -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 25 2013 Tom Hughes <tom@xxxxxxxxxx> - 0.4.0-1 - Update to 0.4.0 upstream release - Update to latest nodejs packaging standards -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 [ 2 ] Bug #1040191 - nodejs-xmlbuilder-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1040191 [ 3 ] Bug #1036915 - Review Request: nodejs-xmlbuilder - An XML builder for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=1036915 -------------------------------------------------------------------------------- ================================================================================ nodejs-xmlbuilder-1.1.0-1.fc20 (FEDORA-2013-22858) An XML builder for Node.js -------------------------------------------------------------------------------- Update Information: Update xml2js node module -------------------------------------------------------------------------------- References: [ 1 ] Bug #1034093 - nodejs-xml2js-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1034093 [ 2 ] Bug #1040191 - nodejs-xmlbuilder-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1040191 [ 3 ] Bug #1036915 - Review Request: nodejs-xmlbuilder - An XML builder for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=1036915 -------------------------------------------------------------------------------- ================================================================================ openssh-6.4p1-3.fc20 (FEDORA-2013-23163) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: sshd-keygen has been fixed to create ecdsa host key with correct permissions. The default sshd_config uses only rsa and ecdsa keys now, and these to keys are generated by default - no more dsa and rsa1 host keys -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 6.4p1-3 + 0.9.3-1 - sshd-keygen - use correct permissions on ecdsa host key (#1023945) - use only rsa and ecdsa host keys by default * Tue Nov 26 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 6.4p1-2 + 0.9.3-1 - fix fatal() cleanup in the audit patch (#1029074) - fix parsing logic of ldap.conf file (#1033662) * Fri Nov 8 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 6.4p1-1 + 0.9.3-1 - new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023945 - openssh does not create host key ssh_host_ecdsa_key https://bugzilla.redhat.com/show_bug.cgi?id=1023945 [ 2 ] Bug #1019256 - ECDHE: now supported in Fedora's OpenSSL https://bugzilla.redhat.com/show_bug.cgi?id=1019256 -------------------------------------------------------------------------------- ================================================================================ oscap-anaconda-addon-0.3-1.fc20 (FEDORA-2013-23191) Anaconda addon integrating OpenSCAP to the installation process -------------------------------------------------------------------------------- Update Information: New build with a lot of improvements. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk2-1.4.1-1.fc20 (FEDORA-2013-23178) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2-1.4.1 - mark zotero as XUL application - fix some antialias issue on sliders oxygen-gtk3-1.3.0 It is tragetted to users that have gtk3 version > 3.9. This gtk3 version has many new widgets, and have obsoleted a lot of function calls. Hence this release. We cannot guarantee that it works flowlessly with older gtk3 versions. Support to the 1.2 series will be discontinued when gtk3-3.10 gets sufficiently spread. - some improvement on inner-shadows - some extra checks on widgets validity to prevent runtime warnings - some rendering improvements for instance regarding scrollbars and textviews See https://projects.kde.org/news/244 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.1-1 - oxygen-gtk2-1.4.1 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk3-1.3.0-1.fc20 (FEDORA-2013-23178) Oxygen GTK+3 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2-1.4.1 - mark zotero as XUL application - fix some antialias issue on sliders oxygen-gtk3-1.3.0 It is tragetted to users that have gtk3 version > 3.9. This gtk3 version has many new widgets, and have obsoleted a lot of function calls. Hence this release. We cannot guarantee that it works flowlessly with older gtk3 versions. Support to the 1.2 series will be discontinued when gtk3-3.10 gets sufficiently spread. - some improvement on inner-shadows - some extra checks on widgets validity to prevent runtime warnings - some rendering improvements for instance regarding scrollbars and textviews See https://projects.kde.org/news/244 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.3.0-1 - oxygen-gtk3-1.3.0 (for gtk3 3.10+) * Tue Dec 10 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.2.1-1 - oxygen-gtk3-1.2.1 -------------------------------------------------------------------------------- ================================================================================ perl-ExtUtils-Typemaps-Default-1.05-1.fc20 (FEDORA-2013-23171) Set of useful typemaps -------------------------------------------------------------------------------- Update Information: Fix invalid