The following Fedora 20 Security updates need testing: Age URL 93 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc20 53 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20 39 https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient-1.8.0-1.fc20 30 https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20 22 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-0579/flite-1.3-21.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-0516/strongswan-5.1.1-4.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-0066/rubygem-will_paginate-3.0.4-5.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-0602/graphviz-2.34.0-8.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22847/qt3-3.3.8b-56.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-0825/puppet-3.4.2-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-0939/libmicrohttpd-0.9.33-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-0926/memcached-1.4.17-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0999/drupal6-6.30-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0978/ibus-chewing-1.4.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1015/drupal7-7.26-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1062/kernel-3.12.8-300.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1121/libreswan-3.8-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1042/libvirt-1.1.3.3-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1048/java-1.7.0-openjdk-1.7.0.60-2.4.4.1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22860/qt-4.8.5-15.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1120/nss-3.15.4-1.fc20,nss-softokn-3.15.4-1.fc20,nss-util-3.15.4-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 67 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-0606/realmd-0.14.6-4.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-0592/rtkit-0.11-8.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-0772/openldap-2.4.38-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-0874/perl-version-0.99.07-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-0881/xorg-x11-glamor-0.5.1-3.20140115gitfb4d046c.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0979/librepo-1.5.2-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1005/mutter-3.10.3-1.fc20,gnome-shell-3.10.3-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0987/anaconda-20.25.16-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1112/NetworkManager-0.9.9.0-25.git20131003.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1120/nss-3.15.4-1.fc20,nss-softokn-3.15.4-1.fc20,nss-util-3.15.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1089/policycoreutils-2.2.5-3.fc20 The following builds have been pushed to Fedora 20 updates-testing NetworkManager-0.9.9.0-25.git20131003.fc20 Singular-3.1.5-10.fc20 aqbanking-5.3.2-0.1.beta.fc20 backupninja-1.0.1-1.fc20 bugwarrior-0.6.3-3.fc20 duplicity-0.6.22-5.fc20 easytag-2.1.9-1.fc20 gnucash-2.6.0-2.fc20 gnucash-docs-2.6.0-1.fc20 golang-github-gorilla-context-0-0.22.git708054d.fc20 golang-github-kr-pty-0-0.18.git3b1f648.fc20 golang-github-syndtr-gocapability-0-0.5.git3454319.fc20 guayadeque-0.3.6-19.svn1890.fc20 gwenhywfar-4.9.0-0.2.beta.fc20 hash-slinger-2.5-1.fc20 kmymoney-4.6.4-3.fc20 libreswan-3.8-1.fc20 luarocks-2.1.2-1.fc20 midori-0.5.7-1.fc20 nss-3.15.4-1.fc20 nss-softokn-3.15.4-1.fc20 nss-util-3.15.4-1.fc20 openstack-savanna-2014.1.b1-1.fc20 perl-qpid_proton-0.6-1.fc20 pkgwat-0.10-1.fc20 python-django-savanna-2014.1.b1-1.fc20 python-savannaclient-0.4.1-1.fc20 qt-4.8.5-15.fc20 rubygem-qpid_proton-0.6-1.fc20 seren-0.0.17-1.fc20 simple-xml-2.7.1-2.fc20 subtitleeditor-0.41.0-1.fc20 twirssi-2.6.3-1.fc20 vim-jedi-0.7.0-3.fc20 xmlbeans-maven-plugin-2.3.3-1.fc20 Details about builds: ================================================================================ NetworkManager-0.9.9.0-25.git20131003.fc20 (FEDORA-2014-1112) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: Fixes a bug that could cause the GNOME Shell network icon to disappear after connecting to a VPN. -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Dan Winship <danw@xxxxxxxxxx> - 0.9.9.0-25.git20131003 - core: fix NMManager:primary-connection when a VPN has the default route (rh #1031574) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031574 - network disconnected icon appears beside wired icon when on vpn https://bugzilla.redhat.com/show_bug.cgi?id=1031574 -------------------------------------------------------------------------------- ================================================================================ Singular-3.1.5-10.fc20 (FEDORA-2014-1140) Computer Algebra System for polynomial computations -------------------------------------------------------------------------------- Update Information: Fix some underlinking issues (and ensure f19->f20 upgrade path). -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 14 2014 Jerry James <loganjerry@xxxxxxxxx> - 3.1.5-10 - Update normaliz interface for normaliz 2.8 and later * Mon Nov 25 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 