The following Fedora 20 Security updates need testing: Age URL 124 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc20 29 https://admin.fedoraproject.org/updates/FEDORA-2014-4691/a2ps-4.14-23.fc20 16 https://admin.fedoraproject.org/updates/FEDORA-2014-5018/smb4k-1.1.1-2.fc20 16 https://admin.fedoraproject.org/updates/FEDORA-2014-5198/openstack-glance-2013.2.3-3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-3.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-5710/qt5-qtbase-5.2.1-8.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-5684/mediawiki-1.21.9-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-5767/mumble-1.2.5-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-5765/cups-filters-1.0.53-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5794/fish-2.1.0-9.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5797/dmlite-0.6.2-2.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-5773/python-lxml-3.3.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5880/mutt-1.5.23-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5901/highlight-3.18-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5813/libssh2-1.4.3-9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5446/ibus-1.5.7-1.fc20 The following builds have been pushed to Fedora 20 updates-testing canl-c++-1.1.0-1.fc20 ghc-rfc5051-0.1.0.3-1.fc20 gimagereader-2.93-1.fc20 glusterfs-3.5.0-3.fc20 gpaw-setups-0.9.11271-2.fc20 gst-editing-services-1.2.1-1.fc20 highlight-3.18-1.fc20 inadyn-mt-2.24.38-2.fc20 jortho-1.0-1.fc20 kde-workspace-4.11.9-2.fc20 libnfsidmap-0.25-8.fc20 lightdm-1.8.8-1.fc20 microcode_ctl-2.1-4.fc20 mutt-1.5.23-1.fc20 netactview-0.6.2-1.fc20 nordugrid-arc-4.1.0-1.fc20 nordugrid-arc-doc-1.4.0-1.fc20 nrpe-2.15-2.fc20 opencv-2.4.7-6.fc20 piglit-1-0.14.20140414GIT8775223.fc20 resiprocate-1.9.6-7.fc20 rubygem-qpid_proton-0.7-2.fc20 the_silver_searcher-0.21.0-1.fc20 zarafa-7.1.9-1.fc20 Details about builds: ================================================================================ canl-c++-1.1.0-1.fc20 (FEDORA-2014-5881) EMI Common Authentication library - bindings for C++ -------------------------------------------------------------------------------- Update Information: NorduGrid ARC release 14.04: * NorduGrid ARC version 4.1.0 * NorduGrid ARC Documents version 1.4.0 * Common authentication library caNl++ version 1.1.0 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.1.0-1 - Update to version 1.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires https://bugzilla.redhat.com/show_bug.cgi?id=1068453 -------------------------------------------------------------------------------- ================================================================================ ghc-rfc5051-0.1.0.3-1.fc20 (FEDORA-2014-5902) Simple unicode collation as per RFC5051 -------------------------------------------------------------------------------- Update Information: Simple Unicode collation as per RFC5051 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058198 - Review Request: ghc-rfc5051 - Simple unicode collation as per RFC5051 https://bugzilla.redhat.com/show_bug.cgi?id=1058198 -------------------------------------------------------------------------------- ================================================================================ gimagereader-2.93-1.fc20 (FEDORA-2014-5877) OCR application -------------------------------------------------------------------------------- Update Information: Update to version 2.93, see https://raw.githubusercontent.com/manisandro/gImageReader/master/NEWS for details. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 30 2014 Sandro Mani <manisandro@xxxxxxxxx> - 2.93-1 - Update to 2.93 -------------------------------------------------------------------------------- ================================================================================ glusterfs-3.5.0-3.fc20 (FEDORA-2014-5895) Cluster File System -------------------------------------------------------------------------------- Update Information: syslog deprecated in Fedora20 BZ #1093318 GlusterFS 3.5.0 GA, glusterfs-3.5.0-2, glusterfs.spec nits -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-3 - syslog deprecated in Fedora20 BZ #1093318 * Fri Apr 25 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - sync with upstream glusterfs.spec.in BZ #1091392 - sync with upstream glusterfs.spec.in BZ #1091392 * Wed Apr 23 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-2 - GlusterFS 3.5.0 GA, glusterfs-3.5.0-2, glusterfs.spec nits * Thu Apr 17 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-1 - GlusterFS 3.5.0 GA -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093318 - glusterfs-libs-3.5.0-0.1.qa3.fc21.x86_64.rpm requires rsyslog-mmjsonparse; this brings in rsyslog, ... https://bugzilla.redhat.com/show_bug.cgi?id=1093318 -------------------------------------------------------------------------------- ================================================================================ gpaw-setups-0.9.11271-2.fc20 (FEDORA-2014-5900) Atomic GPAW setups -------------------------------------------------------------------------------- Update Information: Atomic GPAW setups. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090070 - Review Request: gpaw-setups - GPAW setups https://bugzilla.redhat.com/show_bug.cgi?id=1090070 -------------------------------------------------------------------------------- ================================================================================ gst-editing-services-1.2.1-1.fc20 (FEDORA-2014-5898) Gstreamer editing services -------------------------------------------------------------------------------- Update Information: Multiple minor bugfixes http://cgit.freedesktop.org/gstreamer/gst-editing-services/commit/?h=1.2 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 1.2.1-1 - 1.2.1, BZ 1093138. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093138 - gst-editing-services: version 1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1093138 -------------------------------------------------------------------------------- ================================================================================ highlight-3.18-1.fc20 (FEDORA-2014-5901) Universal source code to formatted text converter -------------------------------------------------------------------------------- Update Information: New upstream release with new language definitions for GDB and PDF. -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Jochen Schmitt <Jochen herr-schmitt de> - 3.18-1 - New upstream release -------------------------------------------------------------------------------- ================================================================================ inadyn-mt-2.24.38-2.fc20 (FEDORA-2014-5892) Dynamic DNS Client -------------------------------------------------------------------------------- Update Information: New upstream version wich minor bugfixes. Fir of wrong NetworkManager dispatcher drectory. Moving cache directory to /var/cache/inadyn-mt. remove type=forking from systemd unit file. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 30 2014 Jochen Schmitt <Jochen herr-schmitt de> - 2.24.38-2 - Fix wrong NetworkManger dispatcher directory * Sun Apr 27 2014 Jochen Schmitt <Jochen herr-schmitt de> - 2.24.38-1 - New upstream release - Remove'type=forking' from service file (#1036471) - Set default cache dir to /var/cache/inadyn-mt (#1090533) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1090533 - /tmp is a bad default for cache dir https://bugzilla.redhat.com/show_bug.cgi?id=1090533 [ 2 ] Bug #1036471 - inadyn-mt does not fork when started by systemd https://bugzilla.redhat.com/show_bug.cgi?id=1036471 -------------------------------------------------------------------------------- ================================================================================ jortho-1.0-1.fc20 (FEDORA-2014-5876) A spell checker for Java -------------------------------------------------------------------------------- Update Information: Initial version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1092096 - Review Request: jortho - A spell checker for Java https://bugzilla.redhat.com/show_bug.cgi?id=1092096 -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.9-2.fc20 (FEDORA-2014-5906) KDE Workspace -------------------------------------------------------------------------------- Update Information: New stable/bugfix release, see also http://kde.org/announcements/announce-4.12.5.php -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 29 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.9-2 - respin * Fri Apr 25 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.9-1 - 4.11.9 * Thu Apr 24 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-7 - another batch of upstream commits, including final versions of screenlocker fixes * Tue Apr 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-6 - pull in proposed screenlocker fixes (kde#224200, kde#327947, kde#329076) * Sat Apr 19 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-5 - plasma-dataengine-extractor love - move calendar dataengine to -akonadi subpkg (currently unused) * Mon Apr 14 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-4 - disable nepomuk support (kde-4.13, f21+) * Mon Apr 14 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-3 - startkde.cmake: PAM_KWALLET_LOGIN typo * Fri Apr 11 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.8-2 - pull in some post 4.11.8 commits - ... namely adds support for pam-kwallet and XDG_CURRENT_DESKTOP -------------------------------------------------------------------------------- ================================================================================ libnfsidmap-0.25-8.fc20 (FEDORA-2014-5873) NFSv4 User and Group ID Mapping Library -------------------------------------------------------------------------------- Update Information: commit 3226c06989186d9cd60ba146df4e2898fee5047b Author: Steve Dickson <steved@xxxxxxxxxx> Date: Wed Apr 30 11:14:22 2014 -0400 libnfsidmap: id_as_chars() fails zero value ids. Root has a zero value id which is valid and should not be mapped to nfsnobody Signed-off-by: Steve Dickson <steved@xxxxxxxxxx> -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 30 2014 Steve Dickson <steved@xxxxxxxxxx> 0.20-8 - Updated to latest rc release: libnfsidmap-0-26-rc3 (bz 1093148) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093148 - chown does not respect NFSv4 no_root_squash https://bugzilla.redhat.com/show_bug.cgi?id=1093148 -------------------------------------------------------------------------------- ================================================================================ lightdm-1.8.8-1.fc20 (FEDORA-2014-5888) Lightweight Display Manage -------------------------------------------------------------------------------- Update Information: lightdm-1.8.8, latest 1.8 branch bugfix release -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.8-1 - lightdm-1.8.8 * Thu Feb 6 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.7-1 - lightdm-1.8.7 * Wed Jan 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.6-1 - lightdm-1.8.6 -------------------------------------------------------------------------------- ================================================================================ microcode_ctl-2.1-4.fc20 (FEDORA-2014-5890) Tool to transform and deploy CPU microcode update for x86. -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-4. Intel microcode update: 20140430 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Anton Arapov <anton@xxxxxxxxxx> 2.1-4 - Update to upstream 2.1-4. -------------------------------------------------------------------------------- ================================================================================ mutt-1.5.23-1.fc20 (FEDORA-2014-5880) A text mode mail user agent -------------------------------------------------------------------------------- Update Information: fix: CVE-2014-0467 heap-based buffer overflow when parsing certain headers -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 29 2014 Jan Pacner <jpacner@xxxxxxxxxx> - 5:1.5.23-1 - Resolves: #1034263 (new version due to CVE) - patch cleanup (upstream fixes) - add html documentation (in addition to the current txt one) * Mon Dec 2 2013 Jan Pacner <jpacner@xxxxxxxxxx> - 5:1.5.22-1 - new release (Resolves: #1034263) - use inline sed instead of nodotlock patch - patches removed: testcert, hdrcnt, certscomp, updating, pophash, notation, writehead, tmpdir, verpeers, tlsv1v2 - manhelp patch adjusted (only DEBUG logging capability was left) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075860 - CVE-2014-0467 mutt: heap-based buffer overflow when parsing certain headers https://bugzilla.redhat.com/show_bug.cgi?id=1075860 -------------------------------------------------------------------------------- ================================================================================ netactview-0.6.2-1.fc20 (FEDORA-2014-5899) Graphical network connections viewer for Linux -------------------------------------------------------------------------------- Update Information: - update to 0.6.2 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 0.6.2-1 - update to 0.6.2 * Thu May 1 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 0.6.1-8 - Rebuilt for libgtop2 soname bump -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-4.1.0-1.fc20 (FEDORA-2014-5881) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: NorduGrid ARC release 14.04: * NorduGrid ARC version 4.1.0 * NorduGrid ARC Documents version 1.4.0 * Common authentication library caNl++ version 1.1.0 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.1.0-1 - 4.1.0 Final Release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires https://bugzilla.redhat.com/show_bug.cgi?id=1068453 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-1.4.0-1.fc20 (FEDORA-2014-5881) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: NorduGrid ARC release 14.04: * NorduGrid ARC version 4.1.0 * NorduGrid ARC Documents version 1.4.0 * Common authentication library caNl++ version 1.1.0 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.4.0-1 - 1.4.0 Final Release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires https://bugzilla.redhat.com/show_bug.cgi?id=1068453 -------------------------------------------------------------------------------- ================================================================================ nrpe-2.15-2.fc20 (FEDORA-2014-5897) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: Add patch to mitigate CVE-2014-2913 -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Sam Kottler <skottler@xxxxxxxxxxxxxxxxx> - 2.15.2 - Add patch to mitigate CVE-2014-2913 * Mon Jan 27 2014 Sam Kottler <skottler@xxxxxxxxxxxxxxxxx> - 2.15.1 - Update to 2.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089878 - CVE-2014-2913 nrpe: remote command execution when command arguments are enabled https://bugzilla.redhat.com/show_bug.cgi?id=1089878 -------------------------------------------------------------------------------- ================================================================================ opencv-2.4.7-6.fc20 (FEDORA-2014-5882) Collection of algorithms for computer vision -------------------------------------------------------------------------------- Update Information: Revert a recent cmake-related patch that apparently didnt work as advertised. Also enables OpenCL support. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 26 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.4.7-6 - revert pkgcmake2 patch (#1070428) * Fri Jan 17 2014 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.4.7-5 - Fix opencv_ocl isn't part of -core * Thu Jan 16 2014 Christopher Meng <rpm@xxxxxxxx> - 2.4.7-4 - Enable OpenCL support. - SPEC small cleanup. * Wed Nov 27 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.4.7-3 - rebuild (openexr) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070428 - OpenCVConfig.cmake gives incorrect OpenCV_INSTALL_PATH & OpenCV_INCLUDE_DIRS https://bugzilla.redhat.com/show_bug.cgi?id=1070428 -------------------------------------------------------------------------------- ================================================================================ piglit-1-0.14.20140414GIT8775223.fc20 (FEDORA-2014-5872) Collection of automated tests for OpenGL implementations -------------------------------------------------------------------------------- Update Information: First build for Fedora 20 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079589 - Review Request: piglit - Collection of automated tests for OpenGL implementations https://bugzilla.redhat.com/show_bug.cgi?id=1079589 -------------------------------------------------------------------------------- ================================================================================ resiprocate-1.9.6-7.fc20 (FEDORA-2014-5905) SIP and TURN stacks, with SIP proxy and TURN server implementations -------------------------------------------------------------------------------- Update Information: New upstream release, adds WebRTC support and many fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 30 2014 Daniel Pocock <daniel@xxxxxxxxxx> - 1.9.6-7 - New upstream release * Sun Mar 9 2014 Daniel Pocock <daniel@xxxxxxxxxxxxx> - 1.9.2-6 - New upstream release * Fri Feb 21 2014 Daniel Pocock <daniel@xxxxxxxxxxxxx> - 1.9.1-5 - New upstream release * Mon Feb 10 2014 Daniel Pocock <daniel@xxxxxxxxxxxxx> - 1.9.0-4 - New upstream release -------------------------------------------------------------------------------- ================================================================================ rubygem-qpid_proton-0.7-2.fc20 (FEDORA-2014-5874) Ruby language bindings for the Qpid Proton messaging framework -------------------------------------------------------------------------------- Update Information: Made the -doc package arch-specific for EL6 due to rdoc issues. Rebased on Proton 0.7. -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.7-2 - Made the -doc package arch-specific for EL6 due to rdoc issues. * Wed Apr 30 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.7-1 - Rebased on Proton 0.7. * Tue Apr 15 2014 Vít Ondruch <vondruch@xxxxxxxxxx> - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1 -------------------------------------------------------------------------------- ================================================================================ the_silver_searcher-0.21.0-1.fc20 (FEDORA-2014-5878) Super-fast text searching tool -------------------------------------------------------------------------------- Update Information: update to 0.21.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057991 - Review Request: the_silver_searcher - Super-fast text searching tool https://bugzilla.redhat.com/show_bug.cgi?id=1057991 -------------------------------------------------------------------------------- ================================================================================ zarafa-7.1.9-1.fc20 (FEDORA-2014-5887) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: Zarafa Collaboration Platform 7.1.9 final [44333] ================================================= General ------- This release brings a few new features while maintaining stability. Backend ------- - ZCP-12163: Translations missing from zarafa-client package - ZCP-11835: zarafa-set-oof does not accept argument "-n" - ZCP-10943: opensource build issue with option --enable-debug - ZCP-11131: Emails with added html disclaimer will have no body when moved to pst. - ZCP-10132: ADS ldap cfg company view privileges default value incorrect - ZCP-12152: ICS Changes in 7.1.8 cause a high load when z-push is used. - ZCP-11885: zarafa-passwd disables features(IMAP,POP3) - ZCP-12019: dagent creates much more fallback deliveries than in 7.1.7 - ZCP-11996: allow only the homeserver for zarafa-monitor - ZCP-11950: Webaccess don't load if specific Mail is in Inbox - ZCP-11693: Remove single quotes from spooler to loop with postfix in 5XX errors - ZCP-11423: Provide example configs in /usr/share/doc - ZCP-11914: Always show all users in the addressbook for Zarafa administrator accounts regardless if they are hidden or not - ZCP-12152: ICS Changes in 7.1.8 cause a high load when z-push is used. - ZCP-12137: search does not index html attachments - ZCP-11277: Public calendar is empty when opened via Lightning 1.9 - ZCP-12132: patch: POP3 STLS (STARTTLS) support in Zarafa-Gateway - ZCP-12130: Include pictures assigned in LDAP backend when browsing the GAB - ZCP-12098: auto-respond violates RFC 5322 section 3.6.1 causing date and spam issues - ZCP-12093: Make the "advanced tab" resizeable/scrollable - ZCP-11187: Pass the PR_TRANSPORT_HEADERS also to the zarafa-autorespond, so administrators can do better filtering when sending out of office replies - ZCP-7137: Several comments in default config files are incorrect - ZCP-11974: ARM build compatibility with GCC > 4.4.4 patch - ZCP-11973: Enhance logging of zarafa-dagent to display the same amount of information as zarafa-spooler - ZCP-11972: Enhance IMAP messages log level prios - ZCP-11746: ICalToMAPI.cpp missing break in switch icalerrno - ZCP-11504: python-mapi doc has outdated info on charsets -------------------------------------------------------------------------------- ChangeLog: * Thu May 1 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1.9-1 - Upgrade to 7.1.9 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