av_extend on zero-length vectors -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Miro Hrončok <mhroncok@xxxxxxxxxx> - 1.05-1 - New upstream release 1.05 (#1039710) - Temporarily (build)require ExtUtils::Typemaps >= 3.18-292, patch Build.PL to accept it * Wed Aug 28 2013 Miro Hrončok <mhroncok@xxxxxxxxxx> - 1.04-1 - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039710 - perl-ExtUtils-Typemaps-Default-1.05 is available https://bugzilla.redhat.com/show_bug.cgi?id=1039710 -------------------------------------------------------------------------------- ================================================================================ php-5.5.7-1.fc20 (FEDORA-2013-23164) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: 12 Dec 2013, PHP 5.5.7 CLI server: * Added some MIME types to the CLI web server (Chris Jones) * Implemented FR #65917 (getallheaders() is not supported by the built-in web server) - also implements apache_response_headers() (Andrea Faulds) Core: * Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string). (Laruence) OPCache * Fixed bug #66176 (Invalid constant substitution). (Dmitry) * Fixed bug #65915 (Inconsistent results with require return value). (Dmitry) * Fixed bug #65559 (Opcache: cache not cleared if changes occur while running). (Dmitry) OpenSSL: * Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser). readline * Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi) Backported from 5.5.8: * fix zend_register_functions breaks reflection, php bug 66218 * fix Heap buffer over-read in DateInterval, php bug 66060 * fix fix overflow handling bug in non-x86 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Remi Collet <rcollet@xxxxxxxxxx> 5.5.7-1 - update to 5.5.7, fix for CVE-2013-6420 - fix zend_register_functions breaks reflection, php bug 66218 - fix Heap buffer over-read in DateInterval, php bug 66060 - fix fix overflow handling bug in non-x86 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036830 - CVE-2013-6420 php: memory corruption in openssl_x509_parse() https://bugzilla.redhat.com/show_bug.cgi?id=1036830 -------------------------------------------------------------------------------- ================================================================================ python-cpopen-1.2.3-5.fc20 (FEDORA-2013-23175) Creates a sub-process in simpler safer manner -------------------------------------------------------------------------------- Update Information: Adding umask option -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 1.2.3-5 - Adding umask configuration to the child process -------------------------------------------------------------------------------- ================================================================================ qt5-qtbase-5.2.0-0.12.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtBase components -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.12.rc1 - qt5-base-devel.x86_64 qt5-base-devel.i686 file conflict qconfig.h (#1036956) * Thu Dec 5 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 5.2.0-0.11.rc1 - needs a minimum version on sqlite build dependency (#1038617) - fix build when doc macro not defined * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 - revert/omit recent egl packaging changes - -doc install changes-5.* files here (#989149) * Tue Nov 26 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.8.beta1.20131108_141 - Install changes-5.x.y file (#989149) -------------------------------------------------------------------------------- ================================================================================ qt5-qtdeclarative-5.2.0-0.12.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtDeclarative component -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 5.2.0-0.12.rc1 - support out-of-src-tree builds - %ix86: install sse2/jit version to %_qt5_libdir/sse2/ * Thu Dec 5 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.11.rc1 - %ix86: cannot assume sse2 (and related support) or the JIT that requires it... disable. * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtdoc-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Main Qt5 Reference Documentation -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtgraphicaleffects-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtGraphicalEffects component -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtimageformats-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtImageFormats component -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtmultimedia-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - Multimedia support -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtquick1-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) A declarative language for describing user interfaces in Qt5 -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtquickcontrols-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - module with set of QtQuick controls -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtscript-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtScript component -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtsvg-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - Support for rendering and displaying SVG -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qttools-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtTool components -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qttranslations-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtTranslations module -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtwebkit-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtWebKit components -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ qt5-qtxmlpatterns-5.2.0-0.10.rc1.fc20 (FEDORA-2013-22952) Qt5 - QtXmlPatterns component -------------------------------------------------------------------------------- Update Information: Qt 5.2.0 rc1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.0-0.10.rc1 - 5.2.0-rc1 -------------------------------------------------------------------------------- ================================================================================ rhythmbox-3.0.1-1.fc20 (FEDORA-2013-23190) Music Management Application -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream bugfix release for Rhythmbox 3.0. It fixes several bugs in different areas, including GNOME bugs #708341, #709143, #708476, #706470 and #707860. A full changelog can be found at http://ftp.gnome.org/pub/GNOME/sources/rhythmbox/3.0/rhythmbox-3.0.1.changes . -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Adam Williamson <awilliam@xxxxxxxxxx> - 3.0.1-1 - new upstream release 3.0.1 -------------------------------------------------------------------------------- ================================================================================ rubygem-coercible-1.0.0-2.fc20 (FEDORA-2013-23195) Powerful, flexible and configurable coercion library -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. See the [full list of changes at GitHub](https://github.com/solnic/coercible/commits/v1.0.0). -------------------------------------------------------------------------------- ================================================================================ rubygem-narray-0.6.0.8-6.fc20 (FEDORA-2013-23180) N-dimensional Numerical Array class for Ruby -------------------------------------------------------------------------------- Update Information: several improvements for RHEL <= 6 and added needed bits for RHEL <= 5\nadded needed Provides -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-6 - several improvements for RHEL <= 6 and added needed bits for RHEL <= 5 - added needed Provides * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-5 - Fedora <= 18 && RHEL <= 6 need Requires: ruby(abi) * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-4 - added conditional for Requires: ruby(release) or ruby(abi) on older dists -------------------------------------------------------------------------------- ================================================================================ rubygem-narray-0.6.0.8-7.fc20 (FEDORA-2013-23166) N-dimensional Numerical Array class for Ruby -------------------------------------------------------------------------------- Update Information: adapted Requires: ruby(abi) = 1.9.1 for Fedora 18, only -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-7 - adapted Requires: ruby(abi) = 1.9.1 for Fedora 18, only * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-6 - several improvements for RHEL <= 6 and added needed bits for RHEL <= 5 - added needed Provides * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-5 - Fedora <= 18 && RHEL <= 6 need Requires: ruby(abi) * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-4 - added conditional for Requires: ruby(release) or ruby(abi) on older dists -------------------------------------------------------------------------------- ================================================================================ rubygem-narray-0.6.0.8-8.fc20 (FEDORA-2013-23165) N-dimensional Numerical Array class for Ruby -------------------------------------------------------------------------------- Update Information: fixed symlinks in %{ruby_vendorarchdir} -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-8 - fixed symlinks in %{ruby_vendorarchdir} * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-7 - adapted Requires: ruby(abi) = 1.9.1 for Fedora 18, only * Tue Dec 10 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-6 - several improvements for RHEL <= 6 and added needed bits for RHEL <= 5 - added needed Provides * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-5 - Fedora <= 18 && RHEL <= 6 need Requires: ruby(abi) * Mon Nov 25 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.0.8-4 - added conditional for Requires: ruby(release) or ruby(abi) on older dists -------------------------------------------------------------------------------- ================================================================================ samba-4.1.3-2.fc20 (FEDORA-2013-23177) Server and Client software to interoperate with Windows machines -------------------------------------------------------------------------------- Update