Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
  73  https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack-4.0.0-2.fc20
  65  https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20
  46  https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20
  20  https://admin.fedoraproject.org/updates/FEDORA-2014-2221/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc20
  19  https://admin.fedoraproject.org/updates/FEDORA-2014-2264/python-tahrir-0.5.1-1.fc20
  19  https://admin.fedoraproject.org/updates/FEDORA-2014-2263/python-tahrir-0.5.2-1.fc20
  16  https://admin.fedoraproject.org/updates/FEDORA-2014-2452/augeas-1.2.0-1.fc20
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-2804/easy-rsa-2.2.2-1.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2999/perl-CGI-Application-4.50-9.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-3054/python-swiftclient-2.0.2-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3169/rubygem-activerecord-4.0.0-2.fc20,rubygem-actionpack-4.0.0-3.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3184/freeradius-3.0.1-4.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3222/v8-3.14.5.10-6.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-3300/pylint-1.1.0-1.fc20,python-astroid-1.0.1-2.fc20,python-logilab-common-0.61.0-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3338/mediawiki-1.21.6-1.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
 110  https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-3065/langtable-0.0.24-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3244/audit-2.3.4-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3218/evolution-3.10.4-2.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3203/testdisk-6.14-3.fc20,ntfs-3g-2014.2.15-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-3292/harfbuzz-0.9.26-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3330/gdisk-0.8.9-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3313/colord-1.1.7-1.fc20


The following builds have been pushed to Fedora 20 updates-testing

    ShellCheck-0.3.1-4.fc20
    asunder-2.4-1.fc20
    darktable-1.4.1-1.fc20
    drbdlinks-1.26-1.fc20
    edgar-1.15-1.fc20
    fsarchiver-0.6.19-1.fc20
    gdisk-0.8.9-1.fc20
    mediawiki-1.21.6-1.fc20
    perl-Symbol-Global-Name-0.05-1.fc20
    qbittorrent-3.1.9-1.fc20
    valyriatear-0.6.0-1.fc20
    wxGTK3-3.0.0-4.fc20
    xfce4-equake-plugin-1.3.4-1.fc20

Details about builds:


================================================================================
 ShellCheck-0.3.1-4.fc20 (FEDORA-2014-3342)
 Tool for checking common errors in POSIX shell scripts
--------------------------------------------------------------------------------
Update Information:

executable dynamically linked to the library
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  1 2014 Dridi <dridi.boukelmoune@xxxxxxxxx> - 0.3.1-4
- executable dynamically linked to the library (bug #1069048)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1069048 - minor spec file improvements: for README and symlink
        https://bugzilla.redhat.com/show_bug.cgi?id=1069048
--------------------------------------------------------------------------------


================================================================================
 asunder-2.4-1.fc20 (FEDORA-2014-3343)
 A graphical Audio CD ripper and encoder
--------------------------------------------------------------------------------
Update Information:

Upstream release notes:
- Added Bengali, Traditional Chinese translations.
- Updated Hungarian, Italian translations.
- Fixed the eject functionality to be more reliable.
- Added support for XDG_CACHE_HOME
- Fixed some memory corruption bugs that may have caused crashes and undefined behaviour.

--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  1 2014 Marcin Zajaczkowski <mszpak ATT wp DOTT pl> - 2.4-1
- Update to 2.4
- Fix bogus date in changelog
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1047183 - asunder-2.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1047183
--------------------------------------------------------------------------------


================================================================================
 darktable-1.4.1-1.fc20 (FEDORA-2014-3337)
 Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:

Upgrade to 1.4.1
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 12 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4.1-1
- Upgrade to 1.4.1
- Remove tools source files
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1063007 - darktable-1.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1063007
--------------------------------------------------------------------------------


================================================================================
 drbdlinks-1.26-1.fc20 (FEDORA-2014-3339)
 A program for managing links into a DRBD shared partition
--------------------------------------------------------------------------------
Update Information:

Upstream changes:

  * "Link local" relative symlink detection would add empty strings.strings (Fix by Flavio Grossi)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar  2 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.26-1
- Upgrade to 1.26
--------------------------------------------------------------------------------


================================================================================
 edgar-1.15-1.fc20 (FEDORA-2014-3352)
 A platform game
--------------------------------------------------------------------------------
Update Information:

* Updated Dutch, Japanese, Russian and Ukrainian translations
* Fixed a minor issue when changing direction using an analogue controller
* Fixed the corrupted message that appears when Edgar's inventory is full
* The slime timer above Edgar is now removed when changing maps or loading a game
* Crushers no longer get stuck if they hit a pushable object
* Ice cubes can no longer bounce on springs forever

