The following Fedora 20 Security updates need testing: Age URL 24 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-3.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-5972/python-fmn-web-0.2.4-3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-6098/rubygem-actionpack-4.0.0-4.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-6277/dpkg-1.16.14-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-6258/smb4k-1.1.2-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-6263/botan-1.10.8-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-6276/seamonkey-2.26-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-6303/perl-LWP-Protocol-https-6.04-4.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6373/zabbix-2.0.12-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6380/openssh-6.4p1-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6408/mutt-1.5.23-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6440/python-django15-1.5.8-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6449/python-django-1.6.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6442/python-django14-1.4.13-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2014-5992/pcmanfm-qt-0.1.0-5.fc20,pcmanfm-1.2.0-1.fc20,libfm-1.2.0-1.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2014-6064/gupnp-0.20.11-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6366/btrfs-progs-3.14.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6451/libndp-1.2-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6443/xfsprogs-3.2.0-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6416/qt-mobility-1.2.2-0.12.20140317git169da60c.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6412/taglib-1.9.1-5.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6381/gdb-7.7.1-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6339/squashfs-tools-4.3-4.fc20 The following builds have been pushed to Fedora 20 updates-testing fence-agents-4.0.9-1.fc20 gnome-terminal-3.10.2-2.fc20 gnome-themes-standard-3.10.0-2.fc20 libndp-1.2-2.fc20 mate-themes-1.8.1-1.fc20 mingw-glib2-2.40.0-2.fc20 openstack-puppet-modules-2013.2-9.1.fc20 php-goutte-1.0.6-1.fc20 php-pecl-xmldiff-0.9.2-4.fc20 piglit-1-0.16.20140414GIT8775223.fc20 python-django-1.6.5-1.fc20 python-django14-1.4.13-1.fc20 python-django15-1.5.8-1.fc20 python-fedbadges-0.4.3-1.fc20 python-fedmsg-meta-fedora-infrastructure-0.2.12-1.fc20 python-fmn-rules-0.2.1-1.fc20 shiny-0.3-1.gitdc53364.fc20 texlive-2013-5.20131226_r32488.fc20 vte3-0.34.9-3.fc20 xfsprogs-3.2.0-1.fc20 Details about builds: ================================================================================ fence-agents-4.0.9-1.fc20 (FEDORA-2014-6448) Fence Agents for Red Hat Cluster -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Marek Grac <mgrac@xxxxxxxxxx> - 4.0.9 - new upstream release - new package fence-agents-pve -------------------------------------------------------------------------------- ================================================================================ gnome-terminal-3.10.2-2.fc20 (FEDORA-2014-6387) Terminal emulator for GNOME -------------------------------------------------------------------------------- Update Information: Restore transparency -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 3.10.2-2 - Restore transparency -------------------------------------------------------------------------------- ================================================================================ gnome-themes-standard-3.10.0-2.fc20 (FEDORA-2014-6387) Standard themes for GNOME applications -------------------------------------------------------------------------------- Update Information: Restore transparency -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 3.10.0-2 - Provide a background-color for menubars -------------------------------------------------------------------------------- ================================================================================ libndp-1.2-2.fc20 (FEDORA-2014-6451) Library for Neighbor Discovery Protocol -------------------------------------------------------------------------------- Update Information: This update fixes a bug that truncated DNSSL domains in NetworkManager and other clients of libndp. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 21 2014 Jiri Pirko <jpirko@xxxxxxxxxx> - 1.2-2 - libndp: fix [cppcheck] Undefined behavior: Variable 'buf' is used as parameter and destination in s[n]printf() [1044084] [1091720] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091720 - NetworkManager will only take TLD from DNSSL option in IPv6 router advertisement https://bugzilla.redhat.com/show_bug.cgi?id=1091720 -------------------------------------------------------------------------------- ================================================================================ mate-themes-1.8.1-1.fc20 (FEDORA-2014-6437) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: - update to 1.8.1 release -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-1 - update to 1.8.1 release -------------------------------------------------------------------------------- ================================================================================ mingw-glib2-2.40.0-2.fc20 (FEDORA-2014-6441) MinGW Windows GLib2 library -------------------------------------------------------------------------------- Update Information: Fix valgrind support (RHBZ#1095664, GNOME bug 730198). -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2014 Richard W.M. Jones <rjones@xxxxxxxxxx> - 2.40.0-2 - Fix valgrind support (RHBZ#1095664, GNOME bug 730198). * Sat Mar 29 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 2.40.0-1 - Update to 2.40.0 * Thu Mar 6 2014 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 2.39.91-1 - Update to 2.39.91 * Sat Mar 1 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.39.90-1 - Update to 2.39.90 * Sat Feb 8 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.39.4-1 - Update to 2.39.4 * Tue Dec 17 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.39.2-1 - Update to 2.39.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095664 - Crash in g_type_free_instance for instance objects at an address > 4GB on win64 https://bugzilla.redhat.com/show_bug.cgi?id=1095664 -------------------------------------------------------------------------------- ================================================================================ openstack-puppet-modules-2013.2-9.1.fc20 (FEDORA-2014-6435) Puppet modules used to deploy OpenStack -------------------------------------------------------------------------------- Update Information: Added missing puppetlabs-firewall-pull-request-337.patch. Without this patch fails when Puppet will try to parse iptables rule containint MAC address. Synchronized modules with current havana branch of redhat-openstack/openstack-puppet-modules Added puppet-ceilometer, puppetlabs-mongodb, puppet-heat and puppet-pacemaker -------------------------------------------------------------------------------- ================================================================================ php-goutte-1.0.6-1.fc20 (FEDORA-2014-6444) A simple PHP web scraper -------------------------------------------------------------------------------- Update Information: Updated to 1.0.6 * 1.0.5 to 1.0.6: https://github.com/fabpot/Goutte/compare/v1.0.5...v1.0.6 -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.0.6-1 - Updated to 1.0.6 -------------------------------------------------------------------------------- ================================================================================ php-pecl-xmldiff-0.9.2-4.fc20 (FEDORA-2014-6456) Pecl package for XML diff and merge -------------------------------------------------------------------------------- Update Information: Initially import php-pecl-xmldiff into Fedora/epel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1094864 - Review Request: php-pecl-xmldiff - Pecl package for XML diff and merge https://bugzilla.redhat.com/show_bug.cgi?id=1094864 -------------------------------------------------------------------------------- ================================================================================ piglit-1-0.16.20140414GIT8775223.fc20 (FEDORA-2014-6434) Collection of automated tests for OpenGL implementations -------------------------------------------------------------------------------- Update Information: importlib is since python 2.7 in the standard library, no need to import it. Put ExcludeArch back for ppc64 and missing python-importlib Require -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Matěj Cepl <mcepl@xxxxxxxxxx> - 1-0.16.20140414GIT8775223 - importlib is since python 2.7 in the standard library, no need to import it. * Thu May 15 2014 Matěj Cepl <mcepl@xxxxxxxxxx> - 1-0.15.20140414GIT8775223 - Put ExcludeArch back for ppc64. - Add python-importlib Require -------------------------------------------------------------------------------- References: [ 1 ] Bug #1098113 - missing lib/ include https://bugzilla.redhat.com/show_bug.cgi?id=1098113 [ 2 ] Bug #1098170 - summary.py tries to access the "templates" dir in current dir https://bugzilla.redhat.com/show_bug.cgi?id=1098170 -------------------------------------------------------------------------------- ================================================================================ python-django-1.6.5-1.fc20 (FEDORA-2014-6449) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: update to 1.6.5 fixing CVE-2014-1418 -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 1.6.5-1 - update to 1.6.5 CVE-2014-1418, CVE-2014-3730 (rhbz#1097935) * Mon May 12 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 1.6.4-2 - don't hardcode python3.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097500 - CVE-2014-1418 Django: cached data possibly served to the wrong session https://bugzilla.redhat.com/show_bug.cgi?id=1097500 [ 2 ] Bug #1097505 - CVE-2014-3730 Django: insufficient URL validation could lead to redirects https://bugzilla.redhat.com/show_bug.cgi?id=1097505 -------------------------------------------------------------------------------- ================================================================================ python-django14-1.4.13-1.fc20 (FEDORA-2014-6442) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: fix for CVE-2014-1418 -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 1.4.13-1 - update to 1.4.13 fixing CVE-2014-1418 (rhbz#1097936) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097500 - CVE-2014-1418 Django: cached data possibly served to the wrong session https://bugzilla.redhat.com/show_bug.cgi?id=1097500 [ 2 ] Bug #1097505 - CVE-2014-3730 Django: insufficient URL validation could lead to redirects https://bugzilla.redhat.com/show_bug.cgi?id=1097505 -------------------------------------------------------------------------------- ================================================================================ python-django15-1.5.8-1.fc20 (FEDORA-2014-6440) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: fix for CVE-2014-1418 -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 1.5.8-1 - update to 1.5.8 fixing CVE-2014-1418 (rhbz#1097935) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097500 - CVE-2014-1418 Django: cached data possibly served to the wrong session https://bugzilla.redhat.com/show_bug.cgi?id=1097500 [ 2 ] Bug #1097505 - CVE-2014-3730 Django: insufficient URL validation could lead to redirects https://bugzilla.redhat.com/show_bug.cgi?id=1097505 -------------------------------------------------------------------------------- ================================================================================ python-fedbadges-0.4.3-1.fc20 (FEDORA-2014-6433) fedmsg consumer for awarding open badges -------------------------------------------------------------------------------- Update Information: pkgdb2 fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4.3-1 - Bugfix release for pkgdb2 support. -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.2.12-1.fc20 (FEDORA-2014-6445) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: PkgDB2 support. New Icons. Meetbot topic fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.12-1 - Fixes for pkgdb. - New icons for copr and meetbot. - Fixes to supybot topic changes. -------------------------------------------------------------------------------- ================================================================================ python-fmn-rules-0.2.1-1.fc20 (FEDORA-2014-6446) Message processing rules for Fedora Notifications -------------------------------------------------------------------------------- Update Information: package-centric caching. pkgdb2 fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.1-1 - Package-centric caching (over user-centric caching). * Fri May 16 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.0-1 - Fixes for pkgdb2 support. - Remove pkgdb1 code. -------------------------------------------------------------------------------- ================================================================================ shiny-0.3-1.gitdc53364.fc20 (FEDORA-2014-6455) Shader and material management library for OGRE -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097584 - Review Request: shiny - Shader and material management library for OGRE https://bugzilla.redhat.com/show_bug.cgi?id=1097584 -------------------------------------------------------------------------------- ================================================================================ texlive-2013-5.20131226_r32488.fc20 (FEDORA-2014-6450) TeX formatting system -------------------------------------------------------------------------------- Update Information: This release removes spurious Perl modules dependency declarations from the packages. -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2013-5-20131226 - Do not export private perl modules (bug #1085424) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085424 - texlive provides perl(PDF::Reuse) https://bugzilla.redhat.com/show_bug.cgi?id=1085424 -------------------------------------------------------------------------------- ================================================================================ vte3-0.34.9-3.fc20 (FEDORA-2014-6387) A terminal emulator -------------------------------------------------------------------------------- Update Information: Restore transparency -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 0.34.9-3 - Backport transparency fixes * Fri May 9 2014 Matthias Clasen <mclasen@xxxxxxxxxx> - 0.34.9-2 - Apply an upstream fix for xterm escape sequences -------------------------------------------------------------------------------- ================================================================================ xfsprogs-3.2.0-1.fc20 (FEDORA-2014-6443) Utilities for managing the XFS filesystem -------------------------------------------------------------------------------- Update Information: New upstream release fully supporting metadata CRCs, which will be fully supported in the 3.15 kernel. -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-1 - New upstream release * Fri May 9 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-0.5.rc3 - New upstream release * Thu May 8 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-0.4.rc2 - New upstream release * Mon Nov 25 2013 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-0.3.alpha2 - New upstream release * Thu Nov 14 2013 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-0.2.alpha1 - Move xfs_types.h into xfsprogs-devel package * Thu Sep 26 2013 Eric Sandeen <sandeen@xxxxxxxxxx> 3.2.0-0.1.alpha1 - New upstream alpha release with incomplete CRC support -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