Information: Fix NULL pointer derreference in winbind debug message. Update to version 4.1.3 which fixes two security bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 - Guenther Deschner <gdeschner@xxxxxxxxxx> - 4.1.3-2 - resolves: #1019469 - Fix winbind debug message NULL pointer derreference. * Mon Dec 9 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 4.1.3-1 - Update to Samba 4.1.3. - resolves: #1039454 - CVE-2013-4408. - resolves: #1039500 - CVE-2012-6150. * Mon Nov 25 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 4.1.2-1 - Update to Samba 4.1.2. * Mon Nov 18 2013 - Guenther Deschner <gdeschner@xxxxxxxxxx> - 4.1.1-3 - resolves: #948509 - Fix manpage correctness. * Fri Nov 15 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 4.1.1-2 - related: #884169 - Fix strict aliasing warnings. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1019469 - Losing network connection causes segfault in winbindd https://bugzilla.redhat.com/show_bug.cgi?id=1019469 [ 2 ] Bug #1039454 - CVE-2013-4408 samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1039454 [ 3 ] Bug #1039500 - CVE-2012-6150 samba: pam_winbind fails open when non-existent group specified to require_membership_of [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1039500 -------------------------------------------------------------------------------- ================================================================================ terminology-0.4.0-1.fc20 (FEDORA-2013-23194) EFL based terminal emulator -------------------------------------------------------------------------------- Update Information: Update to 0.4.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 0.4.0-1 - Update to 0.4.0 (thanks Conrad Meyer) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039594 - Please upgrade to latest 0.4.0 https://bugzilla.redhat.com/show_bug.cgi?id=1039594 -------------------------------------------------------------------------------- ================================================================================ vdsm-4.13.2-0.fc20 (FEDORA-2013-23176) Virtual Desktop Server Manager -------------------------------------------------------------------------------- Update Information: updating ovirt-3.3.2 patches -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 4.13.2-0 - Bumping minor version due to recent merge of ovirt-3.3 patches * Thu Nov 28 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 4.13.0-14 - Adding update patches from branch ovirt-3.3 - Declaring ovirt-3.3.2 patchsets scope in spec which declares all the merged new patches * Tue Nov 12 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-11 - update from branch ovirt-3.3 which include: upgrade-fix-v3ResetMetaVolSize-argument lvm-Do-not-use-udev-cache-for-obtaining-device-list Fix-ballooning-rules-for-computing-the-minimum-avail Avoid-M2Crypto-races spec-declare-we-provide-an-existing-python-cpopen configuring-selinux-allowing-qemu-kvm-to-generate-co * Tue Nov 12 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-10 - Fix requires on post for hostname. * Tue Nov 5 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-9 - Build 4.13.0-9 from branch ovirt-3.3 * Wed Oct 30 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 4.12.1-5 - Fix broken hostname dep on rawhide * Thu Oct 10 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> 4.12.1-4 - remoteFileHandler: Add create exclusive option for truncateFile (BZ#979193) - oop: improve safety for truncateFile * Tue Oct 8 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> 4.12.1-3 - vm.Vm._getUnderlyingDriveInfo: extract path of gluster disks (BZ#1007980) - Require libvirt that allows vmUpdateDevice (BZ#1001001) - imageSharing: return proper size in httpGetSize - vdsmd.init: Add service-is-managed in shutdown_conflicting_srv (BZ#1006842) * Tue Sep 10 2013 Federico Simoncelli <fsimonce@xxxxxxxxxx> 4.12.1-2 - systemd init: no need to stop conflicting services (BZ#999664) -------------------------------------------------------------------------------- ================================================================================ vdsm-4.13.2-1.fc20 (FEDORA-2013-23161) Virtual Desktop Server Manager -------------------------------------------------------------------------------- Update Information: Adding ovirt-3.3.3 patches. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 4.13.2-1 - fix cpopen obsolete loop - fix threadPool refs - mom policy fixes - restorecon hack in spec file - domainMonitor fixed last check flow * Tue Dec 10 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 4.13.2-0 - Bumping minor version due to recent merge of ovirt-3.3 patches * Thu Nov 28 2013 Yaniv Bronhaim <ybronhei@xxxxxxxxxx> - 4.13.0-14 - Adding update patches from branch ovirt-3.3 - Declaring ovirt-3.3.2 patchsets scope in spec which declares all the merged new patches * Tue Nov 12 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-11 - update from branch ovirt-3.3 which include: upgrade-fix-v3ResetMetaVolSize-argument lvm-Do-not-use-udev-cache-for-obtaining-device-list Fix-ballooning-rules-for-computing-the-minimum-avail Avoid-M2Crypto-races spec-declare-we-provide-an-existing-python-cpopen configuring-selinux-allowing-qemu-kvm-to-generate-co * Tue Nov 12 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-10 - Fix requires on post for hostname. * Tue Nov 5 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.0-9 - Build 4.13.0-9 from branch ovirt-3.3 * Wed Oct 30 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 4.12.1-5 - Fix broken hostname dep on rawhide * Thu Oct 10 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> 4.12.1-4 - remoteFileHandler: Add create exclusive option for truncateFile (BZ#979193) - oop: improve safety for truncateFile * Tue Oct 8 2013 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> 4.12.1-3 - vm.Vm._getUnderlyingDriveInfo: extract path of gluster disks (BZ#1007980) - Require libvirt that allows vmUpdateDevice (BZ#1001001) - imageSharing: return proper size in httpGetSize - vdsmd.init: Add service-is-managed in shutdown_conflicting_srv (BZ#1006842) * Tue Sep 10 2013 Federico Simoncelli <fsimonce@xxxxxxxxxx> 4.12.1-2 - systemd init: no need to stop conflicting services (BZ#999664) -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.3-9.fc20 (FEDORA-2013-23181) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: remove python support - Fix error in the backported RTPproxy patches - Updated RTPproxy dissector (again), squashed patch no. 15 (applied upstream). - Use proper soname in the python scripts - Don't apply no longer needed fix for pod2man. - Fix for main window. See patch no. 15 - Fix for SCTP dissection. See patch no. 16 - Fix for rare issue in Base Station Subsystem GPRS Protocol dissection. See patch no. 17 - Fix building w/o Lua - Fix error in the backported RTPproxy patches - Updated RTPproxy dissector (again), squashed patch no. 15 (applied upstream). - Use proper soname in the python scripts - Don't apply no longer needed fix for pod2man. - Fix for main window. See patch no. 15 - Fix for SCTP dissection. See patch no. 16 - Fix for rare issue in Base Station Subsystem GPRS Protocol dissection. See patch no. 17 - Fix building w/o Lua -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10-3-9 - remove python support * Tue Dec 10 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10-3-8 - fix read permissions of /dev/usbmon* for non-root users * Mon Dec 9 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-7 - Fix error in the backported RTPproxy patches * Fri Dec 6 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-6 - Updated RTPproxy dissector (again), squashed patch no. 15 (applied upstream). - Use proper soname in the python scripts - Don't apply no longer needed fix for pod2man. - Fix for main window. See patch no. 15 - Fix for SCTP dissection. See patch no. 16 - Fix for rare issue in Base Station Subsystem GPRS Protocol dissection. See patch no. 17 - Fix building w/o Lua * Wed Nov 27 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-5 - Updated RTPproxy dissector (again) - Allow packets more than 64k (for USB capture). See patch no. 13 - Don't die during loading of some SIP capture files. See patch no. 14 - Backport support for RTPproxy dissector timeouts detection. See patch no. 15 -------------------------------------------------------------------------------- ================================================================================ wxsqlite3-3.0.6.1-1.fc20 (FEDORA-2013-23189) C++ wrapper around the SQLite 3.x database -------------------------------------------------------------------------------- Update Information: update to 3.0.6.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 9 2013 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> 3.0.6.1-1 - update to 3.0.6.1 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-proto-devel-7.7-8.fc20 (FEDORA-2013-23174) X.Org X11 Protocol headers -------------------------------------------------------------------------------- Update Information: BuildReq for xserver 1.15 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Adam Jackson <ajax@xxxxxxxxxx> 7.7-8 - glproto 1.4.17 * Wed Nov 6 2013 Adam Jackson <ajax@xxxxxxxxxx> 7.7-7 - presentproto 1.0 - dri3proto 1.0 - xextproto 7.2.99.901 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-xtrans-devel-1.3.2-2.fc20 (FEDORA-2013-23186) X.Org X11 developmental X transport library -------------------------------------------------------------------------------- Update Information: Update to 1.3.2 (buildreq for xserver 1.15), doc fix. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 2 2013 Ville Skyttä <ville.skytta@xxxxxx> - 1.3.2-2 - Install docs to %{_pkgdocdir} where available (#993878). * Mon Nov 18 2013 Dave Airlie <airlied@xxxxxxxxxx> 1.3.2-1 - xtrans 1.3.2 * Wed Nov 6 2013 Adam Jackson <ajax@xxxxxxxxxx> 1.3.0-1 - xtrans 1.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #993878 - xorg-x11-xtrans-devel possibly affected by F-20 unversioned docdir change https://bugzilla.redhat.com/show_bug.cgi?id=993878 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
