Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
  74  https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20
  34  https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20
  28  https://admin.fedoraproject.org/updates/FEDORA-2013-22575/subversion-1.8.5-2.fc20
  25  https://admin.fedoraproject.org/updates/FEDORA-2013-22809/net-snmp-5.7.2-16.fc20
  20  https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient-1.8.0-1.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23524/openstack-nova-2013.2.1-2.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23659/ibus-chewing-1.4.4-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-23975/devscripts-2.13.9-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-24013/mingw-openjpeg-1.5.1-6.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-24059/mingw-openjpeg-1.5.1-7.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-24108/asterisk-11.7.0-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-24153/libsrtp-1.4.4-9.20101004cvs.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  47  https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23572/iscsi-initiator-utils-6.2.0.873-17.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23721/krb5-1.11.3-38.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-23850/libbluray-0.5.0-2.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-23915/rygel-0.20.3-1.fc20


The following builds have been pushed to Fedora 20 updates-testing

    NetworkManager-iodine-0.0.4-2.fc20
    arduino-1.0.5-6.fc20
    asterisk-11.7.0-1.fc20
    brise-0.32-1.fc20
    eclipse-pydev-3.2.0-1.fc20
    ghc-language-javascript-0.5.8-3.fc20
    gtk-gnutella-1.0.0-1.fc20
    hamster-time-tracker-1.03.3-6.fc20
    hydra-7.6-1.fc20
    ibus-rime-1.1-1.fc20
    jd-2.8.7-0.2.rc131230.fc20
    librime-1.1-2.fc20
    libsrtp-1.4.4-9.20101004cvs.fc20
    lohit-marathi-fonts-2.93.0-1.fc20
    lohit-nepali-fonts-2.93.0-1.fc20
    mfiler4-1.3.1-1.fc20
    perl-Plack-1.0030-1.fc20
    perl-Server-Starter-0.17-1.fc20
    perl-Want-0.22-1.fc20
    php-Faker-1.3.0-1.fc20
    php-Monolog-1.7.0-1.fc20
    php-PhpCollection-0.3.1-1.fc20
    php-Raven-0.8.0-2.20131209gitdac9333.fc20
    php-pear-Net-URL2-2.0.3-1.fc20
    php-scssphp-0.0.9-1.fc20
    proguard-4.11-1.fc20
    rubygem-cairo-1.12.8-1.fc20
    skf-1.99.7-1.fc20
    vcsh-1.20131229-1.fc20
    xyzsh-1.5.8-1.fc20

Details about builds:


================================================================================
 NetworkManager-iodine-0.0.4-2.fc20 (FEDORA-2013-24145)
 NetworkManager VPN plugin for iodine
--------------------------------------------------------------------------------
Update Information:

Initial release of NetworkManager-iodine
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1040459 - Review Request: NetworkManager-iodine - iodine VPN plugin for NetworkManager
        https://bugzilla.redhat.com/show_bug.cgi?id=1040459
--------------------------------------------------------------------------------


================================================================================
 arduino-1.0.5-6.fc20 (FEDORA-2013-24115)
 An IDE for Arduino-compatible electronics prototyping platforms
--------------------------------------------------------------------------------
Update Information:

Associate .ino files with the Arduino IDE.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 29 2013 Peter Oliver <rpm@xxxxxxxxxxxx> - 1:1.0.5-6
- Associate .ino files with the Arduino IDE.
--------------------------------------------------------------------------------


================================================================================
 asterisk-11.7.0-1.fc20 (FEDORA-2013-24108)
 The Open Source PBX
--------------------------------------------------------------------------------
Update Information:

* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.7.0-1:
- The Asterisk Development Team has announced the release of Asterisk 11.7.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 11.7.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- app_confbridge: Can now set the language used for announcements
-       to the conference.
-   (Closes issue ASTERISK-19983. Reported by Jonathan White)
-
- * --- app_queue: Fix CLI "queue remove member" queue_log entry.
-   (Closes issue ASTERISK-21826. Reported by Oscar Esteve)
-
- * --- chan_sip: Do not increment the SDP version between 183 and 200
-       responses.
-   (Closes issue ASTERISK-21204. Reported by NITESH BANSAL)
-
- * --- chan_sip: Allow a sip peer to accept both AVP and AVPF calls
-   (Closes issue ASTERISK-22005. Reported by Torrey Searle)
-
- * --- chan_sip: Fix Realtime Peer Update Problem When Un-registering
-       And Expires Header In 200ok
-   (Closes issue ASTERISK-22428. Reported by Ben Smithurst)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.7.0

* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.6.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security
- releases are released as versions 1.8.15-cert4, 11.2-cert3, 1.8.24.1, 10.12.4,
- 10.12.4-digiumphones, and 11.6.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolve the following issues:
-
- * A buffer overflow when receiving odd length 16 bit messages in app_sms. An
-   infinite loop could occur which would overwrite memory when a message is
-   received into the unpacksms16() function and the length of the message is an
-   odd number of bytes.
-
- * Prevent permissions escalation in the Asterisk Manager Interface. Asterisk
-   now marks certain individual dialplan functions as 'dangerous', which will
-   inhibit their execution from external sources.
-
-   A 'dangerous' function is one which results in a privilege escalation. For
-   example, if one were to read the channel variable SHELL(rm -rf /) Bad
-   Things(TM) could happen; even if the external source has only read
-   permissions.
-
-   Execution from external sources may be enabled by setting 'live_dangerously'
-   to 'yes' in the [options] section of asterisk.conf. Although doing so is not
-   recommended.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2013-006 and AST-2013-007, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert4
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.2-cert3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.24.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4-digiumphones
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.6.1
-
- The security advisories are available at:
-
-  * http://downloads.asterisk.org/pub/security/AST-2013-006.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2013-007.pdf

* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.6.0-1:
- The Asterisk Development Team has announced the release of Asterisk 11.6.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 11.6.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Confbridge: empty conference not being torn down
-   (Closes issue ASTERISK-21859. Reported by Chris Gentle)
-
- * --- Let Queue wrap up time influence member availability
-   (Closes issue ASTERISK-22189. Reported by Tony Lewis)
-
- * --- Fix a longstanding issue with MFC-R2 configuration that
-       prevented users
-   (Closes issue ASTERISK-21117. Reported by Rafael Angulo)
-
- * --- chan_iax2: Fix saving the wrong expiry time in astdb.
-   (Closes issue ASTERISK-22504. Reported by Stefan Wachtler)
-
- * --- Fix segfault for certain invalid WebSocket input.
-   (Closes issue ASTERISK-21825. Reported by Alfred Farrugia)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.6.0