3.1.5-9 - ExclusiveArch: %ix86 x86_64 * Fri Aug 16 2013 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 3.1.5-8 - Correct underlink problem (#991920#c1) * Thu Aug 1 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 3.1.5-7 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #991920 - Singular: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=991920 -------------------------------------------------------------------------------- ================================================================================ aqbanking-5.3.2-0.1.beta.fc20 (FEDORA-2014-1136) A library for online banking functions and financial data import/export -------------------------------------------------------------------------------- Update Information: This updates GnuCash to 2.6.0, the latest upstream release of GnuCash. For a tour of the new features in GnuCash 2.6, see: http://gnucash.org/2.6-release-tour.phtml This also updates AqBanking to the latest upstream release, adding support for SEPA payments. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Bill Nottingham <notting@xxxxxxxxxx> - 5.3.2beta-0.2 - bump to 5.3.2beta * Wed Jan 15 2014 Bill Nottingham <notting@xxxxxxxxxx> - 5.3.1beta-0.1 - update to latest upstream - disable aqebics for now -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047126 - Support for SEPA in aqbanking https://bugzilla.redhat.com/show_bug.cgi?id=1047126 [ 2 ] Bug #1047200 - gnucash-2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047200 [ 3 ] Bug #1033805 - Memory leak when saving file https://bugzilla.redhat.com/show_bug.cgi?id=1033805 [ 4 ] Bug #704527 - gnucash fails to build with guile-2.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=704527 -------------------------------------------------------------------------------- ================================================================================ backupninja-1.0.1-1.fc20 (FEDORA-2014-1109) Lightweight, extensible backup system -------------------------------------------------------------------------------- Update Information: Backupninja package initial submission -------------------------------------------------------------------------------- References: [ 1 ] Bug #1048963 - Review Request: backupninja - Lightweight, extensible backup system https://bugzilla.redhat.com/show_bug.cgi?id=1048963 -------------------------------------------------------------------------------- ================================================================================ bugwarrior-0.6.3-3.fc20 (FEDORA-2014-1095) Sync github, bitbucket, and trac issues with taskwarrior -------------------------------------------------------------------------------- Update Information: Add dependency on python-keyring. -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.3-3 - Added dep on python-keyring. - Annotated the comment about python-jira. * Mon Dec 16 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.3-2 - Patch to disable jira support since it creates a dep nightmare for f19/f18. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036078 - bugwarrior does not work on Fedora 19 -- missing deps - conflicting requirement https://bugzilla.redhat.com/show_bug.cgi?id=1036078 -------------------------------------------------------------------------------- ================================================================================ duplicity-0.6.22-5.fc20 (FEDORA-2014-1133) Encrypted bandwidth-efficient backup using rsync algorithm -------------------------------------------------------------------------------- Update Information: Added patch to fix Amazon s3 backup Added runtime requirement to python-dropbox -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.6.22-5 - Added patch to fix Amazon s3 backup (#1048068) * Mon Jan 13 2014 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.6.22-4 - Added runtime requirement to python-dropbox (#1048656) * Fri Dec 27 2013 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.6.22-3 - Fix ssl cert enforcement (rhbz#960860) - Fix bogus date in changelog * Thu Dec 26 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.6.22-2 - Added runtime requirement to python-paramiko (#819272, #918933) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1048068 - backup to s3 fails with traceback https://bugzilla.redhat.com/show_bug.cgi?id=1048068 [ 2 ] Bug #1048656 - duplicity prints a non-fatal error message https://bugzilla.redhat.com/show_bug.cgi?id=1048656 -------------------------------------------------------------------------------- ================================================================================ easytag-2.1.9-1.fc20 (FEDORA-2014-1118) Tag editor for mp3, ogg, flac and other music files -------------------------------------------------------------------------------- Update Information: Update to 2.1.9 (#1051759) * Lots of general refactoring and stability improvements * Replace most mini buttons with GtkEntry icons * Many memory leak and invalid read fixes, found with Valgrind, cppcheck and the CLang static analyzer * Fix