The following Fedora 20 Security updates need testing: Age URL 64 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.fc20 50 https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient-1.8.0-1.fc20 41 https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20 33 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2014-0579/flite-1.3-21.fc20 18 https://admin.fedoraproject.org/updates/FEDORA-2014-0602/graphviz-2.34.0-8.fc20 14 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-0926/memcached-1.4.17-1.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2014-0978/ibus-chewing-1.4.6-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1396/moodle-2.5.4-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-1481/mupdf-1.1-5.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-1552/xen-4.3.1-8.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1619/tntnet-2.2.1-2.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1742/quassel-0.9.2-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1463/openstack-nova-2013.2.1-4.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1647/lightdm-gtk-1.6.1-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1745/mediawiki-1.21.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1747/ikiwiki-3.20140125-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1811/socat-1.7.2.3-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1770/libpng12-1.2.50-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1803/libpng15-1.5.17-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1778/libpng10-1.0.60-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1758/tpp-1.3.1-16.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 78 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2014-0987/anaconda-20.25.16-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-1276/pcre-8.33-4.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-1197/colord-1.1.6-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-1231/libwacom-0.8-2.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1395/krb5-1.11.3-39.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-1480/crda-1.1.3_2013.11.27-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-1436/libnl3-3.2.24-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-1448/network-manager-applet-0.9.9.0-8.git20140123.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-1535/clutter-1.16.2-3.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1606/libgsf-1.14.29-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1710/librepo-1.5.2-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1749/NetworkManager-0.9.9.0-28.git20131003.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1762/openldap-2.4.39-1.fc20 The following builds have been pushed to Fedora 20 updates-testing NetworkManager-0.9.9.0-28.git20131003.fc20 NetworkManager-openvpn-0.9.9.0-0.1.git20140128.fc20 dhcp-4.2.6-0.3.rc1.fc20 eclipse-m2e-core-1.4.0-11.1.fc20 facter-1.7.4-1.fc20 fossil-1.28-1.20140127173344.fc20 ghc-7.6.3-18.3.fc20 gnumed-1.4.5-1.fc20 gnumed-server-19.5-1.fc20 homerun-1.2.0-1.fc20 ikiwiki-3.20140125-1.fc20 kexec-tools-2.0.4-22.fc20 libpng10-1.0.60-6.fc20 libpng12-1.2.50-6.fc20 libpng15-1.5.17-2.fc20 mediawiki-1.21.5-1.fc20 mingw-freeimage-3.15.4-3.fc20 nar-maven-plugin-3.0.0-4.fc20 ncbi-blast+-2.2.29-2.fc20 ocaml-cppo-0.9.3-2.fc20 ocserv-0.3.0-2.fc20 openldap-2.4.39-1.fc20 pcp-3.8.12-1.fc20 perl-DBD-Pg-2.19.3-6.fc20 perl-DBD-SQLite-1.40-3.fc20 perl-Throwable-0.102080-11.fc20 perl-URI-Title-1.86-7.fc20 php-pecl-zip-1.12.4-1.fc20 pocl-0.9-1.fc20 pyp2rpm-1.0.1-4.fc20 python-django-longerusername-0.4-4.20130204gite4e85d7d.fc20 python-matplotlib-1.3.1-2.fc20 python-txzmq-0.7.0-1.fc20 python-virtualenvwrapper-4.2-1.fc20 python-virtualenvwrapper-4.2-2.fc20 rubygem-hoe-3.8.1-1.fc20 rubygem-isolate-3.2.4-1.fc20 sblim-sfcc-2.2.5-5.fc20 selinux-policy-3.12.1-122.fc20 socat-1.7.2.3-1.fc20 spacefm-0.9.3-1.fc20 sslsplit-0.4.8-1.fc20 surfraw-2.2.9-1.fc20 tomboy-1.15.4-1.fc20 tpp-1.3.1-16.fc20 wireshark-1.10.5-3.fc20 x2goclient-4.0.1.3-3.fc20 Details about builds: ================================================================================ NetworkManager-0.9.9.0-28.git20131003.fc20 (FEDORA-2014-1749) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: The update fixes these issues: - platform: ignore errors adding IPv6 point-to-point address (fixes possible crash with new NM-openvpn package) - libnm-glib: fix return value in nm_remote_settings_load_connections() - core: fix crash when connecting to new Wi-Fi network (bgo #723163) - systemd: add "Before=network.service" on Fedora/RHEL (rh #1034983) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Jiří Klimeš <jklimes@xxxxxxxxxx> - 0.9.9.0-28.git20131003 - platform: ignore errors adding IPv6 point-to-point address - libnm-glib: fix return value in nm_remote_settings_load_connections() - core: fix crash when connecting to new Wi-Fi network (bgo #723163) - systemd: add "Before=network.service" on Fedora/RHEL (rh #1034983) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1033868 - NM ignores IPv6 setting received from OpenVPN https://bugzilla.redhat.com/show_bug.cgi?id=1033868 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-openvpn-0.9.9.0-0.1.git20140128.fc20 (FEDORA-2014-1746) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: This update - adds support for IPv6 inside tunnels (rh #1033868) - adds support for interactive mode -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Dan Williams <dcbw@xxxxxxxxxx> - 1:0.9.9.0-0.1 - core: add support for IPv6 inside tunnels (rh #1033868) - auth: add support for interactive mode -------------------------------------------------------------------------------- References: [ 1 ] Bug #1033868 - NM ignores IPv6 setting received from OpenVPN https://bugzilla.redhat.com/show_bug.cgi?id=1033868 -------------------------------------------------------------------------------- ================================================================================ dhcp-4.2.6-0.3.rc1.fc20 (FEDORA-2014-1457) Dynamic host configuration protocol software -------------------------------------------------------------------------------- Update Information: Release-candidate of new upstream bug-fix release. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.6-0.3.rc1 - 4.2.6rc1 * Tue Jan 28 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.6-0.2.b1 - don't apply retransmission.patch for now (RHBZ#1026565) * Thu Jan 23 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.6-0.1.b1 - 4.2.6b1 -------------------------------------------------------------------------------- ================================================================================ eclipse-m2e-core-1.4.0-11.1.fc20 (FEDORA-2014-1810) Maven integration for Eclipse -------------------------------------------------------------------------------- Update Information: This fixes the internal error that occurs at the archetype selection screen when creating a new maven project or module. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 27 2014 Gerard Ryan <galileo@xxxxxxxxxxxxxxxxx> - 1.4.0-11.1 - Fix for RHBZ#1015324: Failing to retrieve archetypes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1015324 - Failing to retrieve Archetypes https://bugzilla.redhat.com/show_bug.cgi?id=1015324 -------------------------------------------------------------------------------- ================================================================================ facter-1.7.4-1.fc20 (FEDORA-2014-1783) Command and ruby library for gathering system information -------------------------------------------------------------------------------- Update Information: This is an upstream bug fix release. Refer to the release notes for a full list of issues that have been resolved: http://docs.puppetlabs.com/facter/1.7/release_notes.html#facter-174 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Todd Zullinger <tmz@xxxxxxxxx> - 1.7.4-1 - Update to 1.7.4 - Create /etc/facter/facts.d for external facts - Send dmiddecode errors to /dev/null in the virtual fact (FACT-86) * Tue Oct 8 2013 Sam Kottler <skottler@xxxxxxxxxxxxxxxxx> - 1.7.3-1 - Update to 1.7.3 (BZ #1016817) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016817 - Upgrade to the latest version of Facter https://bugzilla.redhat.com/show_bug.cgi?id=1016817 -------------------------------------------------------------------------------- ================================================================================ fossil-1.28-1.20140127173344.fc20 (FEDORA-2014-1751) A distributed SCM with bug tracking and wiki -------------------------------------------------------------------------------- Update Information: Update to 1.28 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 1.28-1.20140127173344 - Update to 1.28 - Remove patch to use system sqlite -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058643 - fossil-1.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=1058643 -------------------------------------------------------------------------------- ================================================================================ ghc-7.6.3-18.3.fc20 (FEDORA-2014-1787) Glasgow Haskell Compiler -------------------------------------------------------------------------------- Update Information: fix FFI segfault on i686 related to selinux double-mapping (http://ghc.haskell.org/trac/ghc/ticket/7629) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Jens Petersen <petersen@xxxxxxxxxx> - 7.6.3-18.3 - fix segfault on i686 when using ffi double-mapping for selinux (#907515) see http://hackage.haskell.org/trac/ghc/ticket/7629 (thanks Garrett Mitchener for patch committed upstream) -------------------------------------------------------------------------------- References: [ 1 ] Bug #907515 - gtk2hs timer program compiled with ghc 7.4 segfaults on i686 https://bugzilla.redhat.com/show_bug.cgi?id=907515 -------------------------------------------------------------------------------- ================================================================================ gnumed-1.4.5-1.fc20 (FEDORA-2014-1796) The GNUmed client -------------------------------------------------------------------------------- Update Information: Many improvements, see http://gitorious.org/gnumed/gnumed/blobs/master/gnumed/CHANGELOG up to v1.4.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.4.5-1 - Update to 1.4.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #984513 - gnumed-1.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=984513 [ 2 ] Bug #984514 - gnumed-server-19.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=984514 -------------------------------------------------------------------------------- ================================================================================ gnumed-server-19.5-1.fc20 (FEDORA-2014-1796) The GNUmed back end server -------------------------------------------------------------------------------- Update Information: Many improvements, see http://gitorious.org/gnumed/gnumed/blobs/master/gnumed/CHANGELOG up to v1.4.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 19.5-1 - Update to v19.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #984513 - gnumed-1.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=984513 [ 2 ] Bug #984514 - gnumed-server-19.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=984514 -------------------------------------------------------------------------------- ================================================================================ homerun-1.2.0-1.fc20 (FEDORA-2014-1748) KDE Application Launcher -------------------------------------------------------------------------------- Update Information: Update to latest upstream version. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.2.0-1 - 1.2.0 -------------------------------------------------------------------------------- ================================================================================ ikiwiki-3.20140125-1.fc20 (FEDORA-2014-1747) A wiki compiler -------------------------------------------------------------------------------- Update Information: Update to the latest stable version. Changes in ikiwiki 3.20140125: * inline: Allow overriding the title of the feed. Closes: http://bugs.debian.org/735123 Thanks, Christophe Rhodes * osm: Escape name parameter. Closes: http://bugs.debian.org/731797 Changes in ikiwiki 3.20140102: * aggregate: Improve display of post author. * poll: Fix behavior of poll buttons when inlined. * Fixed unncessary tight loop hash copy in saveindex where a pointer can be used instead. Can speed up refreshes by nearly 50% in some circumstances. * Optimized loadindex by caching the page name in the index. * Added only_committed_changes config setting, which speeds up wiki refresh by querying git to find the files that were changed, rather than looking at the work tree. Not enabled by default as it can break some