The following Fedora 20 Security updates need testing: Age URL 161 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 55 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20 30 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 30 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 27 https://admin.fedoraproject.org/updates/FEDORA-2014-10790/squid-3.3.13-2.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-11630/rubygem-bundler-1.7.3-1.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-11697/openstack-glance-2013.2.4-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-11989/torque-3.0.4-6.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-12036/xen-4.3.3-3.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-12146/mantis-1.2.17-3.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-12263/mediawiki-1.23.5-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-12418/php-ZendFramework-1.12.9-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12503/rsyslog-7.4.8-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12475/python-oauth2-1.5.211-8.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12507/openjpeg-1.5.1-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12530/bugzilla-4.2.11-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-2.20141007git6a28c29b.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 10 https://admin.fedoraproject.org/updates/FEDORA-2014-11843/dash-0.5.8-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-11973/tracker-0.16.4-4.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-12178/perl-5.18.4-290.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-12309/gdb-7.7.1-20.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12565/xdg-utils-1.1.0-0.29.rc2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12552/libxkbcommon-0.4.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12549/perl-Socket-2.016-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12537/xfce4-session-4.10.1-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12507/openjpeg-1.5.1-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12485/hunspell-en-0.20121024-9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-2.20141007git6a28c29b.fc20 The following builds have been pushed to Fedora 20 updates-testing R-3.1.1-7.fc20 adobe-source-han-sans-cn-fonts-1.001-1.fc20 adobe-source-han-sans-twhk-fonts-1.001-1.fc20 audacity-2.0.6-1.fc20 baloo-kcmadv-1.00.00-1.fc20 bugzilla-4.2.11-1.fc20 chirp-0.4.1-1.fc20 dnf-langpacks-0.4.0-1.fc20 elk-2.3.22-9.fc20 fedmsg-0.11.0-1.fc20 gnurobbo-0.66-1.20141005svn412.fc20 golang-github-SeanDolphin-bqschema-0-0.1.gita713d26.fc20 golang-github-bmizerany-assert-0-0.1.gite17e998.fc20 golang-github-bmizerany-pat-0-0.1.gitb8a3500.fc20 golang-github-influxdb-go-cache-0-0.1.git7d1d6d6.fc20 golang-github-jmhodges-levigo-0-0.1.git253793d.fc20 golang-github-kr-fs-0-0.1.git2788f0d.fc20 golang-github-onsi-ginkgo-0-0.1.git90d6a47.fc20 golang-github-onsi-gomega-0-0.1.gita0ee4df.fc20 golang-googlecode-go-exp-0-0.1.hgbd8df7009305.fc20 golang-googlecode-gomock-0-0.1.hge033c7513ca3.fc20 golang-googlecode-log4go-0-0.1.hgc3294304d93f.fc20 haproxy-1.5.5-1.fc20 hunspell-en-0.20121024-9.fc20 libmygpo-qt-1.0.8-2.fc20 libreoffice-4.2.6.3-8.fc20 libxkbcommon-0.4.3-2.fc20 mksh-50d-1.fc20 nfoview-1.15-1.fc20 openjpeg-1.5.1-13.fc20 oxygen-fonts-5.1.0-1.fc20 parsero-0.81-1.fc20 perl-Data-Munge-0.08-1.fc20 perl-HTML-WikiConverter-Markdown-0.06-1.fc20 perl-LWP-Protocol-PSGI-0.07-1.fc20 perl-Module-Build-XSUtil-0.14-2.fc20 perl-POE-Test-Loops-1.359-1.fc20 perl-Redis-1.976-1.fc20 perl-Socket-2.016-1.fc20 perl-Test-Strict-0.24-1.fc20 perl-WWW-OrangeHRM-Client-0.9.0-1.fc20 php-pear-Net-URL2-2.0.9-1.fc20 php-phpunit-environment-1.1.0-1.fc20 python-fedmsg-meta-fedora-infrastructure-0.3.5-1.fc20 python-fedora-0.3.36-1.fc20 python-lazyarray-0.2.7-3.fc20 python-oauth2-1.5.211-8.fc20 python-quantities-0.10.1-1.fc20 python-sphinxcontrib-issuetracker-0.11-2.fc20 razorqt-0.5.2-20.fc20 rsyslog-7.4.8-2.fc20 rubygem-openssl_cms-0.0.2-1.20140212git7fea071.fc20 sddm-0.9.0-2.20141007git6a28c29b.fc20 stunnel-5.04-2.fc20 xcat-0.7.1-1.fc20 xdg-utils-1.1.0-0.29.rc2.fc20 xfce4-session-4.10.1-4.fc20 xfig-3.2.5-45.c.fc20 zsh-5.0.7-1.fc20 Details about builds: ================================================================================ R-3.1.1-7.fc20 (FEDORA-2014-12491) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Fix java Requires/BuildRequires to be more permissive. -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.1.1-7 - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) * Tue Sep 16 2014 David Sommerseth <davids@xxxxxxxxxx> - 3.1.1-6 - Setting ulimit when running make check, to avoid segfault due to too small stack (needed on PPC64) * Tue Aug 26 2014 David Tardon <dtardon@xxxxxxxxxx> - 3.1.1-5 - rebuild for ICU 53.1 * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1110684 - R-java update has new dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1110684 -------------------------------------------------------------------------------- ================================================================================ adobe-source-han-sans-cn-fonts-1.001-1.fc20 (FEDORA-2014-12529) Adobe OpenType Pan-CJK font family for Simplified Chinese -------------------------------------------------------------------------------- Update Information: Update to 1.001. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Peng Wu <pwu@xxxxxxxxxx> - 1.001-1 - Update to 1.001 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148421 - Update to Version 1.001 for all Adobe Source Han Sans fonts https://bugzilla.redhat.com/show_bug.cgi?id=1148421 -------------------------------------------------------------------------------- ================================================================================ adobe-source-han-sans-twhk-fonts-1.001-1.fc20 (FEDORA-2014-12529) Adobe OpenType Pan-CJK font family for Traditional Chinese -------------------------------------------------------------------------------- Update Information: Update to 1.001. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Peng Wu <pwu@xxxxxxxxxx> - 1.001-1 - Update to 1.001 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148421 - Update to Version 1.001 for all Adobe Source Han Sans fonts https://bugzilla.redhat.com/show_bug.cgi?id=1148421 -------------------------------------------------------------------------------- ================================================================================ audacity-2.0.6-1.fc20 (FEDORA-2014-12566) Multitrack audio editor -------------------------------------------------------------------------------- Update Information: Update to new upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2014 Richard Hughes <richard@xxxxxxxxxxx> - 2.0.6-1 - Update to new upstream release * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Aug 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0.5-4 - update mime scriptlet, drop (old) umask * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1076795 - audacity uses private copy of expat.h https://bugzilla.redhat.com/show_bug.cgi?id=1076795 -------------------------------------------------------------------------------- ================================================================================ baloo-kcmadv-1.00.00-1.fc20 (FEDORA-2014-12602) Baloo Desktop Search Advanced configuration module -------------------------------------------------------------------------------- Update Information: Update snapshot build to (first) 1.00.00 release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.00.00-1 - 1.00.00 release * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0-0.2.20140427git0656135 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ bugzilla-4.2.11-1.fc20 (FEDORA-2014-12530) Bug tracking system -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-1571, CVE-2014-1572, CVE-2014-1573 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 4.2.11-1 - Update to 4.2.11 (CVE-2014-157, CVE-2014-1573 and CVE-2014-1571) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150091 - CVE-2014-1571 CVE-2014-1572 CVE-2014-1573 bugzilla: security fixes release https://bugzilla.redhat.com/show_bug.cgi?id=1150091 -------------------------------------------------------------------------------- ================================================================================ chirp-0.4.1-1.fc20 (FEDORA-2014-12605) A tool for programming two-way radio equipment -------------------------------------------------------------------------------- Update Information: Version 0.4.1 contains a special backport for Baofeng users to work around a firmware incompatibility issue. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Richard Shaw <hobbes1069@xxxxxxxxx> - 0.4.1-1 - Update to latest bugfix release. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150979 - chirp-0.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150979 -------------------------------------------------------------------------------- ================================================================================ dnf-langpacks-0.4.0-1.fc20 (FEDORA-2014-12523) Langpacks plugin for dnf -------------------------------------------------------------------------------- Update Information: update to 0.4.0 release. This adds new command langinstall. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.4.0-1 - update to 0.4.0 release -------------------------------------------------------------------------------- ================================================================================ elk-2.3.22-9.fc20 (FEDORA-2014-12554) FP-LAPW Code -------------------------------------------------------------------------------- Update Information: build against new openmpi on fc21 + epel7 package -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 7 2014 Marcin Dulak <Marcin.Dulak@xxxxxxxxx> - 2.3.22-9 - build against new openmpi * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.22-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.11.0-1.fc20 (FEDORA-2014-12570) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: New fedmsg.meta.msg2long_form API. Other IRC-related bugfixes and enhancements. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.11.0-1 - Fix harmless error about twisted.words at daemon startup. - Optional shortening of links in IRC. - IRC bot now reconnects when dropped. - New fedmsg.meta.msg2long_form API. -------------------------------------------------------------------------------- ================================================================================ gnurobbo-0.66-1.20141005svn412.fc20 (FEDORA-2014-12498) Port of the game Robbo for the Atari XE/XL from 1989 -------------------------------------------------------------------------------- Update Information: Port of the once famous ATARI game Robbo -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149423 - Review Request: gnurobbo - Port of the once famous ATARI game Robbo https://bugzilla.redhat.com/show_bug.cgi?id=1149423 -------------------------------------------------------------------------------- ================================================================================ golang-github-SeanDolphin-bqschema-0-0.1.gita713d26.fc20 (FEDORA-2014-12500) Package for creating Google Big Query from Go structs -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148460 - Review Request: golang-github-SeanDolphin-bqschema - Package for creating Google Big Query from Go structs https://bugzilla.redhat.com/show_bug.cgi?id=1148460 -------------------------------------------------------------------------------- ================================================================================ golang-github-bmizerany-assert-0-0.1.gite17e998.fc20 (FEDORA-2014-12585) Assertions for Go tests -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148700 - Review Request: golang-github-bmizerany-assert - Assertions for Go tests https://bugzilla.redhat.com/show_bug.cgi?id=1148700 -------------------------------------------------------------------------------- ================================================================================ golang-github-bmizerany-pat-0-0.1.gitb8a3500.fc20 (FEDORA-2014-12448) A Sinatra style pattern muxer for Go's net/http library -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148702 - Review Request: golang-github-bmizerany-pat - A Sinatra style pattern muxer for Go's net/http library https://bugzilla.redhat.com/show_bug.cgi?id=1148702 -------------------------------------------------------------------------------- ================================================================================ golang-github-influxdb-go-cache-0-0.1.git7d1d6d6.fc20 (FEDORA-2014-12581) An in-memory key:value store/cache library for Go -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148692 - Review Request: golang-github-influxdb-go-cache - An in-memory key:value store/cache library for Go https://bugzilla.redhat.com/show_bug.cgi?id=1148692 -------------------------------------------------------------------------------- ================================================================================ golang-github-jmhodges-levigo-0-0.1.git253793d.fc20 (FEDORA-2014-12531) Go wrapper for LevelDB -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148705 - Review Request: golang-github-jmhodges-levigo - Go wrapper for LevelDB https://bugzilla.redhat.com/show_bug.cgi?id=1148705 -------------------------------------------------------------------------------- ================================================================================ golang-github-kr-fs-0-0.1.git2788f0d.fc20 (FEDORA-2014-12482) Provides Go filesystem-related functions -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148447 - Review Request: golang-github-kr-fs - Provides Go filesystem-related functions https://bugzilla.redhat.com/show_bug.cgi?id=1148447 -------------------------------------------------------------------------------- ================================================================================ golang-github-onsi-ginkgo-0-0.1.git90d6a47.fc20 (FEDORA-2014-12474) A Golang BDD Testing Framework -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148456 - Review Request: golang-github-onsi-ginkgo - A Golang BDD Testing Framework https://bugzilla.redhat.com/show_bug.cgi?id=1148456 -------------------------------------------------------------------------------- ================================================================================ golang-github-onsi-gomega-0-0.1.gita0ee4df.fc20 (FEDORA-2014-12446) Ginkgo's Preferred Matcher Library -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148452 - Review Request: golang-github-onsi-gomega - Ginkgo's Preferred Matcher Library https://bugzilla.redhat.com/show_bug.cgi?id=1148452 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-go-exp-0-0.1.hgbd8df7009305.fc20 (FEDORA-2014-12495) Experimental tools and packages for Go -------------------------------------------------------------------------------- Update Information: new golang package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148481 - Review Request: golang-googlecode-go-exp - Experimental tools and packages for Go https://bugzilla.redhat.com/show_bug.cgi?id=1148481 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-gomock-0-0.1.hge033c7513ca3.fc20 (FEDORA-2014-12496) Mocking framework for the Go -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148477 - Review Request: golang-googlecode-gomock - Mocking framework for the Go https://bugzilla.redhat.com/show_bug.cgi?id=1148477 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-log4go-0-0.1.hgc3294304d93f.fc20 (FEDORA-2014-12454) Logging package similar to log4j for the Go programming language -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148735 - Review Request: golang-googlecode-log4go - Logging package similar to log4j for the Go programming language https://bugzilla.redhat.com/show_bug.cgi?id=1148735 -------------------------------------------------------------------------------- ================================================================================ haproxy-1.5.5-1.fc20 (FEDORA-2014-12562) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information: Update to upstream stable release 1.5.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Ryan O'Hara <rohara@xxxxxxxxxx> - 1.5.5-1 - Update to 1.5.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150476 - haproxy-1.5.