The following Fedora 19 Security updates need testing: Age URL 371 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 183 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 134 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 132 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19 77 https://admin.fedoraproject.org/updates/FEDORA-2014-9427/pipelight-0.2.7.3-3.fc19 52 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19 51 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19 35 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19 28 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19 21 https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.9.0-2.20141007git6a28c29b.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-13044/thunderbird-31.2.0-1.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-12994/firefox-33.0-1.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13451/webkitgtk3-2.0.4-4.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13570/php-Smarty-3.1.21-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13794/subscription-manager-1.13.6-1.fc19,python-rhsm-1.13.6-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13778/hostapd-2.0-5.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13764/Pound-2.6-8.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13753/seamonkey-2.30-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13702/konversation-1.5-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14043/php-ZendFramework2-2.2.8-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14066/php-sabredav-Sabre_VObject-2.1.4-1.fc19,php-sabredav-Sabre_HTTP-1.7.11-1.fc19,php-sabredav-Sabre_CalDAV-1.7.9-1.fc19,php-sabredav-Sabre_DAVACL-1.7.9-1.fc19,php-sabredav-Sabre_CardDAV-1.7.9-2.fc19,php-sabredav-Sabre_DAV-1.7.13-1.fc19,owncloud-5.0.17-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14059/mokutil-0.2.0-1.fc19,shim-signed-0.8-2 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14005/fedup-0.9.0-1.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 319 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 245 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-13362/perl-Encode-2.54-3.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13451/webkitgtk3-2.0.4-4.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13434/curl-7.29.0-24.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13549/xulrunner-33.0-2.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-13880/device-mapper-persistent-data-0.4.1-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14047/qtwebkit-2.3.4-1.fc19 The following builds have been pushed to Fedora 19 updates-testing ansible-inventory-grapher-1.0.1-2.fc19 ansible-lint-1.0.4-1.fc19 ceph-0.80.5-11.fc19 createrepo_c-0.7.1-1.fc19 dovecot-2.2.15-1.fc19 fedup-0.9.0-1.fc19 gambit-c-4.7.3-1.fc19 git-review-1.24-1.fc19 globus-authz-3.10-1.fc19 globus-authz-callout-error-3.5-1.fc19 globus-callout-3.13-1.fc19 globus-common-15.26-1.fc19 globus-ftp-client-8.13-1.fc19 globus-ftp-control-5.12-1.fc19 globus-gass-cache-9.5-1.fc19 globus-gass-cache-program-6.5-1.fc19 globus-gass-copy-9.12-1.fc19 globus-gass-server-ez-5.7-1.fc19 globus-gass-transfer-8.8-1.fc19 globus-gatekeeper-10.8-1.fc19 globus-gfork-4.7-1.fc19 globus-gram-client-13.10-1.fc19 globus-gram-client-tools-11.7-1.fc19 globus-gram-job-manager-14.22-2.fc19 globus-gram-job-manager-callout-error-3.5-1.fc19 globus-gram-job-manager-condor-2.5-1.fc19 globus-gram-job-manager-lsf-2.6-1.fc19 globus-gram-job-manager-scripts-6.7-1.fc19 globus-gram-job-manager-slurm-2.4-2.fc19 globus-gram-protocol-12.12-1.fc19 globus-gridftp-server-7.12-1.fc19 globus-gridmap-callout-error-2.4-1.fc19 globus-gridmap-verify-myproxy-callout-2.7-1.fc19 globus-gsi-callback-5.6-1.fc19 globus-gsi-cert-utils-9.10-1.fc19 globus-gsi-credential-7.7-1.fc19 globus-gsi-openssl-error-3.5-1.fc19 globus-gsi-proxy-core-7.7-1.fc19 globus-gsi-proxy-ssl-5.7-1.fc19 globus-gsi-sysconfig-6.8-1.fc19 globus-gss-assist-10.12-1.fc19 globus-gssapi-error-5.4-1.fc19 globus-gssapi-gsi-11.13-1.fc19 globus-io-10.12-1.fc19 globus-openssl-module-4.6-1.fc19 globus-proxy-utils-6.9-1.fc19 globus-rsl-10.9-1.fc19 globus-scheduler-event-generator-5.7-1.fc19 globus-xio-4.15-1.fc19 globus-xio-gridftp-driver-2.8-1.fc19 globus-xio-gsi-driver-3.6-1.fc19 gnuplot-py-1.8-17.fc19 holland-1.0.10-3.fc19 kernel-3.14.23-100.fc19 konversation-1.5-7.fc19 lightdm-1.10.3-1.fc19 lightdm-gtk-1.8.5-9.fc19 lightdm-kde-0.3.2.1-8.fc19 mg-20141007-1.fc19 mokutil-0.2.0-1.fc19 nodejs-chainsaw-0.1.0-1.fc19 nodejs-node-print-0.0.4-2.fc19 nodejs-nsp-api-1.0.0-2.fc19 nodejs-pegjs-0.8.0-2.fc19 nodejs-seq-0.3.5-2.fc19 nodejs-silent-npm-registry-client-0.0.1-1.fc19 nodejs-strscanner-0.0.8-2.fc19 nodejs-xmldom-0.1.19-1.fc19 owncloud-5.0.17-2.fc19 pcp-3.10.0-1.fc19 perl-Net-DNS-0.81-1.fc19 php-ZendFramework2-2.2.8-1.fc19 php-sabredav-Sabre_CalDAV-1.7.9-1.fc19 php-sabredav-Sabre_CardDAV-1.7.9-2.fc19 php-sabredav-Sabre_DAV-1.7.13-1.fc19 php-sabredav-Sabre_DAVACL-1.7.9-1.fc19 php-sabredav-Sabre_HTTP-1.7.11-1.fc19 php-sabredav-Sabre_VObject-2.1.4-1.fc19 python-ase-3.8.1.3440-13.fc19 qtwebkit-2.3.4-1.fc19 shim-signed-0.8-2 trac-1.0.2-1.fc19 vile-9.8o-1.fc19 xchat-2.8.8-20.fc19 xchat-gnome-0.26.2-13.git40c5bf988.fc19 Details about builds: ================================================================================ ansible-inventory-grapher-1.0.1-2.fc19 (FEDORA-2014-14065) Creates graphs representing ansible inventory -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146929 - Review Request: ansible-inventory-grapher - Creates graphs representing ansible inventory https://bugzilla.redhat.com/show_bug.cgi?id=1146929 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-1.0.4-1.fc19 (FEDORA-2014-14083) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146928 - Review Request: ansible-lint - Best practices checker for Ansible https://bugzilla.redhat.com/show_bug.cgi?id=1146928 -------------------------------------------------------------------------------- ================================================================================ ceph-0.80.5-11.fc19 (FEDORA-2014-14026) User space components of the Ceph file system -------------------------------------------------------------------------------- Update Information: This update fixes the issue with systemd-run not being available in Fedora 19. We need to downgrade the package to the latest stable version for fedora 19, too. This package also fixes many spec file bugs (several of them filed against rawhide). -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Boris Ranto <branto@xxxxxxxxxx> - 1:0.80.5-11 - Fix bz#1157938 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157938 - service or init.d invoke systemd-run which does not exist in FC-19 https://bugzilla.redhat.com/show_bug.cgi?id=1157938 [ 2 ] Bug #1109594 - ceph package is missing erasure code libraries https://bugzilla.redhat.com/show_bug.cgi?id=1109594 -------------------------------------------------------------------------------- ================================================================================ createrepo_c-0.7.1-1.fc19 (FEDORA-2014-14048) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information: Update to 0.7.1 Update to 0.7.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.1-1 - Mergerepo: Fix mergerepo - Mergerepo: Add some debugging of metadata read. * Mon Oct 20 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.0-1 - deltarpms: Update module to work with current version of drpm - mergerepo_c: Add --omit-baseurl option - craterepo_c: Gen empty repo if empty pkglist is used - Docs: Output python docs to separate directory - Several small fixes * Tue Aug 12 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.1-1 - updateinfo: Use Python datetime objects in python bindings * Tue Aug 5 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.0-1 - Support for updateinfo.xml manipulation (including Python bindings) * Fri Jul 18 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.5.0-1 - Experimental delta rpm (DRPM) support (Disabled in Fedora build). * Thu Jun 26 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.1-1 - Initialize threads correctly on old versions of GLib2 (RhBug: 1108787) - Do not print log domain (get rid off C_CREATEREPOLIB prefix in log messages) - Implements support for --cachedir - New option --retain-old-md-by-age - Few small API changes * Tue May 6 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.0-1 - Change default behavior of repodata files handling. (RhBug: 1094539) See: https://github.com/Tojaj/createrepo_c/wiki/New-File-Handling By default, createrepo leaves old groupfiles (comps files) in the repodata/ directory during update. Createrepo_c did the same thing but the version 0.4.0 changes this behaviour. * Thu Apr 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.3.1-2 - Support for weak and rich dependecies -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.15-1.fc19 (FEDORA-2014-13342) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - Fixed several race conditions with dovecot.index.cache handling that may have caused unnecessary "cache is corrupted" errors. - auth: If auth client listed userdb and disconnected before finishing, the auth worker process got stuck (and eventually all workers could get used up and requests would start failing). - lmtp: Delivered-To: header no longer contains <> around the email address. Other MDAs don't have it either. - "Out of disk space" errors are now treated as temporary errors (not the same as "Out of disk quota"). - replication plugin: Use replication only for users who have a non-empty mail_replica setting. - lmtp proxy: Log a line about each mail delivery. - Added login_source_ips setting. This can be used to set the source IP address round-robin from a pool of IPs (in case you run out of TCP ports). - Rawlog settings can use tcp:<host>:<port> as the path. - virtual plugin: Don't keep more than virtual_max_open_mailboxes (default 64) number of backend mailboxes open. - SSL/TLS compression can be disabled with ssl_options=no_compression - acl: Global ACL file now supports "quotes" around patterns. - Added last-login plugin to set user's last-login timestamp on login. - LDAP auth: Allow passdb credentials lookup also with auth_bind=yes - IMAP: MODSEQ was sent in FETCH reply even if CONDSTORE/QRESYNC wasn't enabled. This broke at least old Outlooks. - passdb static treated missing password field the same as an empty password field. - mdbox: Fixed potential infinite looping when scanning a broken mdbox file. - imap-login, pop3-login: Fixed potential crashes when client disconnected unexpectedly. - imap proxy: The connection was hanging in some usage patterns. This mainly affected older Outlooks. - lmtp proxy: The proxy sometimes delivered empty mails in error situations or potentially delivered truncated mails. - fts-lucene: If whitespace_chars was set, we may have ended up indexing some garbage words, growing the index size unnecessarily. - -c and -i parameters for dovecot/doveadm commands were ignored if the config socket was readable. - quota: Quota recalculation didn't include INBOX in some setups. - Mail headers were sometimes added to dovecot.index.cache in wrong order. The main problem this caused was with dsync+imapc incremental syncing when the second sync thought the local mailbox had changed. - doveadm backup didn't notice if emails were missing from the middle of the destination mailbox. Now it deletes and resyncs the mailbox. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.15-1 - dovecot updated to 2.2.15 - various race condition fixes to LAYOUT=index - v2.2.14 virtual plugin crashed in some situations * Fri Oct 17 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.14-1 - dovecot updated to 2.2.14, pigeonhole updated to 0.4.3 - fixed several race conditions with dovecot.index.cache handling that may have caused unnecessary "cache is corrupted" errors. - auth: If auth client listed userdb and disconnected before finishing, the auth worker process got stuck - imap-login, pop3-login: Fixed potential crashes when client disconnected unexpectedly. - imap proxy: The connection was hanging in some usage patterns. * Thu Aug 21 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.13-2 - use network-online target instead of just network (#1119814) -------------------------------------------------------------------------------- ================================================================================ fedup-0.9.0-1.fc19 (FEDORA-2014-14005) The Fedora Upgrade tool -------------------------------------------------------------------------------- Update Information: * Adds `--product=PRODUCT` flag, required for upgrades to F21 * Uses host's config files in `upgrade.img`, which should fix various upgrade problems (e.g. incorrect keyboard layout when unlocking disks due to missing `vconsole.conf`) * Logging improvements: complete upgrade log should appear in system journal * Adds a warning for upgrades without a new kernel * Fixes a bunch of crashes -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Will Woods <wwoods@xxxxxxxxxx> 0.9.0-1 - Add --product=PRODUCT flag for upgrades to F21 - Use host's config files in upgrade.img - Fix logging during upgrade - upgrade logs will appear in system journal - Fix keymap problems during upgrade (#1038413) - Move cache to /var/cache (#1066679, CVE-2013-6494) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 22 2014 Will Woods <wwoods@xxxxxxxxxx> 0.8.1-1 - Warn the user when there is no kernel package in the upgrade - Fix crash when resizing terminal window (#1044987) - Fix crashes with bad arguments to --repo and --iso (#1045090, #1044083) - Fix some crashes during transaction test (#1043981, #1047005) - Fix upgrade hang if packagedir isn't on root partition (#1045168) - Don't redownload everything if the user just upgraded from 0.7.x -------------------------------------------------------------------------------- References: [ 1 ] Bug #1066679 - CVE-2013-6494 fedup: /var/tmp/fedora-upgrade temporary directory creation vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1066679 -------------------------------------------------------------------------------- ================================================================================ gambit-c-4.7.3-1.fc19 (FEDORA-2014-14067) Scheme programming system -------------------------------------------------------------------------------- Update Information: Latest Gambit-C release, see https://github.com/feeley/gambit/commits for commits between 2014-02-05 and 2014-07-23 for changes -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 4.7.3-1 - Update to 4.7.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124050 - gambit-c-4.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124050 -------------------------------------------------------------------------------- ================================================================================ git-review-1.24-1.fc19 (FEDORA-2014-14016) A Git helper for integration with Gerrit -------------------------------------------------------------------------------- Update Information: Import an upstream release that fixes a few bugs, in particular the crash in Chinese locale. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Pete Zaitcev <zaitcev@xxxxxxxxxx> - 1.24-1 - Upstream 1.24 (#1158461) -------------------------------------------------------------------------------- ================================================================================ globus-authz-3.10-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus authz library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.10-1 - GT6 update - Drop patches globus-authz-doxygen.patch and globus-authz-deps.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-authz-callout-error-3.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus authz error library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.5-1 - GT6 update - Drop patch globus-authz-callout-error-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-callout-3.13-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Callout Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.13-1 - GT6 update - Drop patches globus-callout-flavor.patch and globus-callout-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-common-15.26-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Common Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 15.26-1 - GT6 update - Drop patches globus-common-doxygen.patch and globus-common-pkgconfig.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-ftp-client-8.13-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GridFTP Client Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <ellert@xxxxxxxxxxxxxxxx> - 8.13-1 - GT6 update - Drop patches globus-ftp-client-doxygen.patch and globus-ftp-client-deps.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-ftp-control-5.