--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.7.0-1:
- The Asterisk Development Team has announced the release of Asterisk 11.7.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 11.7.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- app_confbridge: Can now set the language used for announcements
-       to the conference.
-   (Closes issue ASTERISK-19983. Reported by Jonathan White)
-
- * --- app_queue: Fix CLI "queue remove member" queue_log entry.
-   (Closes issue ASTERISK-21826. Reported by Oscar Esteve)
-
- * --- chan_sip: Do not increment the SDP version between 183 and 200
-       responses.
-   (Closes issue ASTERISK-21204. Reported by NITESH BANSAL)
-
- * --- chan_sip: Allow a sip peer to accept both AVP and AVPF calls
-   (Closes issue ASTERISK-22005. Reported by Torrey Searle)
-
- * --- chan_sip: Fix Realtime Peer Update Problem When Un-registering
-       And Expires Header In 200ok
-   (Closes issue ASTERISK-22428. Reported by Ben Smithurst)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.7.0
* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.6.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security
- releases are released as versions 1.8.15-cert4, 11.2-cert3, 1.8.24.1, 10.12.4,
- 10.12.4-digiumphones, and 11.6.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolve the following issues:
-
- * A buffer overflow when receiving odd length 16 bit messages in app_sms. An
-   infinite loop could occur which would overwrite memory when a message is
-   received into the unpacksms16() function and the length of the message is an
-   odd number of bytes.
-
- * Prevent permissions escalation in the Asterisk Manager Interface. Asterisk
-   now marks certain individual dialplan functions as 'dangerous', which will
-   inhibit their execution from external sources.
-
-   A 'dangerous' function is one which results in a privilege escalation. For
-   example, if one were to read the channel variable SHELL(rm -rf /) Bad
-   Things(TM) could happen; even if the external source has only read
-   permissions.
-
-   Execution from external sources may be enabled by setting 'live_dangerously'
-   to 'yes' in the [options] section of asterisk.conf. Although doing so is not
-   recommended.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2013-006 and AST-2013-007, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert4
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.2-cert3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.24.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4-digiumphones
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.6.1
-
- The security advisories are available at:
-
-  * http://downloads.asterisk.org/pub/security/AST-2013-006.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2013-007.pdf
* Sat Dec 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.6.0-1:
- The Asterisk Development Team has announced the release of Asterisk 11.6.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 11.6.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Confbridge: empty conference not being torn down
-   (Closes issue ASTERISK-21859. Reported by Chris Gentle)
-
- * --- Let Queue wrap up time influence member availability
-   (Closes issue ASTERISK-22189. Reported by Tony Lewis)
-
- * --- Fix a longstanding issue with MFC-R2 configuration that
-       prevented users
-   (Closes issue ASTERISK-21117. Reported by Rafael Angulo)
-
- * --- chan_iax2: Fix saving the wrong expiry time in astdb.
-   (Closes issue ASTERISK-22504. Reported by Stefan Wachtler)
-
- * --- Fix segfault for certain invalid WebSocket input.
-   (Closes issue ASTERISK-21825. Reported by Alfred Farrugia)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.6.0
* Mon Oct 21 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 11.5.1-3:
- Disable hardened build, as it's apparently causing problems loading modules.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1043917 - asterisk: asterisk manager user dialplan permission escalation
        https://bugzilla.redhat.com/show_bug.cgi?id=1043917
  [ 2 ] Bug #1043918 - CVE-2013-7100 asterisk: buffer overflow when receiving odd length 16 bit SMS message
        https://bugzilla.redhat.com/show_bug.cgi?id=1043918
--------------------------------------------------------------------------------


================================================================================
 brise-0.32-1.fc20 (FEDORA-2013-24129)
 The official Rime schema repository
--------------------------------------------------------------------------------
Update Information:

Update to 1.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 27 2013 Peng Wu <pwu@xxxxxxxxxx> - 0.32-1
- Update to 0.32
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1046657 - librime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046657
  [ 2 ] Bug #1046635 - brise-0.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046635
  [ 3 ] Bug #1046652 - ibus-rime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046652
--------------------------------------------------------------------------------


================================================================================
 eclipse-pydev-3.2.0-1.fc20 (FEDORA-2013-24138)
 Eclipse Python development plug-in
--------------------------------------------------------------------------------
Update Information:

New upstream release see http://pydev.org/ for details. 
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 1:3.2.0-1
- Update to 3.2.0.
--------------------------------------------------------------------------------


================================================================================
 ghc-language-javascript-0.5.8-3.fc20 (FEDORA-2013-24122)
 Parser for JavaScript
--------------------------------------------------------------------------------
Update Information:

Rebuild for new hjsmin.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 0.5.8-3
- Rebuild for new hjsmin.
--------------------------------------------------------------------------------


================================================================================
 gtk-gnutella-1.0.0-1.fc20 (FEDORA-2013-24143)
 GUI based Gnutella Client
--------------------------------------------------------------------------------
Update Information:

Update to 1.0.0
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> - 1.0.0-1
- Upgrade to 1.0.0
--------------------------------------------------------------------------------


================================================================================
 hamster-time-tracker-1.03.3-6.fc20 (FEDORA-2013-23482)
 The Linux time tracker
--------------------------------------------------------------------------------
Update Information:

- Adds missing Requires to the spec (gconf and wnck). 
- Adds a patch to fix notifications
- Bumpspec to keep in line with F19 and not break upgrade path.

There should be no regressions from this update at all. 
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Ankur Sinha <ankursinha AT fedoraproject DOT org> 1.03.3-6
- Update desktop-file-validate command for F19
* Sat Dec 28 2013 Ankur Sinha <ankursinha AT fedoraproject DOT org> 1.03.3-5
- Add patch for notification fix
- https://bugzilla.redhat.com/show_bug.cgi?id=1046991
- https://github.com/projecthamster/hamster/pull/127
- https://github.com/projecthamster/hamster/pull/117
* Tue Dec 24 2013 Ankur Sinha <ankursinha AT fedoraproject DOT org> 1.03.3-4
- Add wnck dependency so users can use workspaces out of the box
- https://bugzilla.redhat.com/show_bug.cgi?id=1046077
* Tue Dec 17 2013 Ankur Sinha <ankursinha AT fedoraproject DOT org> 1.03.3-3
- Add missing gnome-python2-gconf requirement
- https://bugzilla.redhat.com/show_bug.cgi?id=1043564
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1043564 - [abrt] hamster-time-tracker-1.03.3-2.fc20: idle.py:23:<module>:ImportError: No module named gconf
        https://bugzilla.redhat.com/show_bug.cgi?id=1043564
  [ 2 ] Bug #1046077 - Not possible to start time tracking with hamster
        https://bugzilla.redhat.com/show_bug.cgi?id=1046077
  [ 3 ] Bug #1046991 - [abrt] mate-notification-daemon: g_return_if_fail_warning(): mate-notification-daemon killed by SIGTRAP
        https://bugzilla.redhat.com/show_bug.cgi?id=1046991
--------------------------------------------------------------------------------


================================================================================
 hydra-7.6-1.fc20 (FEDORA-2013-24105)
 Very fast network log-on cracker
--------------------------------------------------------------------------------
Update Information:

Update to 7.6
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 7.6-1
- Update to 7.6
- Include hydra-wizard script (new in 7.6) 
- Fix icon filename
- Add a png icon since upstream only provides non-transparent jpeg
* Mon Nov 18 2013 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 7.5-2
- Use new source file from upstream (contains minor license file fixes)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1047203 - hydra-7.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1047203
--------------------------------------------------------------------------------


================================================================================
 ibus-rime-1.1-1.fc20 (FEDORA-2013-24129)
 Rime Input Method Engine for IBus
--------------------------------------------------------------------------------
Update Information:

Update to 1.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 27 2013 Peng Wu <pwu@xxxxxxxxxx> - 1.1-1
- Update to 1.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1046657 - librime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046657
  [ 2 ] Bug #1046635 - brise-0.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046635
  [ 3 ] Bug #1046652 - ibus-rime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046652
--------------------------------------------------------------------------------


================================================================================
 jd-2.8.7-0.2.rc131230.fc20 (FEDORA-2013-24147)
 A 2ch browser
--------------------------------------------------------------------------------
Update Information:

New version 2.8.7 rc131230 is released, including shitaraba site change fix
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.7-0.2.rc131230
- 2.8.7 rc 131230
--------------------------------------------------------------------------------


================================================================================
 librime-1.1-2.fc20 (FEDORA-2013-24129)
 Rime Input Method Engine Library
--------------------------------------------------------------------------------
Update Information:

Update to 1.1
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Peng Wu <pwu@xxxxxxxxxx> - 1.1-2
- Update arm patch
* Fri Dec 27 2013 Peng Wu <pwu@xxxxxxxxxx> - 1.1-1
- Update to 1.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1046657 - librime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046657
  [ 2 ] Bug #1046635 - brise-0.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046635
  [ 3 ] Bug #1046652 - ibus-rime-1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046652
--------------------------------------------------------------------------------