--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar  2 2014 Andrea Musuruane <musuruan@xxxxxxxxx> - 1.15-1
- Updated to upstream 1.15-1
--------------------------------------------------------------------------------


================================================================================
 fsarchiver-0.6.19-1.fc20 (FEDORA-2014-3335)
 Safe and flexible file-system backup/deployment tool
--------------------------------------------------------------------------------
Update Information:

Update to 0.6.19, fixes a regression introduced in 0.6.18
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  1 2014 Adel Gadllah <adel.gadllah@xxxxxxxxx> - 0.6.19-1
- Update to 0.6.19
- Fixes regression introduced in 0.6.18
--------------------------------------------------------------------------------


================================================================================
 gdisk-0.8.9-1.fc20 (FEDORA-2014-3330)
 An fdisk-like partitioning tool for GPT disks
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release gdisk 0.8.9.

--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar  2 2014 Terje Rosten <terje.rosten@xxxxxxx> - 0.8.9-1
- 0.8.9
* Wed Feb 12 2014 Nils Philippsen <nils@xxxxxxxxxx> - 0.8.8-2
- fix bogus dates in changelog
- rebuild for new libicu
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1066290 - gdisk-0.8.9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1066290
--------------------------------------------------------------------------------


================================================================================
 mediawiki-1.21.6-1.fc20 (FEDORA-2014-3338)
 A wiki engine
--------------------------------------------------------------------------------
Update Information:

* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non-whitelisted namespace.
* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.

--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  1 2014 Michael Cronenworth <mike@xxxxxxxxxx> - 1.21.6-1
- Update to 1.21.6
- (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non- whitelisted namespace.
- (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
- (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1071135 - mediawiki: cross-site scripting flaw when handling SVG images
        https://bugzilla.redhat.com/show_bug.cgi?id=1071135
  [ 2 ] Bug #1071136 - mediawiki: timing attack on token
        https://bugzilla.redhat.com/show_bug.cgi?id=1071136
  [ 3 ] Bug #1071139 - mediawiki: HTML injection
        https://bugzilla.redhat.com/show_bug.cgi?id=1071139
--------------------------------------------------------------------------------


================================================================================
 perl-Symbol-Global-Name-0.05-1.fc20 (FEDORA-2014-3341)
 Finds name and type of a global variable
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 qbittorrent-3.1.9-1.fc20 (FEDORA-2014-3334)
 A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:

- update to 3.1.9 release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar  2 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 1:3.1.9-1
- update to 3.1.9 release
--------------------------------------------------------------------------------


================================================================================
 valyriatear-0.6.0-1.fc20 (FEDORA-2014-3329)
 Valyria Tear is a free 2D J-RPG based on the Hero of Allacrost engine
--------------------------------------------------------------------------------
Update Information:

New release!

Overview of changes:
- Many, many, many bugfixes and performance improvements.
- The characters actual weapon is shown in battles, along with weaponless attack support.
- Custom minimap support.
- New art!
- Battle enemies scriptable AI support.
- Better scripted battle events.
- Equipment and Battle status effect support in battles.
- UI theme change support.
- Menu mode UI stats info display improvements.
- Translated into 4 languages (French, Galician Italian, and German) - Come and add your own!
- Map enemies using patrol way points.
- Scripted puzzle objects.
- and of course, more of the story :)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  1 2014 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> - 0.6.0-1
- New release
* Wed Sep  4 2013 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> 0.6-0.1rc1
- New rc release
--------------------------------------------------------------------------------


================================================================================
 wxGTK3-3.0.0-4.fc20 (FEDORA-2014-3349)
 GTK port of the wxWidgets GUI library
--------------------------------------------------------------------------------
Update Information:

new wxGTK3 package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1020942 - Package Request: wxGTK3
        https://bugzilla.redhat.com/show_bug.cgi?id=1020942
--------------------------------------------------------------------------------


================================================================================
 xfce4-equake-plugin-1.3.4-1.fc20 (FEDORA-2014-3327)
 Plugin for the XFCE panel which monitors earthquakes
--------------------------------------------------------------------------------
Update Information:

Initial RPM version 1.3.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1069050 - Review Request: xfce4-equake-plugin - Plugin for the XFCE panel which monitors earthquakes
        https://bugzilla.redhat.com/show_bug.cgi?id=1069050
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux