Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
  72  https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
  52  https://admin.fedoraproject.org/updates/FEDORA-2014-6551/chicken-4.8.0.6-2.fc20
  50  https://admin.fedoraproject.org/updates/FEDORA-2014-6615/drupal7-views-3.8-1.fc20
  23  https://admin.fedoraproject.org/updates/FEDORA-2014-7523/readline-6.2-10.fc20
  21  https://admin.fedoraproject.org/updates/FEDORA-2014-7551/asterisk-11.10.2-2.fc20
  21  https://admin.fedoraproject.org/updates/FEDORA-2014-7613/perl-Email-Address-1.905-1.fc20
  18  https://admin.fedoraproject.org/updates/FEDORA-2014-7697/dpkg-1.16.15-1.fc20
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-7936/python3-3.3.2-16.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-8021/docker-io-1.0.0-6.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-8099/lz4-r119-1.fc20
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-8189/krb5-1.11.5-8.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-8227/ocsinventory-2.0.5-8.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-8208/libXfont-1.4.8-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-8065/rubygem-activerecord-4.0.0-4.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-7657/couchdb-1.6.0-9.fc20,erlang-ibrowse-4.0.1-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-7896/zarafa-7.1.10-2.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-5.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-8308/php-ZendFramework-1.12.7-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-8316/polarssl-1.2.11-1.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-7968/perl-Pod-Usage-1.64-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-8109/libfm-1.2.1-1.fc20,pcmanfm-1.2.1-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8305/gdb-7.7.1-17.fc20


The following builds have been pushed to Fedora 20 updates-testing

    golang-googlecode-net-0-0.15.hg84a4013f96e0.fc20
    httrack-3.48.17-1.fc20
    lynis-1.5.7-1.fc20
    nfs-ganesha-2.1.0-4.fc20
    perl-Net-DNS-0.78-1.fc20
    php-ZendFramework-1.12.7-1.fc20
    polarssl-1.2.11-1.fc20
    python-fedmsg-meta-fedora-infrastructure-0.2.15-2.fc20
    vit-1.2-1.fc20
    wine-1.7.22-1.fc20
    wxGTK3-3.0.1-1.fc20
    youtube-dl-2014.07.11.3-1.fc20

Details about builds:


================================================================================
 golang-googlecode-net-0-0.15.hg84a4013f96e0.fc20 (FEDORA-2014-8320)
 Supplementary Go networking libraries
--------------------------------------------------------------------------------
Update Information:

don't fail on ipv6 test bz1056185
revert golang >= 1.2 version requirement
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 0-0.15.hg84a4013f96e0
- don't fail on ipv6 test bz1056185
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0-0.14.hg84a4013f96e0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Jan 17 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.13.hg84a4013f96e0
- golang exclusivearch for el6+
- add check
* Fri Jan 17 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.12.hg84a4013f96e0
- revert golang >= 1.2 version requirement
* Wed Jan 15 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> 0-0.11.hg84a4013f96e0
- require golang 1.2 and up
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1056185 - go test code.google.com/p/go.net/ipv6 test fails
        https://bugzilla.redhat.com/show_bug.cgi?id=1056185
--------------------------------------------------------------------------------


================================================================================
 httrack-3.48.17-1.fc20 (FEDORA-2014-8318)
 Website copier and offline browser
--------------------------------------------------------------------------------
Update Information:

