The following Fedora 20 Security updates need testing: Age URL 75 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 55 https://admin.fedoraproject.org/updates/FEDORA-2014-6551/chicken-4.8.0.6-2.fc20 53 https://admin.fedoraproject.org/updates/FEDORA-2014-6615/drupal7-views-3.8-1.fc20 26 https://admin.fedoraproject.org/updates/FEDORA-2014-7523/readline-6.2-10.fc20 24 https://admin.fedoraproject.org/updates/FEDORA-2014-7551/asterisk-11.10.2-2.fc20 24 https://admin.fedoraproject.org/updates/FEDORA-2014-7613/perl-Email-Address-1.905-1.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2014-7697/dpkg-1.16.15-1.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2014-7936/python3-3.3.2-16.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8189/krb5-1.11.5-8.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8227/ocsinventory-2.0.5-8.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8065/rubygem-activerecord-4.0.0-4.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7657/couchdb-1.6.0-9.fc20,erlang-ibrowse-4.0.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-7896/zarafa-7.1.10-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-5.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8308/php-ZendFramework-1.12.7-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8316/polarssl-1.2.11-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8334/python-bottle-0.12.6-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8331/transmission-2.84-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8351/cups-1.7.4-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 10 https://admin.fedoraproject.org/updates/FEDORA-2014-8109/libfm-1.2.1-1.fc20,pcmanfm-1.2.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-8305/gdb-7.7.1-17.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8346/pcre-8.33-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8351/cups-1.7.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8358/openldap-2.4.39-4.fc20 The following builds have been pushed to Fedora 20 updates-testing NetworkManager-openconnect-0.9.8.4-1.fc20 ctstream-21-1.fc20 cups-1.7.4-1.fc20 fpaste-0.3.7.3.3-1.fc20 kde-plasma-nm-0.9.3.4-9.20140702git61bb6a0.fc20 kpcli-2.7-1.fc20 ktorrent-4.3.1-11.fc20 libktorrent-1.3.1-9.fc20 lmiwbem-0.2.0-7.fc20 openconnect-6.00-1.fc20 openldap-2.4.39-4.fc20 pam-kwallet-0-0.3.20140428gitaf786456.fc20 pcre-8.33-6.fc20 perl-Parallel-Prefork-0.17-1.fc20 php-guzzlehttp-guzzle-4.1.2-1.fc20 python-fmn-rules-0.2.4-1.fc20 python-praw-2.1.17-1.fc20 sparsehash-2.0.2-1.fc20 system-config-printer-1.4.5-3.fc20 Details about builds: ================================================================================ NetworkManager-openconnect-0.9.8.4-1.fc20 (FEDORA-2014-8356) NetworkManager VPN plugin for openconnect -------------------------------------------------------------------------------- Update Information: Update to OpenConnect 6.00 release -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 5 2014 David Woodouse <David.Woodhouse@xxxxxxxxx> - 0.9.8.4-1 - Update to 0.9.8.4 + later patches for libopenconnect3 support -------------------------------------------------------------------------------- ================================================================================ ctstream-21-1.fc20 (FEDORA-2014-8359) Get URLs of Czech Television video streams -------------------------------------------------------------------------------- Update Information: This release adds iframe support again. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 21-1 - Version 21 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1119062 - ctstream-21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1119062 -------------------------------------------------------------------------------- ================================================================================ cups-1.7.4-1.fc20 (FEDORA-2014-8351) CUPS printing system -------------------------------------------------------------------------------- Update Information: New upstream release which among others fixes one security flaw. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 1:1.7.4-1 - 1.7.4: CVE-2014-3537 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115576 - CVE-2014-3537 cups: insufficient checking leads to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1115576 -------------------------------------------------------------------------------- ================================================================================ fpaste-0.3.7.3.3-1.fc20 (FEDORA-2014-8349) A simple tool for pasting info onto sticky notes instances -------------------------------------------------------------------------------- Update Information: * Update to new upstream release - egrep -> grep -E -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Ankur Sinha <ankursinha AT fedoraproject DOT org> 0.3.7.3.3-1 - Update to latest upstream release - egrep -> grep -E - rhbz 1118711 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1118711 - [PATCH] Use grep -E instead of deprecated egrep https://bugzilla.redhat.com/show_bug.cgi?id=1118711 -------------------------------------------------------------------------------- ================================================================================ kde-plasma-nm-0.9.3.4-9.20140702git61bb6a0.fc20 (FEDORA-2014-8356) Plasma applet written in QML for managing network connections -------------------------------------------------------------------------------- Update Information: Update to OpenConnect 6.00 release -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 0.9.3.4-9.20140702git61bb6a0 - Fix handling of NEWGROUP return for OpenConnect VPN * Mon Jul 14 2014 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 0.9.3.4-8.20140702git61bb6a0 - fix handling of 'autoconnect' option for OpenConnect VPN * Wed Jul 9 2014 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 0.9.3.4-7.20140702git61bb6a0 - bump to rebuild against OpenConnect 6.00 * Wed Jul 2 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.4-6.20140702git61bb6a0 - update git snapshot * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.3.4-5.20140520git043bbae - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ kpcli-2.7-1.fc20 (FEDORA-2014-8354) KeePass Command Line Interface (CLI) / interactive shell -------------------------------------------------------------------------------- Update Information: Updated to 2.7 -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Matias Kreder <delete@xxxxxxxxxxxxxxxxx> 2.7-1 - Updated to 2.7 * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075964 - missing perl-Digest-MD5 https://bugzilla.redhat.com/show_bug.cgi?id=1075964 [ 2 ] Bug #1111830 - kpcli-2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1111830 -------------------------------------------------------------------------------- ================================================================================ ktorrent-4.3.1-11.fc20 (FEDORA-2014-8340) A BitTorrent program -------------------------------------------------------------------------------- Update Information: pull in some upstream fixes... in particular, a fix for ip block list parsing. -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 4.3.1-11 - pull in some upstream fixes... in particular, - ktorrent can't parse ip block list (#1101122) - s/kdebase-/kde-/ in -runtime,-workspace deps * Thu Jun 19 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.3.1-10 - BR: kdelibs4-webkit-devel * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.3.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 4.3.1-8 - Rebuild for boost 1.55.0 * Sat Apr 19 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.3.1-7 - plasma-dataengine-depextractor support * Fri Jan 31 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.3.1-6 - update URL's * Wed Sep 25 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 4.3.1-5 - drop unused BR: avahi-devel - trim changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1101122 - [Patch] ktorrent can't parse ip block list https://bugzilla.redhat.com/show_bug.cgi?id=1101122 -------------------------------------------------------------------------------- ================================================================================ libktorrent-1.3.1-9.fc20 (FEDORA-2014-8340) Library providing torrent downloading code -------------------------------------------------------------------------------- Update Information: pull in some upstream fixes... in particular, a fix for ip block list parsing. -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.1-9 - pull in upstream fix for authenticated peers not to get accepted * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 1.3.1-7 - Rebuild for boost 1.55.0 * Wed Apr 23 2014 Tomáš Mráz <tmraz@xxxxxxxxxx> - 1.3.1-6 - Rebuild for new libgcrypt * Fri Jan 31 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.1-5 - update URLs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1101122 - [Patch] ktorrent can't parse ip block list https://bugzilla.redhat.com/show_bug.cgi?id=1101122 -------------------------------------------------------------------------------- ================================================================================ lmiwbem-0.2.0-7.fc20 (FEDORA-2014-8339) Python WBEM Client -------------------------------------------------------------------------------- Update Information: fix missing symbol in __init__.py's __all__ fix deadlocks related to Python's GIL -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Peter Hatina <phatina@xxxxxxxxxx> - 0.2.0-7 - fix missing symbol in __init__.py's __all__ * Wed Jul 9 2014 Peter Hatina <phatina@xxxxxxxxxx> - 0.2.0-6 - fix deadlocks related to Python's GIL -------------------------------------------------------------------------------- ================================================================================ openconnect-6.00-1.fc20 (FEDORA-2014-8356) Open client for Cisco AnyConnect VPN -------------------------------------------------------------------------------- Update Information: Update to OpenConnect 6.00 release -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 8 2014 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 6.00-1 - Update to 6.00 release * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.99-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Mar 5 2014 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 5.99-1 - Update to 5.99 release -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.39-4.fc20 (FEDORA-2014-8358) LDAP support libraries -------------------------------------------------------------------------------- Update Information: fix typo in generate-server-cert.sh (#1117229) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Jan Synáček <jsynacek@xxxxxxxxxx> - 2.4.39-4 - fix: fix typo in generate-server-cert.sh (#1117229) -------------------------------------------------------------------------------- ================================================================================ pam-kwallet-0-0.3.20140428gitaf786456.fc20 (FEDORA-2014-8362) PAM module for KWallet -------------------------------------------------------------------------------- Update Information: PAM module for KWallet. Usable with kwallet-4.13.x (coming soon). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091479 - Review Request: pam-kwallet - PAM module for KWallet https://bugzilla.redhat.com/show_bug.cgi?id=1091479 -------------------------------------------------------------------------------- ================================================================================ pcre-8.33-6.fc20 (FEDORA-2014-8346) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This releases fixes a wrong match on empty-matching possessive zero-repeat groups in interpreted mode, a compiler crash for zero-repeated groups with a recursive back reference, and memory leaks in pcregrep. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 8.33-6 - Fix empty-matching possessive zero-repeat groups in interpreted mode (bug #1119241) - Fix memory leaks in pcregrep (bug #1119257) - Fix compiler crash for zero-repeated groups with a recursive back reference (bug #1119272) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1119241 - Zero-minimum possessive groups does not match empty string in https://bugzilla.redhat.com/show_bug.cgi?id=1119241 [ 2 ] Bug #1119257 - Memory leak in pcregrep https://bugzilla.redhat.com/show_bug.cgi?id=1119257 [ 3 ] Bug #1119272 - Wrong compilation of zero-repeated groups with recursive back reference can cause crash https://bugzilla.redhat.com/show_bug.cgi?id=1119272 -------------------------------------------------------------------------------- ================================================================================ perl-Parallel-Prefork-0.17-1.fc20 (FEDORA-2014-8357) Simple prefork server framework -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.17-1 - Upstream update. -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-guzzle-4.1.2-1.fc20 (FEDORA-2014-8350) PHP HTTP client and webservice framework -------------------------------------------------------------------------------- Update Information: Guzzle is a PHP HTTP client that makes it easy to work with HTTP/1.1 and takes the pain out of consuming web services. * Pluggable HTTP adapters that can send requests serially or in parallel * Doesn't require cURL, but uses cURL by default * Streams data for both uploads and downloads * Provides event hooks & plugins for cookies, caching, logging, OAuth, mocks, etc * Keep-Alive & connection pooling * SSL Verification * Automatic decompression of response bodies * Streaming multipart file uploads * Connection timeouts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100927 - Review Request: php-guzzlehttp-guzzle - PHP HTTP client and webservice framework https://bugzilla.redhat.com/show_bug.cgi?id=1100927 -------------------------------------------------------------------------------- ================================================================================ python-fmn-rules-0.2.4-1.fc20 (FEDORA-2014-8348) Message processing rules for Fedora Notifications -------------------------------------------------------------------------------- Update Information: More granular copr rules. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.4-1 - More granular COPRs rules. -------------------------------------------------------------------------------- ================================================================================ python-praw-2.1.17-1.fc20 (FEDORA-2014-8361) A python package that allows for simple access to reddit's API -------------------------------------------------------------------------------- Update Information: Disable update_checker (rhbz#1103097) Spec file update -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.1.17-1 - Disable update_checker (rhbz#1103097) - Update to latest upstream version 2.1.17 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.16-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 24 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.1.16-1 - Spec file update - Update to latest upstream version 2.1.16 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1103097 - python-praw is broken: update_checker is not in fedora https://bugzilla.redhat.com/show_bug.cgi?id=1103097 -------------------------------------------------------------------------------- ================================================================================ sparsehash-2.0.2-1.fc20 (FEDORA-2014-8347) Extremely memory-efficient C++ hash_map implementation -------------------------------------------------------------------------------- Update Information: Update to the latest version. See more info on https://code.google.com/p/sparsehash/. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 2.0.2-1 - Update to 2.0.2 * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.12-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Dec 16 2013 Ville Skyttä <ville.skytta@xxxxxx> - 1.12-5 - Install docs to %{_pkgdocdir} where available (#994101). -------------------------------------------------------------------------------- References: [ 1 ] Bug #786798 - sparsehash-2.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=786798 -------------------------------------------------------------------------------- ================================================================================ system-config-printer-1.4.5-3.fc20 (FEDORA-2014-8270) A printer administration tool -------------------------------------------------------------------------------- Update Information: This update fixes a traceback that occurs when cups-pk-helper is not installed, and restores the 'Retrieve' functionality in the job viewer. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 14 2014 Tim Waugh <twaugh@xxxxxxxxxx> 1.4.5-3 - Fix job retrieval (bug #1119222). * Fri Jul 11 2014 Tim Waugh <twaugh@xxxxxxxxxx> 1.4.5-2 - Handle failure when cups-pk-helper not installed (bug #1118836). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1118836 - [abrt] system-config-printer: system-config-printer.py:212:__init__:GError: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Action org.opensuse.cupspkhelper.mechanism.all-edit is not registered https://bugzilla.redhat.com/show_bug.cgi?id=1118836 [ 2 ] Bug #1119222 - Retrieving a job fails with no error https://bugzilla.redhat.com/show_bug.cgi?id=1119222 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test