The following Fedora 20 Security updates need testing: Age URL 152 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 46 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2014-10458/torque-3.0.4-5.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-10790/squid-3.3.13-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11353/xen-4.3.3-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11415/nginx-1.4.7-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11376/nodejs-qs-0.6.6-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11421/nodejs-send-0.3.0-4.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11462/suricata-2.0.4-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-11744/seamonkey-2.29.1-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-11641/qemu-1.6.2-9.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-11630/rubygem-bundler-1.7.3-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-11697/openstack-glance-2013.2.4-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-11727/mediawiki-1.23.4-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-11850/fish-2.1.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11886/golang-1.3.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11892/openstack-neutron-2013.2.4-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11895/check-mk-1.2.4p5-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11924/ctags-5.8-16.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2014-11014/squashfs-tools-4.3-8.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-11482/libdvdnav-5.0.1-1.fc20,libdvdread-5.0.0-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-11519/tracker-0.16.4-3.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-11843/dash-0.5.8-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11928/sudo-1.8.11-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11884/emacs-24.3-25.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11932/selinux-policy-3.12.1-188.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-11857/cheese-3.10.2-2.fc20 The following builds have been pushed to Fedora 20 updates-testing atril-1.8.1-1.fc20 autotrash-0.1.5-2.fc20 caja-1.8.2-1.fc20 check-mk-1.2.4p5-2.fc20 cheese-3.10.2-2.fc20 ctags-5.8-16.fc20 dreamchess-0.2.1-5.RC1.fc20 emacs-24.3-25.fc20 engrampa-1.8.1-1.fc20 golang-1.3.2-1.fc20 ibus-table-1.9.1-1.fc20 ibus-table-others-1.3.5-1.fc20 jss-4.2.6-35.fc20 mock-1.1.41-3.fc20 nfs-ganesha-2.1.0-7.fc20 openstack-neutron-2013.2.4-4.fc20 openstack-sahara-2014.1.0-14.fc20 perl-Digest-SHA3-0.22-1.fc20 perl-Excel-Writer-XLSX-0.78-1.fc20 perl-Tangerine-0.05-1.fc20 python-bugzilla2fedmsg-0.2.0-1.fc20 python-drat-0.4.1-1.fc20 python-fedmsg-meta-fedora-infrastructure-0.3.2-1.fc20 python-ldap-2.4.17-1.fc20 rubygem-apipie-bindings-0.0.10-2.fc20 salt-2014.1.11-1.fc20 scons-2.3.4-1.fc20 selinux-policy-3.12.1-188.fc20 sigil-0.8.0-1.fc20 sudo-1.8.11-1.fc20 vdr-scraper2vdr-0.1.4-1.fc20 Details about builds: ================================================================================ atril-1.8.1-1.fc20 (FEDORA-2014-11901) Document viewer -------------------------------------------------------------------------------- Update Information: - update to 1.8.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-1 - update to 1.8.1 release -------------------------------------------------------------------------------- ================================================================================ autotrash-0.1.5-2.fc20 (FEDORA-2014-11888) Automatically take-out the trash -------------------------------------------------------------------------------- Update Information: Version Bump of Initial Fedora package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144000 - Review Request: autotrash - Automatically take-out the trash https://bugzilla.redhat.com/show_bug.cgi?id=1144000 -------------------------------------------------------------------------------- ================================================================================ caja-1.8.2-1.fc20 (FEDORA-2014-11861) File manager for MATE -------------------------------------------------------------------------------- Update Information: - update to 1.8.2 release - removed upstreamed caja_font-color-desktop.patch -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.2-1 - update to 1.8.2 release - removed upstreamed caja_font-color-desktop.patch -------------------------------------------------------------------------------- ================================================================================ check-mk-1.2.4p5-2.fc20 (FEDORA-2014-11895) A new general purpose Nagios-plugin for retrieving data -------------------------------------------------------------------------------- Update Information: Do not require any other shell than bash since that's the default shell for the Fedora / RHEL distributions New upstream release providing many security fixes. New upstream release providing many security fixes. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Andrea Veri <averi@xxxxxxxxxxxxxxxxx> - 1.2.4p5-2 - Do not require any other shell than bash since that's the default shell for the Fedora / RHEL distributions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1132337 - CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4 https://bugzilla.redhat.com/show_bug.cgi?id=1132337 -------------------------------------------------------------------------------- ================================================================================ cheese-3.10.2-2.fc20 (FEDORA-2014-11857) Application for taking pictures and movies from a webcam -------------------------------------------------------------------------------- Update Information: Apply upstream patch to improve flash opacity calculation (#981066) -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 David King <amigadave@xxxxxxxxxxxxx> - 2:3.10.2-2 - Apply upstream patch to improve flash opacity calculation (#981066) -------------------------------------------------------------------------------- References: [ 1 ] Bug #981066 - Cheese will not respond after taking photograph https://bugzilla.redhat.com/show_bug.cgi?id=981066 -------------------------------------------------------------------------------- ================================================================================ ctags-5.8-16.fc20 (FEDORA-2014-11924) A C programming language indexing and/or cross-reference tool -------------------------------------------------------------------------------- Update Information: A denial of service issue was discovered in ctags. This could lead to excessive CPU and disk space consumption. This update resolves this issue -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Than Ngo <than@xxxxxxxxxx> - 5.8-16 - CVE-2014-7204, denial of service issue * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.8-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.8-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Apr 14 2014 Jaromir Capik <jcapik@xxxxxxxxxx> - 5.8-13 - Fixing format-security flaws (#1037028) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147339 - CVE-2014-7204 ctags: possible denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1147339 -------------------------------------------------------------------------------- ================================================================================ dreamchess-0.2.1-5.RC1.fc20 (FEDORA-2014-11930) Portable chess game -------------------------------------------------------------------------------- Update Information: use desktop file from tarball, enable Suggests (rpm 4.12) -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Raphael Groner <projects.rg [AT] smart.ms> - 0.2.1-5.RC1 - use desktop file from source tarball - enable Suggests (rpm 4.12) -------------------------------------------------------------------------------- ================================================================================ emacs-24.3-25.fc20 (FEDORA-2014-11884) GNU Emacs text editor -------------------------------------------------------------------------------- Update Information: Service dont start. Must be replace: "Type=Forking" > "Type=forking". -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 jchaloup <jchaloup@xxxxxxxxxx> - 1:24.3-25 - resolves: #1147912 Service dont start. Must be replace: "Type=Forking" > "Type=forking". -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147912 - syntax bug on emacs.service Type=Forking https://bugzilla.redhat.com/show_bug.cgi?id=1147912 -------------------------------------------------------------------------------- ================================================================================ engrampa-1.8.1-1.fc20 (FEDORA-2014-11876) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: - update to 1.8.1 release -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-1 - update to 1.8.1 release -------------------------------------------------------------------------------- ================================================================================ golang-1.3.2-1.fc20 (FEDORA-2014-11886) The Go Programming Language -------------------------------------------------------------------------------- Update Information: update to go1.3.2 (bz1147324) -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.2-1 - update to go1.3.2 (bz1147324) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147324 - CVE-2014-7189 golang: TLS client authentication issue fixed in version 1.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=1147324 -------------------------------------------------------------------------------- ================================================================================ ibus-table-1.9.1-1.fc20 (FEDORA-2014-11927) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: update to 1.9.1; Use proper fallback when reading the localized table name; Show pinyin mode as well in the input mode indicator -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.9.1-1 - update to 1.9.1 - Use proper fallback when reading the localized table name - Show pinyin mode as well in the input mode indicator -------------------------------------------------------------------------------- ================================================================================ ibus-table-others-1.3.5-1.fc20 (FEDORA-2014-11858) Various tables for IBus-Table -------------------------------------------------------------------------------- Update Information: update to latest upstream 1.3.5; Use better localized names for the rusle table -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.3.5-1 - update to latest upstream 1.3.5 - Use better localized names for the rusle table -------------------------------------------------------------------------------- ================================================================================ jss-4.2.6-35.fc20 (FEDORA-2014-11933) Java Security Services (JSS) -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #816396 - Provide Tomcat support for TLS v1.1 and TLS v1.2 via NSS through JSS -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Christina Fu <cfu@xxxxxxxxxx> - 4.2.6-35 - Bugzilla Bug #1040640 - Incorrect OIDs for SHA2 algorithms (cfu for jnimeh@xxxxxxxxx) - Bugzilla Bug #1133718 - Key strength validation is not performed for RC4 algorithm (nkinder) - Bugzilla Bug #816396 - Provide Tomcat support for TLS v1.1 and TLS v1.2 via NSS through JSS (cfu) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040640 - Incorrect OIDs for SHA2 algorithms https://bugzilla.redhat.com/show_bug.cgi?id=1040640 [ 2 ] Bug #1133718 - Key strength validation is not performed for RC4 algorithm https://bugzilla.redhat.com/show_bug.cgi?id=1133718 -------------------------------------------------------------------------------- ================================================================================ mock-1.1.41-3.fc20 (FEDORA-2014-11897) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: add updated configs for secondary arches -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 msuchy@xxxxxxxxxx - 1.1.41-3 - remove broken symlink [BZ# 1145078] * Tue Sep 16 2014 msuchy@xxxxxxxxxx - 1.1.41-2 - add updated configs for secondary arches -------------------------------------------------------------------------------- References: [ 1 ] Bug #1145078 - mock: broken symlink /etc/mock/fedora-devel-ppc.cfg https://bugzilla.redhat.com/show_bug.cgi?id=1145078 -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.1.0-7.fc20 (FEDORA-2014-11874) Ganesha NFS Server -------------------------------------------------------------------------------- Update Information: /etc/sysconfig/nfs-ganesha file added in 2.1, just noticed now -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> 2.1.0-7 - install /etc/sysconfig/nfs-ganesha file * Fri Aug 29 2014 Kaleb S. KEITHLEY <kkeithle at redhat.com> - Ceph FSAL typo, #1135437 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ openstack-neutron-2013.2.4-4.fc20 (FEDORA-2014-11892) OpenStack Networking Service -------------------------------------------------------------------------------- Update Information: force_gateway_on_subnet=True in neutron-dist.conf CVE fixed Rebased Neutron for the last upstream Havana release (2013.2.4). -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Ihar Hrachyshka <ihrachys@xxxxxxxxxx> 2013.2.4-4 - enforce force_gateway_on_subnet=True in neutron-dist.conf, rhbz#1090553 * Thu Sep 25 2014 Ihar Hrachyshka <ihrachys@xxxxxxxxxx> 2013.2.4-3 - Forbid regular users to reset admin-only attrs to default values, rhbz#1142013 * Mon Sep 22 2014 Ihar Hrachyshka <ihrachys@xxxxxxxxxx> 2013.2.4-2 - Merged in el6-havana branch, resolving conflicts between platforms with if-else conditionals. This is needed because el6-havana was (erroneously) locked when locking el6 branch. * Mon Sep 22 2014 Ihar Hrachyshka <ihrachys@xxxxxxxxxx> 2013.2.4-1 - Update to upstream 2013.2.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142012 - CVE-2014-6414 openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users https://bugzilla.redhat.com/show_bug.cgi?id=1142012 -------------------------------------------------------------------------------- ================================================================================ openstack-sahara-2014.1.0-14.fc20 (FEDORA-2014-11873) Apache Hadoop cluster management on OpenStack -------------------------------------------------------------------------------- Update Information: Adding patches to fix errors introduced in 2014.1.0-13 version -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 26 2014 Michael McCune <mimccune@redhat> - 2014.1.0-14 - Adding patches to fix stevedore version - Adding a patch to resolve an error spawning vanilla clusters -------------------------------------------------------------------------------- ================================================================================ perl-Digest-SHA3-0.22-1.fc20 (FEDORA-2014-11914) Perl extension for SHA-3 -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1134343 - Review Request: perl-Digest-SHA3 - Perl extension for SHA-3 https://bugzilla.redhat.com/show_bug.cgi?id=1134343 -------------------------------------------------------------------------------- ================================================================================ perl-Excel-Writer-XLSX-0.78-1.fc20 (FEDORA-2014-11921) Create a new file in the Excel 2007+ XLSX format -------------------------------------------------------------------------------- Update Information: Update to 0.78 -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 David Dick <ddick@xxxxxxxx> - 0.78-1 - Update to 0.78 * Thu Aug 28 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.77-3 - Perl 5.20 rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.77-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147432 - perl-Excel-Writer-XLSX-0.78 is available https://bugzilla.redhat.com/show_bug.cgi?id=1147432 -------------------------------------------------------------------------------- ================================================================================ perl-Tangerine-0.05-1.fc20 (FEDORA-2014-11937) Analyse perl files and report module-related information -------------------------------------------------------------------------------- Update Information: A new bugfix and enhancement release of Tangerine is available. See upstream changelog for the summary of changes in this version -- http://cpansearch.perl.org/src/CONTYK/Tangerine-0.05/Changes -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Petr Šabata <contyk@xxxxxxxxxx> - 0.05-1 - 0.05 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147892 - perl-Tangerine-0.05 is available https://bugzilla.redhat.com/show_bug.cgi?id=1147892 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla2fedmsg-0.2.0-1.fc20 (FEDORA-2014-11890) Consume BZ messages over STOMP and republish to fedmsg -------------------------------------------------------------------------------- Update Information: Reorganized internally to be more coherent. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.0-1 - Reorganized internally to rely on fedmsg queueing. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-drat-0.4.1-1.fc20 (FEDORA-2014-11870) A reading text analysis tool -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146927 - Review Request: python-drat - A reading text analysis tool https://bugzilla.redhat.com/show_bug.cgi?id=1146927 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.3.2-1.fc20 (FEDORA-2014-11925) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Handle new pkgdb messages, certain legacy messages, and new bugzilla messages. git messages now return the full patch via a call to msg2long_form -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.2-1 - Latest upstream. - Handle different types of legacy messages. - git messages now return the full patch via a call to msg2long_form. - future-proofing against new types of bugzilla messages. -------------------------------------------------------------------------------- ================================================================================ python-ldap-2.4.17-1.fc20 (FEDORA-2014-11904) An object-oriented API to access LDAP directory servers -------------------------------------------------------------------------------- Update Information: Update to the new upstream release 2.4.17 New upstream release 2.4.16 -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Petr Spacek <pspacek@xxxxxxxxxx> - 0:2.4.17-1 - New upstream release adds features required in bug 1122486 - Dependency on pyasn1-modules was added to fix bug 995545 * Thu Sep 25 2014 Petr Spacek <pspacek@xxxxxxxxxx> - 0:2.4.16-1 - New upstream release fixes bug 1007820 - Dependency on pyasn1 was added to fix bug 995545 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0:2.4.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0:2.4.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1122486 - Rebase python-ldap in fedora 21 https://bugzilla.redhat.com/show_bug.cgi?id=1122486 [ 2 ] Bug #995545 - python-ldap needs python-pyasn1-modules https://bugzilla.redhat.com/show_bug.cgi?id=995545 [ 3 ] Bug #1007820 - Inconsistent capitalization breaks schema parsing https://bugzilla.redhat.com/show_bug.cgi?id=1007820 -------------------------------------------------------------------------------- ================================================================================ rubygem-apipie-bindings-0.0.10-2.fc20 (FEDORA-2014-11893) The Ruby bindings for Apipie documented APIs -------------------------------------------------------------------------------- Update Information: First fedora release of rubygem-apipie-bindings -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144466 - Review Request: rubygem-apipie-bindings - The Ruby bindings for Apipie documented APIs https://bugzilla.redhat.com/show_bug.cgi?id=1144466 -------------------------------------------------------------------------------- ================================================================================ salt-2014.1.11-1.fc20 (FEDORA-2014-11882) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Update to bugfix release 2014.1.11 Fix incorrect conditional -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Erik Johnson <erik@xxxxxxxxxxxxx> - 2014.1.11-1 - Update to bugfix release 2014.1.11 * Sun Aug 10 2014 Erik Johnson <erik@xxxxxxxxxxxxx> - 2014.1.10-4 - Fix incorrect conditional * Tue Aug 5 2014 Erik Johnson <erik@xxxxxxxxxxxxx> - 2014.1.10-2 - Deploy cachedir with package * Mon Aug 4 2014 Erik Johnson <erik@xxxxxxxxxxxxx> - 2014.1.10-1 - Update to bugfix release 2014.1.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1123847 - Typo in the service type that breaks salt-master start https://bugzilla.redhat.com/show_bug.cgi?id=1123847 -------------------------------------------------------------------------------- ================================================================================ scons-2.3.4-1.fc20 (FEDORA-2014-11881) An Open Source software construction tool -------------------------------------------------------------------------------- Update Information: Update to new upstream version 2.3.4 (rhbz#1147461) -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.3.4-1 - Update to new upstream version 2.3.4 (rhbz#1147461) * Mon Sep 1 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.3.3-1 - Update to new upstream version 2.3.3 (rhbz#1133527) * Mon Jul 7 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.3.2-1 - Update to new upstream version 2.3.2 (rhbz#1116635) * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Mar 5 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 2.3.1-1 - Update to new upstream version 2.3.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147461 - scons-2.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1147461 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-188.fc20 (FEDORA-2014-11932) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: http://koji.fedoraproject.org/koji/buildinfo?buildID=581675 More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=580897 More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=579874 -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-188 - Allow collectd sys_ptrace and dac_override caps because of reading of /proc/%i/io for several processes. - Allow pppd to connect to /run/sstpc/sstpc-nm-sstp-service-28025 over unix stream socket. - ALlow user mail domains to create dead.letter. - Allow rabbitmq_t read rabbitmq_var_lib_t lnk files. BZ (#1147028) - Allow pki-tomcat to change SELinux object identity. - Allow programs to use pam to search through xdm_tmp_t dires. BZ (#1122013) * Thu Sep 25 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-187 - Allow all domains to read fonts - Add fixes for pki-tomcat scriptlet handling. - setfscreate in pki.te is not capability class. * Mon Sep 22 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-186 - Allow locate to look at files/directories without labels, and chr_file and blk_file on non dev file systems - Allow sensord read in /proc BZ(#1143799) - Allow sys_admin capability for antivirus domians. - Allow usbmuxd chown capabilities - Remove labeling for rabbitmqctl - Allow wine domains to create cache dirs. - Allow newaliases to systemd inhibit pipes. * Thu Sep 11 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-185 - Label /usr/lib/erlang/erts.*/bin files as bin_t - Added changes related to rabbitmq daemon. - Fix labeling in couchdb policy - Allow rabbitmq bind on epmd port - Clean up rabbitmq policy - fix domtrans_rabbitmq interface - Added rabbitmq_beam_t and rabbitmq_epmd_t alias - Allow couchdb to getattr - Allow couchdb write to couchdb_conf files - Allow couchdb to create dgram_sockets - Added support for ejabberd * Wed Sep 10 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-184 - ALlow wine domains to create wine_home symlinks. - Allow policykit_auth_t access check and read usr config files. - Dontaudit access check on home_root_t for policykit-auth. - update gpg_agent_env_file booelan to allow manage user tmp files for gpg-agent. - Fix label for /usr/bin/courier/bin/sendmail - Add files_dontaudit_access_check_home_dir() inteface. - Allow udev_t mounton udev_var_run_t dirs #(1128618) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1117673 - pki policy does not permit creation of symlinks in config directories https://bugzilla.redhat.com/show_bug.cgi?id=1117673 [ 2 ] Bug #1122013 - pam_systemd causes AVC for ThinLinc https://bugzilla.redhat.com/show_bug.cgi?id=1122013 [ 3 ] Bug #1146230 - SELinux prevents collectd from opening and reading /proc/%i/io https://bugzilla.redhat.com/show_bug.cgi?id=1146230 [ 4 ] Bug #1146235 - SELinux is preventing /usr/sbin/pppd from 'connectto' accesses on the unix_stream_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1146235 [ 5 ] Bug #1147028 - selinux denial due to /var/lib/rabbitmq changed from being a dir into a link https://bugzilla.redhat.com/show_bug.cgi?id=1147028 [ 6 ] Bug #1147309 - SELinux is preventing /usr/sbin/ssmtp from 'create' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1147309 [ 7 ] Bug #1127608 - SELinux is preventing /usr/bin/gs from 'read' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1127608 [ 8 ] Bug #1145412 - SELinux is preventing /usr/bin/du from 'read' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1145412 [ 9 ] Bug #1060809 - SELinux is preventing /usr/lib64/erlang/erts-5.10.4/bin/beam from 'getattr' accesses on the file /run/rabbitmq/pid. https://bugzilla.redhat.com/show_bug.cgi?id=1060809 [ 10 ] Bug #1114607 - SELinux is preventing systemd-readahe from 'read' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1114607 [ 11 ] Bug #1116014 - policy erroneously claims all erlang https://bugzilla.redhat.com/show_bug.cgi?id=1116014 [ 12 ] Bug #1128618 - SELinux is preventing /usr/lib/udev/ipod-set-info from 'mounton' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1128618 [ 13 ] Bug #1132296 - SELinux is preventing /usr/bin/mailx from 'write' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1132296 [ 14 ] Bug #1138928 - SELinux is preventing /usr/bin/updatedb from 'getattr' accesses on the blk_file . https://bugzilla.redhat.com/show_bug.cgi?id=1138928 [ 15 ] Bug #1139057 - SELinux is preventing /usr/bin/gpg-agent from 'create' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1139057 [ 16 ] Bug #1139058 - SELinux is preventing /usr/libexec/kde4/polkit-kde-authentication-agent-1 from 'read' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1139058 [ 17 ] Bug #1139059 - SELinux is preventing /usr/libexec/kde4/polkit-kde-authentication-agent-1 from 'read' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1139059 [ 18 ] Bug #1139060 - SELinux is preventing /usr/bin/wine-preloader from 'create' accesses on the lnk_file . https://bugzilla.redhat.com/show_bug.cgi?id=1139060 [ 19 ] Bug #1139061 - SELinux is preventing /usr/bin/wine-preloader from 'create' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1139061 [ 20 ] Bug #1139577 - [fail2ban_t] SELinux is preventing /usr/bin/python2.7 from read access on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1139577 [ 21 ] Bug #1139581 - SELinux is preventing /usr/bin/bash from 'getattr' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1139581 [ 22 ] Bug #1139901 - SELinux is preventing /usr/bin/bash from 'search' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1139901 [ 23 ] Bug #1140610 - SELinux is preventing /usr/bin/updatedb from 'getattr' accesses on the chr_file . https://bugzilla.redhat.com/show_bug.cgi?id=1140610 [ 24 ] Bug #1141492 - SELinux is preventing /usr/sbin/usbmuxd from using the 'chown' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1141492 [ 25 ] Bug #1143799 - policy applied with semodule is not taking effect https://bugzilla.redhat.com/show_bug.cgi?id=1143799 -------------------------------------------------------------------------------- ================================================================================ sigil-0.8.0-1.fc20 (FEDORA-2014-11906) WYSIWYG ebook editor -------------------------------------------------------------------------------- Update Information: update to Sigil 0.8.0 - Plugin framework. - Add the svg image tag as an svg inline element (not a block element) and add it as an empty element (TidyEmptyTags). - Allow user defined list of entities to preserve. - Pull request #16: Hardcode menu Plugins in UI, move it before menu Help. - Pull request #10: Add ability to move entries in TOC up and down. - Pull request #8: Allow pasting HTML as HTML or plain text in BookView. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Dan Horák <dan[at]danny.cz> - 0.8.0-1 - New upstream release 0.8.0 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 24 2014 Petr Machata <pmachata@xxxxxxxxxx> - 0.7.4-5 - Rebuild for boost 1.55.0 * Fri May 23 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.7.4-4 - rebuild for boost 1.55.0 * Sun Apr 20 2014 Dan Horák <dan[at]danny.cz> - 0.7.4-3 - dropping old conditionals will allow build on EL-7 * Mon Nov 11 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.4-2 - rebuild (qt5 qreal/arm) -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.11-1.fc20 (FEDORA-2014-11928) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: - update to 1.8.11 - major changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.8.11-1 - update to 1.8.11 - major changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i * Tue Aug 5 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.8.8-5 - fix license handling * Sat May 31 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.8.8-4 - Drop ChangeLog, we ship NEWS * Mon Mar 10 2014 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.8.8-3 - remove bundled copy of zlib before compilation - drop the requiretty Defaults setting from sudoers * Sat Jan 25 2014 Ville Skyttä <ville.skytta@xxxxxx> - 1.8.8-2 - Own the %{_libexecdir}/sudo dir. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065423 - -sesh replaces /path/to/myshell with /path/to-myshell instead of -myshell https://bugzilla.redhat.com/show_bug.cgi?id=1065423 [ 2 ] Bug #979382 - sudo packages requires vim-minimal https://bugzilla.redhat.com/show_bug.cgi?id=979382 [ 3 ] Bug #1006611 - sudo: internal error, tried to erealloc3(0) on sudorule with hostgroup https://bugzilla.redhat.com/show_bug.cgi?id=1006611 [ 4 ] Bug #1034533 - inclusion of system-auth for session hooks missing in sudo PAM snippets https://bugzilla.redhat.com/show_bug.cgi?id=1034533 [ 5 ] Bug #917887 - sudo does not honour PAM environment set from PAM session hooks https://bugzilla.redhat.com/show_bug.cgi?id=917887 -------------------------------------------------------------------------------- ================================================================================ vdr-scraper2vdr-0.1.4-1.fc20 (FEDORA-2014-11938) A client plugin which provides scraped metadata from EPGD to other plugins -------------------------------------------------------------------------------- Update Information: Update to 0.1.4 -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 28 2014 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.1.4-1 - Update to 0.1.4 - added perl command to find errmsg.h header file -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