3.48-17

* Fixed: URL list not working anymore
* Fixed: FTBFS on ARM
* Fixed: buggy FFFD (replacement character) in place of leading non-ascii character such as Chinese ones
* Fixed: FTBFS when compiling with zlib versions < 1.2.70
* Fixed: buggy SVG (Smiling Spectre)
* Fixed: do not uncompress .tgz advertised as "streamed" (Smiling Spectre)
* Fixed: NULL pointer dereferencing in back_unserialize (htsback.c:976)
* Fixed: library development files
* Fixed: --advanced-maxlinks broken (Localhost)
* Fixed: -devel package should now be standalone
* Fixed: assertion failure at htscore.c:244 (len + liensbuf->string_buffer_size < liensbuf->string_buffer_capa)
* Fixed: injection-proof templates
* Fixed: htshash.c:330 assertion failure ("error invalidating hash entry")
* Fixed: Windows 2000 regression (fantozzi.usenet)
* Fixed: code cleanup (aliasing issues, const correctness, safe strings)
* New: handle --advanced-maxlinks=0 to disable maximum link limits
* New: updated ZIP routines (zlib 1.2.8)
* Fixed: broken 32-bit version
* Fixed: assertion "segOutputSize < segSize assertion fails at htscharset.c:993"
* Fixed: new zlib version fixing CVE-2004-0797 and CVE-2005-2096
* Fixed: more reliable crash reporting
* Fixed: fixed infamous "hashtable internal error: cuckoo/stash collision" errors
* Fixed: safety cleanup in many strings operations
* Fixed: buggy option pannels
* New: Enforce check against CVE-2014-0160
* New: improved hashtables to speedup large mirrors
* New: added unit tests
* New: Added %a option, allowing to define the "Accept:" header line.
* New: Added %X option, to define additional request header lines.
* New: Added option '-%t', preserving the original file type (which may produce non-browseable file locally)
* Fixed: remove scope id (% character) in dotted address resolution (especially for catchurl proxy)
* Fixed: build fixes, including for Android, non-SSL releases
* Fixed: buggy keep-alive handling, leading to waste connections
* Fixed: removed chroot and setuid features (this is definitely not our business)
* Fixed: removed MMS (Microsoft Media Server) ripping code (mmsrip) (dead protocol, unmaintained code, licensing issues)
* Fixed: type mishandling when processing a redirect (such as a .PDF redirecting to another .PDF, with a text/html type tagged in the redirect message)
* Fixed: infinite loop when attempting to download a file:/// directory on Unix (gp)<br/>
* Fixed: removed background DNS resolution, prone to bugs
* Fixed: do not choke on Windows 2000 because of missing SetDllDirectory()
* Fixed: %h custom build structure parameter not taken in account 
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Christopher Meng <rpm@xxxxxxxx> - 3.48.17-1
- Update to 3.48.17
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1118625 - httrack-3.48.14 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1118625
--------------------------------------------------------------------------------


================================================================================
 lynis-1.5.7-1.fc20 (FEDORA-2014-8311)
 Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:

1.5.7 (2014-07-09)

New:
- Implementation of SafePerms function
- Added notification when exceptions are found

Changes:
- Fix for error_log handling in nginx

--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Christopher Meng <rpm@xxxxxxxx> - 1.5.7-1
- Update to 1.5.7
--------------------------------------------------------------------------------


================================================================================
 nfs-ganesha-2.1.0-4.fc20 (FEDORA-2014-8314)
 Ganesha NFS Server
--------------------------------------------------------------------------------
Update Information:

keep fsal .so files, implementation now uses them
static libuid2grp
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> 2.1.0-4
- keep fsal .so files, implementation now uses them
* Tue Jul  1 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> 2.1.0-3
- static libuid2grp
* Tue Jul  1 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> 2.1.0-2
- add libuid2grp.so
* Mon Jun 30 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> 2.1.0-1
- nfs-ganesha-2.1.0 GA
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-Net-DNS-0.78-1.fc20 (FEDORA-2014-8323)
 DNS resolver modules for Perl
--------------------------------------------------------------------------------
Update Information:

Updated to 0.78, various bugfixes and multiline TXT rdata printing support
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 12 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.78-1
- Updated to 0.78, various bugfixes and multiline TXT rdata printing support
* Sat Jun 14 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.77-1
- Updated to 0.77, a "quickfix release" fixing AXFR support
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.76-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 php-ZendFramework-1.12.7-1.fc20 (FEDORA-2014-8308)
 Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:

Update to 1.12.7 fixes CVE-2014-4914 aka. ZF2014-04: Potential SQL injection in the ORDER implementation of Zend_Db_Select
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 12 2014 Felix Kaechele <felix@xxxxxxxxxx> - 1.12.7-1
- update to 1.12.7
- fixes http://framework.zend.com/security/advisory/ZF2014-04 / CVE-2014-4914
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.12.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1117545 - CVE-2014-4914 Zend FrameWork: ZF2014-04: Potential SQL injection in the ORDER implementation of Zend_Db_Select
        https://bugzilla.redhat.com/show_bug.cgi?id=1117545
--------------------------------------------------------------------------------


================================================================================
 polarssl-1.2.11-1.fc20 (FEDORA-2014-8316)
 Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:

- Update to 1.2.11
- CVE-2014-4911 (rhbz#1118929, rhbz#1118930)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 12 2014 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 1.2.11-1
- Update to 1.2.11
- CVE-2014-4911 (rhbz#1118929, rhbz#1118930)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1118929 - CVE-2014-4911 PolarSSL: Denial of Service against GCM enabled servers (and clients)
        https://bugzilla.redhat.com/show_bug.cgi?id=1118929
--------------------------------------------------------------------------------


================================================================================
 python-fedmsg-meta-fedora-infrastructure-0.2.15-2.fc20 (FEDORA-2014-8321)
 Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:

Fix edge case with github status messages.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.15-2
- Patch to handle github edge case.
* Thu Jul 10 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.15-1
- New kerneltest processor
- Fixes to pkgdb, coprs, elections, github, and releng.
--------------------------------------------------------------------------------


================================================================================
 vit-1.2-1.fc20 (FEDORA-2014-8319)
 A minimalist Taskwarrior full-screen terminal interface with Vim key bindings
--------------------------------------------------------------------------------
Update Information:

* New package

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1112072 - Review Request: vit - A minimalist Taskwarrior full-screen terminal interface with Vim key bindings
        https://bugzilla.redhat.com/show_bug.cgi?id=1112072
--------------------------------------------------------------------------------


================================================================================
 wine-1.7.22-1.fc20 (FEDORA-2014-8312)
 A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:

* Support for Unicode bracketing pairs.
* Improved Internet cookie support.
* OS X CoreAudio driver uses AUHAL instead of AudioQueue.
* Initial support for geographical information.
* Support for critical sections in the C runtime.
* Unicode data updated to Unicode 7.0.
* Support for interlaced PNG encoding.
* Initial stub for the Packager library.
* Various bug fixes.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2014 Michael Cronenworth <mike@xxxxxxxxxx>
- 1.7.22-1
- version upgrade
* Wed Jul  9 2014 Michael Cronenworth <mike@xxxxxxxxxx>
- 1.7.21-2
- Fixes for EPEL7 (rhbz#1117422)
* Tue Jul  1 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.7.21-1
- version upgrade
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1114366 - wine-1.7.21 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1114366
--------------------------------------------------------------------------------


================================================================================
 wxGTK3-3.0.1-1.fc20 (FEDORA-2014-8306)
 GTK port of the wxWidgets GUI library
--------------------------------------------------------------------------------
Update Information:

Bump to 3.0.1 RH#1111903
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul  5 2014 Jeremy Newton <alexjnewt@xxxxxxxxxxx> - 3.0.1-1
- Bump to 3.0.1 RH#1076617
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1111903 - wxGTK3-3.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1111903
--------------------------------------------------------------------------------


================================================================================
 youtube-dl-2014.07.11.3-1.fc20 (FEDORA-2014-8324)
 A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:

Update to 2014.07.11.3
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 12 2014 Christopher Meng <rpm@xxxxxxxx> - 2014.07.11.3-1
- Update to 2014.07.11.3
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux