The following Fedora 20 Security updates need testing: Age URL 68 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 48 https://admin.fedoraproject.org/updates/FEDORA-2014-6551/chicken-4.8.0.6-2.fc20 46 https://admin.fedoraproject.org/updates/FEDORA-2014-6615/drupal7-views-3.8-1.fc20 20 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-4.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2014-7523/readline-6.2-10.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-7551/asterisk-11.10.2-2.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-7577/claws-mail-3.10.1-1.fc20,claws-mail-plugins-3.10.1-1.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-7613/perl-Email-Address-1.905-1.fc20 14 https://admin.fedoraproject.org/updates/FEDORA-2014-7697/dpkg-1.16.15-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-7896/zarafa-7.1.10-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-7936/python3-3.3.2-16.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-7954/openstack-nova-2013.2.3-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8032/ansible-1.6.6-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8021/docker-io-1.0.0-6.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8065/rubygem-activerecord-4.0.0-3.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7657/couchdb-1.6.0-6.fc20,erlang-ibrowse-4.0.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-8098/pnp4nagios-0.6.22-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-8099/lz4-r119-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8171/kernel-3.15.4-200.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8189/krb5-1.11.5-8.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8183/pulseaudio-5.0-6.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 12 https://admin.fedoraproject.org/updates/FEDORA-2014-7789/libndp-1.3-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7857/python-mako-1.0.0-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-7968/perl-Pod-Usage-1.64-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-8109/libfm-1.2.1-1.fc20,pcmanfm-1.2.1-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-8136/perl-Storable-2.51-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8185/fontconfig-2.11.0-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8189/krb5-1.11.5-8.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8186/xorg-x11-drv-qxl-0.1.1-4.fc20 The following builds have been pushed to Fedora 20 updates-testing AntTweakBar-1.16-1.fc20 RBTools-0.6.2-1.fc20 abduco-0.1-1.fc20 alglib-3.8.2-4.fc20 bibletime-2.10.1-1.fc20 bluedevil-2.0.0-0.13.36f0438agit20140630.fc20 copr-cli-1.35-1.fc20 cross-gcc-4.9.0-3.fc20 fontconfig-2.11.0-2.fc20 ga-5.3b-9.fc20 ghc-transformers-compat-0.3.3.4-2.fc20 kde-connect-0.7.2-1.fc20 kernel-3.15.4-200.fc20 krb5-1.11.5-8.fc20 lapack-3.4.2-7.fc20 libbluedevil-2.0-0.9.rc1.fc20 libstoragemgmt-0.1.0-1.fc20 microcode_ctl-2.1-5.fc20 php-horde-horde-5.1.7-1.fc20 php-horde-imp-6.1.8-1.fc20 php-horde-ingo-3.1.5-1.fc20 php-horde-kronolith-4.1.6-1.fc20 php-horde-nag-4.1.5-1.fc20 php-horde-turba-4.1.5-1.fc20 php-scssphp-0.0.12-1.fc20 pulseaudio-5.0-6.fc20 python-XStatic-1.0.1-1.fc20 python-sphinx_rtd_theme-0.1.6-1.fc20 rubygem-coveralls-0.7.0-3.fc20 scalapack-1.7.5-21.fc20 xemacs-packages-base-20140705-1.fc20 xemacs-packages-extra-20140705-1.fc20 xorg-x11-drv-qxl-0.1.1-4.fc20 Details about builds: ================================================================================ AntTweakBar-1.16-1.fc20 (FEDORA-2014-8198) GUI library for videogame property editing UIs -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 8 2014 David Brown <david.brown@xxxxxxxx> - 1.16-1 - New upstream version * Fri Jun 6 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.14-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ RBTools-0.6.2-1.fc20 (FEDORA-2014-8180) Tools for use with ReviewBoard -------------------------------------------------------------------------------- Update Information: https://www.reviewboard.org/docs/releasenotes/rbtools/0.6.2/ -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 0.6.2-1 - New upstream release 0.6.2 - http://www.reviewboard.org/docs/releasenotes/rbtools/0.6.2/ -------------------------------------------------------------------------------- ================================================================================ abduco-0.1-1.fc20 (FEDORA-2014-8203) Session management in a clean and simple way -------------------------------------------------------------------------------- Update Information: Initial package (RHBZ #1116653) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116653 - Review Request: abduco - Session management in a clean and simple way https://bugzilla.redhat.com/show_bug.cgi?id=1116653 -------------------------------------------------------------------------------- ================================================================================ alglib-3.8.2-4.fc20 (FEDORA-2014-8196) A numerical analysis and data processing library -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1109490 - Review Request: alglib - A numerical analysis and data processing library https://bugzilla.redhat.com/show_bug.cgi?id=1109490 -------------------------------------------------------------------------------- ================================================================================ bibletime-2.10.1-1.fc20 (FEDORA-2014-8174) An easy to use Bible study tool -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Greg Hellings <greg.hellings@xxxxxxxxx> - 2.10.1-1 - New upstream release - Should address bug #1113320 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1113320 - Cannot Navigate Through Books https://bugzilla.redhat.com/show_bug.cgi?id=1113320 -------------------------------------------------------------------------------- ================================================================================ bluedevil-2.0.0-0.13.36f0438agit20140630.fc20 (FEDORA-2014-7944) Bluetooth stack for KDE -------------------------------------------------------------------------------- Update Information: Backport recent upstream fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 30 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0.0-0.13.36f0438agit20140630 - 20140630 snapshot (#1114397) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.0-0.12.