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150476 -------------------------------------------------------------------------------- ================================================================================ hunspell-en-0.20121024-9.fc20 (FEDORA-2014-12485) English hunspell dictionaries -------------------------------------------------------------------------------- Update Information: Add BitTorrent as a recognized word -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.20121024-9 - Resolves: rhbz#1149720 add BitTorrent as a word * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.20121024-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149720 - add word https://bugzilla.redhat.com/show_bug.cgi?id=1149720 -------------------------------------------------------------------------------- ================================================================================ libmygpo-qt-1.0.8-2.fc20 (FEDORA-2014-12051) Qt4 Library that wraps the gpodder.net Web API -------------------------------------------------------------------------------- Update Information: Update to latest 1.0.8 release, adds Qt5 support, and fix cmake/pkgconfig header paths -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.8-2 - qt5-devel: fix typo in base pkg dependency * Wed Oct 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.8-1 - 1.0.8 - include path for cmake and chkconfig are wrong for libmygpo-qt (#1148246) - use github-hosted sources - Qt5 support: libmygpo-qt5,libmy-qt5-devel subpkgs * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148246 - libmygpo-qt: include path for cmake and pkgconfig are wrong https://bugzilla.redhat.com/show_bug.cgi?id=1148246 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.2.6.3-8.fc20 (FEDORA-2014-12477) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Update fixes smb access under KDE further, and fixes clicking on hyperlinks in drawing objects in Writer. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Stephan Bergmann <sbergman@xxxxxxxxxx> - 1:4.2.6.3-8 - Resolves: fdo#79604 sw: fix clicking on hyper-links in Draw objects - Resolves: rhbz#1054952 bad access of smb URLs on KDE -------------------------------------------------------------------------------- References: [ 1 ] Bug #1054952 - libre-office 4.1.4.2 won't open files on SMB shares; build 4.1.4.2-2.fc20 https://bugzilla.redhat.com/show_bug.cgi?id=1054952 -------------------------------------------------------------------------------- ================================================================================ libxkbcommon-0.4.3-2.fc20 (FEDORA-2014-12552) X.Org X11 XKB parsing library -------------------------------------------------------------------------------- Update Information: - Update to 0.4.3 -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 22 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 0.4.3-2 - Require xkeyboard-config (#1145260) * Wed Aug 20 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 0.4.3-1 - Update to 0.4.3 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue May 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.4.2-3 - make -x11 support conditional (f21+, #1000497) - --disable-silent-rules * Fri May 23 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 0.4.2-2 - Bump release to 2 to avoid confusion with non official non scratch 0.4.2-1 * Thu May 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.4.2-1 - xkbcommon 0.4.2 (#1000497) - own %{_includedir}/xkbcommon/ - -x11: +ldconfig scriptlets - -devel: don't include xkbcommon-x11.h - run reautoconf in %prep (instead of %build) - tighten subpkg deps via %_isa - .spec cleanup, remove deprecated stuff - BR: pkgconfig(xcb-xkb) >= 1.10 * Wed Feb 5 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 0.4.0-1 - xkbcommon 0.4.0 - Add new xkbcommon-x11 and xkbcommon-x11-devel subpackages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000497 - libxkbcommon-0.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1000497 -------------------------------------------------------------------------------- ================================================================================ mksh-50d-1.fc20 (FEDORA-2014-12512) MirBSD enhanced version of the Korn Shell -------------------------------------------------------------------------------- Update Information: R50d is a required bugfix release: * Fix NULL pointer dereference on “unset x; nameref x” * Fix severe regression in field splitting (LP#1378208) * Add a warning about not using tainted user input (including from the environ(7)ment) in arithmetics, until Stéphane writes it up nicely -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 50d-1 - Upgrade to 50d (#1150493) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150493 - mksh-50d is available https://bugzilla.redhat.com/show_bug.cgi?id=1150493 -------------------------------------------------------------------------------- ================================================================================ nfoview-1.15-1.fc20 (FEDORA-2014-12606) Viewer for NFO files -------------------------------------------------------------------------------- Update Information: Update to new upstream version 1.15 (rhbz#1150496) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.15-1 - Update to new upstream version 1.15 (rhbz#1150496) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150496 - nfoview-1.