The following Fedora 20 Security updates need testing: Age URL 95 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 77 https://admin.fedoraproject.org/updates/FEDORA-2014-0792/libinfinity-0.5.5-1.fc20 42 https://admin.fedoraproject.org/updates/FEDORA-2014-2693/openstack-glance-2013.2.2-1.fc20 41 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20 39 https://admin.fedoraproject.org/updates/FEDORA-2014-2875/oath-toolkit-2.4.1-3.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-4351/check-mk-1.2.4-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4458/xen-4.3.2-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4455/perl-Authen-Captcha-1.024-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4443/xalan-j2-2.7.1-22.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4440/libyaml-0.1.6-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4478/mediawiki-1.21.8-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4542/munin-2.0.20-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4548/perl-YAML-LibYAML-0.41-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4625/v8-3.14.5.10-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4651/php-ZendFramework-1.12.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4675/kernel-3.13.8-200.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4691/a2ps-4.14-23.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4612/php-ZendFramework2-2.2.6-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4633/mod_security-2.7.5-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4690/ImageMagick-6.8.8.10-2.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 140 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4378/harfbuzz-0.9.27-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4432/livecd-tools-20.5-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4500/ibus-1.5.6-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4675/kernel-3.13.8-200.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4683/libvpx-1.3.0-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4604/selinux-policy-3.12.1-149.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4611/less-458-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4638/xdg-utils-1.1.0-0.21.rc2.fc20 The following builds have been pushed to Fedora 20 updates-testing CutyCapt-0-0.2.20130714svn.fc20 ImageMagick-6.8.8.10-2.fc20 ShellCheck-0.3.1-6.fc20 a2ps-4.14-23.fc20 apcupsd-3.14.12-1.fc20 augeas-1.2.0-2.fc20 autojump-21.6.9-1.fc20 cockpit-0.3-1.fc20 cross-binutils-2.24-2.fc20 cross-gcc-4.8.2-2.fc20 duply-1.7.1-1.fc20 erlang-R16B-03.4.fc20 gappa-1.1.1-1.fc20 greybird-1.3.4-1.fc20 groonga-4.0.1-1.fc20 gst-editing-services-1.2.0-1.fc20 hevea-2.13-1.fc20 ibus-kkc-1.5.20-1.fc20 inxi-2.1.13-1.fc20 iperf3-3.0.3-1.fc20 jemalloc-3.6.0-1.fc20 kde-plasma-alsa-volume-0.51.2-1.fc20 kernel-3.13.8-200.fc20 lazarus-1.0.14-1.fc20 less-458-7.fc20 libkkc-0.3.3-1.fc20 libteam-1.10-1.fc20 libvpx-1.3.0-4.fc20 logstalgia-1.0.5-1.fc20 mingw-qt5-qtlocation-5.2.1-2.fc20 mingw-qt5-qtmultimedia-5.2.1-2.fc20 mingw-qt5-qtquick1-5.2.1-2.fc20 mingw-qt5-qtscript-5.2.1-2.fc20 mingw-qt5-qtsensors-5.2.1-2.fc20 mock-1.1.38-1.fc20 mod_security-2.7.5-3.fc20 monitorix-3.5.0-1.fc20 nsd-3.2.17-1.fc20 opendnssec-1.4.4-3.fc20 ovirt-guest-agent-1.0.9-3.fc20 perl-IPC-Run3-0.048-1.fc20 perl-MooseX-Types-Path-Tiny-0.010-2.fc20 perl-Type-Tiny-0.040-1.fc20 php-ZendFramework-1.12.5-1.fc20 php-ZendFramework2-2.2.6-1.fc20 php-horde-Horde-Db-2.1.1-1.fc20 php-pear-Net-IMAP-1.1.3-1.fc20 php-pear-XML-RPC2-1.1.2-1.fc20 php-phpunit-DbUnit-1.3.1-1.fc20 php-phpunit-PHP-CodeCoverage-1.2.17-1.fc20 pitivi-0.93-2.fc20 pocl-0.9-3.fc20 python-argcomplete-0.7.1-1.fc20 python-astroid-1.0.1-3.fc20 python-fedbadges-0.4.2-1.fc20 python-fedmsg-genacls-0.2-1.fc20 python-ironicclient-0.1.2-5.fc20 python-lazy-1.1-2.fc20 rabbitmq-server-3.1.5-4.fc20 selinux-policy-3.12.1-149.fc20 shigofumi-0.5-1.fc20 units-2.02-3.fc20 v8-3.14.5.10-7.fc20 vertica-python-0.2.0-4.fc20 w_scan-20140118-1.fc20 web-assets-5-1.fc20 x2godesktopsharing-3.1.1.1-1.fc20 xdg-utils-1.1.0-0.21.rc2.fc20 xmoto-0.5.11-1.fc20 xrdp-0.6.1-2.fc20 Details about builds: ================================================================================ CutyCapt-0-0.2.20130714svn.fc20 (FEDORA-2014-4643) A small command-line utility to capture WebKit's rendering of a web page -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- ================================================================================ ImageMagick-6.8.8.10-2.fc20 (FEDORA-2014-4690) An X application for displaying and manipulating images -------------------------------------------------------------------------------- Update Information: - Update to 6.8.8-10 with hope to fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 29 2014 Pavel Alexeev <Pahan@xxxxxxxxxxxxx>- 6.8.8.10-2 - Update to 6.8.8-10 with hope to fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). * Mon Jan 6 2014 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 6.8.7.0-4 - Drop BR giflib-devel (bz#1039378) * Thu Jan 2 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 6.8.7.0-3 - Rebuild for libwebp soname bump * Wed Nov 27 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 6.8.7.0-2 - rebuild (openexr) * Fri Nov 8 2013 Kyle McMartin <kyle@xxxxxxxxxxxxxxxxx> - Use 32 instead of hardcoding the list of 64-bit architectures. * Mon Oct 7 2013 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 6.8.7.0-1 - Update to 6.8.7-0 to fix badurl (http://www.mail-archive.com/devel@xxxxxxxxxxxxxxxxxxxxxxx/msg67796.html) * Sun Sep 8 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 6.8.6.3-4 - rebuild (openexr) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1067276 - CVE-2014-1958 ImageMagick: buffer overflow flaw when handling PSD images that use RLE encoding https://bugzilla.redhat.com/show_bug.cgi?id=1067276 [ 2 ] Bug #1064098 - CVE-2014-1947 CVE-2014-2030 ImageMagick, CVE-2014-1947 GraphicsMagick: buffer overflow when handling PSD images https://bugzilla.redhat.com/show_bug.cgi?id=1064098 -------------------------------------------------------------------------------- ================================================================================ ShellCheck-0.3.1-6.fc20 (FEDORA-2014-4649) Tool for checking common errors in POSIX shell scripts -------------------------------------------------------------------------------- Update Information: Switch to dynamic linking and minor spec file improvements executable dynamically linked to the library executable dynamically linked to the library -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 17 2014 Jens Petersen <petersen@xxxxxxxxxx> - 0.3.1-6 - fix shellcheck rpath instead of using ld.so.conf.d - simplify doc files * Sun Mar 16 2014 Dridi <dridi.boukelmoune@xxxxxxxxx> - 0.3.1-5 - added missing ld config * Sat Mar 1 2014 Dridi <dridi.boukelmoune@xxxxxxxxx> - 0.3.1-4 - executable dynamically linked to the library (bug #1069048) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1069048 - minor spec file improvements: for README and symlink https://bugzilla.redhat.com/show_bug.cgi?id=1069048 -------------------------------------------------------------------------------- ================================================================================ a2ps-4.14-23.fc20 (FEDORA-2014-4691) Converts text and other types of files to PostScript -------------------------------------------------------------------------------- Update Information: This update fixes a security problem in the fixps utility (CVE-2014-0466). -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Tim Waugh <twaugh@xxxxxxxxxx> - 4.14-23 - Invoke gs with the -dSAFER option in fixps (CVE-2014-0466, bug #1082411). * Tue Dec 3 2013 Tim Waugh <twaugh@xxxxxxxxxx> - 4.14-22 - Prevent build failure with -Werror=format-security (bug #1036979). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082410 - CVE-2014-0466 a2ps: fixps does not invoke gs with -dSAFER https://bugzilla.redhat.com/show_bug.cgi?id=1082410 -------------------------------------------------------------------------------- ================================================================================ apcupsd-3.14.12-1.fc20 (FEDORA-2014-2662) APC UPS Power Control Daemon for Linux -------------------------------------------------------------------------------- Update Information: Updated to apcupsd 3.14.11 See Release notes for changes http://apcupsd.cvs.sourceforge.net/viewvc/apcupsd/apcupsd/ReleaseNotes?pathrev=Release-3_14_11 reduce amount of debug messages reduce amount of debug messages -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 3.14.12-1 - apcupsd updated to 3.14.12 - force lock dir to /var/lock (#1064099) * Mon Feb 17 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 3.14.11-1 - apcupsd updated to 3.14.11 * Thu Jan 23 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 3.14.10-14 - reduce amount of debug messages (#1053324) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1053324 - Apcupsd prints to stdout unnecessarily https://bugzilla.redhat.com/show_bug.cgi?id=1053324 [ 2 ] Bug #1064099 - apcupsd uses /etc/apcupsd as its lock dir, even though /var/lock exists https://bugzilla.redhat.com/show_bug.cgi?id=1064099 -------------------------------------------------------------------------------- ================================================================================ augeas-1.2.0-2.fc20 (FEDORA-2014-4681) A library for changing configuration files -------------------------------------------------------------------------------- Update Information: * Fix krb5.conf parsing with braces in values -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Dominic Cleal <dcleal@xxxxxxxxxx> - 1.2.0-2 - Add patch for Krb5, parse braces in values (RHBZ#1079444) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079444 - Port augeas fix for krb5.conf lens from el7 BZ#1066419 https://bugzilla.redhat.com/show_bug.cgi?id=1079444 -------------------------------------------------------------------------------- ================================================================================ autojump-21.6.9-1.fc20 (FEDORA-2014-4605) A fast way to navigate your filesystem from the command line -------------------------------------------------------------------------------- Update Information: Update to latest stable version 21.6.9 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 20 2014 Tomas Tomecek <ttomecek@xxxxxxxxxx> - 21.6.9-1 - Update to 21.6.9 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 21.1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065284 - Update autojump to latest stable release (21.6.9) https://bugzilla.redhat.com/show_bug.cgi?id=1065284 -------------------------------------------------------------------------------- ================================================================================ cockpit-0.3-1.fc20 (FEDORA-2014-4606) A user interface for Linux servers -------------------------------------------------------------------------------- Update Information: Update to upstream 0.3 release, including new UI look, and Docker container support Primary package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1061056 - Review Request: cockpit - A user interface for Linux servers https://bugzilla.redhat.com/show_bug.cgi?id=1061056 -------------------------------------------------------------------------------- ================================================================================ cross-binutils-2.24-2.fc20 (FEDORA-2014-4686) A GNU collection of cross-compilation binary utilities -------------------------------------------------------------------------------- Update Information: Upgrade to binutils-2.24 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 David Howells <dhowells@xxxxxxxxxx> - 2.24-2 - A sysroot of / is bad, so make it /usr/<program-prefix>/sys-root/. * Thu Mar 27 2014 David Howells <dhowells@xxxxxxxxxx> - 2.24-1 - Fix formatless sprintfs in Score. * Wed Mar 26 2014 David Howells <dhowells@xxxxxxxxxx> - 2.24-1 - Update to binutils-2.24-1. - Add metag arch support. -------------------------------------------------------------------------------- ================================================================================ cross-gcc-4.8.2-2.fc20 (FEDORA-2014-4689) Cross C compiler -------------------------------------------------------------------------------- Update Information: Upgrade to gcc-4.8.2, adding support for sysroot override and adding the C++ compiler -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 David Howells <dhowells@xxxxxxxxxx> - 4.8.2-2 - A sysroot of / is bad, so make it /usr/<program-prefix>/sys-root/. * Thu Mar 27 2014 David Howells <dhowells@xxxxxxxxxx> - 4.8.2-1 - Rebase on gcc-4.8.2-15 - Enable sysroot [BZ 1011415]. - Enable C++ compiler without libstdc++ [BZ 1078108]. -------------------------------------------------------------------------------- ================================================================================ duply-1.7.1-1.fc20 (FEDORA-2014-4241) Wrapper for duplicity -------------------------------------------------------------------------------- Update Information: Update to the latest released version. Changes in version 1.7.0: - disabled gpg key id plausibility check, too many valid possibilities - featreq 7 "Halt if precondition fails": added and(+), or(-) batch command(separator) support - featreq 26 "pre/post script with shebang line": if a script is flagged executable it's executed in a subshell now as opposed to sourced to bash, which is the default - bugfix: do not check if dpbx, swift credentials are set anymore - bugfix: properly escape profile name, archdir if used as arguments - add DUPL_PRECMD conf setting for use with e.g. trickle Changes in version 1.7.1: - bugfix: purge-* commands renamed to purgeFull, purgeIncr due to incompatibility with new minus batch separator -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 1.7.1-1 - Update to 1.7.1 - Update %description. * Fri Mar 21 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 1.7.0-1 - Update to 1.7.0. -------------------------------------------------------------------------------- ================================================================================ erlang-R16B-03.4.fc20 (FEDORA-2014-4680) General-purpose programming language and runtime environment -------------------------------------------------------------------------------- Update Information: - Create group and user for EPMD * Ver. R16B03-1 * Initial systemd support in EPMD * Ver. R16B03-1 * Initial systemd support in EPMD -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Peter Lemenkov <lemenkov@xxxxxxxxx> - R16B-03.4 - Create group and user for EPMD * Thu Mar 27 2014 Peter Lemenkov <lemenkov@xxxxxxxxx> - R16B-03.3 - Ver. R16B03-1 (Bugfix release) - Enabled systemd support in EPMD * Fri Feb 7 2014 Sam Kottler <skottler@xxxxxxxxxxxxxxxxx> - R16B-03.2 - Fix macro usage for EPEL7 build and added need_bootstrap -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059563 - erlang-R16B03-1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1059563 -------------------------------------------------------------------------------- ================================================================================ gappa-1.1.1-1.fc20 (FEDORA-2014-4640) Prove programs with floating-point or fixed-point arithmetic -------------------------------------------------------------------------------- Update Information: Changes in version 1.1.1: * arithmetic - fixed incorrect error computation for some uncommon bound values * back-ends - fixed crash on useless leaves with undefined properties -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Jerry James <loganjerry@xxxxxxxxx> - 1.1.1-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ greybird-1.3.4-1.fc20 (FEDORA-2014-4614) A clean minimalistic theme for Xfce, GTK+ 2 and 3 -------------------------------------------------------------------------------- Update Information: updated to latest upstream version (1.3.4) -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 1.3.4-1 - Update to upstream release 1.3.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082289 - greybird-1.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082289 -------------------------------------------------------------------------------- ================================================================================ groonga-4.0.1-1.fc20 (FEDORA-2014-4642) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: Update to 4.0.1. See http://groonga.org/docs/news.html#release-4-0-1-2014-03-29. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 4.0.1-1 - new upstream release. -------------------------------------------------------------------------------- ================================================================================ gst-editing-services-1.2.0-1.fc20 (FEDORA-2014-4222) Gstreamer editing services -------------------------------------------------------------------------------- Update Information: Latest version of GES and pitivi. http://lists.freedesktop.org/archives/gstreamer-devel/2014-March/046902.html http://ftp.gnome.org/pub/GNOME/sources/pitivi/0.93/pitivi-0.93.news Fixed gnonlin requires. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077939 - gst-editing-services: version 1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1077939 -------------------------------------------------------------------------------- ================================================================================ hevea-2.13-1.fc20 (FEDORA-2014-4664) LaTeX to HTML translator -------------------------------------------------------------------------------- Update Information: Changes in version 2.13: - More effort to skip comments in arguments. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Jerry James <loganjerry@xxxxxxxxx> - 2.13-1 - New upstream release - Unbreak bytecode build -------------------------------------------------------------------------------- ================================================================================ ibus-kkc-1.5.20-1.fc20 (FEDORA-2014-4650) Japanese Kana Kanji input method for ibus -------------------------------------------------------------------------------- Update Information: new upstream release, which includes: * fix application of pagination_start setting * rename label "IBus Kana Kanji" -> "Kana Kanji Conversion" -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.20-1 - new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024061 - ibus-kkc: A change of the pagination_start option in the setup tool is not applied immediately https://bugzilla.redhat.com/show_bug.cgi?id=1024061 -------------------------------------------------------------------------------- ================================================================================ inxi-2.1.13-1.fc20 (FEDORA-2014-4677) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.1.13 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Vasiliy N. Glazov <vascom2@xxxxxxxxx> 2.1.13-1 - Update to 2.1.13 -------------------------------------------------------------------------------- ================================================================================ iperf3-3.0.3-1.fc20 (FEDORA-2014-4656) Measurement tool for TCP/UDP bandwidth performance -------------------------------------------------------------------------------- Update Information: Update to 3.0.3 and added devel rpm support -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Susant Sahani <ssahani@xxxxxxxxxx> 3.0.3-1 - Update to 3.0.3 and added devel rpm support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1081486 - iperf3-3.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1081486 -------------------------------------------------------------------------------- ================================================================================ jemalloc-3.6.0-1.fc20 (FEDORA-2014-4673) General-purpose scalable concurrent malloc implementation -------------------------------------------------------------------------------- Update Information: New upstream release. This version contains a critical bug fix for a regression present in 3.5.0 and 3.5.1. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> - 3.6.0-1 - New upstream release. This release fixes a critical regression * Fri Mar 28 2014 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> - 3.5.1-1 - New upstream release - Updated nopprof patch to match new release - Fixed a few bogus changelog entries -------------------------------------------------------------------------------- ================================================================================ kde-plasma-alsa-volume-0.51.2-1.fc20 (FEDORA-2014-4660) ALSA Volume Control plasmoid -------------------------------------------------------------------------------- Update Information: * added the restriction of notification; * reimplemented tooltip; -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Fl@sh <kaperang07@xxxxxxxxx> - 0.51.2-1 - version update -------------------------------------------------------------------------------- ================================================================================ kernel-3.13.8-200.fc20 (FEDORA-2014-4675) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.13.8 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.13.8-200 - Linux v3.13.8 * Mon Mar 31 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - Fix clicks getting lost with cypress_ps2 touchpads with recent xorg-x11-drv-synaptics versions (bfdo#76341) * Fri Mar 28 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-2580 xen: netback crash trying to disable due to malformed packet (rhbz 1080084 1080086) - CVE-2014-0077 vhost-net: insufficent big packet handling in handle_rx (rhbz 1064440 1081504) - CVE-2014-0055 vhost-net: insufficent error handling in get_rx_bufs (rhbz 1062577 1081503) - CVE-2014-2568 net: potential info leak when ubuf backed skbs are zero copied (rhbz 1079012 1079013) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080084 - CVE-2014-2580 kernel: xen: Linux netback crash trying to disable due to malformed packet https://bugzilla.redhat.com/show_bug.cgi?id=1080084 [ 2 ] Bug #1064440 - CVE-2014-0077 kernel: vhost-net: insufficiency in handling of big packets in handle_rx() https://bugzilla.redhat.com/show_bug.cgi?id=1064440 [ 3 ] Bug #1062577 - CVE-2014-0055 kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs() https://bugzilla.redhat.com/show_bug.cgi?id=1062577 [ 4 ] Bug #1079012 - CVE-2014-2568 kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied https://bugzilla.redhat.com/show_bug.cgi?id=1079012 -------------------------------------------------------------------------------- ================================================================================ lazarus-1.0.14-1.fc20 (FEDORA-2014-4610) Lazarus Component Library and IDE for Freepascal -------------------------------------------------------------------------------- Update Information: Updated to version 1.0.14 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Joost van der Sluis <joost@xxxxxxx> - 1.0.14-1 - Updated to version 1.0.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #988497 - lazarus-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=988497 -------------------------------------------------------------------------------- ================================================================================ less-458-7.fc20 (FEDORA-2014-4611) A text file browser similar to more, but better -------------------------------------------------------------------------------- Update Information: outdated ubin_table in charset.c; -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Jozef Mlich <jmlich@xxxxxxxxxx> - 458-7 - FIXES outdated ubin_table in charset.c; Kudos to Akira TAGOH Resolves: #1074489 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1074489 - outdated ubin_table in charset.c https://bugzilla.redhat.com/show_bug.cgi?id=1074489 -------------------------------------------------------------------------------- ================================================================================ libkkc-0.3.3-1.fc20 (FEDORA-2014-4659) Japanese Kana Kanji conversion library -------------------------------------------------------------------------------- Update Information: new upstream release, which includes: * rewrite keysym lookup logic in a similar way as libxkbcommon * ignore some keys including Caps_Lock in conversion state * add new command beginning-of-preedit / end-of-preedit assigned to Home/End -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Daiki Ueno <dueno@xxxxxxxxxx> - 0.3.3-1 - new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024421 - ibus-kkc has problems when capslock is hit after conversion has started https://bugzilla.redhat.com/show_bug.cgi?id=1024421 [ 2 ] Bug #1056912 - Home and End keys in preedit cause commit https://bugzilla.redhat.com/show_bug.cgi?id=1056912 -------------------------------------------------------------------------------- ================================================================================ libteam-1.10-1.fc20 (FEDORA-2014-4595) Library for controlling team network device -------------------------------------------------------------------------------- Update Information: Update to 1.10 - teamd: quit when our team device is removed from outside - libteam: ifinfo: watch for dellink messages and call change handlers for that - initscripts: make ifup/ifdown scripts usable by ifup/ifdown-eth scripts - teamdctl: unmess check_teamd_team_devname and fix double free there - man: correct type of "*_host" options - teamd_link_watch: specify "missed_max" option default value - bond2team: do not guess source_host option - teamd_link_watch: allow to send ARP probes if no source_host is specified - initscripts: do not try to re-add port if it is already there - teamdctl: add command for easy port presention checking - Fix potential small memory leak - usock: accept multiline message string parameters - libteamdctl: add notice for caller to do not modify or free certain strings - teamd: do not remove ports from team dev in case of take over mode - teamd: look for existing ports before adding new ones - libteam: introduce ream_refresh - teamd: fixed couple comments. - teamd: update hwaddr when changing team's macaddr - redhat: fix boolean types in example 2 - initscripts: fix port up before master and port down after master - lb: enable/disable port according to linkwatch state - fix comment typo in ifdown-Team scripts - man teamd.conf: Minor improvements to style and language - man teamdctl: Minor improvements to style and language -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Jiri Pirko <jpirko@xxxxxxxxxx> - 1.10-1 - Update to 1.10 - teamd: quit when our team device is removed from outside - libteam: ifinfo: watch for dellink messages and call change handlers for that - initscripts: make ifup/ifdown scripts usable by ifup/ifdown-eth scripts - teamdctl: unmess check_teamd_team_devname and fix double free there - man: correct type of "*_host" options - teamd_link_watch: specify "missed_max" option default value - bond2team: do not guess source_host option - teamd_link_watch: allow to send ARP probes if no source_host is specified - initscripts: do not try to re-add port if it is already there - teamdctl: add command for easy port presention checking - Fix potential small memory leak - usock: accept multiline message string parameters - libteamdctl: add notice for caller to do not modify or free certain strings - teamd: do not remove ports from team dev in case of take over mode - teamd: look for existing ports before adding new ones - libteam: introduce ream_refresh - teamd: fixed couple comments. - teamd: update hwaddr when changing team's macaddr - redhat: fix boolean types in example 2 - initscripts: fix port up before master and port down after master - lb: enable/disable port according to linkwatch