setups where not all files get committed to git. * comments: Write pending moderation comments to the transient underlay to avoid conflict with only_committed_changes. * search: Added google_search option, which makes it search google rather than using the internal xapain database. (googlesearch plugin is too hard to turn on when xapain databases corrupt themselves, which happens all too frequently). * osm: Remove invalid use of charset on embedded javascript tags. Closes: http://bugs.debian.org/731197 * style.css: Add compatibility definitions for more block-level html5 elements. Closes: http://bugs.debian.org/731199 * aggregrate: Fix several bugs in handling of empty and colliding titles when generating filenames. -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 25 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20140125-1 - Update to 3.20140125. * Sat Jan 25 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20140102-1 - Update to 3.20140102. - Modernize spec file. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1039938 - ikiwiki: osm plugin does not correctly sanitize parameters https://bugzilla.redhat.com/show_bug.cgi?id=1039938 -------------------------------------------------------------------------------- ================================================================================ kexec-tools-2.0.4-22.fc20 (FEDORA-2014-1775) The kexec/kdump userspace component -------------------------------------------------------------------------------- Update Information: ssh dump: create random-seed manually makedumpfile: Improve progress information for huge memory system a few backports and script fixes -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-22 - ssh dump: create random-seed manually - Add fence kdump support * Wed Jan 22 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-21 - makedumpfile: Improve progress information for huge memory system - s390: use nr_cpus=1 instead of maxcpus=1 * Fri Jan 17 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-20 - vmcore-dmesg: fix timestamp error in vmcore-dmesg.txt - makedumpfile: re-enable mmap() and introduce --non-mmap - kdump.conf uncomment default core_collector line - fix an issue when 'ssh' directive appearing in kdump.conf, the rest part of lines in this file are ignored -------------------------------------------------------------------------------- ================================================================================ libpng10-1.0.60-6.fc20 (FEDORA-2014-1778) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: This update fixes an issue in which an image with a missing or empty palette could cause a crash of a libpng10-using application (CVE-2013-6954). -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 23 2014 Paul Howarth <paul@xxxxxxxxxxxx> 1.0.60-6 - handle zero-length PLTE chunk or NULL palette with png_error(), to avoid later reading from a NULL pointer (png_ptr->palette) in png_do_expand_palette() (CVE-2013-6954) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1045561 - CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette https://bugzilla.redhat.com/show_bug.cgi?id=1045561 -------------------------------------------------------------------------------- ================================================================================ libpng12-1.2.50-6.fc20 (FEDORA-2014-1770) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: Adding CVE-2013-6954 patch -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Petr Hracek <phracek@xxxxxxxxxx> - 1.2.50-6 - Adding CVE-2013-6954 patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056856 - CVE-2013-6954 libpng12: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1056856 -------------------------------------------------------------------------------- ================================================================================ libpng15-1.5.17-2.fc20 (FEDORA-2014-1803) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: Adding patch CVE-2013-6954 (#1056856) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Petr Hracek <phracek@xxxxxxxxxx> - 1.5.17-2 - Adding patch CVE-2013-6954 (#1056856) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056856 - CVE-2013-6954 libpng12: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1056856 -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.21.5-1.fc20 (FEDORA-2014-1745) A wiki engine -------------------------------------------------------------------------------- Update Information: - Update to 1.21.5 - (bug 60339) (CVE-2014-1610) SECURITY: Reported RCE in djvu thumbnailing -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 1.21.5-1 - Update to 1.21.5 - (bug 60339) (CVE-2014-1610) SECURITY: Reported RCE in djvu thumbnailing -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058981 - CVE-2014-1610 mediawiki: remote code execution via uploaded DjVu or PDF files https://bugzilla.redhat.com/show_bug.cgi?id=1058981 -------------------------------------------------------------------------------- ================================================================================ mingw-freeimage-3.15.4-3.fc20 (FEDORA-2014-1792) MinGW Windows freeimage library -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1049546 - Review Request: mingw-freeimage - MinGW Windows freeimage library https://bugzilla.redhat.com/show_bug.cgi?id=1049546 -------------------------------------------------------------------------------- ================================================================================ nar-maven-plugin-3.0.0-4.fc20 (FEDORA-2014-1809) Native ARchive plugin for Maven -------------------------------------------------------------------------------- Update Information: Use $RPM_OPT_FLAGS if provided -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 24 2014 Marek Goldmann <mgoldman@xxxxxxxxxx> - 3.0.0-4 - Fixed (hopefully) ARM support * Tue Jan 21 2014 Marek Goldmann <mgoldman@xxxxxxxxxx> - 3.0.0-3 - Add support for handling the $RPM_OPT_FLAGS variable, RHBZ#1056049 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056049 - nar-maven-plugin: Use $RPM_OPT_FLAGS if provided https://bugzilla.redhat.com/show_bug.cgi?id=1056049 -------------------------------------------------------------------------------- ================================================================================ ncbi-blast+-2.2.29-2.fc20 (FEDORA-2014-1806) NCBI BLAST+ finds regions of similarity between biological sequences -------------------------------------------------------------------------------- Update Information: Update to version 2.2.29. See http://www.ncbi.nlm.nih.gov/books/NBK131777/ for full list of changes. Update to version 2.2.29. See http://www.ncbi.nlm.nih.gov/books/NBK131777/ for full list of changes. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 2.2.29-2 - build with debugging symbols (#1058441) * Thu Jan 23 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 2.2.29-1 - update to new upstream version 2.2.29 * Thu Oct 3 2013 Jan Kaluza <jkaluza@xxxxxxxxxx> - 2.2.28-2 - use RPM configure macro instead of ./configure (#1007956) -------------------------------------------------------------------------------- ================================================================================ ocaml-cppo-0.9.3-2.fc20 (FEDORA-2014-1761) Equivalent of the C preprocessor for OCaml programs -------------------------------------------------------------------------------- Update Information: Initial Fedora release of cppo for OCaml -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055394 - Review Request: ocaml-cppo - Equivalent of the C preprocessor for OCaml programs https://bugzilla.redhat.com/show_bug.cgi?id=1055394 -------------------------------------------------------------------------------- ================================================================================ ocserv-0.3.0-2.fc20 (FEDORA-2014-1771) OpenConnect SSL VPN server -------------------------------------------------------------------------------- Update Information: Generated certificates no longer carry an expiration date. Updated to latest upstream version (0.3.0). -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 0.3.0-2 - Generated certificates no longer carry an expiration date. * Mon Jan 27 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 0.3.0-1 - Updated to latest upstream version (0.3.0). - Certificates and private keys are auto-generated. -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.39-1.fc20 (FEDORA-2014-1762) LDAP support libraries -------------------------------------------------------------------------------- Update Information: new upstream release (#1059186); http://www.openldap.org/software/release/changes.html -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Jan Synáček <jsynacek@xxxxxxxxxx> - 2.4.39-1 - new upstream release (#1059186) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059186 - Update openldap to 2.4.39 https://bugzilla.redhat.com/show_bug.cgi?id=1059186 -------------------------------------------------------------------------------- ================================================================================ pcp-3.8.12-1.fc20 (FEDORA-2014-1768) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Resolves SNMP procfs file ICMP line parse issue (BZ 1055818) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.8.12-1 - Resolves SNMP procfs file ICMP line parse issue (BZ 1055818) - Update to latest PCP sources. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055818 - pmcd SEGV in linux pmda https://bugzilla.redhat.com/show_bug.cgi?id=1055818 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-Pg-2.19.3-6.fc20 (FEDORA-2014-1755) A PostgreSQL interface for perl -------------------------------------------------------------------------------- Update Information: This release adapts internal tests to PostgreSQL 9.3. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2.19.3-6 - Adapt to changes in Postgres 9.3 (bug #1058723) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058723 - FTBFS: perl-DBD-Pg-2.19.3-5.fc21: tests fail https://bugzilla.redhat.com/show_bug.cgi?id=1058723 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-SQLite-1.40-3.fc20 (FEDORA-2014-1774) SQLite DBI Driver -------------------------------------------------------------------------------- Update Information: This release adjusts internale tests for sqlite-3.8.2. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1.40-3 - Fix tests with sqlite >= 3.8.2 (bug #1058709) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058709 - FTBFS: perl-DBD-SQLite-1.40-2.fc21: tests fail https://bugzilla.redhat.com/show_bug.cgi?id=1058709 -------------------------------------------------------------------------------- ================================================================================ perl-Throwable-0.102080-11.fc20 (FEDORA-2014-1782) Role for classes that can be thrown -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.102080-11 - Remove bogus R: perl(ExtUtils::MakeMaker) (RHBZ #1052853). - Remove redundant R: perl(Moose). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1052853 - Unnecessary dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1052853 -------------------------------------------------------------------------------- ================================================================================ perl-URI-Title-1.86-7.fc20 (FEDORA-2014-1773) Get the titles of things on the web in a sensible way -------------------------------------------------------------------------------- Update Information: This release fixes the Twitter post extraction feature. Note the optional LWP::Protocol::https module is necessary to use this. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Petr Šabata <contyk@xxxxxxxxxx> - 1.86-7 - Fix the live test failures (#1058734, rt#92091) - Minor spec cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058734 - FTBFS: perl-URI-Title-1.86-6.fc21: tests fail https://bugzilla.redhat.com/show_bug.cgi?id=1058734 -------------------------------------------------------------------------------- ================================================================================ php-pecl-zip-1.12.4-1.fc20 (FEDORA-2014-1808) A ZIP archive management extension -------------------------------------------------------------------------------- Update Information: Upstream Changelog: - build with libzip version 0.11.2 - new methods for ZipArchive: setExternalAttributesName, setExternalAttributesIndex, getExternalAttributesName, getExternalAttributesIndex -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.12.4-1 - Update to 1.12.4 (stable) for libzip 0.11.2 -------------------------------------------------------------------------------- ================================================================================ pocl-0.9-1.fc20 (FEDORA-2014-1788) Portable Computing Language - an OpenCL implementation -------------------------------------------------------------------------------- Update Information: This update delivers the latest stable pocl release, including bug fixes and performance optimizations. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-1 - Update to 0.9 * Fri Jan 17 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.9.rc2 - Update to 0.9RC2 * Wed Jan 15 2014 Dave Airlie <airlied@xxxxxxxxxx> 0.9-0.8.git20131209.9374f32 - bump for rebuild against llvm 3.4 * Mon Dec 9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.7.git20131209.9374f32 - Enable LLVM API mode * Mon Dec 9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.6.git20131209.7fc5dd0 - Update to a working snapshot - Drop utlist.h from Makefile - Set LLC_HOST_CPU to workaround incorrect CPU detection/missing LLVM support * Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.5.git20131111.8a26561 - Fix Requirement * Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.4.git20131111.8a26561 - Add BR on gcc-c++ temporarily - Update to a newer snapshot -------------------------------------------------------------------------------- ================================================================================ pyp2rpm-1.0.1-4.fc20 (FEDORA-2014-1798) Convert Python packages to RPM SPECFILES -------------------------------------------------------------------------------- Update Information: Change requires to setuptools Add rpmdevtools to requires -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Robert Kuska <rkuska@xxxxxxxxxx> - 1.0.1-4 - Change requires from distribute to setuptools - Add rpmdevtools to requires -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056800 - [abrt] pyp2rpm: subprocess.py:1308:_execute_child:OSError: [Errno 2] No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=1056800 [ 2 ] Bug #1036046 - [abrt] pyp2rpm-1.0.1-3.fc20: pkg_resources.py:626:resolve:DistributionNotFound: distribute https://bugzilla.redhat.com/show_bug.cgi?id=1036046 -------------------------------------------------------------------------------- ================================================================================ python-django-longerusername-0.4-4.20130204gite4e85d7d.fc20 (FEDORA-2014-1752) Make django auth.user username field longer -------------------------------------------------------------------------------- Update Information: Adjust dep to python-django14 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4-4.20130204gite4e85d7d - Change dep to python-django14 for #950542 -------------------------------------------------------------------------------- References: [ 1 ] Bug #950542 - Change requires to python-django14 https://bugzilla.redhat.com/show_bug.cgi?id=950542 -------------------------------------------------------------------------------- ================================================================================ python-matplotlib-1.3.1-2.fc20 (FEDORA-2014-1804) Python 2D plotting library -------------------------------------------------------------------------------- Update Information: Match default upstream search method and usage of fonts. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 27 2014 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 1.3.1-2 - Correct environment for and enable %check - Install system wide matplotlibrc under /etc - Do not duplicate mpl-data for python2 and python3 packages - Conditionally bundle data fonts (https://fedorahosted.org/fpc/ticket/381) * Sat Jan 25 2014 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 1.3.1-1 - update to 1.3.1 - use GTKAgg as backend (#1030396, #982793, #1049624) - use fontconfig - add %check for local testing (testing requires a display) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047559 - fails to install stix fonts https://bugzilla.redhat.com/show_bug.cgi?id=1047559 -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.7.0-1.fc20 (FEDORA-2014-1756) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: Latest upstream -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.7.0-1 - Latest upstream. - Dropped support for older pyzmq. * Tue Jan 14 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.2-3 - Narrow dep down to the twisted-core subpackage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1013546 - python-txzmq-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1013546 -------------------------------------------------------------------------------- ================================================================================ python-virtualenvwrapper-4.2-1.fc20 (FEDORA-2014-1760) Enhancements to virtualenv -------------------------------------------------------------------------------- Update Information: Latest upstream http://virtualenvwrapper.readthedocs.org/en/latest/history.html -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 4.2-1 - Latest upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1052209 - python-virtualenvwrapper-4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1052209 -------------------------------------------------------------------------------- ================================================================================ python-virtualenvwrapper-4.2-2.fc20 (FEDORA-2014-1780) Enhancements to virtualenv -------------------------------------------------------------------------------- Update Information: Enable by default by linking to /etc/profile.d/ -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Ralph Bean <rbean@xxxxxxxxxx> - 4.2-2 - Add a symlink to /etc/profile.d/ so that the package works out of the box. * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 4.2-1 - Latest upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #985590 - Commands are not installed after package installation https://bugzilla.redhat.com/show_bug.cgi?id=985590 -------------------------------------------------------------------------------- ================================================================================ rubygem-hoe-3.8.1-1.fc20 (FEDORA-2014-1757) Hoe is a simple rake/rubygems helper for project Rakefiles -------------------------------------------------------------------------------- Update Information: New version 3.8.1 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.8.1-1 - 3.8.1 -------------------------------------------------------------------------------- ================================================================================ rubygem-isolate-3.2.4-1.fc20 (FEDORA-2014-1794) Very simple RubyGems sandbox -------------------------------------------------------------------------------- Update Information: New version 3.2.