The following Fedora 20 Security updates need testing: Age URL 87 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 69 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20 34 https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20 33 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20 31 https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3915/squid-3.3.12-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3818/udisks-1.0.4-13.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4135/k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4118/rubygem-rack-ssl-1.3.2-9.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4163/moodle-2.5.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4304/file-5.14-19.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 132 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3884/libosinfo-0.2.9-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-4019/lcms2-2.6-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4085/libevdev-0.6-4.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4052/fftw-3.3.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4295/gtk3-3.10.7-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4304/file-5.14-19.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4306/gstreamer-plugins-bad-free-0.10.23-20.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4291/xorg-x11-drv-synaptics-1.7.4-3.fc20 The following builds have been pushed to Fedora 20 updates-testing asunder-2.5-1.fc20 dd_rescue-1.42.1-3.fc20 dtv-scan-tables-0-5.20140309git177b522.fc20 file-5.14-19.fc20 git-1.9.0-1.fc20 gstreamer-plugins-bad-free-0.10.23-20.fc20 gtk3-3.10.7-1.fc20 mod_authnz_pam-0.9-1.fc20 python-testtools-0.9.35-2.fc20 python-trollius-0.2-1.fc20 python-wsme-0.6-2.fc20 tito-0.5.0-1.fc20 xorg-x11-drv-synaptics-1.7.4-3.fc20 Details about builds: ================================================================================ asunder-2.5-1.fc20 (FEDORA-2014-4296) A graphical Audio CD ripper and encoder -------------------------------------------------------------------------------- Update Information: Upstream release notes (2.5): - Fixed two major bugs that caused Asunder to hang while ripping. - Fixed a bug where the CDDB info from a removed disk still showed up in a newly inserted disk. - Added NetBSD support. - Now logging to /var/log/asunder.log via syslog-ng instead of /tmp/asunder.log - Updated German and Spanish translations. Upstream release notes (2.4): - Added Bengali, Traditional Chinese translations. - Updated Hungarian, Italian translations. - Fixed the eject functionality to be more reliable. - Added support for XDG_CACHE_HOME - Fixed some memory corruption bugs that may have caused crashes and undefined behaviour. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 16 2014 Marcin Zajaczkowski <mszpak ATT wp DOTT pl> - 2.5-1 - Update to 2.5 * Sat Mar 1 2014 Marcin Zajaczkowski <mszpak ATT wp DOTT pl> - 2.4-1 - Update to 2.4 - Fix bogus date in changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047183 - asunder-2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047183 [ 2 ] Bug #1076481 - asunder-2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1076481 -------------------------------------------------------------------------------- ================================================================================ dd_rescue-1.42.1-3.fc20 (FEDORA-2014-4301) Fault tolerant "dd" utility for rescuing data from bad media -------------------------------------------------------------------------------- Update Information: - fix build on 64-bit arches Update to current upstream version Update to current upstream version -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 22 2014 Michal Ambroz <rebus AT seznam dot cz> - 1.42.1-3 - fix libdir to reflect ppc64 * Sat Mar 22 2014 Michal Ambroz <rebus AT seznam dot cz> - 1.42.1-2 - bump to latest upstream release 1.42.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070103 - dd_rescue-1.42.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1070103 -------------------------------------------------------------------------------- ================================================================================ dtv-scan-tables-0-5.20140309git177b522.fc20 (FEDORA-2014-4287) Digital TV scan tables -------------------------------------------------------------------------------- Update Information: There was an issue upstream on generating newer dtv-scan-tables. Due to that, Fedora were using a one year ago table. The bug got fixed at LinuxTV.org today. So, update the fedora package too. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 23 2014 Mauro Carvalho Chehab <m.chehab@xxxxxxxxxx> 0-5.20140309git177b522 - Update to the latest DTV tables -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077571 - The initial DVB-T scan tables are outdated https://bugzilla.redhat.com/show_bug.cgi?id=1077571 -------------------------------------------------------------------------------- ================================================================================ file-5.14-19.fc20 (FEDORA-2014-4304) A utility for determining file types -------------------------------------------------------------------------------- Update Information: fix #1079847 - fix for CVE-2013-7345 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 24 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 5.14-19 - fix redefinition of OFFSET_OOB in CVE-2014-2270 patch * Mon Mar 24 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 5.14-18 - fix #1079847 - fix for CVE-2013-7345 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079846 - CVE-2013-7345 file: extensive backtracking in awk rule regular expression https://bugzilla.redhat.com/show_bug.cgi?id=1079846 -------------------------------------------------------------------------------- ================================================================================ git-1.9.0-1.fc20 (FEDORA-2014-4294) Fast Version Control System -------------------------------------------------------------------------------- Update Information: git 1.9 fixes an issue with certificates. More on this in #1043194 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 17 2014 Ondrej Oprala <ooprala@xxxxxxxxxx> - 1.9.0-1 - Update to 1.9.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1076019 - git 1.9.0 available https://bugzilla.redhat.com/show_bug.cgi?id=1076019 -------------------------------------------------------------------------------- ================================================================================ gstreamer-plugins-bad-free-0.10.23-20.fc20 (FEDORA-2014-4306) GStreamer streaming media framework "bad" plug-ins -------------------------------------------------------------------------------- Update Information: Rebuild for libvpx ABI break. See #1068664 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 13 2014 Wim Taymans <wtaymans@xxxxxxxxxx> - 0.10.23-20 - Rebuild for libvpx ABI break. See #1068664 - Fix modplug include -------------------------------------------------------------------------------- References: [ 1 ] Bug #1068664 - Upgrading libvpx from 1.2.0 to 1.3.0 causes buffer overflow in "vp8enc" GStreamer 0.10 element https://bugzilla.redhat.com/show_bug.cgi?id=1068664 -------------------------------------------------------------------------------- ================================================================================ gtk3-3.10.7-1.fc20 (FEDORA-2014-4295) The GIMP ToolKit (GTK+), a library for creating GUIs for X -------------------------------------------------------------------------------- Update Information: Bug fixes for GNOME 3.10: https://download.gnome.org/sources/gtk+/3.10/gtk+-3.10.7.news -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 24 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 3.10.7-1 - Update to 3.10.7 -------------------------------------------------------------------------------- ================================================================================ mod_authnz_pam-0.9-1.fc20 (FEDORA-2014-4298) PAM authorization checker and PAM Basic Authentication provider -------------------------------------------------------------------------------- Update Information: Rebase to 0.9 to get properly isolated functions. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9-1 - One more function made static for proper isolation. -------------------------------------------------------------------------------- ================================================================================ python-testtools-0.9.35-2.fc20 (FEDORA-2014-4297) Extensions to the Python unit testing framework -------------------------------------------------------------------------------- Update Information: re-enable building the python3-subpackage -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 28 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 0.9.35-2 - re-enable building the python3-subpackage -------------------------------------------------------------------------------- References: [ 1 ] Bug #1071122 - Python 3 packages are no longer building https://bugzilla.redhat.com/show_bug.cgi?id=1071122 -------------------------------------------------------------------------------- ================================================================================ python-trollius-0.2-1.fc20 (FEDORA-2014-4299) A port of the Tulip asyncio module to Python 2 -------------------------------------------------------------------------------- Update Information: Update to 0.2 release add python-futures as build-dep add python-futures as build-dep -------------------------------------------------------------------------------- ================================================================================ python-wsme-0.6-2.fc20 (FEDORA-2014-4289) Web Services Made Easy -------------------------------------------------------------------------------- Update Information: - Latest upstream - Latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 23 2014 Pádraig Brady <pbrady@xxxxxxxxxx> - 0.6-2 - Add missing dependency on python-ipaddr and python-ordereddict -------------------------------------------------------------------------------- ================================================================================ tito-0.5.0-1.fc20 (FEDORA-2014-4302) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Significant improvements, new builders/releasers, removal of dead code and refactoring. New support for writing out a templated version file during tagging. New Copr build system and OBS releasers. Fixed bug with old versions of packages still being left in the yum repodata. Small documentation updates. Fix permissions sources fedpkg modifies. Fix permissions sources fedpkg modifies. Fix permissions sources fedpkg modifies. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 24 2014 Devan Goodwin <dgoodwin@xxxxxxxx> 0.5.0-1 - Prep for python3. (jumanjiman@xxxxxxxxx) - Print output live for longer running rpmbuild commands. (dgoodwin@xxxxxxxxxx) - Add GitAnnexBuilder, using git-annex to store blobs (dcleal@xxxxxxxxxx) - Remove legacy CvsBuilder and CvsReleaser. (dgoodwin@xxxxxxxxxx) - Stop writing temp file to load tito.props from past tag. (dgoodwin@xxxxxxxxxx) - Remove deprecated support for build.py.props config filename. (dgoodwin@xxxxxxxxxx) - Remove a very old hack for assuming config from Makefiles. (dgoodwin@xxxxxxxxxx) - Refactor config overriding. (dgoodwin@xxxxxxxxxx) - Move taggers to sub-directory. (dgoodwin@xxxxxxxxxx) - Move releasers to sub-directory. (dgoodwin@xxxxxxxxxx) - Improved docs for [version_template] section of tito.props (chris.a.st.pierre@xxxxxxxxx) - allow empty dist tag in functional tests (jumanjiman@xxxxxxxxx) - docs: createrepo is needed for functional tests (jumanjiman@xxxxxxxxx) - provide config for editorconfig plugins (jumanjiman@xxxxxxxxx) - Add more missing documentation to MANIFEST.in. (dgoodwin@xxxxxxxxxx) - Assume a default fetch strategy. (dgoodwin@xxxxxxxxxx) - Add markdown docs for FetchBuilder instead of manpage. (dgoodwin@xxxxxxxxxx) - Fix releasers and respect offline flag. (dgoodwin@xxxxxxxxxx) - Support release with fetch builder. (dgoodwin@xxxxxxxxxx) - Add support for passing builder args through a releaser. (dgoodwin@xxxxxxxxxx) - MANIFEST.in: include README.mkd and asciidoc files (code@xxxxxxxxxxxxxxxxxx) - Rename --builder-arg to just --arg in build command. (dgoodwin@xxxxxxxxxx) - Fix issue with releaser temp dir. (dgoodwin@xxxxxxxxxx) - Refactor to just one config object. (dgoodwin@xxxxxxxxxx) - Make external source builder fetch strategy configurable. (dgoodwin@xxxxxxxxxx) - Fix buildroot using ~/rpmbuild/BUILDROOT. (dgoodwin@xxxxxxxxxx) - Refactor builders to allow separate modules. (dgoodwin@xxxxxxxxxx) - Restore building of specific tags. (dgoodwin@xxxxxxxxxx) - Start building with external sources and no tag. (dgoodwin@xxxxxxxxxx) - Allow possibility of building without a pre-existing tag. (dgoodwin@xxxxxxxxxx) - Print koji/brew task ID and URL during release. (dgoodwin@xxxxxxxxxx) * Thu Nov 14 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 0.4.18-1 - Merge the FiledVersionTagger into the base VersionTagger. (dgoodwin@xxxxxxxxxx) - add Copr releaser (msuchy@xxxxxxxxxx) - Fix broken asciidoc. (dgoodwin@xxxxxxxxxx) - Fix old versions in yum repodata. (dgoodwin@xxxxxxxxxx) - adding the FiledVersionTagger class that we are using internally (vbatts@xxxxxxxxxx) - tito report man page missing options (admiller@xxxxxxxxxx) - Implement OBS releaser (msuchy@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-synaptics-1.7.4-3.fc20 (FEDORA-2014-4291) Xorg X11 Synaptics touchpad input driver -------------------------------------------------------------------------------- Update Information: Fix stuck touch points when receiving SYN_DROPPED events (#877464) Unset ClickPad for Cypress touchpads, they do everything in firmware and we get flaky button events if we try to enable software buttons on top of that. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 24 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.7.4-3 - Fix stuck touch points when receving SYN_DROPPED events (#877464) * Fri Mar 21 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.7.4-2 - Unset ClickPad for Cypress touchpads, they do everything in firmware, we can't compete with that. (fdo bug 76341 and 70819) -------------------------------------------------------------------------------- References: [ 1 ] Bug #877464 - BUG: triggered 'if (priv->num_active_touches > priv->num_slots)' https://bugzilla.redhat.com/show_bug.cgi?id=877464 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test