state - fix comment typo in ifdown-Team scripts - man teamd.conf: Minor improvements to style and language - man teamdctl: Minor improvements to style and language * Thu Jan 23 2014 Jiri Pirko <jpirko@xxxxxxxxxx> - 1.9-2 - fix multilib -------------------------------------------------------------------------------- ================================================================================ libvpx-1.3.0-4.fc20 (FEDORA-2014-4683) VP8 Video Codec SDK -------------------------------------------------------------------------------- Update Information: Fix crashes on VP9 encoding on certain Intel cpus -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 20 2014 Wim Taymans <wtaymans@xxxxxxxxxx> - 1.3.0-4 - fix Illegal Instruction abort -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079468 - patch to fix crash in libvpx https://bugzilla.redhat.com/show_bug.cgi?id=1079468 -------------------------------------------------------------------------------- ================================================================================ logstalgia-1.0.5-1.fc20 (FEDORA-2014-4629) Web server access log visualizer -------------------------------------------------------------------------------- Update Information: * Performance improvements. * Multi-monitor support using SDL 2.0. (F20 not enabled, rawhide only) * SDL 1.2 support is deprecated. (F20 last version built with SDL1) * Can now specify the attribute to match the group regex (-g) against. * When using --sync, now catches back up after resuming from pause. * Added --pitch-speed option (control how fast balls travel). * Made default group matches case-insensitive. * Display tokens in multi-paddle modes. * Added window resizing and a full-screen toggle (alt-enter). * Take screenshots (F12). * Summarizer component content is now sorted. * IPv6 addresses now anonymized by default as well (last 64 bits). * New dependencies on libpng, GLEW. * Now requires GLM and Boost header-only libraries to build. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Christopher Meng <rpm@xxxxxxxx> - 1.0.5-1 - Update to 1.0.5 - Unbundle GNU Free Fonts to save package size by using fonts from gnu-free-fonts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082587 - logstalgia-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082587 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtlocation-5.2.1-2.fc20 (FEDORA-2014-4626) Qt5 for Windows - QtLocation component -------------------------------------------------------------------------------- Update Information: Make sure other Qt5 components are built against mingw-qt5-qtbase 5.2.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.2.1-2 - Make sure we're built against mingw-qt5-qtbase >= 5.2.1 (RHBZ 1077213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077213 - runtime errors due to package being built with wrong includes https://bugzilla.redhat.com/show_bug.cgi?id=1077213 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtmultimedia-5.2.1-2.fc20 (FEDORA-2014-4626) Qt5 for Windows - QtMultimedia component -------------------------------------------------------------------------------- Update Information: Make sure other Qt5 components are built against mingw-qt5-qtbase 5.2.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.2.1-2 - Make sure we're built against mingw-qt5-qtbase >= 5.2.1 (RHBZ 1077213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077213 - runtime errors due to package being built with wrong includes https://bugzilla.redhat.com/show_bug.cgi?id=1077213 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtquick1-5.2.1-2.fc20 (FEDORA-2014-4626) Qt5 for Windows - QtQuick1 component -------------------------------------------------------------------------------- Update Information: Make sure other Qt5 components are built against mingw-qt5-qtbase 5.2.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.2.1-2 - Make sure we're built against mingw-qt5-qtbase >= 5.2.1 (RHBZ 1077213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077213 - runtime errors due to package being built with wrong includes https://bugzilla.redhat.com/show_bug.cgi?id=1077213 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtscript-5.2.1-2.fc20 (FEDORA-2014-4626) Qt5 for Windows - QtScript component -------------------------------------------------------------------------------- Update Information: Make sure other Qt5 components are built against mingw-qt5-qtbase 5.2.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.2.1-2 - Make sure we're built against mingw-qt5-qtbase >= 5.2.1 (RHBZ 1077213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077213 - runtime errors due to package being built with wrong includes https://bugzilla.redhat.com/show_bug.cgi?id=1077213 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtsensors-5.2.1-2.fc20 (FEDORA-2014-4626) Qt5 for Windows - QtSensors component -------------------------------------------------------------------------------- Update Information: Make sure other Qt5 components are built against mingw-qt5-qtbase 5.2.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.2.1-2 - Make sure we're built against mingw-qt5-qtbase >= 5.2.1 (RHBZ 1077213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077213 - runtime errors due to package being built with wrong includes https://bugzilla.redhat.com/show_bug.cgi?id=1077213 -------------------------------------------------------------------------------- ================================================================================ mock-1.1.38-1.fc20 (FEDORA-2014-4667) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: Reverted change which broke fedora-review in 1.1.37 Fix incorrect requires for el6 bugfixes, internal cleanups, add aarch64, remove f18 configs bugfixes and config changes Fixed %%post scriptlet to properly set default.cfg symlink various bugfixes Removed f17 configs and added f20 configs Fix incorrect requires for el6 bugfixes, internal cleanups, add aarch64, remove f18 configs bugfixes and config changes Fixed %%post scriptlet to properly set default.cfg symlink various bugfixes Removed f17 configs and added f20 configs Fix incorrect requires for el6 bugfixes, internal cleanups, add aarch64, remove f18 configs bugfixes and config changes Fixed %%post scriptlet to properly set default.cfg symlink various bugfixes Removed f17 configs and added f20 configs -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Clark Williams <williams@xxxxxxxxxx> - 1.1.38-1 - revert commit 34d0b1d815e4 for quoting (breaks fedora-review) * Thu Mar 27 2014 Clark Williams <williams@xxxxxxxxxx> - 1.1.37-2 - fix el6 requires for yum-utils * Mon Mar 24 2014 Clark Williams <williams@xxxxxxxxxx> - 1.1.37-1 - fix thinko in test script for running configs - plugins: turn off package_state plugin by default - fix automake to use 'xz' compression - additional commits needed by scm commit - elevate privs when accessing the chroot rpmdb [BZ# 1051474] - quote --shell args like a shell [BZ# 966144] - from Tuomo Soini <tis@xxxxxxxxx> - Fix for race in directory creation [BZ# 1052045] - from Peter Jönsson <peter.jonsson@xxxxxxxxxx> - Add support for creating tarballs with scm data still inside - from Tomas Kopecek <tkopecek@xxxxxxxxxx> - internal_dev_setup option used consistently - from Dennis Gilmore <dennis@xxxxxxxx> - add rawhide aarch64 config - remove sparc rawhide configs, she be dead - from Ville Skyttä <ville.skytta@xxxxxx> - Use $(mocketcdir) in install-data-hook instead of duplicating its value - Use xz tarball to save a bit of space - Clean up unused imports - Install bash completion to proper dir with bash-completion 2 - Remove Fedora 18 configs - Use install @foo instead of groupinstall foo in chroot_setup_cmd - from Rodrigo Dias Cruz <rodrigodc+redhatbugzilla@xxxxxxxxx> - fix scm problem with specfiles using rpm macros [BZ# 1056271] - from Tomas Kopecek <tkopecek@xxxxxxxxxx> - avoid undefined variable error in try/finally block [BZ# 1063275] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1051474 - mock rpm db created in mode 600 https://bugzilla.redhat.com/show_bug.cgi?id=1051474 [ 2 ] Bug #966144 - mock: --shell argument not properly quoted internally https://bugzilla.redhat.com/show_bug.cgi?id=966144 [ 3 ] Bug #1052045 - race condition in util.py when creating directories https://bugzilla.redhat.com/show_bug.cgi?id=1052045 [ 4 ] Bug #1056271 - Spec files that depend on macros cannot be built from SCM https://bugzilla.redhat.com/show_bug.cgi?id=1056271 [ 5 ] Bug #1063275 - Undeclared variable causing traceback https://bugzilla.redhat.com/show_bug.cgi?id=1063275 [ 6 ] Bug #1029352 - windows 2008 R2 guest BSOD with '-no-kvm' https://bugzilla.redhat.com/show_bug.cgi?id=1029352 [ 7 ] Bug #985681 - repoquery writes /var/run/yum.pid, only one can run at a time https://bugzilla.redhat.com/show_bug.cgi?id=985681 [ 8 ] Bug #1034805 - [PATCH] Do not pass $ to repo id in mockchain https://bugzilla.redhat.com/show_bug.cgi?id=1034805 [ 9 ] Bug #926154 - mock: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=926154 [ 10 ] Bug #1002142 - mock --copyout breaks cleanup of the selinux plug-in https://bugzilla.redhat.com/show_bug.cgi?id=1002142 [ 11 ] Bug #974499 - can't init mock behind a proxy https://bugzilla.redhat.com/show_bug.cgi?id=974499 [ 12 ] Bug #1056039 - [PATCH] $releasever