crash when the MusicBrainz CDDB search fails * Remove ancient libmpg123 code and use id3lib for reading the MPEG header * Use GtkDialog for child windows * Many fixes when building for MinGW * Rearrange menus and adjust keyboard accelerators to better fit with the GNOME HIG * Abhinav Jangda’s numerous bug fixes and porting to GIO/GFile * Darshan’s column resizing and reordering patches * Use GApplication for application life cycle * Remove several custom icons and instead use the themed equivalents * Do not split FLAC and Ogg tags by default * Drop old Vorbis comment compatibility (XMMS and COMMENT fields) * Mathias Reineke’s total tracks support, and several other fixes * Adrian Bunk’s FLAC ID3 tag and obsolete translation improvements * Do not set a custom wmclass on the scanner window * Stop installing TODO, HACKING and THANKS files * DocBook XML man page * Marius Gavrilescu’s improvement for illustration image filenames * Dominique Leuenberger’s licence and build improvements * Florian Müllner’s GTK+ 3 deprecation fixes * Ekaterina Gerasimova’s Mallard help, and removal of the outdated user guide * Enrico Nicoletto, Rafael Ferreira and Antonio Fernandes C. Neto’s Brazilian Portuguese translation updates * Marek Černocký’s Czech translation update * Osman Karagöz’s Turkish translation * Gil Forcada’s Catalan translation * Balázs Úr’s Hungarian translation update * Christian Kirbach’s German translation update * Aurimas Černius’s Lithuanian translation update * Stas Solovey’s Russian translation update * Matej Urbančič and Martin Srebotnjak’s Slovenian translation updates * Мирослав Николић’s Serbian translation update * Piotr Drąg’s Polish translation update * Milagros Infante Montero’s Spanish translation update -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1051759 - easytag-2.1.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1051759 [ 2 ] Bug #1027408 - [abrt] easytag-2.1.7-3.fc19: gtk_tree_store_get_path: Process /usr/bin/easytag was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1027408 [ 3 ] Bug #1051903 - easytag.desktop: usage of MIME type "x-directory/normal" is discouraged https://bugzilla.redhat.com/show_bug.cgi?id=1051903 -------------------------------------------------------------------------------- ================================================================================ gnucash-2.6.0-2.fc20 (FEDORA-2014-1136) Finance management application -------------------------------------------------------------------------------- Update Information: This updates GnuCash to 2.6.0, the latest upstream release of GnuCash. For a tour of the new features in GnuCash 2.6, see: http://gnucash.org/2.6-release-tour.phtml This also updates AqBanking to the latest upstream release, adding support for SEPA payments. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Bill Nottingham <notting@xxxxxxxxxx> - 2.6.0-2 - package upstream appdata file * Thu Jan 16 2014 Bill Nottingham <notting@xxxxxxxxxx> - 2.6.0-1 - update to 2.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047126 - Support for SEPA in aqbanking https://bugzilla.redhat.com/show_bug.cgi?id=1047126 [ 2 ] Bug #1047200 - gnucash-2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047200 [ 3 ] Bug #1033805 - Memory leak when saving file https://bugzilla.redhat.com/show_bug.cgi?id=1033805 [ 4 ] Bug #704527 - gnucash fails to build with guile-2.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=704527 -------------------------------------------------------------------------------- ================================================================================ gnucash-docs-2.6.0-1.fc20 (FEDORA-2014-1136) Help files and documentation for the GnuCash personal finanace manager -------------------------------------------------------------------------------- Update Information: This updates GnuCash to 2.6.0, the latest upstream release of GnuCash. For a tour of the new features in GnuCash 2.6, see: http://gnucash.org/2.6-release-tour.phtml This also updates AqBanking to the latest upstream release, adding support for SEPA payments. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 16 2014 Bill Nottingham <notting@xxxxxxxxxx> - 2.6.0-1 - update to 2.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047126 - Support for SEPA in aqbanking https://bugzilla.redhat.com/show_bug.cgi?id=1047126 [ 2 ] Bug #1047200 - gnucash-2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047200 [ 3 ] Bug #1033805 - Memory leak when saving file https://bugzilla.redhat.com/show_bug.cgi?id=1033805 [ 4 ] Bug #704527 - gnucash fails to build with guile-2.