The following Fedora 20 Security updates need testing: Age URL 73 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 54 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20 29 https://admin.fedoraproject.org/updates/FEDORA-2014-2221/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc20 24 https://admin.fedoraproject.org/updates/FEDORA-2014-2452/augeas-1.2.0-1.fc20 20 https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-3054/python-swiftclient-2.0.2-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3300/pylint-1.1.0-1.fc20,python-astroid-1.0.1-2.fc20,python-logilab-common-0.61.0-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3365/subversion-1.8.8-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3401/php-sabre-dav-1.8.9-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-3427/net-snmp-5.7.2-17.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-3421/mantis-1.2.17-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-3446/ReviewBoard-1.7.22-2.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3454/mingw-gnutls-3.1.22-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3497/catfish-1.0.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-3526/rubygem-rbovirt-0.0.18-4.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-3606/file-5.14-17.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3676/wireshark-1.10.6-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3723/udisks2-2.1.2-2.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 118 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-3065/langtable-0.0.24-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3313/colord-1.1.7-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3292/harfbuzz-0.9.26-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3472/bind-9.9.4-12.P2.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3510/krb5-1.11.5-5.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-3587/ibus-1.5.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-3627/libusbx-1.0.18-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3723/udisks2-2.1.2-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3735/dosfstools-3.0.26-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3719/mesa-10.0.3-1.20140206.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3330/gdisk-0.8.10-2.fc20 The following builds have been pushed to Fedora 20 updates-testing amavisd-new-2.8.1-1.fc20 bugwarrior-0.7.0-3.fc20 cmpfit-1.2-2.fc20 createrepo_c-0.3.0-1.fc20 dmapd-0.0.68-1.fc20 dosfstools-3.0.26-1.fc20 gnome-abrt-0.3.6-1.fc20 kde-plasma-nm-0.9.3.3-3.fc20 kexec-tools-2.0.4-25.fc20 kpcli-2.4-2.fc20 libvirt-1.1.3.4-3.fc20 mesa-10.0.3-1.20140206.fc20 openslide-python-1.0.1-1.fc20 packagedb-cli-1.7.0-1.fc20 perl-Config-Validator-1.2-1.fc20 perl-Data-Dumper-2.151-1.fc20 perl-XML-LibXSLT-1.89-1.fc20 python-glue-0.9.1-1.fc20 python-simplevisor-0.9-1.fc20 simple-scan-3.10.2-1.fc20 spatial4j-0.4.1-1.fc20 udisks2-2.1.2-2.fc20 Details about builds: ================================================================================ amavisd-new-2.8.1-1.fc20 (FEDORA-2014-3711) Email filter with virus scanner and spamassassin support -------------------------------------------------------------------------------- Update Information: Update to version 2.8.1, fix missing dependencies and change clamd socket location. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 16 2014 Juan Orti Alcaine <jorti@xxxxxxxxxxxxxxxxx> 2.8.1-1 - Update to version 2.8.1 - Add missing dependencies - Place tmpfiles conf in _tmpfilesdir - Use _localstatedir macro - Change clamd socket location to /var/run/clamd.amavisd/clamd.sock -------------------------------------------------------------------------------- References: [ 1 ] Bug #991233 - amavisd.service fails to start because required default folders are missing https://bugzilla.redhat.com/show_bug.cgi?id=991233 [ 2 ] Bug #1028653 - Freshclam cannot notify clamd of database updates due to permission denied https://bugzilla.redhat.com/show_bug.cgi?id=1028653 [ 3 ] Bug #1031573 - amavisd-new-2.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1031573 [ 4 ] Bug #1033994 - amavisd-new missing dependency on clamav-server-sysvinit https://bugzilla.redhat.com/show_bug.cgi?id=1033994 [ 5 ] Bug #1052435 - Missing RPM dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1052435 [ 6 ] Bug #1059722 - amavisd-new failed to start, missing required basic modules Unix::Syslog https://bugzilla.redhat.com/show_bug.cgi?id=1059722 -------------------------------------------------------------------------------- ================================================================================ bugwarrior-0.7.0-3.fc20 (FEDORA-2014-3717) Sync github, bitbucket, and trac issues with taskwarrior -------------------------------------------------------------------------------- Update Information: Pull in another forgotten requirement. Pull in forgotten requirement. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.7.0-3 - Added forgotten requirement on python-offtrac * Sat Mar 8 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.7.0-2 - New requirement on python-setuptools. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1074369 - [abrt] bugwarrior-0.7.0-2.fc20: pkg_resources.py:576:resolve:DistributionNotFound: offtrac https://bugzilla.redhat.com/show_bug.cgi?id=1074369 [ 2 ] Bug #1074155 - [abrt] bugwarrior: bugwarrior-pull:5:<module>:ImportError: No module named pkg_resources https://bugzilla.redhat.com/show_bug.cgi?id=1074155 -------------------------------------------------------------------------------- ================================================================================ cmpfit-1.2-2.fc20 (FEDORA-2014-3734) A MINPACK-1 Least Squares Fitting Library in C -------------------------------------------------------------------------------- Update Information: A MINPACK-1 Least Squares Fitting Library in C -------------------------------------------------------------------------------- ================================================================================ createrepo_c-0.3.0-1.fc20 (FEDORA-2014-3706) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information: Update to 0.3.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.3.0-1 - Relevant only for developers using createrepo_c library: New approach for metadata loading in case of internal high-level parser functions (see commit messages for more information: d6ed327595, 0b0e75203e, ad1e8450f5) - Support for changelog limit value == -1 (include all changelogs) - Update debug compilation flags - Update man pages (Add synompsis with usage) - Update usage examples in help -------------------------------------------------------------------------------- ================================================================================ dmapd-0.0.68-1.fc20 (FEDORA-2014-3715) A server that provides DAAP and DPAP shares -------------------------------------------------------------------------------- Update Information: New upstream version New upstream version -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 9 2014 W. Michael Petullo <mike[@]flyn.org> 0.0.68-1 - New upstream version * Sat Mar 8 2014 W. Michael Petullo <mike[@]flyn.org> 0.0.66-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ dosfstools-3.0.26-1.fc20 (FEDORA-2014-3735) Utilities for making and checking MS-DOS FAT filesystems on Linux -------------------------------------------------------------------------------- Update Information: This is an update fixing problem with fsck that could fail repairing some damaged FAT filesystems containing long filenames without corresponding short names. For details see upstream changelog: http://daniel-baumann.ch/gitweb/?p=software/dosfstools.git;a=blob;f=ChangeLog;h=6807d2361bdc464871eedaf23407395dd9e90f53;hb=HEAD -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 3.0.26-1 - New version Resolves: rhbz#1074172 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1074172 - dosfstools-3.0.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1074172 -------------------------------------------------------------------------------- ================================================================================ gnome-abrt-0.3.6-1.fc20 (FEDORA-2014-3730) A utility for viewing problems that have occurred with the system -------------------------------------------------------------------------------- Update Information: - Improved look & feel - Translation updates -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 5 2014 Jakub Filak <jfilak@xxxxxxxxxx> 0.3.6-1 - Translation updates - Use human readable type string everywhere - Display C/C++ instead of CCpp - Truncate possibly long component name to 40 chars. - Disable horizontal scrollbar on problem list - Right-alignment of date entries - Initialize gnome_abrt module before importing its submodules -------------------------------------------------------------------------------- ================================================================================ kde-plasma-nm-0.9.3.3-3.fc20 (FEDORA-2014-3710) Plasma applet written in QML for managing network connections -------------------------------------------------------------------------------- Update Information: Fixes missing connection status for mobile connections -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.3-3 - fix connection status for mobile connections * Fri Mar 7 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.3-2 - fix build with openconnect -------------------------------------------------------------------------------- ================================================================================ kexec-tools-2.0.4-25.fc20 (FEDORA-2014-3731) The kexec/kdump userspace component -------------------------------------------------------------------------------- Update Information: Warn user about save vmcore path mounted by another disk Pass disable_cpu_apicid to kexec of capture kernel add kdump-in-cluster-environment.txt to rpm pkg ssh dump: create random-seed manually makedumpfile: Improve progress information for huge memory system a few backports and script fixes -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-25 - Warn user about save vmcore path mounted by another disk - omit dracut resume module * Wed Mar 5 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-24 - Pass disable_cpu_apicid to kexec of capture kernel - Relax restriction of dumping on encrypted target - Regression fix on wdt kernel drivers install * Mon Feb 17 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-23 - add kdump-in-cluster-environment.txt to rpm pkg - Secure Boot status check warning - Some watchdog driver support * Wed Jan 29 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-22 - ssh dump: create random-seed manually - Add fence kdump support * Wed Jan 22 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-21 - makedumpfile: Improve progress information for huge memory system - s390: use nr_cpus=1 instead of maxcpus=1 * Fri Jan 17 2014 WANG Chao <chaowang@xxxxxxxxxx> - 2.0.4-20 - vmcore-dmesg: fix timestamp error in vmcore-dmesg.txt - makedumpfile: re-enable mmap() and introduce --non-mmap - kdump.conf uncomment default core_collector line - fix an issue when 'ssh' directive appearing in kdump.conf, the rest part of lines in this file are ignored -------------------------------------------------------------------------------- ================================================================================ kpcli-2.4-2.fc20 (FEDORA-2014-3713) KeePass Command Line Interface (CLI) / interactive shell -------------------------------------------------------------------------------- Update Information: Added perl perl(Capture::Tiny) and perl(Clipboard) Updated to 2.4 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Matias Kreder <delete@xxxxxxxxxxxxxxxxx> 2.4-2 - Added perl perl(Capture::Tiny) and perl(Clipboard) * Sun Mar 2 2014 Matias Kreder <delete@xxxxxxxxxxxxxxxxx> 2.4-1 - Updated to 2.4 -------------------------------------------------------------------------------- ================================================================================ libvirt-1.1.3.4-3.fc20 (FEDORA-2014-3702) Library providing a simple virtualization API -------------------------------------------------------------------------------- Update Information: * Escape XML characters in volume XML (bz #1074528) * Fix libvirt-guests.service on host boot (bz #1031696) -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Cole Robinson <crobinso@xxxxxxxxxx> - 1.1.3.4-3 - Escape XML characters in volume XML (bz #1074528) * Wed Mar 5 2014 Cole Robinson <crobinso@xxxxxxxxxx> - 1.1.3.4-2 - Fix libvirt-guests.service on host boot (bz #1031696) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1074528 - storage volume XML does not escape reserved XML characters https://bugzilla.redhat.com/show_bug.cgi?id=1074528 [ 2 ] Bug #1031696 - libvirt: machines get killed when scopes are destroyed https://bugzilla.redhat.com/show_bug.cgi?id=1031696 -------------------------------------------------------------------------------- ================================================================================ mesa-10.0.3-1.20140206.fc20 (FEDORA-2014-3719) Mesa graphics libraries -------------------------------------------------------------------------------- Update Information: 10.0.3 upstream release (merged from rawhide) -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 6 2014 Igor Gnatenko <i.gnatenko.brain@xxxxxxxxx> - 10.0.3-1.20140206 - 10.0.3 upstream release (merged from rawhide) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1066718 - some games, which worked in F19, no longer work in F20 (radeonsi) https://bugzilla.redhat.com/show_bug.cgi?id=1066718 -------------------------------------------------------------------------------- ================================================================================ openslide-python-1.0.1-1.fc20 (FEDORA-2014-3716) Python bindings for the OpenSlide library -------------------------------------------------------------------------------- Update Information: OpenSlide Python 1.0.1 declares the API stable and adds documentation. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ packagedb-cli-1.7.0-1.fc20 (FEDORA-2014-3733) A CLI for pkgdb -------------------------------------------------------------------------------- Update Information: This update brings you the latest version of pkgdb-cli with the brand new ``branches`` command as well as bugfixes in the ``list --branch`` command. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 1.7.0-1 - Update to 1.7.0 - Add the branches command - Fix the --branch filter in the list command -------------------------------------------------------------------------------- ================================================================================ perl-Config-Validator-1.2-1.fc20 (FEDORA-2014-3727) Schema based configuration validation -------------------------------------------------------------------------------- Update Information: Update to upstream version, rhbz #1071125. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 9 2014 Massimo Paladin <massimo.paladin@xxxxxxxxx> 1.2-1 - Update to upstream version, rhbz #1071125. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1071125 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1071125 -------------------------------------------------------------------------------- ================================================================================ perl-Data-Dumper-2.151-1.fc20 (FEDORA-2014-3726) Stringify perl data structures, suitable for printing and eval -------------------------------------------------------------------------------- Update Information: This release provides useqq() implementation in XS. This release fixes handling very large arrays, building on threaded perl, and typos in the documentation. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2.151-1 - 2.151 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073956 - perl-Data-Dumper-2.151 is available https://bugzilla.redhat.com/show_bug.cgi?id=1073956 -------------------------------------------------------------------------------- ================================================================================ perl-XML-LibXSLT-1.89-1.fc20 (FEDORA-2014-3707) Perl module for interfacing to GNOME's libxslt -------------------------------------------------------------------------------- Update Information: New version contains several bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.89-1 - 1.89 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073968 - perl-XML-LibXSLT-1.89 is available https://bugzilla.redhat.com/show_bug.cgi?id=1073968 -------------------------------------------------------------------------------- ================================================================================ python-glue-0.9.1-1.fc20 (FEDORA-2014-3704) A simple command line tool to generate CSS sprites -------------------------------------------------------------------------------- Update Information: Update upstream version to 0.9.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 6 2014 Lorenzo Gil Sanchez <lorenzo.gil.sanchez@xxxxxxxxx> - 0.9.1-1 - Update upstream version to 0.9.1 - Added %check step for running the package tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063023 - python-glue-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1063023 -------------------------------------------------------------------------------- ================================================================================ python-simplevisor-0.9-1.fc20 (FEDORA-2014-3724) Python simple daemons supervisor -------------------------------------------------------------------------------- Update Information: Update to upstream version, rhbz #1071124. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 9 2014 Massimo Paladin <Massimo.Paladin@xxxxxxxxx> - 0.9-1 - Updating to upstream version, rhbz #1071124. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1071124 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1071124 -------------------------------------------------------------------------------- ================================================================================ simple-scan-3.10.2-1.fc20 (FEDORA-2014-3721) Simple scanning utility -------------------------------------------------------------------------------- Update Information: Update to 3.10.2 * Install missing help images * Autosaving rewritten to not depend on SQLite * Fix page size not being applied on some drivers -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 9 2014 David King <amigadave@xxxxxxxxxxxxx> - 3.10.2-1 - Update to 3.10.2 -------------------------------------------------------------------------------- ================================================================================ spatial4j-0.4.1-1.fc20 (FEDORA-2014-3725) A Geospatial Library for Java -------------------------------------------------------------------------------- Update Information: update to 0.4.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 gil cattaneo <puntogil@xxxxxxxxx> 0.4.1-1 - update to 0.4.1 - switch to java-headless (build)requires (rhbz#1068543) -------------------------------------------------------------------------------- ================================================================================ udisks2-2.1.2-2.fc20 (FEDORA-2014-3723) Disk Manager -------------------------------------------------------------------------------- Update Information: Fix CVE-2014-0004: stack-based buffer overflow when handling long path names -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 10 2014 Jan Safranek <jsafrane@xxxxxxxxxx>- 2.1.2-2.fc20 - Fix CVE-2014-0004: stack-based buffer overflow when handling long path names (#1074459) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1049703 - CVE-2014-0004 udisks and udisks2: stack-based buffer overflow when handling long path names https://bugzilla.redhat.com/show_bug.cgi?id=1049703 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
