The following Fedora 20 Security updates need testing: Age URL 173 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 67 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20 42 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 42 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 26 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2014-12475/python-oauth2-1.5.211-8.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-2.20141007git6a28c29b.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-12910/sysklogd-1.5-18.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13040/rubygem-httpclient-2.4.0-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13063/devscripts-2.14.10-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13030/drupal7-7.32-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-12991/deluge-1.3.10-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13302/php-ZendFramework2-2.3.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13444/webkitgtk3-2.2.8-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13356/xulrunner-33.0-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13371/asterisk-11.13.1-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13448/libsoup-2.44.2-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13437/gnome-desktop3-3.10.2-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13444/webkitgtk3-2.2.8-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13442/curl-7.32.0-14.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13441/gdb-7.7.1-21.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13347/qtwebkit-2.3.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13366/btrfs-progs-3.17-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13374/xdg-utils-1.1.0-0.31.rc2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13353/perl-Encode-2.54-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13348/libpcap-1.5.3-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13356/xulrunner-33.0-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13377/libfm-1.2.3-1.fc20,pcmanfm-1.2.3-1.fc20 The following builds have been pushed to Fedora 20 updates-testing chkrootkit-0.50-4.fc20 curl-7.32.0-14.fc20 gappa-1.1.2-1.fc20 gazebo-3.1.0-2.fc20 gdb-7.7.1-21.fc20 gnome-desktop3-3.10.2-3.fc20 gnulib-0-12.20141021git.fc20 java-1.8.0-openjdk-1.8.0.25-1.b18.fc20 libreoffice-4.2.7.2-1.fc20 libsoup-2.44.2-2.fc20 lis-1.4.64-1.fc20 memtest86+-5.01-8.fc20 perl-Log-Dispatch-2.44-1.fc20 perl-WebService-Dropbox-1.22-2.fc20 python-catkin_pkg-0.2.5-1.fc20 python-rosdep-0.10.32-1.fc20 rubygem-joiner-0.3.3-1.fc20 shutter-0.93-1.fc20 sigil-0.8.1-1.fc20 spice-gtk-0.23-4.fc20 webkitgtk3-2.2.8-2.fc20 xdg-utils-1.1.0-0.31.rc2.fc20 Details about builds: ================================================================================ chkrootkit-0.50-4.fc20 (FEDORA-2014-13428) Tool to locally check for signs of a rootkit -------------------------------------------------------------------------------- Update Information: Fix for suckit false-positive for systemd. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 0.50-4 - Patch for suckit false positive, BZ 636231. * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.50-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.50-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jun 5 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 0.50-1 - Latest upstream, BZ 1104775. - Dropped upstreamed patch. - Fixed bad changelog date. -------------------------------------------------------------------------------- References: [ 1 ] Bug #636231 - /sbin/init INFECTED - (systemd links /sbin/init->../bin/systemd) https://bugzilla.redhat.com/show_bug.cgi?id=636231 -------------------------------------------------------------------------------- ================================================================================ curl-7.32.0-14.fc20 (FEDORA-2014-13442) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information: - fix a connection failure when FTPS handle is reused -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Kamil Dudka <kdudka@xxxxxxxxxx> 7.32.0-14 - fix a connection failure when FTPS handle is reused -------------------------------------------------------------------------------- ================================================================================ gappa-1.1.2-1.fc20 (FEDORA-2014-13435) Prove programs with floating-point or fixed-point arithmetic -------------------------------------------------------------------------------- Update Information: Upstream notes on version 1.1.2: - back-ends: fixed missing proof parts with the LaTeX back-end - main interface: fixed confusing message in case of failure -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Jerry James <loganjerry@xxxxxxxxx> - 1.1.2-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ gazebo-3.1.0-2.fc20 (FEDORA-2014-13445) 3D multi-robot simulator with dynamics -------------------------------------------------------------------------------- Update Information: This update adds some missing dependencies to the gazebo-devel package (namely, boost-devel, qt-devel, and ogre-devel.) It fixes some problems with missing packages when building against gazebo, but otherwise does not change anything. Add gazebo library plugin path to pkgconfig link line. Should result in no functional changes. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 20 2014 Rich Mattes <richmattes@xxxxxxxxx> - 3.1.0-2 - Devel package requires ogre-devel (rhbz#1154450) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154450 - gazebo-devel is missing Requires: ogre-devel https://bugzilla.redhat.com/show_bug.cgi?id=1154450 -------------------------------------------------------------------------------- ================================================================================ gdb-7.7.1-21.fc20 (FEDORA-2014-13441) A GNU source-level debugger for C, C++, Fortran, Go and other languages -------------------------------------------------------------------------------- Update Information: Accelerate interactive symbols lookup 15x. Instructions on how to test this issue are described at: <https://sourceware.org/ml/gdb-patches/2014-10/msg00020.html> TL;DR: Make sure you have LibreOffice installed, along with its debuginfo files and all other debuginfo files for the dependencies (GDB will teach you how to install missing debuginfo files). echo -e 'thread apply all bt\nset confirm no\nq'|./gdb -p `pidof soffice.bin` -ex 'set pagination off' -ex 'maintenance set per-command space' -ex 'maintenance set per-command symtab' -ex 'maintenance set per-command time' -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 20 2014 Jan Kratochvil <jan.kratochvil@xxxxxxxxxx> - 7.7.1-21.fc20 - Accelerate interactive symbols lookup 15x. * Mon Oct 6 2014 Sergio Durigan Junior <sergiodj@xxxxxxxxxx> - 7.7.1-20.fc20 - Fix 'Slow gstack performance' (RH BZ 1149865, Jan Kratochvil). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149865 - Slow gstack performance https://bugzilla.redhat.com/show_bug.cgi?id=1149865 -------------------------------------------------------------------------------- ================================================================================ gnome-desktop3-3.10.2-3.fc20 (FEDORA-2014-13437) Shared code among gnome-panel, gnome-session, nautilus, etc -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1150199 - many kbd layouts not selectable -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Rui Matos <rmatos@xxxxxxxxxx> - 3.10.2-3 - Resolves: rhbz#1150199 - many kbd layouts not selectable -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150199 - many kbd layouts not selectable https://bugzilla.redhat.com/show_bug.cgi?id=1150199 -------------------------------------------------------------------------------- ================================================================================ gnulib-0-12.20141021git.fc20 (FEDORA-2014-13436) GNU Portability Library -------------------------------------------------------------------------------- Update Information: Update on 20141021. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Mosaab Alzoubi <moceap@xxxxxxxxxxx> - 0-12.20141021git - Update on 20141021. -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.25-1.b18.fc20 (FEDORA-2014-13446) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Fix mistakes in packaging, re-enabling doclint and making all java sources part of src.zip again. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 20 2014 Omair Majid <omajid@xxxxxxxxxx> - 1:1.8.0.25-1.b18 - Apply patches accidentally left out -------------------------------------------------------------------------------- References: [ 1 ] Bug #1130490 - java-1.8.0-openjdk: src.zip is incomplete https://bugzilla.redhat.com/show_bug.cgi?id=1130490 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.2.7.2-1.fc20 (FEDORA-2014-13432) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 16 2014 David Tardon <dtardon@xxxxxxxxxx> - 1:4.2.7.2-1 - new upstream release - InsertCurrentTime: in input mode inherit matching format if set -------------------------------------------------------------------------------- ================================================================================ libsoup-2.44.2-2.fc20 (FEDORA-2014-13448) Soup, an HTTP library implementation -------------------------------------------------------------------------------- Update Information: Fix spurious "Invalid Password" errors in evolution with NTLM (#1088458) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Dan Winship <danw@xxxxxxxxxx> - 2.44.2-2 - Fix spurious "Invalid Password" errors in evolution with NTLM (#1088458) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1088458 - For no obvious reason, while working, evolution-ews authentication fails with "Invalid Password" error https://bugzilla.redhat.com/show_bug.cgi?id=1088458 -------------------------------------------------------------------------------- ================================================================================ lis-1.4.64-1.fc20 (FEDORA-2014-13449) A library for solving linear equations and eigenvalue problems -------------------------------------------------------------------------------- Update Information: Update to 1.4.64 Update to 1.4.63 Update to 1.4.62 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Florian Lehner <dev@xxxxxxxxxxx> - 1.4.64-1 - Update to 1.4.64 * Mon Oct 20 2014 Florian Lehner <dev@xxxxxxxxxxx> - 1.4.63-1 - Update to 1.4.63 * Sat Oct 18 2014 Florian Lehner <dev@xxxxxxxxxxx> - 1.4.62-1 - Update to 1.4.62 -------------------------------------------------------------------------------- ================================================================================ memtest86+-5.01-8.fc20 (FEDORA-2014-13429) Stand-alone memory tester for x86 and x86-64 computers -------------------------------------------------------------------------------- Update Information: This is an update fixing several bugs including runtime crashes. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 5.01-8 - More crash fixes (by crash-fix patch from David McInnis) * Fri Sep 5 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 5.01-7 - Fixed typo in memtest-setup help, added its options to man / help * Wed Sep 3 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 5.01-6 - Fixed memtest-setup script * Tue Aug 26 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 5.01-5 - Added documentation regarding memtest-setup * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.01-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.01-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ perl-Log-Dispatch-2.44-1.fc20 (FEDORA-2014-13438) Dispatches messages to one or more outputs -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.44-1 - Upstream update. * Mon Oct 13 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.43-1 - Upstream update. -------------------------------------------------------------------------------- ================================================================================ perl-WebService-Dropbox-1.22-2.fc20 (FEDORA-2014-13430) Perl interface to Dropbox API -------------------------------------------------------------------------------- Update Information: This release improves Shutter’s Dropbox integration and adds support for vgy.me. perl-WebService-Dropbox provides a Perl interface to Dropbox API with following features: - Support Dropbox v1 REST API - Support Furl (Fast!!!) - Streaming IO (Low Memory) - Default URI Escape (The specified path is UTF-8 decoded string) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129096 - shutter-0.93 is available https://bugzilla.redhat.com/show_bug.cgi?id=1129096 [ 2 ] Bug #1151843 - Review Request: perl-WebService-Dropbox - Perl interface to Dropbox API https://bugzilla.redhat.com/show_bug.cgi?id=1151843 -------------------------------------------------------------------------------- ================================================================================ python-catkin_pkg-0.2.5-1.fc20 (FEDORA-2014-13447) Library for retrieving information about catkin packages -------------------------------------------------------------------------------- Update Information: Updated catkin_pkg and rosdep to latest upstream and enabled python3 build of catkin_pkg -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Scott K Logan <logans@xxxxxxxxxxx> - 0.2.5-1 - Update to 0.2.5 - Add python3 package - Exclude tests which are not compatible with python 2.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1152127 - python-catkin_pkg-0.2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1152127 [ 2 ] Bug #1152491 - python-rosdep-0.10.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=1152491 -------------------------------------------------------------------------------- ================================================================================ python-rosdep-0.10.32-1.fc20 (FEDORA-2014-13447) ROS System Dependency Installer -------------------------------------------------------------------------------- Update Information: Updated catkin_pkg and rosdep to latest upstream and enabled python3 build of catkin_pkg -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Scott K Logan <logans@xxxxxxxxxxx> - 0.10.32-1 - Update to release 0.10.32 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1152127 - python-catkin_pkg-0.2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1152127 [ 2 ] Bug #1152491 - python-rosdep-0.10.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=1152491 -------------------------------------------------------------------------------- ================================================================================ rubygem-joiner-0.3.3-1.fc20 (FEDORA-2014-13433) Builds ActiveRecord joins from association paths -------------------------------------------------------------------------------- Update Information: First rubygem-joiner release for Fedora 20. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1117025 - Review Request: rubygem-joiner - Builds ActiveRecord joins from association paths https://bugzilla.redhat.com/show_bug.cgi?id=1117025 -------------------------------------------------------------------------------- ================================================================================ shutter-0.93-1.fc20 (FEDORA-2014-13430) GTK+2-based screenshot application written in Perl -------------------------------------------------------------------------------- Update Information: This release improves Shutter’s Dropbox integration and adds support for vgy.me. perl-WebService-Dropbox provides a Perl interface to Dropbox API with following features: - Support Dropbox v1 REST API - Support Furl (Fast!!!) - Streaming IO (Low Memory) - Default URI Escape (The specified path is UTF-8 decoded string) -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 19 2014 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.93-1 - Update to 0.93 * Wed Aug 27 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.91-2 - Perl 5.20 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129096 - shutter-0.93 is available https://bugzilla.redhat.com/show_bug.cgi?id=1129096 [ 2 ] Bug #1151843 - Review Request: perl-WebService-Dropbox - Perl interface to Dropbox API https://bugzilla.redhat.com/show_bug.cgi?id=1151843 -------------------------------------------------------------------------------- ================================================================================ sigil-0.8.1-1.fc20 (FEDORA-2014-13439) WYSIWYG ebook editor -------------------------------------------------------------------------------- Update Information: update to Sigil 0.8.1 - Set minimum OS X version to 10.9.0 in Info.plist so users trying to run on older versions of OS X will receive an error dialog instead of a crash dialog. - Set minimum Windows version to Vista in Installer so installation will error when trying to install on XP (which is not supported and Sigil binary packages won't run on). - Fix issue #21: Use Hunspell WORDCHARS to help in tokenization of words. - Pull request #19: Moving plugin description to ToolTips. - Pull request #20: Preserve current file name for future save as actions if appropriate. - Fix bug where save after using input plugin would fail. update to Sigil 0.8.0 - Plugin framework. - Add the svg image tag as an svg inline element (not a block element) and add it as an empty element (TidyEmptyTags). - Allow user defined list of entities to preserve. - Pull request #16: Hardcode menu Plugins in UI, move it before menu Help. - Pull request #10: Add ability to move entries in TOC up and down. - Pull request #8: Allow pasting HTML as HTML or plain text in BookView. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2014 Dan Horák <dan[at]danny.cz> - 0.8.1-1 - New upstream release 0.8.1 - Add doc subpackage for user guide and plugin guide -------------------------------------------------------------------------------- ================================================================================ spice-gtk-0.23-4.fc20 (FEDORA-2014-13431) A GTK+ widget for SPICE clients -------------------------------------------------------------------------------- Update Information: This update fixes a crash of spicy at startup -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 24 2014 Christophe Fergeau <cfergeau@xxxxxxxxxx> 0.25-6 - Run make install in gtk3 build after doing so in gtk2 build, otherwise we'll end up packaging gtk2 builds of spicy et al in spice-client-tools instead of gtk3 ones (#1145829) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1145829 - spicy crashes at startup on f21 https://bugzilla.redhat.com/show_bug.cgi?id=1145829 -------------------------------------------------------------------------------- ================================================================================ webkitgtk3-2.2.8-2.fc20 (FEDORA-2014-13444) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: Disable the SSLv3 to address the POODLE vulnerability -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Tomas Popela <tpopela@xxxxxxxxxx> - 2.2.8-2 - Disable the SSLv3 to address the POODLE vulnerability -------------------------------------------------------------------------------- ================================================================================ xdg-utils-1.1.0-0.31.rc2.fc20 (FEDORA-2014-13374) Basic desktop integration functions -------------------------------------------------------------------------------- Update Information: Fixed build where recent patches were not applied properly (which in particular, resulted in broken/regressed plasma5 support). -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.31.rc2 - workaround %autosetup failure harder (#1084309) * Mon Oct 20 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.30.rc2 - workaround %autosetup failure, again (#1084309) -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