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=704527 -------------------------------------------------------------------------------- ================================================================================ golang-github-gorilla-context-0-0.22.git708054d.fc20 (FEDORA-2014-1128) A golang registry for global request variables -------------------------------------------------------------------------------- Update Information: golang exclusivearch for el6+ revert golang >= 1.2 requirement -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.22.git708054d - golang exclusivearch for el6+ - add check * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.21.git708054d - revert golang 1.2 requirement * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.20.git708054d - require golang 1.2 and up -------------------------------------------------------------------------------- ================================================================================ golang-github-kr-pty-0-0.18.git3b1f648.fc20 (FEDORA-2014-1098) PTY interface for Go -------------------------------------------------------------------------------- Update Information: exclusivearch for el6+ revert golang >= 1.2 version requirement -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.18.git3b1f648 - exclusivearch for el6+ * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.17.git3b1f648 - revert golang >= 1.2 version requirement * Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.16.git3b1f648 - require golang 1.2 and up -------------------------------------------------------------------------------- ================================================================================ golang-github-syndtr-gocapability-0-0.5.git3454319.fc20 (FEDORA-2014-1114) POSIX capability library for the Go programming language -------------------------------------------------------------------------------- Update Information: exclusivearch for el6+ -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.5.git3454319 - exclusivearch for el6+ * Fri Jan 17 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.4.git3454319 - require golang as runtime dep -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.3.6-19.svn1890.fc20 (FEDORA-2014-1139) Music player -------------------------------------------------------------------------------- Update Information: - rebuild for new svn release - rebuild for new svn release -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.3.6-19.svn1890 - rebuild for new svn release * Fri Jan 10 2014 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.3.6-18.svn1889 - rebuild for new svn release -------------------------------------------------------------------------------- ================================================================================ gwenhywfar-4.9.0-0.2.beta.fc20 (FEDORA-2014-1136) A multi-platform helper library for other libraries -------------------------------------------------------------------------------- Update Information: This updates GnuCash to 2.6.0, the latest upstream release of GnuCash. For a tour of the new features in GnuCash 2.6, see: http://gnucash.org/2.6-release-tour.phtml This also updates AqBanking to the latest upstream release, adding support for SEPA payments. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 15 2014 Bill Nottingham <notting@xxxxxxxxxx> - 4.9.0-0.2.beta - update to latest upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047126 - Support for SEPA in aqbanking https://bugzilla.redhat.com/show_bug.cgi?id=1047126 [ 2 ] Bug #1047200 - gnucash-2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047200 [ 3 ] Bug #1033805 - Memory leak when saving file https://bugzilla.redhat.com/show_bug.cgi?id=1033805 [ 4 ] Bug #704527 - gnucash fails to build with guile-2.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=704527 -------------------------------------------------------------------------------- ================================================================================ hash-slinger-2.5-1.fc20 (FEDORA-2014-1110) Generate various DNS records such as RFC-4255 SSHFP and RFC-698 TLSA -------------------------------------------------------------------------------- Update Information: Update to 2.5 which has OPENPGPKEY (draft 02) support -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 2.5-1 - Update to 2.5 which has OPENPGPKEY (draft 02) support - Added python-gnupg requires -------------------------------------------------------------------------------- ================================================================================ kmymoney-4.6.4-3.fc20 (FEDORA-2014-1136) Personal finance -------------------------------------------------------------------------------- Update Information: This updates GnuCash to 2.6.0, the latest upstream release of GnuCash. For a tour of the new features in GnuCash 2.6, see: http://gnucash.org/2.6-release-tour.phtml This also updates AqBanking to the latest upstream release, adding support for SEPA payments. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 16 2014 Bill Nottingham <notting@xxxxxxxxxx> - 4.6.4-3 - rebuild (aqbanking) * Mon Dec 16 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.6.4-2 - rebuild (kdchart) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047126 - Support for SEPA in aqbanking https://bugzilla.redhat.com/show_bug.cgi?id=1047126 [ 2 ] Bug #1047200 - gnucash-2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047200 [ 3 ] Bug #1033805 - Memory leak when saving file https://bugzilla.redhat.com/show_bug.cgi?id=1033805 [ 4 ] Bug #704527 - gnucash fails to build with guile-2.