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150496 -------------------------------------------------------------------------------- ================================================================================ openjpeg-1.5.1-13.fc20 (FEDORA-2014-12507) JPEG 2000 command line tools -------------------------------------------------------------------------------- Update Information: - Fixing CVE-2013-6045 without regressions - Adding check for invalid offsets -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Jaromir Capik <jcapik@xxxxxxxxxx> - 1.5.1-13 - Reworked fix for CVE-2013-6045 (#1093379) - Offset check (1.5.2 -> 1.5.1 backport) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036495 - CVE-2013-6045 openjpeg: heap-based buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=1036495 -------------------------------------------------------------------------------- ================================================================================ oxygen-fonts-5.1.0-1.fc20 (FEDORA-2014-12561) Oxygen fonts created by the KDE Community -------------------------------------------------------------------------------- Update Information: oxygen-font 5.1.0 Fix fontconfig.files (RHBZ#1146505), create -mono and -sans subpackages, fix fontfaces -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 5.1.0-1 - oxygen-font 5.1.0 * Tue Sep 30 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 0.4.2-5 - Fix incorrect use of macros in Requires * Mon Sep 29 2014 Parag Nemade <pnemade@xxxxxxxxxx> - 0.4.2-4 - Use correct typefaces * Thu Sep 25 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 0.4.2-3 - Fix fontconfig.files (RHBZ#1146505) - Create subpackages for sans and mono fonts * Tue Sep 16 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 0.4.2-2 - oxygen-fonts 0.4.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146505 - Incorrect fontconfig files https://bugzilla.redhat.com/show_bug.cgi?id=1146505 -------------------------------------------------------------------------------- ================================================================================ parsero-0.81-1.fc20 (FEDORA-2014-12456) A Python based Robots.txt audit tool -------------------------------------------------------------------------------- Update Information: Add license file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146917 - Review Request: parsero - A Python based Robots.txt audit tool https://bugzilla.redhat.com/show_bug.cgi?id=1146917 -------------------------------------------------------------------------------- ================================================================================ perl-Data-Munge-0.08-1.fc20 (FEDORA-2014-12470) Utility functions for working with perl data structures and code references -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149978 - Review Request: perl-Data-Munge - Utility functions for working with perl data structures and code references https://bugzilla.redhat.com/show_bug.cgi?id=1149978 -------------------------------------------------------------------------------- ================================================================================ perl-HTML-WikiConverter-Markdown-0.06-1.fc20 (FEDORA-2014-12543) Convert HTML to Markdown markup -------------------------------------------------------------------------------- Update Information: Update to 0.06 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.06-1 - 0.06 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1127471 - Please update to upstream version >= 0.06 https://bugzilla.redhat.com/show_bug.cgi?id=1127471 -------------------------------------------------------------------------------- ================================================================================ perl-LWP-Protocol-PSGI-0.07-1.fc20 (FEDORA-2014-12457) Override LWP's HTTP/HTTPS backend with your own PSGI application -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149645 - Review Request: perl-LWP-Protocol-PSGI - Override LWP's HTTP/HTTPS backend with your own PSGI application https://bugzilla.redhat.com/show_bug.cgi?id=1149645 -------------------------------------------------------------------------------- ================================================================================ perl-Module-Build-XSUtil-0.14-2.fc20 (FEDORA-2014-12527) A Module::Build class for building XS modules -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of perl-Module-Build-XSUtil. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150121 - Review Request: perl-Module-Build-XSUtil - A Module::Build class for building XS modules https://bugzilla.redhat.com/show_bug.cgi?id=1150121 -------------------------------------------------------------------------------- ================================================================================ perl-POE-Test-Loops-1.359-1.fc20 (FEDORA-2014-12502) Reusable tests for POE::Loop authors -------------------------------------------------------------------------------- Update Information: Use File::Temp's tempfile() instead of a hardcoded path. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Petr Šabata <contyk@xxxxxxxxxx> - 1.359-1 - 1.359 bump * Fri Aug 29 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.358-2 - Perl 5.20 rebuild * Fri Jul 18 2014 Petr Šabata <contyk@xxxxxxxxxx> - 1.358-1 - 1.358 bump * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.354-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Oct 24 2013 Petr Šabata <contyk@xxxxxxxxxx> - 1.354-1 - 1.354 bump (just meta changes) * Fri Sep 20 2013 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.353-1 - 1.353 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150529 - perl-POE-Test-Loops-1.359 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150529 -------------------------------------------------------------------------------- ================================================================================ perl-Redis-1.976-1.fc20 (FEDORA-2014-12480) Perl binding for Redis database -------------------------------------------------------------------------------- Update Information: Upgrade to 1.976. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 David Dick <ddick@xxxxxxxx> - 1.976-1 - Upgrade to 1.976. * Fri Aug 29 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.975-2 - Perl 5.20 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150530 - perl-Redis-1.976 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150530 -------------------------------------------------------------------------------- ================================================================================ perl-Socket-2.016-1.fc20 (FEDORA-2014-12549) Networking constants and support functions -------------------------------------------------------------------------------- Update Information: This relase fixes some portability issues in the build scipt and tests. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1:2.016-1 - 2.016 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151011 - perl-Socket-2.016 is available https://bugzilla.redhat.com/show_bug.cgi?id=1151011 -------------------------------------------------------------------------------- ================================================================================ perl-Test-Strict-0.24-1.fc20 (FEDORA-2014-12592) Check syntax, presence of use strict/warnings, and test coverage -------------------------------------------------------------------------------- Update Information: Add Catmandu::Sane, Moo::Role, MooseX::Role::Parameterized, Role::Tiny to the list of modules implying strict and warnings. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Petr Šabata <contyk@xxxxxxxxxx> - 0.24-1 - 0.24 bump * Wed Aug 27 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.23-3 - Perl 5.20 rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.23-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Mar 28 2014 Petr Šabata <contyk@xxxxxxxxxx> - 0.23-1 - 0.23 bump, warnings and strict API change -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150533 - perl-Test-Strict-0.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150533 -------------------------------------------------------------------------------- ================================================================================ perl-WWW-OrangeHRM-Client-0.9.0-1.fc20 (FEDORA-2014-12490) Client for OrangeHRM -------------------------------------------------------------------------------- Update Information: This release adjust to changes on SAML IDP side and it adds support for Kerberos authentication. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 0.9.0-1 - 0.9.0 bump -------------------------------------------------------------------------------- ================================================================================ php-pear-Net-URL2-2.0.9-1.fc20 (FEDORA-2014-12577) Class for parsing and handling URL -------------------------------------------------------------------------------- Update Information: Upstream Changelog: Version 2.0.9 * Fixed #20418: Incorrect normalization of URI with missing authority * Upd: Test for RFC 3986 Section 1.1.2 Examples * Upd: Travis CI - PHP 5.6 added Version 2.0.8 * Fixed #20420: Inconsistent setAuthority and getAuthority * Fixed #20423: URI with IPv6 or IPvFuture not parsed * Imp: Test for RFC 3986 Section 1.1.2 Examples -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.9-1 - Update to 2.0.8 (stable) * Wed Oct 8 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.8-1 - Update to 2.0.8 (stable) -------------------------------------------------------------------------------- ================================================================================ php-phpunit-environment-1.1.0-1.fc20 (FEDORA-2014-12468) Handle HHVM/PHP environments -------------------------------------------------------------------------------- Update Information: * Add Console::hasColorSupport() -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - update to 1.1.0 - enable test suite - composer dependencies - add generated autoload.php -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.3.5-1.fc20 (FEDORA-2014-12534) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Fix to anitya processor. Bugfixes to anitya and pkgdb processors. New koschei and anitya processors. Handle new pkgdb messages, certain legacy messages, and new bugzilla messages. git messages now return the full patch via a call to msg2long_form -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.5-1 - Further fixes to anitya. * Wed Oct 8 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.4-1 - Fixes to pkgdb and anitya processors. * Fri Oct 3 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.3-1 - New koschei and anitya processors. * Mon Sep 29 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.2-1 - Latest upstream. - Handle different types of legacy messages. - git messages now return the full patch via a call to msg2long_form. - future-proofing against new types of bugzilla messages. -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.3.36-1.fc20 (FEDORA-2014-12509) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: New upstream release fixing logging in openidbaseclient * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.36-1 - New upstream release fixing logging in openidbaseclient -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name 'NullHandler' is not defined" https://bugzilla.redhat.com/show_bug.cgi?id=1150301 -------------------------------------------------------------------------------- ================================================================================ python-lazyarray-0.2.7-3.fc20 (FEDORA-2014-12528) A lazily-evaluated numerical array class -------------------------------------------------------------------------------- Update Information: New packages required for pyNN (still in review)! -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150067 - Review Request: python-lazyarray - A lazily-evaluated numerical array class https://bugzilla.redhat.com/show_bug.cgi?id=1150067 [ 2 ] Bug #1150090 - Review Request: python-quantities - Support for physical quantities with units, based on numpy https://bugzilla.redhat.com/show_bug.cgi?id=1150090 -------------------------------------------------------------------------------- ================================================================================ python-oauth2-1.5.211-8.fc20 (FEDORA-2014-12475) Python support for improved oauth -------------------------------------------------------------------------------- Update Information: Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson). Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.5.211-8 - actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls https://bugzilla.redhat.com/show_bug.cgi?id=1007746 [ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce https://bugzilla.redhat.com/show_bug.cgi?id=1007758 -------------------------------------------------------------------------------- ================================================================================ python-quantities-0.10.1-1.fc20 (FEDORA-2014-12528) Support for physical quantities with units, based on numpy -------------------------------------------------------------------------------- Update Information: New packages required for pyNN (still in review)! -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150067 - Review Request: python-lazyarray - A lazily-evaluated numerical array class https://bugzilla.redhat.com/show_bug.cgi?id=1150067 [ 2 ] Bug #1150090 - Review Request: python-quantities - Support for physical quantities with units, based on numpy https://bugzilla.redhat.com/show_bug.cgi?id=1150090 -------------------------------------------------------------------------------- ================================================================================ python-sphinxcontrib-issuetracker-0.11-2.fc20 (FEDORA-2014-12541) Sphinx integration with different issue trackers -------------------------------------------------------------------------------- Update Information: A Sphinx extension to reference issues in issue trackers, either explicitly with an "issue" role or optionally implicitly by issue ids like #10 in plain text. Currently the following issue trackers are supported: * GitHub * BitBucket * Launchpad * Google Code * Debian BTS * Jira A simple API is provided to add support for other issue trackers. If you added support for a new tracker, please consider sending a patch to make your work available to other users of this extension. -------------------------------------------------------------------------------- ================================================================================ razorqt-0.5.2-20.fc20 (FEDORA-2014-12557) Lightweight desktop toolbox -------------------------------------------------------------------------------- Update Information: rebuild with system libqtxdg-0.5.3 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 5 2014 TI_Eugene <ti.eugene@xxxxxxxxx> 0.5.2-20 - rebuild with system libqtxdg-0.5.3 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.2-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Aug 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.5.2-18 - revert (bundled) libqtxdg package version to 0.5.2 avoids conflicts with system liqtxdg * Fri Aug 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.5.2-17 - fix epel-6 build * Mon Jun 16 2014 TI_Eugene <ti.eugene@xxxxxxxxx> 0.5.2-16 - Fixed bad "Requires: razorqt-data" version * Fri Jun 13 2014 TI_Eugene <ti.eugene@xxxxxxxxx> 0.5.2-15 - Repackaging with libqtxdg-0.5.3 (builtin) * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.2-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rsyslog-7.4.8-2.fc20 (FEDORA-2014-12503) Enhanced system logging and kernel message trapping daemon -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-3634 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 7 2014 Tomas Heinrich <theinric@xxxxxxxxxx> 7.4.8-2 - fix CVE-2014-3634 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142373 - CVE-2014-3634 rsyslog: remote syslog PRI vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1142373 -------------------------------------------------------------------------------- ================================================================================ rubygem-openssl_cms-0.0.2-1.20140212git7fea071.fc20 (FEDORA-2014-12569) OpenSSL with CMS functions -------------------------------------------------------------------------------- Update Information: OpenSSL with Cryptographic Message Syntax functions for Ruby 2.