================================================================================
 libsrtp-1.4.4-9.20101004cvs.fc20 (FEDORA-2013-24153)
 An implementation of the Secure Real-time Transport Protocol (SRTP)
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2013-2139 - buffer overflow in application of crypto profiles
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.4.4-9.20101004cvs
- apply fix for CVE-2013-2139 from https://github.com/cisco/libsrtp/pull/27
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #970697 - CVE-2013-2139 libsrtp: buffer overflow in application of crypto profiles
        https://bugzilla.redhat.com/show_bug.cgi?id=970697
--------------------------------------------------------------------------------


================================================================================
 lohit-marathi-fonts-2.93.0-1.fc20 (FEDORA-2013-24131)
 Free Marathi font
--------------------------------------------------------------------------------
Update Information:

This is an update with upstream 2.93.0 release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Pravin Satpute <psatpute@xxxxxxxxxx> - 2.93.0-1
- upstream release 2.93.0
--------------------------------------------------------------------------------


================================================================================
 lohit-nepali-fonts-2.93.0-1.fc20 (FEDORA-2013-24116)
 Free Nepali font
--------------------------------------------------------------------------------
Update Information:

This is an update with enhanced upstream new release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Pravin Satpute <psatpute@xxxxxxxxxx> - 2.93.0-1
- Upstream release 2.93.0
--------------------------------------------------------------------------------


================================================================================
 mfiler4-1.3.1-1.fc20 (FEDORA-2013-24139)
 2 pane file manager with a embedded shell
--------------------------------------------------------------------------------
Update Information:

xyzsh 1.5.8 / mfiler4 1.3.1 are released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.3.1-1
- 1.3.1
--------------------------------------------------------------------------------


================================================================================
 perl-Plack-1.0030-1.fc20 (FEDORA-2013-24113)
 Perl Superglue for Web frameworks and Web Servers (PSGI toolkit)
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.0030-1
- Upstream update.
--------------------------------------------------------------------------------


================================================================================
 perl-Server-Starter-0.17-1.fc20 (FEDORA-2013-24121)
 Superdaemon for hot-deploying server programs
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.17-1
- Upstream update.
* Sun Nov 24 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.16-1
- Upstream update.
--------------------------------------------------------------------------------


================================================================================
 perl-Want-0.22-1.fc20 (FEDORA-2013-24152)
 Perl module implementing a generalisation of wantarray
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 29 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.22-1
- Upstream update.
--------------------------------------------------------------------------------


================================================================================
 php-Faker-1.3.0-1.fc20 (FEDORA-2013-24154)
 A PHP library that generates fake data
--------------------------------------------------------------------------------
Update Information:

v1.3.0 (2013-12-16)

New Features
* Added unique() modifier
* Added optional() modifier (weotch)
* Added Image generation powered by LoremPixel (weotch)
* Added IDE insights to allow better intellisense/phpStorm autocompletion (thallisphp)
* Added IBAN generator for every currently known locale that uses it (nineinchnick)
* Added Payment providers (creditCardType, creditCardNumber, creditCardExpirationDate, creditCardExpirationDateString) (pomaxa)
* Added Color provider with hexColor, rgbColor, rgbColorAsArray, rgbCssColor, safeColorName, and colorName formatters (lsv)

New / Improved Locales
* Added English (South Africa) (en_ZA) person, address, Internet and phone number providers (dmfaux)
* Added Spanish (es_ES) Internet provider (eusonlito)
* Added English Philippines (en_PH) address provider (kamote)
* Added Brazilian (pt_BR) email provider data (KennedyTedesco)
* Added Peruvian (es_PE) person, address, phone number, and company providers (cslucano)
* Added Ukrainian (uk_UA) color provider (ruden)
* Fixed Ukrainian (uk_UA) namespace and email translitteration (ruden)
* Added Romanian (Moldova) (ro_MD) person, address, and phone number providers (AlexanderC)
* Added Romanian (ro_RO) address and person providers (calina-c)
* Added Polish (pl_PL) address provider, personal identity number and pesel number generator (nineinchnick)
* Added Turkish (tr_TR) address provider, and improved internet provider (hasandz)
* Added Greek (el_GR) person, address, and phone number providers (georgeharito)
* Added Australian (en_AU) address, Internet, and phone number providers (rcuddy)
* Added French (fr_FR) phone number formats (vchabot)
* Added Japanese (ja_JP) person, address, Internet, phone number, and company providers (kumamidori)
* Added Russian (ru_RU) color providers, driver license and passport number formats (pomaxa)
* Added Latvian (lv_LV) person, address, Internet, and phone number providers (pomaxa)
* Added Brazilian (pt_BR) Internet provider (vjnrv)
* Added more Czech (cs_CZ) lastnames (petrkle)
* Added Chinese Simplified (zh_CN) person, address, Internet, and phone number providers (tlikai)

