The following Fedora 20 Security updates need testing: Age URL 117 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2014-4691/a2ps-4.14-23.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-5018/smb4k-1.1.1-2.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5079/cups-1.7.2-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5198/openstack-glance-2013.2.3-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5336/java-1.8.0-openjdk-1.8.0.5-1.b13.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5321/stunnel-5.01-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5298/drupal7-7.27-1.fc20,drupal6-6.31-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-5369/community-mysql-5.5.37-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-5393/mariadb-5.5.37-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-5407/ansible-1.5.5-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-5433/bugzilla-4.2.9-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5471/ndjbdns-1.06-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-3.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5503/python-django-1.6.3-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5475/python-django14-1.4.11-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5486/python-django15-1.5.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5492/python-pillow-2.2.1-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5540/zabbix-2.0.11-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5555/python-keystoneclient-0.7.1-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5514/wireshark-1.10.7-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 19 https://admin.fedoraproject.org/updates/FEDORA-2014-4774/gnome-shell-3.10.4-3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5149/iscsi-initiator-utils-6.2.0.873-21.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5179/perl-Exporter-5.70-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5176/audit-2.3.6-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-5446/ibus-1.5.6-3.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5488/abrt-2.2.1-1.fc20,libreport-2.2.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5513/librepo-1.7.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5522/libthai-0.1.20-1.fc20 The following builds have been pushed to Fedora 20 updates-testing ahkab-0.09-3.fc20 apr-1.5.1-1.fc20 autojump-21.6.9-2.fc20 babeltrace-1.2.1-1.fc20 bogofilter-1.2.4-1.fc20 cqrlog-1.7.4-1.fc20 dwdiff-2.0.7-2.fc20 easytag-2.2.1-1.fc20 gcin-2.8.2-1.fc20 ghc-reflection-1.4-1.fc20 git-cola-2.0.2-1.fc20 ibus-qt-1.3.3-1.fc20 krop-0.4.5-1.fc20 libreoffice-4.2.3.3-7.fc20 librepo-1.7.2-1.fc20 libthai-0.1.20-1.fc20 linkchecker-9.1-1.fc20 perl-DB_File-Lock-0.05-2.fc20 perl-Sort-Maker-0.06-2.fc20 perl-Type-Tiny-0.042-1.fc20 pgtoolkit-1.0.1-2.fc20 php-horde-Horde-Image-2.0.7-1.fc20 php-horde-Horde-Imap-Client-2.19.3-1.fc20 php-horde-Horde-Mime-2.3.2-1.fc20 python-django-sahara-2014.1.0-1.fc20 python-halite-0.1.16-1.fc20 python-kerberos-1.1-14.fc20 python-keystoneclient-0.7.1-2.fc20 python-kombu-2.5.16-2.fc20 python3-iep-3.4-2.fc20 qpid-dispatch-0.2-2.fc20 spring-96.0-2.fc20 unetbootin-603-1.fc20 wireshark-1.10.7-1.fc20 zabbix-2.0.11-3.fc20 Details about builds: ================================================================================ ahkab-0.09-3.fc20 (FEDORA-2014-5556) A SPICE-like electronic circuit simulator written in Python -------------------------------------------------------------------------------- Update Information: A SPICE-like electronic circuit simulator. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089017 - ahkab - A SPICE-like electronic circuit simulator https://bugzilla.redhat.com/show_bug.cgi?id=1089017 -------------------------------------------------------------------------------- ================================================================================ apr-1.5.1-1.fc20 (FEDORA-2014-5532) Apache Portable Runtime library -------------------------------------------------------------------------------- Update Information: Update to new version 1.5.1. Full changelog: http://www.apache.org/dist/apr/CHANGES-APR-1.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 1.5.1-1 - update to 1.5.1 (#1089917) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089917 - apr-1.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1089917 -------------------------------------------------------------------------------- ================================================================================ autojump-21.6.9-2.fc20 (FEDORA-2014-5534) A fast way to navigate your filesystem from the command line -------------------------------------------------------------------------------- Update Information: Fix bash completion. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Tomas Tomecek <ttomecek@xxxxxxxxxx> - 21.6.9-2 - Fix bash completion: rhbz#1089600 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089600 - recent upgrade breaks autocomplete https://bugzilla.redhat.com/show_bug.cgi?id=1089600 -------------------------------------------------------------------------------- ================================================================================ babeltrace-1.2.1-1.fc20 (FEDORA-2014-5558) Trace Viewer and Converter, mainly for the Common Trace Format -------------------------------------------------------------------------------- Update Information: New upstream release New upstream release, an obsolete patch removed -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 27 2014 Yannick Brosseau <yannick.brosseau@xxxxxxxxx> - 1.2.1-1 - New upstream release * Sat Mar 1 2014 Suchakra Sharma <suchakra@xxxxxxxxxxxxxxxxx> - 1.2.0-1 - New upstream release - Popt patch for babeltrace.pc.in removed. Its fixed in Fedora now - Add new file (babeltrace-ctf.pc) -------------------------------------------------------------------------------- ================================================================================ bogofilter-1.2.4-1.fc20 (FEDORA-2014-5530) Fast anti-spam filtering by Bayesian statistical analysis -------------------------------------------------------------------------------- Update Information: updated to 1.2.4 (fixes #1084359) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Adrian Reber <adrian@xxxxxxxx> - 1.2.4-1 - updated to 1.2.4 (fixes #1084359) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1084359 - bogofilter was updateed https://bugzilla.redhat.com/show_bug.cgi?id=1084359 -------------------------------------------------------------------------------- ================================================================================ cqrlog-1.7.4-1.fc20 (FEDORA-2014-5523) An amateur radio contact logging program -------------------------------------------------------------------------------- Update Information: New version of CQRLOG is now available fixing several bugs and providing several enhancements. * F keys to CW type window added * address to RBN server can be changed in Preferences * full date (not only year,month) is supported in membership files * Close the "Status of log upload" window after successful upload added * moved to new LoTW url and updated upload routines * band button description is editable (Preferences -> TRX control -> Change default frequencies) * 6W/MM0NDX was marked as unknown country instead of Senegal - fixed * after View QSO and CTRL+F2 fields was still read-only - fixed * QSL information was added to Commend to QSO even if it already exists * '+' character is now allowed in any field in New QSO window * log could not recover from a wrong upload of updated QSO - fixed * '+' as hotkey to add to bandmap function removed, use CTRL+A instead * any result from ClubLog with 'Skipping QSO' won't stop uploading of the log * "When TRX control is not active, use frequency and mode from NewQSO window" option to Preferences->Band map added * CTRL+N hotkey to QSO list window added (do NOT send QSL) * TRX control window was not sizeable - fixed * when ESC was pressed twice in Remote mode, log crashed - fixed * program crashed when freq was entered with comma as decimal separator - fixed * broken grid square statistic fixed * online QSO upload to HamQTH, ClubLog and HRDLog added * improved QSL managers import, should be faster a bit * "Long Path" button to Rotor Control added (Darek, SP2MKI) * COMMENT field is exported to eQSL server * Always overwrite info from previous QSO with callbook data option added * help updated * country files updated * membership files updated * layout improved (mostly new QSO window) * LoTW QSL RCVD was not imported when ADIF didn't include LOTW_QSLRDATE value - fixed * CONTESTIA mode was saved as CONSTESTI (increased max length of mode to 10 characters) - fixed * ReverseBeacon support in Gray line didn't work - fixed * after click to OK button in Preferences, bandmap stopped deleting old spots - fixed * bandmap was not updated when any spot was not added - fixed * station was added to bandmap when offline mode was activated - fixed * big square statistics didn't work in newer versions of distributions - fixed * QSO JT65* mode were not confirmed by eQSL - fixed -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 20 2014 Eric "Sparks" Christensen <sparks@xxxxxxxxxxxxxxxxx> - 1.7.4-1 - F keys to CW type window added - address to RBN server can be changed in Preferences - full date (not only year,month) is supported in membership files - Close the "Status of log upload" window after successful upload added - moved to new LoTW url and updated upload routines - band button description is editable (Preferences -> TRX control -> Change default frequencies) - 6W/MM0NDX was marked as unknown country instead of Senegal - fixed - after View QSO and CTRL+F2 fields was still read-only - fixed - QSL information was added to Commend to QSO even if it already exists - '+' character is now allowed in any field in New QSO window - log could not recover from a wrong upload of updated QSO - fixed - '+' as hotkey to add to bandmap function removed, use CTRL+A instead - any result from ClubLog with 'Skipping QSO' won't stop uploading of the log -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090238 - Version 1.7.4 available https://bugzilla.redhat.com/show_bug.cgi?id=1090238 -------------------------------------------------------------------------------- ================================================================================ dwdiff-2.0.7-2.fc20 (FEDORA-2014-5543) Front end to diff for comparing on a per word basis -------------------------------------------------------------------------------- Update Information: New upstream release dwdiff-2.0.7 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Jakub Hrozek <jhrozek@xxxxxxxxxx> - 2.0.5-2 - Bump the release number * Tue Oct 1 2013 Jakub Hrozek <jhrozek@xxxxxxxxxx> - 2.0.5-1 - New upstream release 2.0.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090099 - dwdiff breaks the F19->F20 upgrade path https://bugzilla.redhat.com/show_bug.cgi?id=1090099 -------------------------------------------------------------------------------- ================================================================================ easytag-2.2.1-1.fc20 (FEDORA-2014-5539) Tag editor for MP3, Ogg, FLAC and other music files -------------------------------------------------------------------------------- Update Information: Update to 2.2.1 and add hardening flags * Fix image loading with HTTP URLs and empty images * Fix bogus track numbers when automatically numbering files * Add Opus and Speex MIME types to desktop file * Abhinav Jangda’s fix for numeric characters in ID3 TPOS fields * Roman Bogorodskiy’s ID3 wrapper compilation fix * Improvements to MP4 GIO wrapper * Fix a scanner bug when converting "%20" to " " * Fix compilation if TagLib or libogg is unavailable * Depend on TagLib 1.9.1 for MP4 support * Use CXXFLAGS from the environment * Rafael Ferrera’s Brazilian Portuguese translation update * Aurimas Černius’s Lithuanian translation update * Balázs Úr’s Hungarian translation update * Matej Urbančič’s Slovenian translation update -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 David King <amigadave@xxxxxxxxxxxxx> 2.2.1-1 - Update to 2.2.1 - Add hardening flags -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089501 - [abrt] easytag: Scan_Process_Fields(): easytag killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1089501 -------------------------------------------------------------------------------- ================================================================================ gcin-2.8.2-1.fc20 (FEDORA-2014-5520) An input method focused on Chinese users -------------------------------------------------------------------------------- Update Information: 2.8.2 - gtab 用 shift 切換中英時會自動清除拆字區的內容 - 因為自動往左移不好用,改成自動往右移。 - 詞音內cursor 在結尾時按 shift-enter 把整句加入詞庫的功能取消,因為容易造成誤按。 - 新增注音聲調符號輸入標點符號 「ˇ? ˋ、 ˊ, ˙。」 限標準&倚天鍵盤。 - 兩個日文輸入的 bug - 新增gtab 注音符號輸入法,用來輸入注音符號 - 在 Ubuntu 13.10 Indicator icon 無法使用的問題 - 預選詞出現的次數變多&更準確了 - status icon 現在可以顯示 Capslock 的狀態。 - 念出發音會殘留 ogg123 process 的問題。 - 如果AP 文字輸入區位置很低,預選詞視窗會蓋掉文字的問題 - 英文預選詞的功能,也有編輯詞庫 -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 12 2014 Christopher Meng <rpm@xxxxxxxx> - 2.8.2-1 - Update to 2.8.2 - Drop Qt3 support. * Mon Aug 26 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 2.8.1-4 - libmng rebuild. -------------------------------------------------------------------------------- ================================================================================ ghc-reflection-1.4-1.fc20 (FEDORA-2014-5538) Reifies arbitrary terms into types that can be reflected back into terms -------------------------------------------------------------------------------- Update Information: Reifies arbitrary terms into types that can be reflected back into terms - http://hackage.haskell.org/package/reflection -------------------------------------------------------------------------------- References: [ 1 ] Bug #1076737 - Review Request: ghc-reflection - Reifies arbitrary terms into types that can be reflected back into terms https://bugzilla.redhat.com/show_bug.cgi?id=1076737 -------------------------------------------------------------------------------- ================================================================================ git-cola-2.0.2-1.fc20 (FEDORA-2014-5548) A sleek and powerful git GUI -------------------------------------------------------------------------------- Update Information: == Usability, bells and whistles == * Better inotify support for file creation and deletion. https://github.com/git-cola/git-cola/issues/240 * git cola now supports the X11 Session Management Protocol and remembers its state across logout/reboot. https://github.com/git-cola/git-cola/issues/164 * git cola has a new icon. https://github.com/git-cola/git-cola/issues/190 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Christopher Meng <rpm@xxxxxxxx> - 2.0.2-1 - Update to 2.0.2 -------------------------------------------------------------------------------- ================================================================================ ibus-qt-1.3.3-1.fc20 (FEDORA-2014-5549) Qt IBus library and Qt input method plugin -------------------------------------------------------------------------------- Update Information: This update enables surrounding text feature in QT. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.3-1 - Updated to 1.3.3. * Fri Feb 14 2014 David Tardon <dtardon@xxxxxxxxxx> - 1.3.2-6 - rebuild for new ICU -------------------------------------------------------------------------------- ================================================================================ krop-0.4.5-1.fc20 (FEDORA-2014-5528) Tool to crop PDF files with an eye towards eReaders -------------------------------------------------------------------------------- Update Information: * Load and write files with non-ascii characters in their filename. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 1 2014 Christopher Meng <rpm@xxxxxxxx> - 0.4.5-1 - Update to 0.4.5 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.2.3.3-7.fc20 (FEDORA-2014-5533) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Fix some commonly reported crashes -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.2.3.3-7 - Resolves: rhbz#1089340 crash on search+replace + close + searchreplace in calc - Resolves: rhbz#1088625 crash in presentation console - Resolves: rhbz#1089377 crash on loading a specific rtf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089340 - [abrt] libreoffice-core: SvTreeList::Broadcast(): soffice.bin killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1089340 [ 2 ] Bug #1088625 - [abrt] libreoffice-core: sdext::presenter::PresenterPaintManager::Invalidate(): soffice.bin killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1088625 [ 3 ] Bug #1089377 - [abrt] libreoffice-core: writerfilter::dmapper::ListDef::GetPropertyValues(): soffice.bin killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1089377 -------------------------------------------------------------------------------- ================================================================================ librepo-1.7.2-1.fc20 (FEDORA-2014-5513) Repodata downloading library -------------------------------------------------------------------------------- Update Information: Fix segfault in headercb if only base_url and no mirrolist is used (RhBug: 1090325) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 1.7.2-1 - Fix segfault in headercb if only base_url and no mirrolist is used (RhBug: 1090325) - Set environmental variable LIBREPO_DEBUG enables librepo debug output to stderr -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073721 - [abrt] dnf: lr_headercb(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1073721 -------------------------------------------------------------------------------- ================================================================================ libthai-0.1.20-1.fc20 (FEDORA-2014-5522) Thai language support routines -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Daiki Ueno <dueno@xxxxxxxxxx> - 0.1.20-1 - Update to 0.1.20 - Update bundled libdatrie to 0.2.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1062876 - libthai-0.1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1062876 -------------------------------------------------------------------------------- ================================================================================ linkchecker-9.1-1.fc20 (FEDORA-2014-5515) Check HTML documents for broken links -------------------------------------------------------------------------------- Update Information: 9.1 "Don Jon" (released 30.3.2014) Features: - checking: Support parsing of sitemap and sitemap index XML files. Closes: GH bug #413 - checking: Add new HTTP header info plugin. - logging: Support arbitrary encodings in CSV output. Closes: GH bug #467 - installation: Use .gz compression for source release to support "pip install". Closes: GH bug #461 Changes: - checking: Ignored URLs are reported earlier now. - checking: Updated the list of unkonwn or ignored URI schemes. - checking: Internal errors do not disable check threads anymore. - checking: Disable URL length warning for data: URLs. - checking: Do not warn about missing addresses on mailto links that have subjects. - checking: Check and display SSL certificate info even on redirects. Closes: GH bug #489 - installation: Check requirement for Python requests >= 2.2.0. Closes: GH bug #478 - logging: Display downloaded bytes. Fixes: - checking: Fix internal errors in debug output. Closes: GH bug #472 - checking: Fix URL result caching. - checking: Fix assertion in external link checking. - checking: Fix SSL errors on Windows. Closes: GH bug #471 - checking: Fix error when SNI checks are enabled. Closes: GH bug #488 - gui: Fix warning regex settings. Closes: GH bug #485 == Fedora RPM related changes== - Add missing python-requests dependency. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Christopher Meng <rpm@xxxxxxxx> - 9.1-1 - Update to 9.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082585 - linkchecker-9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082585 [ 2 ] Bug #1084503 - Add explicit dependency on python-requests https://bugzilla.redhat.com/show_bug.cgi?id=1084503 -------------------------------------------------------------------------------- ================================================================================ perl-DB_File-Lock-0.05-2.fc20 (FEDORA-2014-5517) Locking with flock wrapper for DB_File -------------------------------------------------------------------------------- Update Information: First release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089950 - Review Request: perl-DB_File-Lock - Locking with flock wrapper for DB_File https://bugzilla.redhat.com/show_bug.cgi?id=1089950 -------------------------------------------------------------------------------- ================================================================================ perl-Sort-Maker-0.06-2.fc20 (FEDORA-2014-5529) Simple way to make efficient sort subs -------------------------------------------------------------------------------- Update Information: First release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089949 - Review Request: perl-Sort-Maker - Simple way to make efficient sort subs https://bugzilla.redhat.com/show_bug.cgi?id=1089949 -------------------------------------------------------------------------------- ================================================================================ perl-Type-Tiny-0.042-1.fc20 (FEDORA-2014-5521) Tiny, yet Moo(se)-compatible type constraint -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> 0.042-1 - Upstream update. - Split out perl(Test::TypeTiny) to avoid deps on perl(Test::*). -------------------------------------------------------------------------------- ================================================================================ pgtoolkit-1.0.1-2.fc20 (FEDORA-2014-5541) Tools for PostgreSQL maintenance -------------------------------------------------------------------------------- Update Information: Resolving dependency issues. Update pgtoolkit to 1.0.1. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Image-2.0.7-1.fc20 (FEDORA-2014-5536) Horde Image API -------------------------------------------------------------------------------- Update Information: Horde_Image 2.0.7: * [mjr] Update maximum allowed version for the PECL Imagick extension. * [jan] Fix converting to grayscale with imagick driver. * [jan] Add optional dependency on imagick PECL extension. Horde_Imap_Client 2.19.3: * [mms] Fix parsing a reply/forward subject with no blob content. * [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are truly integers. Horde_MIME 2.3.2: * [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage() and the 'no_body' option. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.7-1 - Update to 2.0.7 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.19.3-1.fc20 (FEDORA-2014-5536) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: Horde_Image 2.0.7: * [mjr] Update maximum allowed version for the PECL Imagick extension. * [jan] Fix converting to grayscale with imagick driver. * [jan] Add optional dependency on imagick PECL extension. Horde_Imap_Client 2.19.3: * [mms] Fix parsing a reply/forward subject with no blob content. * [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are truly integers. Horde_MIME 2.3.2: * [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage() and the 'no_body' option. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.19.3-1 - Update to 2.19.3 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Mime-2.3.2-1.fc20 (FEDORA-2014-5536) Horde MIME Library -------------------------------------------------------------------------------- Update Information: Horde_Image 2.0.7: * [mjr] Update maximum allowed version for the PECL Imagick extension. * [jan] Fix converting to grayscale with imagick driver. * [jan] Add optional dependency on imagick PECL extension. Horde_Imap_Client 2.19.3: * [mms] Fix parsing a reply/forward subject with no blob content. * [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are truly integers. Horde_MIME 2.3.2: * [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage() and the 'no_body' option. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.3.2-1 - Update to 2.3.2 -------------------------------------------------------------------------------- ================================================================================ python-django-sahara-2014.1.0-1.fc20 (FEDORA-2014-5544) Sahara project dashboard -------------------------------------------------------------------------------- Update Information: 2014.1 release 2014.1.rc1 release and rename from python-django-savanna -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085132 - Review Request: python-django-sahara - Sahara plugin for OpenStack dashboard https://bugzilla.redhat.com/show_bug.cgi?id=1085132 -------------------------------------------------------------------------------- ================================================================================ python-halite-0.1.16-1.fc20 (FEDORA-2014-5550) SaltStack Web UI -------------------------------------------------------------------------------- Update Information: Updated to version 0.1.16. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Erik Johnson <erik@xxxxxxxxxxxxx> - 0.1.16-1 - Updated to version 0.1.16. -------------------------------------------------------------------------------- ================================================================================ python-kerberos-1.1-14.fc20 (FEDORA-2014-5519) A high-level wrapper for Kerberos (GSSAPI) operations -------------------------------------------------------------------------------- Update Information: Add API to allow inquiring the current client credentials -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Rob Crittenden <rcritten@xxxxxxxxxx> - 1.1-14 - Add patch to allow inquiring the current client credentials -------------------------------------------------------------------------------- ================================================================================ python-keystoneclient-0.7.1-2.fc20 (FEDORA-2014-5555) Client library for OpenStack Identity API -------------------------------------------------------------------------------- Update Information: - Depend on correct python-six version Fix CVE-2014-0105 by update to upstream 0.7.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Pádraig Brady <pbrady@xxxxxxxxxx> - 1:0.7.0-2 - Depend on newer python-six * Tue Apr 8 2014 Jakub Ruzicka <jruzicka@xxxxxxxxxx> 1:0.7.1-1 - Update to upstream 0.7.1 - Align doc build with other client packages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082172 - CVE-2014-0105 python-keystoneclient: Potential context confusion in Keystone middleware [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1082172 -------------------------------------------------------------------------------- ================================================================================ python-kombu-2.5.16-2.fc20 (FEDORA-2014-5516) AMQP Messaging Framework for Python -------------------------------------------------------------------------------- Update Information: add requirement python-anyjson (rhbz#1087219) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 1:2.5.16-2 - add requirement python-anyjson (rhbz#1087219) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1087219 - python-kombu depends on python-anyjson https://bugzilla.redhat.com/show_bug.cgi?id=1087219 -------------------------------------------------------------------------------- ================================================================================ python3-iep-3.4-2.fc20 (FEDORA-2014-5546) The interactive editor for Python -------------------------------------------------------------------------------- Update Information: Initial import -------------------------------------------------------------------------------- References: [ 1 ] Bug #1084654 - Review Request: python3-iep - The interactive editor for Python https://bugzilla.redhat.com/show_bug.cgi?id=1084654 -------------------------------------------------------------------------------- ================================================================================ qpid-dispatch-0.2-2.fc20 (FEDORA-2014-5531) Dispatch router for Qpid -------------------------------------------------------------------------------- Update Information: Fixed merging problems across Fedora and EPEL releases. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.2-2 - Fixed merging problems across Fedora and EPEL releases. * Tue Apr 22 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.2-1 - Rebased on Qpid Dispatch 0.2. -------------------------------------------------------------------------------- ================================================================================ spring-96.0-2.fc20 (FEDORA-2014-5554) Multiplayer, 3D realtime strategy combat game -------------------------------------------------------------------------------- Update Information: - Version 96.0, major spring/springlobby upstream release. - pr-downloader finally enabled and finally builds under mock; patches and libcurl added. - spring no longer requires springlobby and spring-maps-default as it creates a circular dependency. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 5 2014 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 96.0-2 - pr-downloader finally builds under mock; patches and libcurl added. - spring no longer requires springlobby and spring-maps-default as it creates a circular dependency. * Mon Jan 13 2014 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 96.0-1 - Version 96.0, major spring/springlobby upstream release. - pr-downloader finally enabled. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055230 - spring and spring lobby versions are outdated https://bugzilla.redhat.com/show_bug.cgi?id=1055230 [ 2 ] Bug #1079581 - [abrt] spring: __pthread_cond_destroy(): spring killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079581 -------------------------------------------------------------------------------- ================================================================================ unetbootin-603-1.fc20 (FEDORA-2014-5525) Create bootable Live USB drives for a variety of Linux distributions -------------------------------------------------------------------------------- Update Information: Update to version 603. Change naming to reflect upstream versioning scheme. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 603-1 - Change naming to reflect upstream versioning scheme. - Update to 603. * Thu Aug 22 2013 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0-15.585bzr - Update to 585. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090033 - unetbootin-603 is available https://bugzilla.redhat.com/show_bug.cgi?id=1090033 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.7-1.fc20 (FEDORA-2014-5514) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: Ver. 1.10.7 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2014 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.7-1 - Ver. 1.10.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090180 - CVE-2014-2907 wireshark: RTP dissector crash (wnpa-sec-2014-06) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1090180 -------------------------------------------------------------------------------- ================================================================================ zabbix-2.0.11-3.fc20 (FEDORA-2014-5540) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: The logrotate configuration had no su statement in 2.0.11-2. Furthermore, the log file should have been created as zabbixsrv:zabbix for the proxy and server, what they are now. http://www.zabbix.com/rn2.0.11.php Also solves 3 security issues: * [ZBX-7703] fixed being able to switch users without proper credentials when using HTTP authentication; reference CVE-2014-1682 * [ZBX-6721] fixed LDAP authentication; reference CVE-2013-5572 * [ZBX-7693] fixed admin user being able to update media for other users; reference CVE-2014-1685 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Volker Fröhlich <volker27@xxxxxx> - 2.0.11-3 - Don't remove su directive from logrotate config in error - Adapt logrotate.in file and sed invocation from 2.2 packages * Sun Feb 16 2014 Volker Fröhlich <volker27@xxxxxx> - 2.0.11-2 - Remove if clauses for Fedora/RHEL as they are obsolete in EL 7 - Use systemd scriplet macros (BZ#850378) - Remove init scripts * Wed Feb 12 2014 Volker Fröhlich <volker27@xxxxxx> - 2.0.11-1 - New upstream release - Truncate changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1013963 - CVE-2013-5572 zabbix: password leakage https://bugzilla.redhat.com/show_bug.cgi?id=1013963 [ 2 ] Bug #1061563 - CVE-2014-1682 zabbix: API issue allows users to impersonate other users https://bugzilla.redhat.com/show_bug.cgi?id=1061563 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test