The following Fedora 20 Security updates need testing: Age URL 171 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 65 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20 40 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 40 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 24 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-12475/python-oauth2-1.5.211-8.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-12530/bugzilla-4.2.11-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-2.20141007git6a28c29b.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-12719/perl-Mojolicious-5.49-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-12910/sysklogd-1.5-18.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13040/rubygem-httpclient-2.4.0-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13063/devscripts-2.14.10-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13030/drupal7-7.32-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-12991/deluge-1.3.10-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13013/php-5.5.18-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13302/php-ZendFramework2-2.3.3-2.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2014-12309/gdb-7.7.1-20.fc20 The following builds have been pushed to Fedora 20 updates-testing antimicro-2.7-1.fc20 drupal7-crumbs-2.2-1.fc20 drupal7-metatag-1.4-1.fc20 drupal7-token-1.5-4.fc20 globus-gram-audit-4.3-2.fc20 golang-github-docker-libtrust-0-0.1.gitd273ef2.fc20 icecat-31.1.1-1.fc20 nodejs-strip-json-comments-1.0.2-1.fc20 php-ZendFramework2-2.3.3-2.fc20 php-doctrine-annotations-1.2.1-1.fc20 Details about builds: ================================================================================ antimicro-2.7-1.fc20 (FEDORA-2014-13297) Graphical program used to map keyboard buttons and mouse controls to a gamepad -------------------------------------------------------------------------------- Update Information: new upstream release (#1126553) -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.7-1 - new upstream release (#1126553) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126553 - antimicro-2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1126553 -------------------------------------------------------------------------------- ================================================================================ drupal7-crumbs-2.2-1.fc20 (FEDORA-2014-13307) The ultimate breadcrumbs module -------------------------------------------------------------------------------- Update Information: ## [7.x-2.2](https://www.drupal.org/node/2349045) * Fix #2347993: Forum breadcrumb not displaying correctly. Wrong substring index in PluginCollection::analyzePluginMethods(). -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.2-1 - Updated to 2.2 (BZ #1150460) - Removed RPM README b/c it only explained common Drupal workflow -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150460 - drupal7-crumbs-2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150460 -------------------------------------------------------------------------------- ================================================================================ drupal7-metatag-1.4-1.fc20 (FEDORA-2014-13299) Adds support and an API to implement meta tags -------------------------------------------------------------------------------- Update Information: ## [7.x-1.4](https://www.drupal.org/node/2353917) The "I thought I fixed that last time" release. This fully resolves two issues that were mistakenly marked as fixed in 7.x-1.3, and sincerest apologies for the delay in providing a stable release. * Issue #2353079 by DamienMcKenna: Fixed Views integration, for real this time. * Issue #2344877 by DamienMcKenna: Fixed Panels integration, for real this time. ## [7.x-1.3](https://www.drupal.org/node/2352439) This resolves a critical issue for any sites using Metatag:Views, plus fixes integration with Panels and Feeds with the API changes in 1.0. This is a recommended release for all sites. * Issue #2350967 by das-peter, DamienMcKenna: Fatal error occurred loading any View that did not have meta tags assigned. * Issue #2344877 by DamienMcKenna, Mau Palantír, libelle2000: Fixed Panels integration. * By DamienMcKenna: metatag_metatags_load()'s documentation was incorrect. * Issue #2347193 by DamienMcKenna: Updated Feeds integration to be compatible with the new data structures in 1.0, and revision_id problems. ## [7.x-1.2](https://www.drupal.org/node/2350757) Several important bugs from 1.0 are fixed in this release, so updating is recommended for all sites. * Two critical bugs affecting translated nodes and translations were resolved. * Views integration has been updated to work with the 1.0 API. * Tag dependencies were fixed (a regression in 1.0 vs 1.0-rc2), and the Twitter Cards dependencies have been greatly improved. * Two new meta tags for use with Google+ and a few missing Twitter Cards tags were added. * Issue #2343909 by DamienMcKenna: Unable to update meta tags on nodes that didn't contain translations. * Issue #2185791 by DamienMcKenna: Improved logic for deciding which meta tag values to use for the current language; new advanced option allows loading of the entity's default language's values if nothing else matches. * Issue #2346159 by DamienMcKenna: Fixed tag dependencies, which were broken in 1.0. * Issue #2346153 by DamienMcKenna: Added Twitter app 'name' tags, misc improvements to Twitter Cards code. * Issue #2185791 by DamienMcKenna: Changed the no-values-to-load entity language default logic so that the default language values will be loaded unless disabled. * Issue #1304038 by DamienMcKenna: Indicate in the README.txt how to disable output for the three meta tags output by Drupal core by default. * Issue #2350129 by DamienMcKenna: Added a Drush command for clearing Metatag's caches. * Issue #2341795 by DamienMcKenna: Updated Metatag:Views to be compatible with the new form data structure in 1.0. * Issue #2292043 by eric.chenchao, DamienMcKenna: Added Google+ 'itemprop' meta tags. * Issue #2341795 by DamienMcKenna: Fixed Views previews. * Issue #2289139 by maijs, DamienMcKenna: Allow each Views display to have different meta tag values. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.4-1 - Updated to 1.4 (BZ #1150459) - Removed RPM README b/c it only explained common Drupal workflow -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150459 - drupal7-metatag-1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150459 -------------------------------------------------------------------------------- ================================================================================ drupal7-token-1.5-4.fc20 (FEDORA-2014-13296) Provides a user interface for the Token API and some missing core tokens -------------------------------------------------------------------------------- Update Information: RPM-only release. Spec cleanup. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.5-4 - Spec cleanup * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ globus-gram-audit-4.3-2.fc20 (FEDORA-2014-13298) Globus Toolkit - GRAM Jobmanager Auditing -------------------------------------------------------------------------------- Update Information: Remove unexpanded configure macro. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 19 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.3-2 - Remove unexpanded configure macro -------------------------------------------------------------------------------- ================================================================================ golang-github-docker-libtrust-0-0.1.gitd273ef2.fc20 (FEDORA-2014-13293) Library for managing authentication and authorization -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1154165 - initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154165 - Review Request: golang-github-docker-libtrust - Library for managing authentication and authorization https://bugzilla.redhat.com/show_bug.cgi?id=1154165 -------------------------------------------------------------------------------- ================================================================================ icecat-31.1.1-1.fc20 (FEDORA-2014-13304) GNU version of Firefox browser -------------------------------------------------------------------------------- Update Information: Update to 31.1.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 16 2014 Antonio Trande <sagitterATfedoraproject.org> - 31.1.1-1 - Update to 31.1.1 - New bundled files (bz#1153135) - Static sub-package is not built anymore - Man-page updated - Spyblock addon included -------------------------------------------------------------------------------- ================================================================================ nodejs-strip-json-comments-1.0.2-1.fc20 (FEDORA-2014-13301) Strip comments from JSON -------------------------------------------------------------------------------- Update Information: Upstream has released new version -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 19 2014 Anish Patil <apatil@xxxxxxxxxx> - 1.0.2-1 - Upstream has released new version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153965 - nodejs-strip-json-comments-1.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1153965 -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework2-2.3.3-2.fc20 (FEDORA-2014-13302) Zend Framework 2 -------------------------------------------------------------------------------- Update Information: Security release * ZF2014-05, which mititages null byte poisoning of the password provided for LDAP authentication, thus prevening unauthorized LDAP binding. This corrects for unpatched versions of PHP (versions 5.5.11 and below, 5.4.27 and below, and any prior releases). * ZF2014-06, which mitigates null byte poisoning of quoted SQL values provided to the sqlsrv extension, thus preventing a potential SQL injection vector. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 17 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.3.3-2 - Drop php-gmp dependency from Math component (BZ #1152440) - Fix tests' autoloader * Fri Oct 10 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.3.3-1 - Update to 2.3.3 - fix SQL injection with SqlSrv ZF2014-05 CVE-2014-8088 #1151276 - fix null byte issue on Ldap connect ZF2014-06 CVE-2014-8089 #1151277 * Wed Aug 20 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.3.2-1 - Update to 2.3.2 - tests from github - run test suite during build * Sun Jul 20 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.3.1-3 - composer dependencies - add missing license * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue May 20 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.3.1-1 - Updated to 2.3.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151276 - CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05) https://bugzilla.redhat.com/show_bug.cgi?id=1151276 [ 2 ] Bug #1151277 - CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06) https://bugzilla.redhat.com/show_bug.cgi?id=1151277 -------------------------------------------------------------------------------- ================================================================================ php-doctrine-annotations-1.2.1-1.fc20 (FEDORA-2014-13303) PHP docblock annotations parser library -------------------------------------------------------------------------------- Update Information: ## [v1.2.1](https://github.com/doctrine/annotations/releases/tag/v1.2.1) * [38: fixes doctrine/common#326](https://github.com/doctrine/annotations/pull/38) * [39: Remove superfluous NS](https://github.com/doctrine/annotations/pull/39) * [41: Warn if load_comments is not enabled.](https://github.com/doctrine/annotations/pull/41) * [42: Clean up unused uses](https://github.com/doctrine/annotations/pull/42) -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 19 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.2.1-1 - Updated to 1.2.1 (BZ #1146910) - %license usage * Thu Jul 17 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.2.0-2 - Removed skipping of test (php-phpunit-PHPUnit-MockObject patched to fix issue) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146910 - php-doctrine-annotations-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1146910 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test