Bug Fixes
* Fixed state generator in Australian (en_AU) provider (sebklaus)
* Fixed IDE insights for locale specific providers (ulrikjohansson)
* Fixed integer values overflowing on signed INTEGER columns on Doctrine populator (Thinkscape)
* Fixed spelling error in French (fr_FR) address provider (leihog)
* Fixed Italian (it_IT) email provider (garak)
* Fixed UK country code (pgscandeias)
* Fixed missing timezone with dateTimeBetween (baldurrensch)
* Fixed call to undefined method cardType in Payment (WMeldon)
* Fixed Doctrine populator to use ObjectManager instead of EntityManagerInterface (mgiustiniani)
* Fixed docblock for Provider\Base::unique() (pschultz)
* Fixed Propel column number guesser to use signed range of values (gunnarlium)
* Fixed phpDoc in Doctrine Entity populator (rogamoore)
* Fixed typo in the Person provider documentation (jtreminio)
* Fixed Russian (ru_RU) person format (alexshadow007)

Miscellaneous
* Added improvements based on SensioLabsInsights analysis
* Fixed Typos (pborelli)
* Added support for associative arrays in randomElement (aRn0D)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 29 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.3.0-1
- Updated to 1.3.0 (BZ #1044436)
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1044436 - php-Faker-1.3.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1044436
--------------------------------------------------------------------------------


================================================================================
 php-Monolog-1.7.0-1.fc20 (FEDORA-2013-24148)
 Sends your logs to files, sockets, inboxes, databases and various web services
--------------------------------------------------------------------------------
Update Information:

1.7.0 (2013-11-14)
* Added ElasticSearchHandler to send logs to an Elastic Search server
* Added DynamoDbHandler and ScalarFormatter to send logs to Amazon's Dynamo DB
* Added SyslogUdpHandler to send logs to a remote syslogd server
* Added LogglyHandler to send logs to a Loggly account
* Added $level to IntrospectionProcessor so it only adds backtraces when needed
* Added $version to LogstashFormatter to allow using the new v1 Logstash format
* Added $appName to NewRelicHandler
* Added configuration of Pushover notification retries/expiry
* Added $maxColumnWidth to NativeMailerHandler to change the 70 chars default
* Added chainability to most setters for all handlers
* Fixed RavenHandler batch processing so it takes the message from the record with highest priority
* Fixed HipChatHandler batch processing so it sends all messages at once
* Fixed issues with eAccelerator
* Fixed and improved many small things
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.7.0-1
- Updated to 1.7.0 (BZ #1030923)
- Added dynamo sub-package
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1030923 - php-Monolog-1.7.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1030923
--------------------------------------------------------------------------------


================================================================================
 php-PhpCollection-0.3.1-1.fc20 (FEDORA-2013-24135)
 General purpose collection library for PHP
--------------------------------------------------------------------------------
Update Information:

Updated to 0.3.1
* Adds map() method
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 0.3.1-1
- Updated to 0.3.1 (BZ #1045915)
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1045915 - php-PhpCollection-0.3.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1045915
--------------------------------------------------------------------------------


================================================================================
 php-Raven-0.8.0-2.20131209gitdac9333.fc20 (FEDORA-2013-24103)
 A PHP client for Sentry
--------------------------------------------------------------------------------
Update Information:

Updated to snapshot 2013-12-09 commit dac93338d1fe17d665dfdea5f529c89b3a0df7df (0.8.0 + additional commits)