in Repos field is not expanded https://bugzilla.redhat.com/show_bug.cgi?id=1056039 [ 13 ] Bug #916685 - mock ... foo.src.rpm fails if foo.src.rpm is on nfs filesytem https://bugzilla.redhat.com/show_bug.cgi?id=916685 [ 14 ] Bug #858822 - Mock's default configuration is not updated, becomes outdated over time https://bugzilla.redhat.com/show_bug.cgi?id=858822 [ 15 ] Bug #949616 - Suggested patches to mock 1.1.30 to build and work on EL5 https://bugzilla.redhat.com/show_bug.cgi?id=949616 [ 16 ] Bug #955478 - Unresolved dependencies silently ignored https://bugzilla.redhat.com/show_bug.cgi?id=955478 [ 17 ] Bug #953519 - After changing config_opts['chrootgid'], the process still runs with mock group privileges https://bugzilla.redhat.com/show_bug.cgi?id=953519 [ 18 ] Bug #1015790 - Add --nocheck to mock https://bugzilla.redhat.com/show_bug.cgi?id=1015790 [ 19 ] Bug #973617 - [abrt] mock-1.1.32-1.fc19: backend.py:540:_nuke_rpm_db:OSError: [Errno 13] Permission denied: '/var/lib/mock/fedora-rawhide-x86_64/root/var/lib/rpm/__db.001' https://bugzilla.redhat.com/show_bug.cgi?id=973617 [ 20 ] Bug #972868 - [abrt] mock-1.1.32-1.fc18: shutil.py:252:rmtree:OSError: [Errno 16] Device or resource busy: '/var/lib/mock/epel-6-x86_64/root/dev/shm' https://bugzilla.redhat.com/show_bug.cgi?id=972868 [ 21 ] Bug #483486 - Can't build 'nosrc' srpms using mock (--no-clean does not work) https://bugzilla.redhat.com/show_bug.cgi?id=483486 [ 22 ] Bug #921221 - Activation of package_state in 1.1.29 breaks setups with http proxy servers https://bugzilla.redhat.com/show_bug.cgi?id=921221 [ 23 ] Bug #1018359 - [PATCH] Pass values of --plugin-option through literal_eval https://bugzilla.redhat.com/show_bug.cgi?id=1018359 [ 24 ] Bug #885405 - mock hangs when rpm %check fails (reproducer) https://bugzilla.redhat.com/show_bug.cgi?id=885405 [ 25 ] Bug #962573 - mockchain fails on complicated config files https://bugzilla.redhat.com/show_bug.cgi?id=962573 [ 26 ] Bug #894305 - directory /var/lock/rpm unowned https://bugzilla.redhat.com/show_bug.cgi?id=894305 [ 27 ] Bug #1063283 - internal_dev_setup option is not used in all places https://bugzilla.redhat.com/show_bug.cgi?id=1063283 -------------------------------------------------------------------------------- ================================================================================ mod_security-2.7.5-3.fc20 (FEDORA-2014-4633) Security module for the Apache HTTP Server -------------------------------------------------------------------------------- Update Information: Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 2.7.5-3 - Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082904 - CVE-2013-5705 mod_security: bypass of intended rules via chunked requests https://bugzilla.redhat.com/show_bug.cgi?id=1082904 -------------------------------------------------------------------------------- ================================================================================ monitorix-3.5.0-1.fc20 (FEDORA-2014-4639) A free, open source, lightweight system monitoring tool -------------------------------------------------------------------------------- Update Information: This new version introduces a lot of changes, lots of new features and of course, lots of bugs have been fixed. There are two new graphs; one to monitor an unlimited number of APC UPS devices (using the apcupsd daemon), and the other to monitor the details of the current network connections (IPv4 and IPv6) including protocol-specific statistics using the netstat command. The rest of changes and bugs fixed are, as always, reflected in the Changes file. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Jordi Sanfeliu <jordi@xxxxxxxxxxxx> - 3.5.0-1 - Updated to 3.5.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080845 - monitorix-3.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1080845 -------------------------------------------------------------------------------- ================================================================================ nsd-3.2.17-1.fc20 (FEDORA-2014-4641) Fast and lean authoritative DNS Name Server -------------------------------------------------------------------------------- Update Information: Updated to 3.2.17, support upto 1024 IP addresses -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.17-1 - Updated to 3.2.17 - Added --with-max-ips=1024 - Removed merged in patch * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2.15-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Apr 18 2013 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.15-4 - Enable hardened build - rhbz#850231 - Introduce new systemd-rpm macros in nsd spec file - Added -D option to nsd to allow us to use systemd service Type=simple - Switch from Fork to Simple systemd service - Use /run and not /var/run for pid - The cronjon now uses systemctl reload, which also triggers notifies (should speed up notifications to secondaries) -------------------------------------------------------------------------------- ================================================================================ opendnssec-1.4.4-3.fc20 (FEDORA-2014-4608) DNSSEC key and zone management software -------------------------------------------------------------------------------- Update Information: Add buildrequires for ods-kaps2html (rhbz#1073313), bump ZSK to 2048bits -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.4.4-3 - Add buildrequires for ods-kaps2html (rhbz#1073313) * Sat Mar 29 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.4.4-2 - Add requires for ods-kasp2html (rhbz#1073313) * Thu Mar 27 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.4.4-1 - Updated to 1.4.4 (compatibility with non RFC 5155 errata 3441) - Change the default ZSK policy from 1024 to 2048 bit RSA keys - Fix post to be quiet when upgrading opendnssec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073313 - libxslt is missing in Requires and BuildRequires https://bugzilla.redhat.com/show_bug.cgi?id=1073313 -------------------------------------------------------------------------------- ================================================================================ ovirt-guest-agent-1.0.9-3.fc20 (FEDORA-2014-4632) The oVirt Guest Agent -------------------------------------------------------------------------------- Update Information: This is an update that fixes problems with Single Sign On on oVirt with fedora 20+ Additional it provides an update to use logind for session locking -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Vinzenz Feenstra <evilissimo@xxxxxxxxxx> - 1.0.9-3 - The ovirt-guest-agent-gdm-plugin is now noarch * Mon Mar 31 2014 Vinzenz Feenstra <evilissimo@xxxxxxxxxx> - 1.0.9-2 - Support for logind based session locking -------------------------------------------------------------------------------- ================================================================================ perl-IPC-Run3-0.048-1.fc20 (FEDORA-2014-4591) Run a subprocess in batch mode -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.048-1 - Upstream update. - Add RELEASE_TESTING=1 to work around upstream trying to discourage us from running pod-tests. -------------------------------------------------------------------------------- ================================================================================ perl-MooseX-Types-Path-Tiny-0.010-2.fc20 (FEDORA-2014-4616) Path::Tiny types and coercions for Moose -------------------------------------------------------------------------------- Update Information: This is the first Fedora release of perl-MooseX-Types-Path-Tiny. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1081966 - Review Request: perl-MooseX-Types-Path-Tiny - Path::Tiny types and coercions for Moose https://bugzilla.redhat.com/show_bug.cgi?id=1081966 -------------------------------------------------------------------------------- ================================================================================ perl-Type-Tiny-0.040-1.fc20 (FEDORA-2014-4607) Tiny, yet Moo(se)-compatible type constraint -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079617 - Review Request: perl-Type-Tiny - Tiny, yet Moo(se)-compatible type constraint https://bugzilla.redhat.com/show_bug.cgi?id=1079617 -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework-1.12.5-1.fc20 (FEDORA-2014-4651) Leading open-source PHP framework -------------------------------------------------------------------------------- Update Information: update to 1.12.5 fixes http://framework.zend.com/security/advisory/ZF2014-01 fixes http://framework.zend.com/security/advisory/ZF2014-02 removed: InfoCards, Services/Nirvanix -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 27 2014 Felix Kaechele <felix@xxxxxxxxxx> - 1.12.5-1 - update to 1.12.5 - fixes http://framework.zend.com/security/advisory/ZF2014-01 - fixes http://framework.zend.com/security/advisory/ZF2014-02 - removed: InfoCards, Services/Nirvanix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1081287 - CVE-2014-2681 CVE-2014-2682 CVE-2014-2683 php-ZendFramework: XML eXternal Entity (XXE) and XML Entity Expansion (XEE) flaws fixed in 1.12.4, 2.1.6, and 2.2.6 (ZF2014-01) https://bugzilla.redhat.com/show_bug.cgi?id=1081287 [ 2 ] Bug #1081288 - CVE-2014-2684 CVE-2014-2685 php-ZendFramework: OpenID identity provider could be used to spoof other identity providers (ZF2014-02) https://bugzilla.redhat.com/show_bug.cgi?id=1081288 -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework2-2.2.6-1.fc20 (FEDORA-2014-4612) Zend Framework 2 -------------------------------------------------------------------------------- Update Information: Upstream release notes: https://github.com/zendframework/zf2/releases/tag/release-2.2.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 2.2.6-1 - Updated to 2.2.6 for CVE-2014-2681 CVE-2014-2682 CVE-2014-2683 CVE-2014-2684 CVE-2014-2685 - new package ZendXml - fix for unversioned doc directory -------------------------------------------------------------------------------- References: [ 1 ] Bug #1081287 - CVE-2014-2681 CVE-2014-2682 CVE-2014-2683 php-ZendFramework: XML eXternal Entity (XXE) and XML Entity Expansion (XEE) flaws fixed in 1.12.4, 2.1.6, and 2.2.6 (ZF2014-01) https://bugzilla.redhat.com/show_bug.cgi?id=1081287 [ 2 ] Bug #1081288 - CVE-2014-2684 CVE-2014-2685 php-ZendFramework: OpenID identity provider could be used to spoof other identity providers (ZF2014-02) https://bugzilla.redhat.com/show_bug.cgi?id=1081288 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Db-2.1.1-1.fc20 (FEDORA-2014-4596) Horde Database Libraries -------------------------------------------------------------------------------- Update Information: Horde_Db 2.1.1: * [mms] Fix regression preventing caching of any internal DB information. * [mms] SECURITY: Dont leak PDO DSN authentication/connection information in exception messages. * [jan] Fix columnCount() result of PDO result objects. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.1.1-1 - Update to 2.1.1 -------------------------------------------------------------------------------- ================================================================================ php-pear-Net-IMAP-1.1.3-1.fc20 (FEDORA-2014-4674) Provides an implementation of the IMAP protocol -------------------------------------------------------------------------------- Update Information: Upstream Changelog: QA release * Bug #17482 Please, consider updating license to PHP 3.01 (doconnor) * Bug #19730 Malformed or incomplete distributed tar.gz file (doconnor) * Bug #19875 Please provide LICENSE file (doconnor) * Bug #19876 Bad role (doconnor) * Bug #19946 Login fails when using password with double quotes (doconnor) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.3-1 - Update to 1.1.3 -------------------------------------------------------------------------------- ================================================================================ php-pear-XML-RPC2-1.1.2-1.fc20 (FEDORA-2014-4672) XML-RPC client/server library -------------------------------------------------------------------------------- Update Information: Upstream changelog: QA release: * Bug #19587 PHP backend fails when encoding type is set to UTF-8 instead of utf-8 * Doc Bug #19357 package.xml points to nonexistent URL|license PHP 3.02 * Bug #19036 remove error_reporting (for PEAR QA team) * Bug #18925 Test fails with latest HTTP_Request2 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.1.2-1 - Version 1.1.2 (stable) -------------------------------------------------------------------------------- ================================================================================ php-phpunit-DbUnit-1.3.1-1.fc20 (FEDORA-2014-4598) DbUnit port for PHP/PHPUnit -------------------------------------------------------------------------------- Update Information: Upstream changelog for version 1.3.1: * #76 #110 CompositeDataSet now behaves in a way consistent with its documentation when handling several data sets with the same table (jeunito) * #113 phpunit#1182 Multiple corrections have been made to the BankAccountDB sample code (dragonbe, elazar) * #117 Firebird support is now included in the PEAR package distribution (matheusd) * #118 Copyright years were bumped to 2014 (dmelo) * #125 Database connections using Dblib are now supported (exptom) * #122 XmlDataSet now emits an informative error message in the event of table and row column mismatches (Sicaine) * #114 Changes from 1.3.0 to address type checking of column values in matches() from AbstractTable and ReplacementTable (see #28 and #61) were modified to perform loose type checking on numeric values and to typecast SimpleXMLElement values to strings before performing comparisons (paulyg) * #112 TableFilter now overrides assertContainsRow() to invoke loadData() before calling the parent implementation (jodysimpson) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.1-1 - Update to 1.3.1 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHP-CodeCoverage-1.2.17-1.fc20 (FEDORA-2014-4637) PHP code coverage information -------------------------------------------------------------------------------- Update Information: Minor fix (no upstream changelog) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2.17-1 - Update to 1.2.17 -------------------------------------------------------------------------------- ================================================================================ pitivi-0.93-2.fc20 (FEDORA-2014-4222) Non-linear video editor -------------------------------------------------------------------------------- Update Information: Latest version of GES and pitivi. http://lists.freedesktop.org/archives/gstreamer-devel/2014-March/046902.html http://ftp.gnome.org/pub/GNOME/sources/pitivi/0.93/pitivi-0.93.news Fixed gnonlin requires. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 0.93-2 - Updated gnonlin Requires to reflect reality. * Fri Mar 21 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 0.93-1 - New upstream to support latest GES. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077939 - gst-editing-services: version 1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1077939 -------------------------------------------------------------------------------- ================================================================================ pocl-0.9-3.fc20 (FEDORA-2014-4628) Portable Computing Language - an OpenCL implementation -------------------------------------------------------------------------------- Update Information: Add a runtime depdendency on glibc to be able to build kernels. This update delivers the latest stable pocl release, including bug fixes and performance optimizations. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. This update delivers the latest stable pocl release, including bug fixes and performance optimizations. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. Update to the second release candidate of pocl-0.9 with many fixes for real-world applications. Fix a dependency problem and update to the latest development version. Fix a dependency problem and update to the latest development version. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-3 - Add glibc-devel requirement * Fri Jan 31 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.9-2 - rebuild (llvm 3.4 again) * Wed Jan 29 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-1 - Update to 0.9 * Fri Jan 17 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.9.rc2 - Update to 0.9RC2 * Wed Jan 15 2014 Dave Airlie <airlied@xxxxxxxxxx> 0.9-0.8.git20131209.9374f32 - bump for rebuild against llvm 3.4 * Mon Dec 9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.7.git20131209.9374f32 - Enable LLVM API mode * Mon Dec 9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.6.git20131209.7fc5dd0 - Update to a working snapshot - Drop utlist.h from Makefile - Set LLC_HOST_CPU to workaround incorrect CPU detection/missing LLVM support * Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.5.git20131111.8a26561 - Fix Requirement * Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.4.git20131111.8a26561 - Add BR on gcc-c++ temporarily - Update to a newer snapshot -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082364 - Require glibc-devel https://bugzilla.redhat.com/show_bug.cgi?id=1082364 -------------------------------------------------------------------------------- ================================================================================ python-argcomplete-0.7.1-1.fc20 (FEDORA-2014-4670) Bash tab completion for argparse -------------------------------------------------------------------------------- Update Information: Updating package to 0.7.1 Updating package to 0.7.0 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 - Dale Macartney <dbmacartney@xxxxxxxxxxxxxxxxx> 0.7.1-1 - Updating package to 0.7.1 * Mon Mar 24 2014 - Dale Macartney <dbmacartney@xxxxxxxxxxxxxxxxx> 0.7.0-1 - Updating package to 0.7.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082313 - python-argcomplete-0.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082313 [ 2 ] Bug #1055302 - python-argcomplete-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1055302 -------------------------------------------------------------------------------- ================================================================================ python-astroid-1.0.1-3.fc20 (FEDORA-2014-4617) Python Abstract Syntax Tree New Generation -------------------------------------------------------------------------------- Update Information: * Fix some gobject introspection false positives (bz #1079643) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Cole Robinson <crobinso@xxxxxxxxxx> - 1.0.1-3 - Fix some gobject introspection false positives (bz #1079643) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079643 - pygi function introspection is broken (patch upstream) https://bugzilla.redhat.com/show_bug.cgi?id=1079643 -------------------------------------------------------------------------------- ================================================================================ python-fedbadges-0.4.2-1.fc20 (FEDORA-2014-4655) fedmsg consumer for awarding open badges -------------------------------------------------------------------------------- Update Information: Handle cases where recipient_key is None. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4.2-1 - Bugfix release. -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-genacls-0.2-1.fc20 (FEDORA-2014-4644) A fedmsg consumer that sets gitosis acls in response to pkgdb messages -------------------------------------------------------------------------------- Update Information: Fix mis-use of subprocess.Popen. New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080094 - Review Request: python-fedmsg-genacls - A fedmsg consumer that sets gitosis acls in response to pkgdb messages https://bugzilla.redhat.com/show_bug.cgi?id=1080094 -------------------------------------------------------------------------------- ================================================================================ python-ironicclient-0.1.2-5.fc20 (FEDORA-2014-4688) Python client for Ironic -------------------------------------------------------------------------------- Update Information: This is a new package: Client tools for Openstack Ironic -------------------------------------------------------------------------------- ================================================================================ python-lazy-1.1-2.fc20 (FEDORA-2014-4661) Lazy attributes for Python objects -------------------------------------------------------------------------------- Update Information: Added a macro to handle the %_pkgdocdir change between F19 and F20 Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079484 - Review Request: python-lazy - Lazy attributes for python objects https://bugzilla.redhat.com/show_bug.cgi?id=1079484 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.1.5-4.fc20 (FEDORA-2014-4663) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: Use ephemeral port (32768 and up instead of 10000+) (RHBZ#998682) so that the server can start when SELinux is enabled and enforcing. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Richard W.M. Jones <rjones@xxxxxxxxxx> - 3.1.5-4 - Use ephemeral port (32768 and up instead of 10000+) (RHBZ#998682). * Thu Mar 27 2014 Lubomir Rintel <lkundrak@xxxxx> - 3.1.5-3 - Do not clobber a file outside the build hierarchy * Tue Aug 27 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 3.1.5-2 - Fix permissoon for *.service file (rhbz #1001472) -------------------------------------------------------------------------------- References: [ 1 ] Bug #998682 - SELinux denial when starting rabbitmq-server service https://bugzilla.redhat.com/show_bug.cgi?id=998682 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-149.fc20 (FEDORA-2014-4604) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Allow xauth_t to read user_home_dir_t lnk_file Add labeling for lightdm-data Allow certmonger to manage ipa lib files Add support for /var/lib/ipa Allow pegasus to getattr virt_content Added some new rules to pcp policy Fix abrt_manage_spool_retrace() Allow chrome_sandbox to execute config_home_t Add support for ABRT FAF -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-149 - Allow xauth_t to read user_home_dir_t lnk_file - Add labeling for lightdm-data - Allow certmonger to manage ipa lib files - Add support for /var/lib/ipa - Allow pegasus to getattr virt_content - Added some new rules to pcp policy - Fix abrt_manage_spool_retrace() - Allow chrome_sandbox to execute config_home_t - Add support for ABRT FAF * Fri Mar 28 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-148 - Allow kdm to send signull to remote_login_t process - Add gear policy - Turn on gear_port_t - Allow cgit to read gitosis lib files by default - Allow vdagent to read xdm state - Allow NM and fcoeadm to talk together over unix_dgram_socket * Thu Mar 27 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-147 - back port fixes for pegasus_openlmi_admin_t from rawhide - Add labels for ostree - Add SELinux awareness for NM - Label /usr/sbin/pwhistory_helper as updpwd_exec_t * Wed Mar 26 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-146 - add gnome_append_home_config() - Allow thumb to append GNOME config home files - Allow rasdaemon to rw /dev/cpu//msr - fix /var/log/pki file spec - make bacula_t as auth_nsswitch domain - Identify pki_tomcat_cert_t as a cert_type - Define speech-dispater_exec_t as an application executable - Add a new file context for /var/named/chroot/run directory - update storage_filetrans_all_named_dev for sg* devices - Allow auditctl_t to getattr on all removeable devices - Allow nsswitch_domains to stream connect to nmbd - Allow unprivusers to connect to memcached - label /var/lib/dirsrv/scripts-INSTANCE as bin_t * Mon Mar 24 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-145 - Allow also unpriv user to run vmtools - Allow secadm to read /dev/urandom and meminfo - Add booleans to allow docker processes to use nfs and samba - Add mdadm_tmpfs support - Dontaudit net_amdin for /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.51-2.4.5.1.el7.x86_64/jre-abrt/bin/java running as pki_tomcat_t - Allow vmware-user-sui to use user ttys - Allow talk 2 users logged via console too - Allow ftp services to manage xferlog_t - Make all pcp domanis as unconfined for F20 beucause of new policies - allow anaconda to dbus chat with systemd-localed * Fri Mar 21 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-144 - allow anaconda to dbus chat with systemd-localed - Add fixes for haproxy based on bperkins@xxxxxxxxxx - Allow cmirrord to make dmsetup working - Allow NM to execute arping - Allow users to send messages through talk - Add userdom_tmp_role for secadm_t * Thu Mar 20 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-143 - Add additional fixes for rtas_errd - Fix transitions for tmp/tmpfs in rtas.te - Allow rtas_errd to readl all sysctls * Wed Mar 19 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-142 - Add support for /var/spool/rhsm/debug - Make virt_sandbox_use_audit as True by default - Allow svirt_sandbox_domains to ptrace themselves * Wed Mar 19 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-141 - Allow docker containers to manage /var/lib/docker content * Mon Mar 17 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-140 - Allow docker to read tmpfs_t symlinks - Allow sandbox svirt_lxc_net_t to talk to syslog and to sssd over stream sockets * Mon Mar 17 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-139 - Allow collectd to talk to libvirt - Allow chrome_sandbox to use leaked unix_stream_sockets - Dontaudit leaks of sockets into chrome_sandbox_t - If you create a cups directory in /var/cache then it should be labeled cups_rw_etc_t - Run vmtools as unconfined domains - Allow snort to manage its log files - Allow systemd_cronjob_t to be entered via bin_t - Allow procman to list doveconf_etc_t - allow keyring daemon to create content in tmpfs directories - Add proper labelling for icedtea-web - vpnc is creating content in networkmanager var run directory - Label sddm as xdm_exec_t to make KDE working again - Allow postgresql to read network state - Allow java running as pki_tomcat to read network sysctls - Fix cgroup.te to allow cgred to read cgconfig_etc_t - Allow beam.smp to use ephemeral ports - Allow winbind to use the nis to authenticate passwords * Fri Mar 14 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-138 - Make rtas_errd_t as unconfined domain for F20.It needs additional fixes. It runs rpm at least. - Allow net_admin cap for fence_virtd running as fenced_t - Make abrt-java-connector working - Make cimtest script 03_defineVS.py of ComputerSystem group working - Fix git_system_enable_homedirs boolean - Allow munin mail plugins to read network systcl * Thu Mar 13 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-137 - Allow vmtools_helper_t to execute bin_t - Add support for /usr/share/joomla - /var/lib/containers should be labeled as openshift content for now - Allow docker domains to talk to the login programs, to allow a process to login into the container - Allow install_t do dbus chat with NM - Fix interface names in anaconda.if - Add install_t for anaconda. A new type is a part of anaconda policy - sshd to read network sysctls * Wed Mar 12 2014 Miroslav Grepl<mgrepl@xxxxxxxxxx> 3.12.1-136 - Allow zabbix to send system log msgs - Allow init_t to stream connect to ipsec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1046963 - SELinux is preventing /usr/bin/mount from 'write' accesses on the file utab. https://bugzilla.redhat.com/show_bug.cgi?id=1046963 [ 2 ] Bug #1071252 - SELinux is preventing /usr/bin/atop from 'create' accesses on the rawip_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1071252 [ 3 ] Bug #1071505 - SELinux is preventing /usr/sbin/collectd from 'write' accesses on the sock_file libvirt-sock-ro. https://bugzilla.redhat.com/show_bug.cgi?id=1071505 [ 4 ] Bug #1074693 - SELinux is preventing /opt/google/chrome/chrome from 'getattr' accesses on the udp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1074693 [ 5 ] Bug #1075606 - SELinux is preventing /usr/sbin/fence_virtd from using the 'net_admin' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1075606 [ 6 ] Bug #1075912 - SELinux is preventing /usr/bin/vmware-user-suid-wrapper from 'execute' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1075912 [ 7 ] Bug #1075945 - SELinux is preventing /usr/bin/vmware-user-suid-wrapper from 'execute_no_trans' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1075945 [ 8 ] Bug #1076128 - SELinux is preventing /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/java from 'write' accesses on the sock_file . https://bugzilla.redhat.com/show_bug.cgi?id=1076128 [ 9 ] Bug #1076132 - SELinux is preventing /usr/libexec/git-core/git-upload-pack from 'read' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1076132 [ 10 ] Bug #1076143 - SELinux is preventing /usr/bin/sddm-greeter from 'write' accesses on the sock_file . https://bugzilla.redhat.com/show_bug.cgi?id=1076143 [ 11 ] Bug #1076355 - SELinux is preventing /usr/sbin/postconf from create access on the udp_socket https://bugzilla.redhat.com/show_bug.cgi?id=1076355 [ 12 ] Bug #1076847 - selinux prevents pure-ftpd from writing to xferlog /var/log/pureftpd.log https://bugzilla.redhat.com/show_bug.cgi?id=1076847 [ 13 ] Bug #1077003 - SELinux is preventing /usr/sbin/sm-notify from 'write' accesses on the sock_file unexpected. https://bugzilla.redhat.com/show_bug.cgi?id=1077003 [ 14 ] Bug #1077007 - SELinux is preventing /usr/bin/mandb from 'read' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1077007 [ 15 ] Bug #10776 - [RFE] make RPM deal with .[arch].rpm in packagename https://bugzilla.redhat.com/show_bug.cgi?id=10776 [ 16 ] Bug #1036338 - Selinux does not allow CouchDB to listen for SSL connections on port 6984 https://bugzilla.redhat.com/show_bug.cgi?id=1036338 [ 17 ] Bug #1057898 - Update 3.12.1-119 breaks snapperd https://bugzilla.redhat.com/show_bug.cgi?id=1057898 [ 18 ] Bug #1081033 - cgit/gitosis blocked by selinux, add git_cgit_read_gitosis_content boolean https://bugzilla.redhat.com/show_bug.cgi?id=1081033 -------------------------------------------------------------------------------- ================================================================================ shigofumi-0.5-1.fc20 (FEDORA-2014-4590) Command line client for accessing the Czech Data Boxes -------------------------------------------------------------------------------- Update Information: This release fixes retrieving message list, printing an address. This release makes configuration file parsing stricter. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 0.5-1 - 0.5 bump -------------------------------------------------------------------------------- ================================================================================ units-2.02-3.fc20 (FEDORA-2014-4619) A utility for converting amounts from one unit to another -------------------------------------------------------------------------------- Update Information: - backport utf-8 support for the units_cur script from rawhide (#1082335) -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Kamil Dudka <kdudka@xxxxxxxxxx> - 2.02-3 - backport utf-8 support for the units_cur script from rawhide (#1082335) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082335 - units_cur fails https://bugzilla.redhat.com/show_bug.cgi?id=1082335 -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-7.fc20 (FEDORA-2014-4625) JavaScript Engine -------------------------------------------------------------------------------- Update Information: Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1704 to the following vulnerability: URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704 Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Only one vulnerability in this CVE affects v8-3.14.5.10 in Fedora. This update fixes the vulnerability involving unsigned integer arithmetic. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:3.14.5.10-7 - backport fix for unsigned integer arithmetic (RHBZ#1077136; CVE-2014-1704) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077136 - CVE-2014-1704 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 33.0.1750.149 https://bugzilla.redhat.com/show_bug.cgi?id=1077136 -------------------------------------------------------------------------------- ================================================================================ vertica-python-0.2.0-4.fc20 (FEDORA-2014-4609) A native Python adapter for the Vertica database -------------------------------------------------------------------------------- Update Information: A native Python adapter for the Vertica database -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080669 - Review Request: vertica-python - A native Python adapter for the Vertica database https://bugzilla.redhat.com/show_bug.cgi?id=1080669 -------------------------------------------------------------------------------- ================================================================================ w_scan-20140118-1.fc20 (FEDORA-2014-4620) Tool for scanning DVB transponders -------------------------------------------------------------------------------- Update Information: Update to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 20140118-1 - update to 20140118 -------------------------------------------------------------------------------- ================================================================================ web-assets-5-1.fc20 (FEDORA-2014-4685) A simple framework for bits pushed to browsers -------------------------------------------------------------------------------- Update Information: This update enables sharing of web assets only from Aliases defined by other applications. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 5-1 - switch to dot-prefixed Aliases - order Aliases for compatibility with older Apache releases - enable webfonts - enable symlinks in %{_webassetdir} and %{_jsdir} - re-enable httpd subpackage -------------------------------------------------------------------------------- ================================================================================ x2godesktopsharing-3.1.1.1-1.fc20 (FEDORA-2014-4657) Share X11 desktops with other users via X2Go -------------------------------------------------------------------------------- Update Information: Update to 3.1.1.1 (fixes bug #1065575): - Update man pages (Fixes: #281). - Use x2gopath in scripts rather than deprecated x2gobasepath. (Fixes: #427). - Different Linux distros have pidof installed in different locations. If pidof is not available, we brutally kill all instances of x2godesktopsharing when a session suspends. (Fixes: #426). -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 31 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.1.1.1-1 - Update to 3.1.1.1 (fixes bug #1065575) -------------------------------------------------------------------------------- ================================================================================ xdg-utils-1.1.0-0.21.rc2.fc20 (FEDORA-2014-4638) Basic desktop integration functions -------------------------------------------------------------------------------- Update Information: Refresh to latest 1.1.0-rc2 release, includes more incremental fixes, mostly for generic environment support. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 30 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.1.0-0.21.rc2 - .spec housecleaning (remove deprecated stuff) - pull in latest upstream fixes, including... - xdg-open does not substitute all field codes in Exec key (#1056431, fdo#49204) * Fri Feb 7 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.20.rc2 - 1.1.0-rc2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056431 - xdg-open does not substitute all field codes in Exec key https://bugzilla.redhat.com/show_bug.cgi?id=1056431 -------------------------------------------------------------------------------- ================================================================================ xmoto-0.5.11-1.fc20 (FEDORA-2014-4512) Challenging 2D Motocross Platform Game -------------------------------------------------------------------------------- Update Information: Latest upstream, works with lua 5.2. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Jon Ciesla <limburgher@xxxxxxxxx> 0.5.11-1 - 0.5.11, BZ1082323, moves back to lua 5.2. * Fri Mar 28 2014 Jon Ciesla <limburgher@xxxxxxxxx> 0.5.10-9 - Move back to 5.1 to fix level problems, BZ 1071558. - Fix changelog date. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1071558 - Lua 5.2 breaks some xmoto levels https://bugzilla.redhat.com/show_bug.cgi?id=1071558 [ 2 ] Bug #1082323 - xmoto-0.5.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082323 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.6.1-2.fc20 (FEDORA-2014-4602) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.6.1-2 - try a bump to official 0.6.1 - provide format for syslog() call - fix memset() call - fix implicit declarations -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test