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.2.4-1 - 3.2.4 -------------------------------------------------------------------------------- ================================================================================ sblim-sfcc-2.2.5-5.fc20 (FEDORA-2014-1793) Small Footprint CIM Client Library -------------------------------------------------------------------------------- Update Information: Move libcimcClientXML.so from -devel to main package - it's needed for proper function -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 2.2.5-5 - Move libcimcClientXML.so from -devel to main package - it's needed for proper function -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-122.fc20 (FEDORA-2014-1700) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: - Allow gdm to create /var/gdm with correct labeling - Allow domains to append rkhunterl lib files. #1057982 - Allow systemd_tmpfiles_t net_admin to communicate with journald - Add interface to getattr on an isid_type for any type of file - Update libs_filetrans_named_content() to have support for /usr/lib/debug directory - Allow initrc_t domtrans to authconfig if unconfined is enabled - Allow docker and mount on devpts chr_file - Allow docker to transition to unconfined_t if boolean set - init calling needs to be optional in domain.te - Allow uncofined domain types to handle transient unit files - Fix labeling for vfio devices - Allow net_admin capability and send system log msgs - Allow lldpad send dgram to NM - Add networkmanager_dgram_send() - rkhunter_var_lib_t is correct type - Back port pcp policy from rawhide - Allow openlmi-storage to read removable devices - Allow system cron jobs to manage rkhunter lib files - Add rkhunter_manage_lib_files() - Fix ftpd_use_fusefs boolean to allow manage also symlinks - Allow smbcontrob block_suspend cap2 - Allow slpd to read network and system state info - Allow NM domtrans to iscsid_t if iscsiadm is executed - Allow slapd to send a signal itself - Allow sslget running as pki_ra_t to contact port 8443, the secure port of the CA. - Fix plymouthd_create_log() interface - Add rkhunter policy with files type definition for /var/lib/rkhunter until it is fixed in rkhunter package - Add mozilla_plugin_exec_t for /usr/lib/firefox/plugin-container - Allow postfix and cyrus-imapd to work out of box - Allow fcoemon to talk with unpriv user domain using unix_stream_socket - Dontaudit domains that are calling into journald to net_admin - Add rules to allow vmtools to do what it does - snapperd is D-Bus service - Update snapper policy - Allow domains to append rkhunter lib files - Allow snapperd to getattr on all fs - Allow xdm to create /var/gdm with correct labeling - Add label for snapper.log - Allow fail2ban-client to read apache log files - Allow thumb_t to execute dbus-daemon in thumb_t -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-122 - Update snapper policy - Allow domains to append rkhunter lib files - Allow snapperd to getattr on all fs - Allow xdm to create /var/gdm with correct labeling - Add label for snapper.log - Allow fail2ban-client to read apache log files - Allow thumb_t to execute dbus-daemon in thumb_t * Mon Jan 27 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-121 - Allow gdm to create /var/gdm with correct labeling - Allow domains to append rkhunterl lib files. #1057982 - Allow systemd_tmpfiles_t net_admin to communicate with journald - Add interface to getattr on an isid_type for any type of file - Update libs_filetrans_named_content() to have support for /usr/lib/debug directory - Allow initrc_t domtrans to authconfig if unconfined is enabled - Allow docker and mount on devpts chr_file - Allow docker to transition to unconfined_t if boolean set - init calling needs to be optional in domain.te - Allow uncofined domain types to handle transient unit files - Fix labeling for vfio devices - Allow net_admin capability and send system log msgs - Allow lldpad send dgram to NM - Add networkmanager_dgram_send() - rkhunter_var_lib_t is correct type - Back port pcp policy from rawhide - Allow openlmi-storage to read removable devices - Allow system cron jobs to manage rkhunter lib files - Add rkhunter_manage_lib_files() - Fix ftpd_use_fusefs boolean to allow manage also symlinks - Allow smbcontrob block_suspend cap2 - Allow slpd to read network and system state info - Allow NM domtrans to iscsid_t if iscsiadm is executed - Allow slapd to send a signal itself - Allow sslget running as pki_ra_t to contact port 8443, the secure port of the CA. - Fix plymouthd_create_log() interface - Add rkhunter policy with files type definition for /var/lib/rkhunter until it is fixed in rkhunter package - Add mozilla_plugin_exec_t for /usr/lib/firefox/plugin-container - Allow postfix and cyrus-imapd to work out of box - Allow fcoemon to talk with unpriv user domain using unix_stream_socket - Dontaudit domains that are calling into journald to net_admin - Add rules to allow vmtools to do what it does - snapperd is D-Bus service - Allow OpenLMI PowerManagement to call 'systemctl --force reboot' - Add haproxy_connect_any boolean - Allow haproxy also to use http cache port by default - Allow haproxy to work as simple HTTP proxy. HAProxy For TCP And HTTP Based Applications - Allow docker to use the network and build images - Allow docker to read selinux files for labeling, and mount on devpts chr_file - Allow domains that transition to svirt_sandbox to send it signals * Tue Jan 21 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-120 - Allow apache to write to the owncloud data directory in /var/www/html... - Allow consolekit to create log dir - Add support for icinga CGI scripts - Add support for icinga - Allow kdumpctl_t to create kdump lock file - Allow kdump to create lnk lock file - Allow nscd_t block_suspen capability - Allow unconfined domain types to manage own transient unit file - Allow systemd domains to handle transient init unit files - Add interfaces to handle transient -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057774 - fail2ban apache-auth filter prevented by SELINUX https://bugzilla.redhat.com/show_bug.cgi?id=1057774 [ 2 ] Bug #1027148 - avc: denied { setattr } for pid=183 comm="systemd-tmpfile" during boot https://bugzilla.redhat.com/show_bug.cgi?id=1027148 [ 3 ] Bug #1054337 - SELinux is preventing lots of random domains the 'net_admin' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1054337 [ 4 ] Bug #1055763 - SELinux is preventing /usr/sbin/httpd from 'write' accesses on the file /var/www/html/owncloud/data/owncloud.db. https://bugzilla.redhat.com/show_bug.cgi?id=1055763 [ 5 ] Bug #1057460 - SELinux is preventing /usr/lib64/dbus-1/dbus-daemon-launch-helper from 'execute' accesses on the file /usr/sbin/snapperd. https://bugzilla.redhat.com/show_bug.cgi?id=1057460 [ 6 ] Bug #1057488 - SELinux is preventing /usr/bin/vmtoolsd from 'write' accesses on the directory /tmp. https://bugzilla.redhat.com/show_bug.cgi?id=1057488 [ 7 ] Bug #1057804 - Socket avc access denied talking to (pki) Cerificate Authority https://bugzilla.redhat.com/show_bug.cgi?id=1057804 [ 8 ] Bug #1057982 - SElinux prevents the rkhunter daily log being sent to root https://bugzilla.redhat.com/show_bug.cgi?id=1057982 [ 9 ] Bug #1058325 - SELinux is preventing /usr/libexec/pegasus/cimprovagt from 'getattr' accesses on the blk_file /dev/sr0. https://bugzilla.redhat.com/show_bug.cgi?id=1058325 [ 10 ] Bug #1057898 - Update 3.12.1-119 breaks snapperd https://bugzilla.redhat.com/show_bug.cgi?id=1057898 -------------------------------------------------------------------------------- ================================================================================ socat-1.7.2.3-1.fc20 (FEDORA-2014-1811) Bidirectional data relay between two data channels ('netcat++') -------------------------------------------------------------------------------- Update Information: Security update for CVE-2014-0019, which fixes a denial of service flaw in socat when using PROXY-CONNECT -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.7.2.3-1 - Updated to 1.7.2.3 for CVE-2014-0019 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057746 - CVE-2014-0019 socat: PROXY-CONNECT address overflow https://bugzilla.redhat.com/show_bug.cgi?id=1057746 -------------------------------------------------------------------------------- ================================================================================ spacefm-0.9.3-1.fc20 (FEDORA-2014-1801) Multi-panel tabbed file and desktop manager -------------------------------------------------------------------------------- Update Information: New version 0.9.3 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 27 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.9.3-1 - 0.9.3 -------------------------------------------------------------------------------- ================================================================================ sslsplit-0.4.8-1.fc20 (FEDORA-2014-1767) Transparent and scalable SSL/TLS interception -------------------------------------------------------------------------------- Update Information: Update to 0.4.8 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 0.4.8-1 - Rebase to upstream 0.4.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057237 - sslsplit 0.4.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1057237 -------------------------------------------------------------------------------- ================================================================================ surfraw-2.2.9-1.fc20 (FEDORA-2014-1799) Shell Users Revolutionary Front Rage Against the Web -------------------------------------------------------------------------------- Update Information: Update to the latest stable version 2.2.9. Changes include: * new elvi: S cisco debcodesearch github gmane jquery mdn mysqldoc oraclesearch pgdoc phpdoc pin wolfram yacy * Changed elvi: aur deblists duckduckgo google * Fixed elvi: ask, ctan, deli, genportage, jamendo, javasun, openbsd musicbrainz, rae, slashdot, slinuxdoc * Removed elvi for dead sites: happypenguin, scroogle, sunonesearch (replaced by oraclesearch) See http://surfraw.alioth.debian.org/ for the detailed changelog. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 2.2.9-1 - Update to 2.2.9. - Modernize spec file. -------------------------------------------------------------------------------- ================================================================================ tomboy-1.15.4-1.fc20 (FEDORA-2014-1769) Note-taking application -------------------------------------------------------------------------------- Update Information: Changes in version 1.15.3: * Fix zombie processes when reading proxy settings * Better error reporting during note parse (Guido Günther) * Documentation: additional add-in pages, pinning, deleting notes (Sindhu S) * Use xz compression for dist tarballs * Flush to disk on note save (Alex Tereschenko) * Windows: GTK#, .NET installer improvements (Alex Tereschenko) * Translation updates: cs, es, gl, id, lv, pl, pt_BR Changes in version 1.15.4: * Translation updates: de, po, sl -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 25 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 1.15.4-1 - Update to 1.15.4. - Fix rpmlint warning about bogus date in the changelog. -------------------------------------------------------------------------------- ================================================================================ tpp-1.3.1-16.fc20 (FEDORA-2014-1758) A ncurses-based presentation tool -------------------------------------------------------------------------------- Update Information: 976686, 976687: Don't execute commands with --exec by default (abe@xxxxxxxxxx) -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 18 2014 jesus m. rodriguez <jmrodri@xxxxxxxxx> 1.3.1-16 - 976686, 976687: add exec patch to spec file (jmrodri@xxxxxxxxx) - 976686, 976687: Don't execute commands with --exec by default (abe@xxxxxxxxxx) * Wed Jan 15 2014 jesus m. rodriguez <jmrodri@xxxxxxxxx> 1.3.1-15 - patch to make it work (jmrodri@xxxxxxxxx) * Wed Jan 15 2014 jesus m. rodriguez <jesusr@xxxxxxxxxx> 1.3.1-14 - 977368: remove invalid vim-filesystem dependency (maxamillion@xxxxxxxxxxxxxxxxx) -------------------------------------------------------------------------------- References: [ 1 ] Bug #976686 - CVE-2013-2208 tpp: Possibility of arbitrary code execution when processing untrusted TPP template [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=976686 [ 2 ] Bug #976687 - CVE-2013-2208 tpp: Possibility of arbitrary code execution when processing untrusted TPP template [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=976687 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.5-3.fc20 (FEDORA-2014-1805) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: - Fixed paths in the desktop-file -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.5-3 - Fixed paths in the desktop-file (see rhbz #1059188) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059188 - pcap files are not opened by Wireshark when double-clicked in GNOME Nautilus https://bugzilla.redhat.com/show_bug.cgi?id=1059188 -------------------------------------------------------------------------------- ================================================================================ x2goclient-4.0.1.3-3.fc20 (FEDORA-2014-1786) X2Go Client application (Qt4) -------------------------------------------------------------------------------- Update Information: Add patch to fix libssh password auth issue (bug #1057871) Update to 4.0.1.3: - Fix audio for the Linux X2Go Client - Rework keyboard setup in session profile manager (support for keyboard autodetection now) - Configurable GSSAPI delegation - Several translation updates (thanks to the i18n team!!!) - Restrict access to x2goplugin.html to localhost by default. - Update to 4.0.1.2: - Provide Keywords: key in .desktop file. - Store broker HTTPS certificate exceptions in $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions). (Fixes: #328). - Perform sanity checks on data that comes in from X2Go Servers. Prohibit the execution of arbitrary code via the ~/.bashrc file. (Fixes: #333). - Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311). - Update man page for new --tray-icon cmdline option. - Update man page for --broker-url. Explain the syntax of <URL>. - Properly handle (=expand) the "~" character in key filenames. (Brought to attention by Eldamir on IRC. Thanks!). - Expand tilde operator for all other file paths handed over to X2Go Client via sessions file or cmdline parameter. - Syntax fix of x2goclient.desktop file. - Test for various file locations of the pulseaudio cookie file. - Strip whitespaces off of user name, host name and other strings when loading / saving session profiles. (Fixes: #315). - New option --tray-icon. Force showing the tray icon, even for hidden sessions. Also allow creation of .desktop files with --tray-icon optionally being enabled. (Fixes: #316). - Update Spanish translation. - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in config file. This allows choosing the default display for shadow sessions. - Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands on Linux and Mac and plink/pscp on Windows. - Support for ChallengeResponseAuthentication (Google Authenticator) - Additional check if authentication with GSSApi successfull - c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote command produce only stderr and not stdout. It made x2goclient crash if x2gostartagent send LIMIT error. Current commit fixes this issue. - SshMasterConnection should use current user name if no user name is specified in session settings - GSSApi(Kerberos 5) authentication for sshproxy and sshbroker - Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241). - Update summary and description from upstream - Split out browser plugin into x2goplugin package - Add x2goplugin-provider package for apache config Fix cpu usage after connect with libssh 0.6.0. Update to 4.0.1.3: - Fix audio for the Linux X2Go Client - Rework keyboard setup in session profile manager (support for keyboard autodetection now) - Configurable GSSAPI delegation - Several translation updates (thanks to the i18n team!!!) - Restrict access to x2goplugin.html to localhost by default. - Update to 4.0.1.2: - Provide Keywords: key in .desktop file. - Store broker HTTPS certificate exceptions in $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions). (Fixes: #328). - Perform sanity checks on data that comes in from X2Go Servers. Prohibit the execution of arbitrary code via the ~/.bashrc file. (Fixes: #333). - Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311). - Update man page for new --tray-icon cmdline option. - Update man page for --broker-url. Explain the syntax of <URL>. - Properly handle (=expand) the "~" character in key filenames. (Brought to attention by Eldamir on IRC. Thanks!). - Expand tilde operator for all other file paths handed over to X2Go Client via sessions file or cmdline parameter. - Syntax fix of x2goclient.desktop file. - Test for various file locations of the pulseaudio cookie file. - Strip whitespaces off of user name, host name and other strings when loading / saving session profiles. (Fixes: #315). - New option --tray-icon. Force showing the tray icon, even for hidden sessions. Also allow creation of .desktop files with --tray-icon optionally being enabled. (Fixes: #316). - Update Spanish translation. - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in config file. This allows choosing the default display for shadow sessions. - Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands on Linux and Mac and plink/pscp on Windows. - Support for ChallengeResponseAuthentication (Google Authenticator) - Additional check if authentication with GSSApi successfull - c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote command produce only stderr and not stdout. It made x2goclient crash if x2gostartagent send LIMIT error. Current commit fixes this issue. - SshMasterConnection should use current user name if no user name is specified in session settings - GSSApi(Kerberos 5) authentication for sshproxy and sshbroker - Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241). - Update summary and description from upstream - Split out browser plugin into x2goplugin package - Add x2goplugin-provider package for apache config Fix cpu usage after connect with libssh 0.6.0. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 29 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-3 - Add patch to fix libssh password auth issue (bug #1057871) * Wed Jan 22 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-2 - Add patch to fix libssh timeout issue (bug #1053923) * Wed Jan 22 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-1 - Update to 4.0.1.3 - Drop provider patch applied upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057871 - x2goclient fails to connect with password ("Authentication failed") https://bugzilla.redhat.com/show_bug.cgi?id=1057871 [ 2 ] Bug #1053923 - libssh updaet causes 100% cpu https://bugzilla.redhat.com/show_bug.cgi?id=1053923 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test