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1114397 - Please rebase bluedevil https://bugzilla.redhat.com/show_bug.cgi?id=1114397 -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.35-1.fc20 (FEDORA-2014-8170) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: stop if you receive unknown status -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.35-1 - [cli] stop waiting when the status is unknown * Fri Jul 4 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.34-1 - [cli] skipped state support -------------------------------------------------------------------------------- ================================================================================ cross-gcc-4.9.0-3.fc20 (FEDORA-2014-8205) Cross C compiler -------------------------------------------------------------------------------- Update Information: Move to using gcc-4.9 -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 David Howells <dhowells@xxxxxxxxxx> - 4.9.0-3 - Enable libgcc building on s390x [BZ 1116185]. * Mon Jun 16 2014 David Howells <dhowells@xxxxxxxxxx> - 4.9.0-2 - Rebase on gcc-4.9.0-14. * Mon Jun 16 2014 David Howells <dhowells@xxxxxxxxxx> - 4.9.0-1 - Move to gcc-4.9.0. -------------------------------------------------------------------------------- ================================================================================ fontconfig-2.11.0-2.fc20 (FEDORA-2014-8185) Font configuration and customization library -------------------------------------------------------------------------------- Update Information: Fix the race condition issue on updating caches -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 8 2014 Akira TAGOH <tagoh@xxxxxxxxxx> - 2.11.0-2 - Fix the race condition issue on updating caches. (#921706) -------------------------------------------------------------------------------- References: [ 1 ] Bug #921706 - ghostscript: /invalidfont in /findfont, --nostringval-- Helvetica https://bugzilla.redhat.com/show_bug.cgi?id=921706 -------------------------------------------------------------------------------- ================================================================================ ga-5.3b-9.fc20 (FEDORA-2014-8188) Global Arrays Toolkit -------------------------------------------------------------------------------- Update Information: add explicit requires for mpich and openmpi packages (#1116627) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 David Brown <david.brown@xxxxxxxx> - 5.3b-8 - add explicit requires for mpich and openmpi packages (#1116627) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.3b-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon May 12 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 5.3b-7 - rebuild against new blacs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116627 - ga: Requires are incorrect https://bugzilla.redhat.com/show_bug.cgi?id=1116627 -------------------------------------------------------------------------------- ================================================================================ ghc-transformers-compat-0.3.3.4-2.fc20 (FEDORA-2014-8190) Compatibility shim exposing the new types from newer transformers -------------------------------------------------------------------------------- Update Information: new package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075595 - Review Request: ghc-transformers-compat - A compatibility shim exposing the new types from transformers 0.3 https://bugzilla.redhat.com/show_bug.cgi?id=1075595 -------------------------------------------------------------------------------- ================================================================================ kde-connect-0.7.2-1.fc20 (FEDORA-2014-7866) KDE Connect client for communication with smartphones -------------------------------------------------------------------------------- Update Information: New upstream release, fixes remote filesystem support, and adds a new features including remote pointer control see also http://albertvaka.wordpress.com/2014/06/28/awesome-contributions-to-kde-connect/ -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 6 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.2-1 - kde-connect-0.7.2 (#1116448) * Sun Jun 29 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.1-1 - 0.7.1 * Sat Jun 28 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.7-1 - kde-connect-0.7 (#1114196) - Requires: fuse-sshfs (#1114197) - Requires: qca-ossl - -libs, -devel subpkgs * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6-0.3.20140305git52901898 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1114196 - KDE Connect 0.7 released https://bugzilla.redhat.com/show_bug.cgi?id=1114196 [ 2 ] Bug #1114197 - KDE Connect's SFTP dependencies not installed https://bugzilla.redhat.com/show_bug.cgi?id=1114197 [ 3 ] Bug #1116448 - KDE Connect 0.7.2 released https://bugzilla.redhat.com/show_bug.cgi?id=1116448 -------------------------------------------------------------------------------- ================================================================================ kernel-3.15.4-200.fc20 (FEDORA-2014-8171) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.15.4 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> 3.15.4-200 - Linux v3.15.4 - Fixes CVE-2014-4715 (rhbz 1115767 1116362) - Fixes CVE-2014-4699 (rhbz 1115927 1116477) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115767 - CVE-2014-4715 lz4: LZ4_decompress_generic() integer overflow (32-bit arches) https://bugzilla.redhat.com/show_bug.cgi?id=1115767 [ 2 ] Bug #1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address https://bugzilla.redhat.com/show_bug.cgi?id=1115927 -------------------------------------------------------------------------------- ================================================================================ krb5-1.11.5-8.fc20 (FEDORA-2014-8189) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: This update incorporates backported upstream fixes for potential crashes caused by attempts to process malformed GSSAPI messages (CVE-2014-4341, CVE-2014-4342). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.5-8 - pull in fix for denial of service by injection of malformed GSSAPI tokens (CVE-2014-4341, CVE-2014-4342, #1116181) * Tue Jun 24 2014 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.5-7 - pull in changes from upstream which add processing of the contents of /etc/gss/mech.d/*.conf when loading GSS modules (#1102839) - pull in fix for building against tcl 8.6 (#1107061) * Tue May 27 2014 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 1.11.5-6 - back out currently-proposed changes to teach ksu about credential cache collections and the default_ccache_name setting (#1089035) for now -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116180 - CVE-2014-4341 CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens https://bugzilla.redhat.com/show_bug.cgi?id=1116180 -------------------------------------------------------------------------------- ================================================================================ lapack-3.4.2-7.fc20 (FEDORA-2014-8195) Numerical linear algebra package libraries -------------------------------------------------------------------------------- Update Information: Fix issue with BLAS which caused issues for R. Use the compiled object files in tmglib, not the static lib it makes. Also link tmglib to lapacke library. Add matgen_obj files to lapacke library. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.4.2-7 - fix issues with BLAS found by R * Thu Jun 19 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.4.2-6 - compile in tmglib object files, not static lib * Tue Jun 17 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.4.2-4 - add matgen_obj files to lapacke lib -------------------------------------------------------------------------------- References: [ 1 ] Bug #1113657 - reg-BLAS regression test fails ? https://bugzilla.redhat.com/show_bug.cgi?id=1113657 [ 2 ] Bug #1108192 - Include all LAPACKE routines https://bugzilla.redhat.com/show_bug.cgi?id=1108192 -------------------------------------------------------------------------------- ================================================================================ libbluedevil-2.0-0.9.rc1.fc20 (FEDORA-2014-7944) A Qt wrapper for bluez -------------------------------------------------------------------------------- Update Information: Backport recent upstream fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0-0.9.rc1 - drop upstream commit that causes adapter to be unpowered on every boot (#1114397, kde#337193) * Mon Jun 30 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0-0.8.rc1 - backport recent upstream commits (#1114397) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0-0.7.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1114397 - Please rebase bluedevil https://bugzilla.redhat.com/show_bug.cgi?id=1114397 -------------------------------------------------------------------------------- ================================================================================ libstoragemgmt-0.1.0-1.fc20 (FEDORA-2014-8169) Storage array management library -------------------------------------------------------------------------------- Update Information: Upstream update. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 Tony Asleson <tasleson@xxxxxxxxxx> - 0.1.0-1 - New upstream release * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.24-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ microcode_ctl-2.1-5.fc20 (FEDORA-2014-8201) Tool to transform and deploy CPU microcode update for x86. -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-5. 20140624 -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 8 2014 Anton Arapov <anton@xxxxxxxxxxx> 2.1-5 -Update to upstream 2.1-5. 20140624 -------------------------------------------------------------------------------- ================================================================================ php-horde-horde-5.1.7-1.fc20 (FEDORA-2014-8204) Horde Application Framework -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 5.1.7-1 - Update to 5.1.7 -------------------------------------------------------------------------------- ================================================================================ php-horde-imp-6.1.8-1.fc20 (FEDORA-2014-8204) A web based webmail system -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 6.1.8-1 - Update to 6.1.8 -------------------------------------------------------------------------------- ================================================================================ php-horde-ingo-3.1.5-1.fc20 (FEDORA-2014-8204) An email filter rules manager -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.1.5-1 - Update to 3.1.5 -------------------------------------------------------------------------------- ================================================================================ php-horde-kronolith-4.1.6-1.fc20 (FEDORA-2014-8204) A web based calendar -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 4.1.6-1 - Update to 4.1.6 - raise dependency on Horde_Data >= 2.0.8 - run test suite during build -------------------------------------------------------------------------------- ================================================================================ php-horde-nag-4.1.5-1.fc20 (FEDORA-2014-8204) A web based task list manager -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 4.1.5-1 - Update to 4.1.5 - run test suite during build (all ignored for now) -------------------------------------------------------------------------------- ================================================================================ php-horde-turba-4.1.5-1.fc20 (FEDORA-2014-8204) A web based address book -------------------------------------------------------------------------------- Update Information: horde 5.1.7 * [jan] Detect REPORT queries as DAV requests in RPC server (Bug #13124). * [jan] Fix fatal error in LDAP account portal block (Bug #12910). * [jan] Update Korean translation (Deokgon Kim). imp 6.1.8 * [mms] SECURITY: Fix XSS in displaying user-defined flags in basic mailbox and message view. * [mms] SECURITY: Fix XSS in displaying user-defined flags in dynamic mailbox view (João Machado). * [mms] SECURITY: Fix XSS in displaying mailbox name in dynamic mailbox view (João Machado). * [mms] Fix scrolling through large search mailboxes in dynamic view (Bug #13138). * [mms] Better handling of malformed message dates in mailbox listing (Bug #13114). * [jan] Update Korean translation (Deokgon Kim). ingo 3.1.5 * [mms] Fix blacklist/whitelist matching with IMAP backend (Bug #13031). * [mms] Fix procmail reject recipe (Bug #13060). turba 4.1.5 * [mjr] Fix pagination of search results (Bug #13047). * [mjr] Don't output empty properties for CardDAV requests (Bug #12782). * [jan] Update Korean translation (Deokgon Kim). * [jan] Fix portal serach block response when no contacts have been found (dulinux, Bug #13044). kronolith 4.1.6 * [jan] Fix history not always returning the last modification time of an event (Bug #13113). * [jan] Support timezone aliases when importing events (Bug #13100). * [mjr] Honor the no_sharing configuration option in dynamic view (Bug #13002). * [mjr] Fix issue that could remove all events from shared calendars if a user with Horde_Perms::EDIT on that calendar is removed via the removeUserData API (Bug #12524). * [jan] Fix TRIGGER generation if alarm value is negative (Bug #13064). * [jan] Update Korean translation (Deokgon Kim). nag 4.1.5 * [jan] Fix link to task in alarm emails. * [jan] Update Korean translation (Deokgon Kim). -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 4.1.5-1 - Update to 4.1.5 - run test suite during build -------------------------------------------------------------------------------- ================================================================================ php-scssphp-0.0.12-1.fc20 (FEDORA-2014-8173) A compiler for SCSS written in PHP -------------------------------------------------------------------------------- Update Information: ### [0.0.12](https://github.com/leafo/scssphp/releases/tag/v0.0.12) -- July 6, 2014 * revert erroneous import-partials-fix (smuuf) * handle If-Modified-Since in client request, and send Last-Modified in response (braver) * add hhvm to travis-ci testing ### [0.0.11](https://github.com/leafo/scssphp/releases/tag/v0.0.11) -- July 5, 2014 #### Bug Fixes * support multi-line continuation character (backslash) per CSS2.1 and CSS3 spec (@caiosm1005) * imported partials should not be compiled (@squarestar) #### Enhancements * added interface to set/unset variables, i.e., setVariables($array) and unsetVariable($name) (@leafo) #### Maintenance * micro-optimization replacing is_null() with ! isset() (@Yahasana) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 0.0.12-1 - Updated to 0.0.12 (BZ #1116615) - Added option to build without tests ("--without tests") * Sun Jun 8 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.0.10-2 - fix FTBFS, ignore max version of PHPUnit - provides php-composer(leafo/scssphp) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116615 - php-scssphp-0.0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1116615 -------------------------------------------------------------------------------- ================================================================================ pulseaudio-5.0-6.fc20 (FEDORA-2014-8183) Improved Linux Sound Server -------------------------------------------------------------------------------- Update Information: Rebase current post-4.0 snapshot to 5.0 release, see also: http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/5.0/ -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 5.0-6 - rtp-recv: fix crash on empty UDP packets (CVE-2014-3970,#1104835,#1108011) - name HDMI outputs uniquely * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue May 13 2014 Dan Horák <dan[at]danny.cz> 5.0-4 - always run tests, but don't fail the build on big endian arches (relates #1067470) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1104835 - CVE-2014-3970 pulseaudio: denial of