Commits: https://github.com/getsentry/raven-php/commits/dac93338d1fe17d665dfdea5f529c89b3a0df7df
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 0.8.0-2.20131209gitdac9333
- Updated to latest snapshot
* Sun Dec 29 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 0.8.0-1
- Updated to 0.8.0 (BZ #1037543)
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1037543 - php-Raven-0.8.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1037543
--------------------------------------------------------------------------------


================================================================================
 php-pear-Net-URL2-2.0.3-1.fc20 (FEDORA-2013-23977)
 Class for parsing and handling URL
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog:

Version 2.0.3:
* Fixed #20156: setAuthority() flaw with "0" as host
* Fixed #20157: normalize() flaw with "0" as path
* Fixed #20158: Fragment-only references are not resolved to non-absolute base URI
* Fixed #20159: Authority not terminated by slash
* Fixed diverse coding style violations and misc. minor issues
* Increased code coverage
* Added support for Scrutinizer CI

Version 2.0.2:
* Fixed #19684: Redirects containing spaces do not work
* Fixed diverse coding style violations and misc. minor issues
* Improved source package distribution
* Added support for Travis CI

Version 2.0.1:
* Fixed Bug #20013: getNormalizedURL() adds leading "@" chars in the Authority
* Fixed Bug #20016: Wrong data in 6d4f4dd "Package.xml preparation."
* Fixed Bug #19176: resolve() does not merge the path if the base path is empty
* Fixed Bug #19315: removeDotSegments("0") not working
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.3-1
- Update to 2.0.3 (stable)
* Sat Dec 28 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.2-1
- Update to 2.0.2 (stable)
* Wed Dec 25 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.1-1
- Update to 2.0.1 (stable)
--------------------------------------------------------------------------------


================================================================================
 php-scssphp-0.0.9-1.fc20 (FEDORA-2013-24133)
 A compiler for SCSS written in PHP
--------------------------------------------------------------------------------
Update Information:

v0.0.9

Bug fixes:
* @for/@while inside @content block (@sergeylukin)
* functions in mixin_content (@timonbaetz)
* infinite loop when target extends itself (@oscherler)
* function arguments are lost inside of @content block

Enhancements:
* allow setting number precision (@kasperisager)
* public function helpers (toBool, get, findImport, assertList, assertColor, assertNumber, throwError) (@Burgov, @atdt)
* add optional cache buster prefix to serve() method (@iMoses)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 29 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 0.0.9-1
- Updated to 0.0.9 (BZ #1046671)
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1046671 - php-scssphp-0.0.9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1046671
--------------------------------------------------------------------------------


================================================================================
 proguard-4.11-1.fc20 (FEDORA-2013-24120)
 Java class file shrinker, optimizer, obfuscator and preverifier
--------------------------------------------------------------------------------
Update Information:

update to 4.11
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 François Kooman <fkooman@xxxxxxxxx> - 4.11-1
- update to 4.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1047217 - proguard-4.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1047217
--------------------------------------------------------------------------------


================================================================================
 rubygem-cairo-1.12.8-1.fc20 (FEDORA-2013-24128)
 Ruby bindings for cairo
--------------------------------------------------------------------------------
Update Information:

New version 1.12.8 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.12.8-1
- 1.12.8
--------------------------------------------------------------------------------


================================================================================
 skf-1.99.7-1.fc20 (FEDORA-2013-24146)
 Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:

New version 1.99.7 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.99.7
- 1.99.7
--------------------------------------------------------------------------------


================================================================================
 vcsh-1.20131229-1.fc20 (FEDORA-2013-24136)
 Version Control System for $HOME
--------------------------------------------------------------------------------
Update Information:

Bumped version to 1.20131229
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1047227 - vcsh-1.20131229 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1047227
--------------------------------------------------------------------------------


================================================================================
 xyzsh-1.5.8-1.fc20 (FEDORA-2013-24139)
 Interactive shell and text processing tool
--------------------------------------------------------------------------------
Update Information:

xyzsh 1.5.8 / mfiler4 1.3.1 are released.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 30 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.8-1
- 1.5.8
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux