The following Fedora 20 Security updates need testing: Age URL 107 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 53 https://admin.fedoraproject.org/updates/FEDORA-2014-2751/zabbix-2.0.11-2.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4691/a2ps-4.14-23.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2014-4769/ansible-1.5.4-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4903/openstack-keystone-2013.2.3-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4892/cacti-0.8.8b-5.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5018/smb4k-1.1.1-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5006/json-c-0.11-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5002/python-django-horizon-2013.2.3-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5015/elfutils-0.158-3.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4683/libvpx-1.3.0-4.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2014-4774/gnome-shell-3.10.4-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4995/mutter-3.10.4-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5015/elfutils-0.158-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5000/NetworkManager-0.9.9.0-35.git20131003.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5006/json-c-0.11-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4991/libwebp-0.3.1-3.fc20 The following builds have been pushed to Fedora 20 updates-testing NetworkManager-0.9.9.0-35.git20131003.fc20 ReviewBoard-1.7.24-1.fc20 armadillo-4.200.0-1.fc20 bind-dyndb-ldap-4.3-1.fc20 copr-cli-1.32-1.fc20 elfutils-0.158-3.fc20 homerun-1.2.3-1.fc20 ibus-table-1.5.0.20140409-1.fc20 jd-2.8.8-0.2.beta140329.fc20 json-c-0.11-6.fc20 lcgdm-1.8.8-4.fc20 libcdr-0.0.16-1.fc20 libsolv-0.6.0-0.git05baf54.fc20 libwebp-0.3.1-3.fc20 mirall-1.5.3-3.fc20 mutter-3.10.4-2.fc20 nss_wrapper-1.0.2-1.fc20 nwchem-6.3.2-9.fc20 oxygen-gtk2-1.4.5-1.fc20 oxygen-gtk3-1.3.5-1.fc20 perl-DBIx-Class-0.08250-3.fc20 perl-Starlet-0.21-2.fc20 php-pear-1.9.4-25.fc20 pynag-0.8.5-1.fc20 python-django-horizon-2013.2.3-1.fc20 python-djblets-0.7.29-1.fc20 rpmrebuild-2.11-1.fc20 rubygem-cairo-1.12.9-1.fc20 rubygem-domain_name-0.5.18-2.fc20 rubygem-hikidoc-0.1.0-1.fc20 rubygem-mini_portile-0.5.3-1.fc20 rubygem-sequel-4.9.0-1.fc20 rubygem-unf-0.1.4-2.fc20 selinux-policy-3.12.1-153.fc20 smb4k-1.1.1-2.fc20 spacefm-0.9.4-1.fc20 supybot-fedora-0.2.14-3.fc20 watchdog-5.13-10.fc20 wfut-1.1.0-15.fc20 wine-1.7.16-2.fc20 wordpress-3.8.2-1.fc20 xorg-x11-drv-synaptics-1.7.4-6.fc20 yash-2.36-1.fc20 Details about builds: ================================================================================ NetworkManager-0.9.9.0-35.git20131003.fc20 (FEDORA-2014-5000) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: Backport several fixes from upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Jiří Klimeš <jklimes@xxxxxxxxxx> - 0.9.9.0-35.git20131003 - wifi: fix possible crash in Wi-Fi utils (rh #1086132) * Tue Apr 8 2014 Thomas Haller <thaller@xxxxxxxxxx> - 0.9.9.0-34.git20131003 - fix nm-online returning success wrongly (rh #1054364) - fix crash in NMSecretAgent dispose (rh #1061911) - fix adding addresses with extended address flags for older kernels (rh #1063885) - cli: show maximum bitrate in MBit/s (rh #1080474) - fix hanging pending action queued-state-lock (rh #1084556) - core: emit PropertyChanged signal for ActiveConnection when disconnecting -------------------------------------------------------------------------------- References: [ 1 ] Bug #1054364 - nm-online returns success with no network connectivity https://bugzilla.redhat.com/show_bug.cgi?id=1054364 [ 2 ] Bug #1061911 - [abrt] NetworkManager-0.9.9.0-20.git20131003.fc20: _g_log_abort: Process /usr/sbin/NetworkManager was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=1061911 [ 3 ] Bug #1063885 - NetworkManager does not assign an IP address after last F20 update https://bugzilla.redhat.com/show_bug.cgi?id=1063885 [ 4 ] Bug #1080474 - nmcli device wifi list shows wrong unit for rate column https://bugzilla.redhat.com/show_bug.cgi?id=1080474 [ 5 ] Bug #1084556 - Fix balancing of queued-state-lock pending action https://bugzilla.redhat.com/show_bug.cgi?id=1084556 -------------------------------------------------------------------------------- ================================================================================ ReviewBoard-1.7.24-1.fc20 (FEDORA-2014-5042) Web-based code review tool -------------------------------------------------------------------------------- Update Information: http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/ http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/ Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 1.7.24-1 - - New upstream bugfix release 1.7.24 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24 * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 1.7.23-1 - New upstream bugfix release 1.7.23 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23 -------------------------------------------------------------------------------- ================================================================================ armadillo-4.200.0-1.fc20 (FEDORA-2014-4978) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: This is latest stable release that features: * faster transpose of sparse matrices * more efficient handling of aliasing during matrix multiplication * faster inverse of matrices marked as diagonal -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 4.200.0-1 - update to 4.200.0 -------------------------------------------------------------------------------- ================================================================================ bind-dyndb-ldap-4.3-1.fc20 (FEDORA-2014-4990) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information: Update to upstream version 4.3. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Petr Spacek <pspacek redhat com> 4.3-1 - update to 4.3 -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.32-1.fc20 (FEDORA-2014-4985) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: Initial release of new package after split of all Copr packages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077792 - Review Request: copr-cli - Command line interface for COPR https://bugzilla.redhat.com/show_bug.cgi?id=1077792 -------------------------------------------------------------------------------- ================================================================================ elfutils-0.158-3.fc20 (FEDORA-2014-5015) A collection of utilities and DSOs to handle compiled objects -------------------------------------------------------------------------------- Update Information: Fix CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw. Update to 0.158. Support for aarch64. Unwinder support for i386, x86_64, s390, s390x, ppc and ppc64. Add eu-stack. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mark Wielaard <mjw@xxxxxxxxxx> - 0.158-3 - Add elfutils-0.158-CVE-2014-0172.patch (#1085729) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085663 - CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw https://bugzilla.redhat.com/show_bug.cgi?id=1085663 -------------------------------------------------------------------------------- ================================================================================ homerun-1.2.3-1.fc20 (FEDORA-2014-5005) KDE Application Launcher -------------------------------------------------------------------------------- Update Information: Homerun update made on master by Rex Dieter -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.2.3-1 - 1.2.3 -------------------------------------------------------------------------------- ================================================================================ ibus-table-1.5.0.20140409-1.fc20 (FEDORA-2014-5027) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Make toggling pinyin mode with the right shift key work, Make usage of engine name and dconf key consistent, Don’t switch off pinyin mode in clear() Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.5.0.20140409-1 - Make toggling pinyin mode with the right shift key work - Don’t try to colour system phrases and user phrases differently in pinyin mode - Resolves: rhbz#1084684 - Don’t switch off pinyin mode in clear() - Make usage of engine name and dconf key consistent * Wed Apr 2 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.5.0.20140402-1 - Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1084684 - [abrt] ibus-table: table.py:670:ap_candidate:TypeError: unorderable types: str() < int() https://bugzilla.redhat.com/show_bug.cgi?id=1084684 -------------------------------------------------------------------------------- ================================================================================ jd-2.8.8-0.2.beta140329.fc20 (FEDORA-2014-5001) A 2ch browser -------------------------------------------------------------------------------- Update Information: New version 2.8.8 beta140329 is released, including rokka handling -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.8-0.2.beta140329 - 2.8.8 beta140329 * Thu Feb 6 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - Update to the latest trunk -------------------------------------------------------------------------------- ================================================================================ json-c-0.11-6.fc20 (FEDORA-2014-5006) A JSON implementation in C -------------------------------------------------------------------------------- Update Information: Address CVE-2013-6370 and CVE-2013-6371. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-7 - Address CVE-2013-6371 and CVE-2013-6370 (BZ #1085676 and #1085677). - Enabled rdrand support. * Mon Feb 10 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-6 - Bump spec. * Sat Dec 21 2013 Ville Skyttä <ville.skytta@xxxxxx> - 0.11-5 - Run test suite during build. - Drop empty NEWS from docs. * Tue Sep 10 2013 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-4 - Remove default warning flags so that package builds on EPEL as well. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032311 - CVE-2013-6371 json-c: hash collision DoS https://bugzilla.redhat.com/show_bug.cgi?id=1032311 [ 2 ] Bug #1032322 - CVE-2013-6370 json-c: buffer overflow if size_t is larger than int https://bugzilla.redhat.com/show_bug.cgi?id=1032322 -------------------------------------------------------------------------------- ================================================================================ lcgdm-1.8.8-4.fc20 (FEDORA-2014-5039) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information: Patches for dpm-listspaces Backported patch for GLOBUS_THREAD_MODEL Update for new upstream release 1.8.8 Update for new upstream release 1.8.8 Backported patch for GLOBUS_THREAD_MODEL Update for new upstream release 1.8.8 Update for new upstream release 1.8.8 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Alejandro Alvarez <aalvarez@xxxxxxx> - 1.8.8-4 - Patch: LCGDM-1380 and LCGDM-1386 -------------------------------------------------------------------------------- ================================================================================ libcdr-0.0.16-1.fc20 (FEDORA-2014-4986) A library providing ability to interpret and import CorelDRAW drawings -------------------------------------------------------------------------------- Update Information: New upstream release. Adds support for files created by Corel Draw X7. Fixes some bugs related to closed paths with multiple components. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.16-1 - new upstream release * Wed Apr 9 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.15-2 - generate man pages * Sat Apr 5 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.15-1 - new upstream release * Thu Feb 13 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.14-6 - rebuild for new ICU -------------------------------------------------------------------------------- ================================================================================ libsolv-0.6.0-0.git05baf54.fc20 (FEDORA-2014-5013) Package dependency solver -------------------------------------------------------------------------------- Update Information: new version -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Jan Silhan <jsilhan@xxxxxxxxxx> - 0.6.0-0.git05baf54 - Rebase to 0.6.0, upstream commit 05baf54. -------------------------------------------------------------------------------- ================================================================================ libwebp-0.3.1-3.fc20 (FEDORA-2014-4991) Library and tools for the WebP graphics format -------------------------------------------------------------------------------- Update Information: Fixing endian checks to make the decoder working correctly on s390. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Jaromir Capik <jcapik@xxxxxxxxxx> - 0.3.1-3 - Fixing endian checks (#962091) -------------------------------------------------------------------------------- References: [ 1 ] Bug #962091 - Build fail on s390* https://bugzilla.redhat.com/show_bug.cgi?id=962091 -------------------------------------------------------------------------------- ================================================================================ mirall-1.5.3-3.fc20 (FEDORA-2014-4984) The ownCloud Client -------------------------------------------------------------------------------- Update Information: Use system qtlockedfile and qtsingleapplication instead of bundled ones Fixed by Ville Skyttä -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 20 2014 Ville Skyttä <ville.skytta@xxxxxx> - 1.5.3-3 - Use system qtlockedfile and qtsingleapplication instead of bundled ones -------------------------------------------------------------------------------- ================================================================================ mutter-3.10.4-2.fc20 (FEDORA-2014-4995) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: Backport patch to prevent crash with overly large windows (#1043659) -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Florian Müllner <fmuellner@xxxxxxxxxx> - 3.10.4-2 - Backport patch to prevent crash with overly large windows (#1043659) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1043659 - [abrt] gnome-shell-3.10.2.1-3.fc20: cogl_object_unref: Process /usr/bin/gnome-shell was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1043659 -------------------------------------------------------------------------------- ================================================================================ nss_wrapper-1.0.2-1.fc20 (FEDORA-2014-5008) A wrapper for the user, group and hosts NSS API -------------------------------------------------------------------------------- Update Information: Update to version 1.0.2. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 - Andreas Schneider <asn@xxxxxxxxxx> - 1.0.2-1 - Update to version 1.0.2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1078824 - NSS_WRAPPER_HOSTS doesn't work with fqdn,getent ahostsv4, getent ahostsv6 https://bugzilla.redhat.com/show_bug.cgi?id=1078824 -------------------------------------------------------------------------------- ================================================================================ nwchem-6.3.2-9.fc20 (FEDORA-2014-5034) Delivering High-Performance Computational Chemistry to Science -------------------------------------------------------------------------------- Update Information: removed bundling of BLAS, LAPACK, GA Delivering High-Performance Computational Chemistry to Science Delivering High-Performance Computational Chemistry to Science -------------------------------------------------------------------------------- References: [ 1 ] Bug #984605 - Review Request: nwchem - Delivering High-Performance Computational Chemistry https://bugzilla.redhat.com/show_bug.cgi?id=984605 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk2-1.4.5-1.fc20 (FEDORA-2014-4976) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2 1.4.5 Improvements include: - fix bluring behind tooltips in KDE on 64 bits machines - improve detection of empty areas for window dragging - re-enabling shadows behind menus and window background for recent libreoffice versions - fix calculation of the tabs area, that was creating infinite repaint loop under certain conditions oxygen-gtk3 1.3.5 Improvements include: - fixed bugs similar to the ones found for gtk2 engine and described above - made more widgets 'transparent' via css, to get the proper background gradient behind - fix crash with menubar animations when invalid menubar was passed - remove use of some deprecated code for gtk3-3.11 - fixed updates for treeviews embedded in scrolled-windows - added (still not perfect) support for firefox compiled against gtk3 https://projects.kde.org/news/260 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.5-1 - oxygen-gtk2-1.4.5 * Sat Mar 8 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.4-1 - oxygen-gtk2-1.4.4 * Fri Jan 24 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.3-1 - oxygen-gtk2-1.4.3 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk3-1.3.5-1.fc20 (FEDORA-2014-4976) Oxygen GTK+3 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2 1.4.5 Improvements include: - fix bluring behind tooltips in KDE on 64 bits machines - improve detection of empty areas for window dragging - re-enabling shadows behind menus and window background for recent libreoffice versions - fix calculation of the tabs area, that was creating infinite repaint loop under certain conditions oxygen-gtk3 1.3.5 Improvements include: - fixed bugs similar to the ones found for gtk2 engine and described above - made more widgets 'transparent' via css, to get the proper background gradient behind - fix crash with menubar animations when invalid menubar was passed - remove use of some deprecated code for gtk3-3.11 - fixed updates for treeviews embedded in scrolled-windows - added (still not perfect) support for firefox compiled against gtk3 https://projects.kde.org/news/260 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.3.5-1 - oxygen-gtk3-1.3.5 * Sat Mar 8 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.3.4-1 - oxygen-gtk3-1.3.4 -------------------------------------------------------------------------------- ================================================================================ perl-DBIx-Class-0.08250-3.fc20 (FEDORA-2014-4996) Extensible and flexible object <-> relational mapper -------------------------------------------------------------------------------- Update Information: This release restores internal test suite compatibility with sqlite 3.8.2. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 0.08250-3 - Adapt to new sqlite-3.8.2 exception messages (bug #1085336) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085336 - perl-DBIx-Class-0.08250-2.fc21 FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1085336 -------------------------------------------------------------------------------- ================================================================================ perl-Starlet-0.21-2.fc20 (FEDORA-2014-4980) Simple, high-performance PSGI/Plack HTTP server -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.21-2 - Add BR: perl(Plack::Test) (RHBZ#1085230). - Minor spec file modernization. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085230 - perl-Starlet-0.21-1.fc21 FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1085230 -------------------------------------------------------------------------------- ================================================================================ php-pear-1.9.4-25.fc20 (FEDORA-2014-5011) PHP Extension and Application Repository framework -------------------------------------------------------------------------------- Update Information: - Expand path in macros.pear - Install macros to /usr/lib/rpm/macros.d - Fix typo in pear man page - Only enable needed extensions for pear/pecl commands -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Remi Collet <rcollet@xxxxxxxxxx> 1:1.9.4-25 - only enable needed extensions for pear/pecl commands - fix typo in pear man page * Tue Feb 11 2014 Remi Collet <rcollet@xxxxxxxxxx> 1:1.9.4-24 - Expand path in macros.pear - Install macros to /usr/lib/rpm/macros.d where available -------------------------------------------------------------------------------- ================================================================================ pynag-0.8.5-1.fc20 (FEDORA-2014-5036) Python modules and utilities for Nagios plugins and configuration -------------------------------------------------------------------------------- Update Information: Updated to latest upstream version New upstream version -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Tomas Edwardsson <tommi@xxxxxxxxx> 0.8.5-1 - Updated to latest upstream version * Mon Jan 6 2014 Tomas Edwardsson <tommi@xxxxxxxxx> 0.7.0-2 - Update invalid changelog entries * Sat Nov 2 2013 Tomas Edwardsson <tommi@xxxxxxxxx> 0.7.0-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ python-django-horizon-2013.2.3-1.fc20 (FEDORA-2014-5002) Django application for talking to Openstack -------------------------------------------------------------------------------- Update Information: rebase to 2013.2.3, fix cve-2014-0157 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 2013.2.3-1 - rebase to 2013.2.3 - fix CVE-2014-0157 (rhbz#1085825) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082858 - CVE-2014-0157 OpenStack: XSS in Horizon orchestration dashboard when using a malicious template https://bugzilla.redhat.com/show_bug.cgi?id=1082858 -------------------------------------------------------------------------------- ================================================================================ python-djblets-0.7.29-1.fc20 (FEDORA-2014-5042) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information: http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/ http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/ Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 0.7.29-1 - New upstream release 0.7.29 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.29.NEWS -------------------------------------------------------------------------------- ================================================================================ rpmrebuild-2.11-1.fc20 (FEDORA-2014-4983) A tool to build rpm file from rpm database -------------------------------------------------------------------------------- Update Information: New package from upstream. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Anderson Silva <ansilva@xxxxxxxxxx> - 2.11-1 - New package from upstream. -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.12.9-1.fc20 (FEDORA-2014-5020) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: New version 1.12.9 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.12.9-1 - 1.12.9 -------------------------------------------------------------------------------- ================================================================================ rubygem-domain_name-0.5.18-2.fc20 (FEDORA-2014-4987) Domain Name manipulation library for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.5.18 is released. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.18-2 - Support Minitest 5+ * Mon Apr 7 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.18-1 - 0.5.18 -------------------------------------------------------------------------------- ================================================================================ rubygem-hikidoc-0.1.0-1.fc20 (FEDORA-2014-4989) Text-to-HTML conversion tool for web writers -------------------------------------------------------------------------------- Update Information: New version 0.1.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.0-1 - 0.1.0 -------------------------------------------------------------------------------- ================================================================================ rubygem-mini_portile-0.5.3-1.fc20 (FEDORA-2014-5025) Simplistic port-like solution for developers -------------------------------------------------------------------------------- Update Information: New version 0.5.3 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 7 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.3-1 - 0.5.3 -------------------------------------------------------------------------------- ================================================================================ rubygem-sequel-4.9.0-1.fc20 (FEDORA-2014-5007) The Database Toolkit for Ruby -------------------------------------------------------------------------------- Update Information: Upgrade to sequel 4.9.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Alejandro Pérez <aeperezt@xxxxxxxxxxxxxxxxx> - 4.9.0-1 - Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1083982 - rubygem-sequel-4.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1083982 -------------------------------------------------------------------------------- ================================================================================ rubygem-unf-0.1.4-2.fc20 (FEDORA-2014-5003) Wrapper library to bring Unicode Normalization Form support to Ruby/JRuby -------------------------------------------------------------------------------- Update Information: New version 0.1.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.4-2 - Support Minitest 5.x * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.4-1 - 0.1.4 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-153.fc20 (FEDORA-2014-4933) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: - Change hsperfdata_root to have as user_tmp_t - Allow rsyslog low-level network access - Fix use_nfs_home_dirs/use_samba_home_dirs for xdm_t to allow append .xsession-errors by lightdm - nslcd wants chown capability - Fix Multiple same specifications for /var/named/chroot/dev/zero - Add labels for /var/named/chroot_sdb/dev devices - Add support for strongimcv - Use kerberos_keytab_domains in auth_use_nsswitch - Update auth_use_nsswitch to make all these types as kerberos_keytab_domain to - Allow net_raw cap for neutron_t and send sigkill to dnsmasq - Fix ntp_filetrans_named_content for sntp-kod file - Add httpd_dbus_sssd boolean - Dontaudit exec insmod in boinc policy - Rename kerberos_keytab_domain to kerberos_keytab_domains - Add kerberos_keytab_domain() - Fix kerberos_keytab_template() - Make all domains which use kerberos as kerberos_keytab_domain - Allow kill capability to winbind_t - varnishd wants chown capability - update ntp_filetrans_named_content() interface - Add additional fixes for neutron_t. #1083335 - Dontaudit getattr on proc_kcore_t - Allow pki_tomcat_t to read ipa lib files - Allow named_filetrans_domain to create /var/cache/ibus with correct labelign - Allow init_t run /sbin/augenrules - Add dev_unmount_sysfs_fs and sysnet_manage_ifconfig_run interfaces - Allow unpriv SELinux user to use sandbox - Add default label for /tmp/hsperfdata_root -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.12.1-153 - Back port puppet fixes from rawhide - Allow automount to getattr all files - openvpn_can_network_connect boolean set default on - Allow conman to resolve DNS and use user ptys - update pegasus_openlmi_admin_t policy - Allow docker to status any unit file and allow it to start generic unit files - Additional perms for gear domain * Tue Apr 8 2014 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.12.1-152 - Change hsperfdata_root to have as user_tmp_t - Allow rsyslog low-level network access - Fix use_nfs_home_dirs/use_samba_home_dirs for xdm_t to allow append .xsession-errors by lightdm - nslcd wants chown capability * Fri Apr 4 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-151 - Fix Multiple same specifications for /var/named/chroot/dev/zero - Add labels for /var/named/chroot_sdb/dev devices - Add support for strongimcv - Use kerberos_keytab_domains in auth_use_nsswitch - Update auth_use_nsswitch to make all these types as kerberos_keytab_domain to - Allow net_raw cap for neutron_t and send sigkill to dnsmasq - Fix ntp_filetrans_named_content for sntp-kod file - Add httpd_dbus_sssd boolean - Dontaudit exec insmod in boinc policy - Rename kerberos_keytab_domain to kerberos_keytab_domains - Add kerberos_keytab_domain() - Fix kerberos_keytab_template() - Make all domains which use kerberos as kerberos_keytab_domain - Allow kill capability to winbind_t * Wed Apr 2 2014 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.12.1-150 - varnishd wants chown capability - update ntp_filetrans_named_content() interface - Add additional fixes for neutron_t. #1083335 - Dontaudit getattr on proc_kcore_t - Allow pki_tomcat_t to read ipa lib files - Allow named_filetrans_domain to create /var/cache/ibus with correct labelign - Allow init_t run /sbin/augenrules - Add dev_unmount_sysfs_fs and sysnet_manage_ifconfig_run interfaces - Allow unpriv SELinux user to use sandbox - Add default label for /tmp/hsperfdata_root -------------------------------------------------------------------------------- References: [ 1 ] Bug #1012426 - Combine puppet_t and puppetmaster_t domains https://bugzilla.redhat.com/show_bug.cgi?id=1012426 [ 2 ] Bug #1084744 - SELinux is preventing /usr/sbin/openvpn from 'name_connect' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1084744 [ 3 ] Bug #1077689 - Allow certmonger to write CSR for IPA https://bugzilla.redhat.com/show_bug.cgi?id=1077689 [ 4 ] Bug #1078783 - SELinux prevents certmonger from accessing /etc/pki/pki-tomcat/alias https://bugzilla.redhat.com/show_bug.cgi?id=1078783 [ 5 ] Bug #1079236 - SELinux is preventing /usr/bin/python3.3 from 'execute' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1079236 [ 6 ] Bug #1079239 - SELinux is preventing /usr/bin/vmware-user-suid-wrapper from read, write access on the chr_file . https://bugzilla.redhat.com/show_bug.cgi?id=1079239 [ 7 ] Bug #1079568 - SELinux is preventing /opt/google/chrome/nacl_helper from 'lock' accesses on the unix_stream_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1079568 [ 8 ] Bug #1080413 - SELinux is preventing /usr/bin/evince-thumbnailer from 'append' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1080413 [ 9 ] Bug #1080551 - SELinux is preventing /usr/sbin/chronyd from 'write' accesses on the sock_file . https://bugzilla.redhat.com/show_bug.cgi?id=1080551 [ 10 ] Bug #1080978 - SELinux is preventing /usr/bin/kdm from using the 'signull' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=1080978 [ 11 ] Bug #1081602 - SELinux is preventing /opt/google/chrome/nacl_helper from 'execute' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1081602 [ 12 ] Bug #1083335 - nova baremetal instances fail to find image to boot when selinux is set to enforcing https://bugzilla.redhat.com/show_bug.cgi?id=1083335 [ 13 ] Bug #1083576 - SELinux is preventing /usr/sbin/winbindd from using the 'kill' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1083576 [ 14 ] Bug #1084696 - SELinux is preventing /usr/sbin/nslcd from using the 'chown' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1084696 [ 15 ] Bug #1084698 - SELinux is preventing /usr/sbin/lightdm from 'append' accesses on the file .xsession-errors. https://bugzilla.redhat.com/show_bug.cgi?id=1084698 -------------------------------------------------------------------------------- ================================================================================ smb4k-1.1.1-2.fc20 (FEDORA-2014-5018) The SMB/CIFS Share Browser for KDE -------------------------------------------------------------------------------- Update Information: Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch. This release fixes a crash bug and a potential security issue -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 1.1.1-2 - Fix internal broken dependencies. * Thu Mar 27 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 1.1.1-1 - Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch. This release fixes a crash bug and a potential security issue (rhbz #1079820) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079819 - CVE-2014-2581 smb4k: potential credential cache leak fixed in version 1.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=1079819 -------------------------------------------------------------------------------- ================================================================================ spacefm-0.9.4-1.fc20 (FEDORA-2014-5019) Multi-panel tabbed file and desktop manager -------------------------------------------------------------------------------- Update Information: New version 0.9.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 7 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.9.4-1 - 0.9.4 -------------------------------------------------------------------------------- ================================================================================ supybot-fedora-0.2.14-3.fc20 (FEDORA-2014-5010) Plugin for Supybot to interact with Fedora services -------------------------------------------------------------------------------- Update Information: Include python-arrow. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.14-3 - Requires on python-arrow, because we need it now. * Mon Apr 7 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.14-2 - BR on python2-devel for fancy macros. * Mon Apr 7 2014 Ian Weller <iweller@xxxxxxxxxx> - 0.2.14-1 - Version 0.2.14 -------------------------------------------------------------------------------- ================================================================================ watchdog-5.13-10.fc20 (FEDORA-2014-5021) Software and/or Hardware watchdog daemon -------------------------------------------------------------------------------- Update Information: Updates for enabled selinux and for system startup / network manager requirements for watchdog ping test. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Ales Ledvinka <aledvink@xxxxxxxxxx> - 5.13-10 - build version bump to resolve conflict of present build with discarded result. * Thu Nov 7 2013 Ales Ledvinka <aledvink@xxxxxxxxxx> - 5.13-9 - SELinux: Add /usr/libexec/watchdog/scripts/ for test-bin and repair-bin to inherit from. - systemd: service with network available dependency - systemd: correct cgroup for realtime settings - Document SELinux and systemd. * Thu Oct 24 2013 Ales Ledvinka <aledvink@xxxxxxxxxx> - 5.13-5 - SELinux: do not reopen descriptors for reading when only appending. * Fri Aug 9 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 5.13-4 - Fix License field (software is GPLv2+, not "GPL+"). * Thu Aug 8 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 5.13-3 - Rename README.Fedora to README.RHEL on RHEL. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085759 - System fails to boot when network watchdog enabled https://bugzilla.redhat.com/show_bug.cgi?id=1085759 -------------------------------------------------------------------------------- ================================================================================ wfut-1.1.0-15.fc20 (FEDORA-2014-4979) Software updater tool for WorldForge applications -------------------------------------------------------------------------------- Update Information: Rebuilt because of libgcj ABI break -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Martin Preisler <mpreisle@xxxxxxxxxx> - 1.1.0-15 - Rebuilt because of libgcj ABI break -------------------------------------------------------------------------------- ================================================================================ wine-1.7.16-2.fc20 (FEDORA-2014-5040) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: 1.7.16 * More regression test fixes. * String arrays better supported in the IDL compiler. * Initial stubs for DirectX Video Acceleration. * Various bug fixes. 1.7.15 * New Task Scheduler service. * Many regression test fixes. * Support for exception unwinding in VBScript. * Various bug fixes. 1.7.14 * More Task Scheduler support. * Improvements for AVI encoding support. * More VisualBasic interfaces in MSXML. * Support for deflate content encoding in Wininet. * Some fixes for monochrome printers. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.16-2 - explicitly require libpng (fixes rhbz#1085075) * Mon Apr 7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.16-1 - version upgrade * Mon Mar 24 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.15-1 - version upgrade * Sat Mar 8 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.14-1 - version upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055315 - wine-1.7.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1055315 [ 2 ] Bug #1085075 - Wine uses libpng, but the RPM package does not depend on it https://bugzilla.redhat.com/show_bug.cgi?id=1085075 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.8.2-1.fc20 (FEDORA-2014-5029) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Upstream announcement: http://wordpress.org/news/2014/04/wordpress-3-8-2/ -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.8.2-1 - update to 3.8.2 Security Release - fix privilege escalation issue CVE-2014-0165 - fix authentication bypass issue CVE-2014-0166 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085858 - CVE-2014-0166 wordpress: authentication bypass via forged cookies https://bugzilla.redhat.com/show_bug.cgi?id=1085858 [ 2 ] Bug #1085866 - CVE-2014-0165 wordpress: privilege escalation issue allowing contributors to publish posts https://bugzilla.redhat.com/show_bug.cgi?id=1085866 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-synaptics-1.7.4-6.fc20 (FEDORA-2014-4988) Xorg X11 Synaptics touchpad input driver -------------------------------------------------------------------------------- Update Information: Add L440 and X1 Carbon tags/config to enable the top softwarebutton area -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.7.4-6 - Add L440 and X1 Carbon tags/config -------------------------------------------------------------------------------- ================================================================================ yash-2.36-1.fc20 (FEDORA-2014-5035) Yet Another SHell -------------------------------------------------------------------------------- Update Information: New version 2.36 is released. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