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=704527 -------------------------------------------------------------------------------- ================================================================================ libreswan-3.8-1.fc20 (FEDORA-2014-1121) IPsec implementation with IKEv1 and IKEv2 keying protocols -------------------------------------------------------------------------------- Update Information: Updated to 3.8, fixes CVE-2013-6467 (rhbz#1054102) -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 3.8-1 - Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1054102 - libreswan-3.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1054102 -------------------------------------------------------------------------------- ================================================================================ luarocks-2.1.2-1.fc20 (FEDORA-2014-1119) A deployment and management system for Lua modules -------------------------------------------------------------------------------- Update Information: Changes in 2.1.2: http://lua-users.org/lists/lua-l/2014-01/msg00257.html * a new command, "luarocks doc <module>" that tries to find any installed documentation. * a rocks_provided configuration entry in which you can preload dependencies that are already fulfilled in your system; a few defaults are included * generated script wrappers are now more robust * Minor performance improvements * Support for "named trees", so you can label your rocks trees and use flags such as --tree=system or --tree=user instead of the full path * `luarocks` with no arguments presents more useful diagnostics * plus assorted bugfixes Changes in 2.1.1: http://lua-users.org/lists/lua-l/2013-10/msg00800.html * Remote manifests are now compressed and locally cached, making commands faster * New command "write_rockspec" which generates rockspec file templates * detection of multiarch directories on Linux * New --force=fast option for 'luarocks remove' * New --local-tree flag for 'luarocks-admin make-manifest' * Improved error checking * plus assorted bugfixes Changes in 2.1.0: http://lua-users.org/lists/lua-l/2013-08/msg00137.html * accesses manifest-{5.1,5.2} in remote servers to provide properly filtered results for Lua 5.1 or 5.2 * Remove old versions when installing a new one and old versions are no longer needed to honor dependencies. * 'make bootstrap' is now an advertised option for installing LuaRocks itself as a rock on Unix systems * 'luarocks purge --old-versions' for cleaning up a local tree * --keep flag to produce the old behavior of keeping old versions around (can be made permanent setting keep_old_versions=true in the config file) * security config options 'accepted_build_types' and 'hooks_enabled' * 'lua_version' is now available as a global for your config.lua * new flags --lr-path, --lr-cpath, --lr-bin for 'luarocks path' for use in scripts * friendlier error messages * plus bugfixes -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 16 2014 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 2.1.2-1 - Update to 2.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #995808 - luarocks-2.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=995808 -------------------------------------------------------------------------------- ================================================================================ midori-0.5.7-1.fc20 (FEDORA-2014-1111) A lightweight GTK+ web browser -------------------------------------------------------------------------------- Update Information: Update to 0.5.7. A bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Kevin Fenzi <kevin@xxxxxxxxx> 0.5.7-1 - Update to 0.5.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035245 - midori-0.5.6 missing nojs icons in the package https://bugzilla.redhat.com/show_bug.cgi?id=1035245 -------------------------------------------------------------------------------- ================================================================================ nss-3.15.4-1.fc20 (FEDORA-2014-1120) Network Security Services -------------------------------------------------------------------------------- Update Information: Update of the nss, nss-softokn, and nss-util packages to nss-3.15.4, a patch release for NSS 3.15 which includes the following security-relevant bug: (CVE-2013-1740) When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv For further details refer to the nss upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.4-1 - Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Resolves: Bug 1054456 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1053725 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue https://bugzilla.redhat.com/show_bug.cgi?id=1053725 -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.15.4-1.fc20 (FEDORA-2014-1120) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: Update of the nss, nss-softokn, and nss-util packages to nss-3.15.4, a patch release