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1132008 - Review Request: rubygem-openssl_cms - OpenSSL with CMS functions https://bugzilla.redhat.com/show_bug.cgi?id=1132008 -------------------------------------------------------------------------------- ================================================================================ sddm-0.9.0-2.20141007git6a28c29b.fc20 (FEDORA-2014-12308) QML based X11 desktop manager -------------------------------------------------------------------------------- Update Information: Bump to latest upstream git (and a new release), fixes CVE-2014-7271 and CVE-2014-7272 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Martin Briza <mbriza@xxxxxxxxxx> - 0.9.0-2.20141007git6a28c29b - Remove pam_gnome_keyring.so (temporarily) from sddm.pam to fix impossibility to log out - Resolves: #1150283 * Tue Oct 7 2014 Martin Briza <mbriza@xxxxxxxxxx> - 0.9.0-1.20141007git6a28c29b - Bump to latest upstream git (and a new release) - Hack around focus problem in the Fedora theme - Compile against Qt5 - Removed upstreamed patch and files - Resolves: #1114192 #1119777 #1123506 #1125129 #1140386 #1112841 #1128463 #1128465 #1149608 #1149628 #1148659 #1148660 #1149610 #1149629 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-0.32.20140627gitf49c2c79 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149608 - CVE-2014-7271 sddm: user "sddm" can login without authentication. https://bugzilla.redhat.com/show_bug.cgi?id=1149608 [ 2 ] Bug #1148659 - sddm: multiple flaws in SDDM display manager leading to privilege escalation to root https://bugzilla.redhat.com/show_bug.cgi?id=1148659 [ 3 ] Bug #1149610 - CVE-2014-7272 sddm: several local privileges escalation issues https://bugzilla.redhat.com/show_bug.cgi?id=1149610 -------------------------------------------------------------------------------- ================================================================================ stunnel-5.04-2.fc20 (FEDORA-2014-12472) An SSL-encrypting socket wrapper -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 26 2014 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.04-2 - Fixes packaging issues mentioned in rhbz#226439 * Mon Sep 22 2014 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.04-1 - New upstream realease 5.04 - Updates local patches so that they apply cleanly to avoud hunk errors * Thu Aug 28 2014 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.03-1 - New upstream realease 5.03 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.02-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xcat-0.7.1-1.fc20 (FEDORA-2014-12535) A command line tool to explore blind XPath injection vulnerabilities -------------------------------------------------------------------------------- Update Information: Initial package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149641 - Review Request: xcat - A command line tool to explore blind XPath injection vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1149641 -------------------------------------------------------------------------------- ================================================================================ xdg-utils-1.1.0-0.29.rc2.fc20 (FEDORA-2014-12565) Basic desktop integration functions -------------------------------------------------------------------------------- Update Information: xdg-screensaver plasma5 support -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.29.rc2 - xdg-screensaver plasma5 support * Mon Sep 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.28.rc2 - plasma5: ktraderclient5, kreadconfig5, kwriteconfig5 * Mon Sep 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.27.rc2 - more upstream goodness, initial plasma5 support * Sat Sep 20 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.26.rc2 - pull in latest upstream fixes * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-0.25.rc2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xfce4-session-4.10.1-4.fc20 (FEDORA-2014-12537) Xfce session manager -------------------------------------------------------------------------------- Update Information: Update to fix bug 1150207 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 4.10.1-4 - Add patch for fixing bashisms. Fixes bug 1150207 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150207 - bashisms in startxfce4 https://bugzilla.redhat.com/show_bug.cgi?id=1150207 -------------------------------------------------------------------------------- ================================================================================ xfig-3.2.5-45.c.fc20 (FEDORA-2014-12452) An X Window System tool for drawing basic vector graphics -------------------------------------------------------------------------------- Update Information: - Fix png reading (rhbz#1150330) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 3.2.5-45.c - Fix png reading (rhbz#1150330) * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2.5-44.c - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150330 - xfig cannot read png-files if compiled with libpng16 https://bugzilla.redhat.com/show_bug.cgi?id=1150330 -------------------------------------------------------------------------------- ================================================================================ zsh-5.0.7-1.fc20 (FEDORA-2014-12596) Powerful interactive shell -------------------------------------------------------------------------------- Update Information: This update brings the latest Zsh release version 5.0.7 to you. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2014 Dominic Hopf <dmaphy@xxxxxxxxxxxxxxxxx> - 5.0.7-1 - Update to latest upstream release: Zsh 5.0.7 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