service in module-rtp-recv https://bugzilla.redhat.com/show_bug.cgi?id=1104835 -------------------------------------------------------------------------------- ================================================================================ python-XStatic-1.0.1-1.fc20 (FEDORA-2014-8184) XStatic base package with minimal support code -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1117145 - Review Request: python-XStatic - XStatic base package with minimal support code https://bugzilla.redhat.com/show_bug.cgi?id=1117145 -------------------------------------------------------------------------------- ================================================================================ python-sphinx_rtd_theme-0.1.6-1.fc20 (FEDORA-2014-8199) Sphinx theme for readthedocs.org -------------------------------------------------------------------------------- Update Information: This new package is a prototype mobile-friendly sphinx theme for readthedocs.org. It's currently in development and includes some rtd variable checks that can be ignored if you're just trying to use it on your project outside of that site. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115185 - Review Request: python-sphinx_rtd_theme - Sphinx theme for readthedocs.org https://bugzilla.redhat.com/show_bug.cgi?id=1115185 -------------------------------------------------------------------------------- ================================================================================ rubygem-coveralls-0.7.0-3.fc20 (FEDORA-2014-8177) A Ruby implementation of the Coveralls API -------------------------------------------------------------------------------- Update Information: Newpackage -------------------------------------------------------------------------------- References: [ 1 ] Bug #1083698 - Review Request: rubygem-coveralls - A Ruby implementation of the Coveralls API https://bugzilla.redhat.com/show_bug.cgi?id=1083698 -------------------------------------------------------------------------------- ================================================================================ scalapack-1.7.5-21.fc20 (FEDORA-2014-8197) A subset of LAPACK routines redesigned for heterogeneous computing -------------------------------------------------------------------------------- Update Information: Fix shared library creation such that it is linked to the correct libraries. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 2 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.7.5-21 - link shared library to other needed libs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1113567 - scalapack: undefined non-weak symbols and unused direct shlib dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1113567 -------------------------------------------------------------------------------- ================================================================================ xemacs-packages-base-20140705-1.fc20 (FEDORA-2014-8193) Base lisp packages for XEmacs -------------------------------------------------------------------------------- Update Information: Numerous updates and bug fixes, including: - auctex: update to version 11.84 - calendar: use button.el, now available in fsf-compat - cc-mode: numerous bug fixes from upstream - edit-utils: new Register Menu, Register Toolbar, and find-lisp - fsf-compat: new button.el; new wholenump & declar-function functions in subr-fsf.el; bug fix for timer-activate-when-idle - leim: import Emacs' Hebrew input methods, remove duplicate rules from input methods - mule-base: byte compile ethio-util.el - text-modes: new format-spec.el -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Jerry James <loganjerry@xxxxxxxxx> - 20140705-1 - Update to latest package releases - Drop upstreamed -texi patch - Update checkout script for mercurial * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20130408-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xemacs-packages-extra-20140705-1.fc20 (FEDORA-2014-8193) Collection of XEmacs lisp packages -------------------------------------------------------------------------------- Update Information: Numerous updates and bug fixes, including: - auctex: update to version 11.84 - calendar: use button.el, now available in fsf-compat - cc-mode: numerous bug fixes from upstream - edit-utils: new Register Menu, Register Toolbar, and find-lisp - fsf-compat: new button.el; new wholenump & declar-function functions in subr-fsf.el; bug fix for timer-activate-when-idle - leim: import Emacs' Hebrew input methods, remove duplicate rules from input methods - mule-base: byte compile ethio-util.el - text-modes: new format-spec.el -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Jerry James <loganjerry@xxxxxxxxx> - 20140705-1 - Update to new package release - Drop upstreamed -aspellenc, -auctex-cvs-keywords, -browsers, -risky, and -texi patches - Update checkout script for mercurial * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20130408-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-qxl-0.1.1-4.fc20 (FEDORA-2014-8186) Xorg X11 qxl video driver -------------------------------------------------------------------------------- Update Information: add fix for invisible cursor after resize (#1116870) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2014 Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> 0.1.1-4 - add fix for invisible cursor after resize (#1116870) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116870 - Mouse pointer disappears after changing guest resolution https://bugzilla.redhat.com/show_bug.cgi?id=1116870 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