for NSS 3.15 which includes the following security-relevant bug: (CVE-2013-1740) When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv For further details refer to the nss upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.3-2 - Update to NSS_3_15_4_RTM - Resolves: Bug 1049229 - nss-3.15.4 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1053725 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue https://bugzilla.redhat.com/show_bug.cgi?id=1053725 -------------------------------------------------------------------------------- ================================================================================ nss-util-3.15.4-1.fc20 (FEDORA-2014-1120) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: Update of the nss, nss-softokn, and nss-util packages to nss-3.15.4, a patch release for NSS 3.15 which includes the following security-relevant bug: (CVE-2013-1740) When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv For further details refer to the nss upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.4-1 - Update to NSS_3_15_4_RTM - Resolves: Bug 1049229 - nss-3.15.4 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1053725 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue https://bugzilla.redhat.com/show_bug.cgi?id=1053725 -------------------------------------------------------------------------------- ================================================================================ openstack-savanna-2014.1.b1-1.fc20 (FEDORA-2014-1103) Apache Hadoop cluster management on OpenStack -------------------------------------------------------------------------------- Update Information: 2014.1.b1 release Fix db connection url bug found when doing a fresh install OpenStack Savanna 0.3 release -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Matthew Farrellee <matt@redhat> - 2014.1.b1-1 - 2014.1.b1 release * Tue Oct 22 2013 Matthew Farrellee <matt@redhat> - 0.3-3 - Include Vanilla Plugin SQL files (for EDP) * Tue Oct 22 2013 Matthew Farrellee <matt@redhat> - 0.3-2 - Fix db connection url * Sun Oct 20 2013 Matthew Farrellee <matt@redhat> - 0.3-1 - 0.3 release - Enable logging into /var/log/savanna * Fri Oct 11 2013 Matthew Farrellee <matt@redhat> - 0.3-0.2 - 0.3 rc3 build -------------------------------------------------------------------------------- ================================================================================ perl-qpid_proton-0.6-1.fc20 (FEDORA-2014-1137) Perl language bindings for Qpid Proton -------------------------------------------------------------------------------- Update Information: Rebased on Qpid Proton 0.6. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.6-1 - Rebased on Qpid Proton 0.6. -------------------------------------------------------------------------------- ================================================================================ pkgwat-0.10-1.fc20 (FEDORA-2014-1113) CLI tool for querying the fedora packages webapp -------------------------------------------------------------------------------- Update Information: Add shortened options for pagination. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.10-1 - Added short flags for pagination. -------------------------------------------------------------------------------- ================================================================================ python-django-savanna-2014.1.b1-1.fc20 (FEDORA-2014-1142) Savanna project dashboard -------------------------------------------------------------------------------- Update Information: 2014.1.b1 release OpenStack Savanna 0.3 release -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Matthew Farrellee <matt@redhat> - 2014.1.b1-1 - 2014.1.b1 release * Sun Oct 20 2013 Matthew Farrellee <matt@redhat> - 0.3-1 - 0.3 release * Fri Oct 11 2013 Matthew Farrellee <matt@redhat> - 0.3-0.2 - 0.3 rc3 build -------------------------------------------------------------------------------- ================================================================================ python-savannaclient-0.4.1-1.fc20 (FEDORA-2014-1123) Client library for OpenStack Savanna API -------------------------------------------------------------------------------- Update Information: 2014.1.b1 release OpenStack Savanna 0.3 release -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ qt-4.8.5-15.fc20 (FEDORA-2013-22860) Qt toolkit -------------------------------------------------------------------------------- Update Information: Qt Project Security Advisory: XML Entity Expansion Denial of Service (CVE-2013-4549) See also http://lists.qt-project.org/pipermail/announce/2013-December/000036.html In addition, this update: * adds support for the aarch64 architecture, * fixes QTBUG-35459, a too low character limit for XML entities enforced by the fix for CVE-2013-4549 that was breaking real-world XML files (in particular, the KatePart Lilypond syntax highlighting description), * fixes QTBUG-35460, a misspelling in the error message produced by the CVE-2013-4549 fix when the character limit for XML entities was exceeded. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 4.8.5-15 - drop "Discover printers shared by CUPS 1.6 (#980952)" (#1054312, #980952#c18) * Mon Jan 13 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 4.8.5-14 - fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549) - fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled) * Mon Dec 23 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 4.8.5-13 - Add support for aarch64 (#1046360) * Thu Dec 5 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.8.5-12 - XML Entity Expansion Denial of Service (CVE-2013-4549) -------------------------------------------------------------------------------- ================================================================================ rubygem-qpid_proton-0.6-1.fc20 (FEDORA-2014-1097) Ruby language bindings for the Qpid Proton messaging framework -------------------------------------------------------------------------------- Update Information: Rebased on Proton 0.6. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 17 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.6-1 - Rebased on Proton 0.6. -------------------------------------------------------------------------------- ================================================================================ seren-0.0.17-1.fc20 (FEDORA-2014-1115) Simple VoIP program to create conferences from the terminal -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ simple-xml-2.7.1-2.fc20 (FEDORA-2014-1131) An XML serialization framework for Java -------------------------------------------------------------------------------- Update Information: Initial import (#1002155). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1002155 - Review Request: simple-xml - An XML serialization framework for Java https://bugzilla.redhat.com/show_bug.cgi?id=1002155 -------------------------------------------------------------------------------- ================================================================================ subtitleeditor-0.41.0-1.fc20 (FEDORA-2014-1138) GTK+2 tool to edit subtitles for GNU/Linux/*BSD -------------------------------------------------------------------------------- Update Information: Updated to latest release, added patch to make subtitles visible again. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 16 2014 Artur Szymczak <artur.szymczak@xxxxxxxxxxx> - 0.41.0-1 - Updated to latest release. - Dropping the temporary patch (subtitleeditor-0.40.0-glib.patch) - Fixed upstream. - Added patch for rhbz #906226 (upstream #20793) -------------------------------------------------------------------------------- References: [ 1 ] Bug #906226 - subtitleeditor doesn't show subtitles in video window. https://bugzilla.redhat.com/show_bug.cgi?id=906226 [ 2 ] Bug #926577 - subtitleeditor: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=926577 -------------------------------------------------------------------------------- ================================================================================ twirssi-2.6.3-1.fc20 (FEDORA-2014-1096) An Irssi script to interact with Twitter -------------------------------------------------------------------------------- Update Information: Update to 2.6.3 (bz#1054485) -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 16 2014 Julian C. Dunn <jdunn@xxxxxxxxxxxx> 2.6.3-1 - Update to 2.6.3 (bz#1054485) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1054485 - twirssi 2.6.3 is now available https://bugzilla.redhat.com/show_bug.cgi?id=1054485 -------------------------------------------------------------------------------- ================================================================================ vim-jedi-0.7.0-3.fc20 (FEDORA-2014-1129) The Jedi vim plugin -------------------------------------------------------------------------------- Update Information: some files are missing in RPM package (jedi_vim.py) Update to vim-jedi-0.7.0 (#1047228) -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 Petr Hracek <phracek@xxxxxxxxxx> - 0.7.0-3 - some files are missing in RPM package (jedi_vim.py) * Fri Jan 17 2014 Petr Hracek <phracek@xxxxxxxxxx> - 0.7.0-2 - some files are missing in RPM package * Wed Jan 15 2014 Petr Hracek <phracek@xxxxxxxxxx> - 0.7.0-1 - Update to vim-jedi-0.7.0 (#1047228) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047228 - vim-jedi-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047228 -------------------------------------------------------------------------------- ================================================================================ xmlbeans-maven-plugin-2.3.3-1.fc20 (FEDORA-2014-1124) Maven XML Beans Plugin -------------------------------------------------------------------------------- Update Information: Initial import (#977016). -------------------------------------------------------------------------------- References: [ 1 ] Bug #977016 - Review Request: xmlbeans-maven-plugin - Maven XML Beans Plugin https://bugzilla.redhat.com/show_bug.cgi?id=977016 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