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GridFTP Control Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.12-1 - GT6 update - Drop patch globus-ftp-control-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gass-cache-9.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gass Cache -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 9.5-1 - GT6 update - Drop patch globus-gass-cache-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gass-cache-program-6.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Tools to manipulate local and remote GASS caches -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.5-1 - GT6 update - Drop patch globus-gass-cache-program-syntax.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gass-copy-9.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gass Copy -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 9.12-1 - GT6 update - Drop patch globus-gass-copy-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gass-server-ez-5.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gass Server_ez -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.7-1 - GT6 update - Drop patch globus-gass-server-ez-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gass-transfer-8.8-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gass Transfer -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.8-1 - GT6 update - Drop patch globus-gass-transfer-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gatekeeper-10.8-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gatekeeper -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 10.8-1 - GT6 update -------------------------------------------------------------------------------- ================================================================================ globus-gfork-4.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GFork -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.7-1 - GT6 update -------------------------------------------------------------------------------- ================================================================================ globus-gram-client-13.10-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GRAM Client Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 13.10-1 - GT6 update - Drop patch globus-gram-client-doxygen.patch (fixed upstream) - GRAM no longer uses SSLv3 -------------------------------------------------------------------------------- ================================================================================ globus-gram-client-tools-11.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Job Management Tools (globusrun) -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 11.7-1 - GT6 update -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-14.22-2.fc19 (FEDORA-2014-14061) Globus Toolkit - GRAM Jobmanager -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 14.22-2 - Fixes to the globus-personal-gatekeeper (fixes parallel make check) * Sun Oct 26 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 14.22-1 - GT6 update - Includes improvements from Open Science Grid (OSG) -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-callout-error-3.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GRAM Jobmanager Callout Errors -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.5-1 - GT6 update - Drop patch globus-gram-job-manager-callout-error-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-condor-2.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Condor Job Manager Support -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.5-1 - GT6 update - Includes improvements from Open Science Grid (OSG) -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-lsf-2.6-1.fc19 (FEDORA-2014-14061) Globus Toolkit - LSF Job Manager Support -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.6-1 - GT6 update -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-scripts-6.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GRAM Job ManagerScripts -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.7-1 - GT6 update - Includes improvements from Open Science Grid (OSG) -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-slurm-2.4-2.fc19 (FEDORA-2014-14061) Globus Toolkit - SLURM Job Manager Support -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.4-2 - Fix typo in preun scriptlet -------------------------------------------------------------------------------- ================================================================================ globus-gram-protocol-12.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GRAM Protocol Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 12.12-1 - GT6 update - Drop patch globus-gram-protocol-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-7.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 7.12-1 - GT6 update - Drop patch globus-gridftp-server-deps.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gridmap-callout-error-2.4-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus Gridmap Callout Errors -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.4-1 - GT6 update - Drop patch globus-gridmap-callout-error-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gridmap-verify-myproxy-callout-2.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus gridmap myproxy callout -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.7-1 - GT6 update - Drop patch globus-gridmap-verify-myproxy-callout-deps.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-callback-5.6-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Callback Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.6-1 - GT6 update - Drop patch globus-gsi-callback-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-cert-utils-9.10-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Cert Utils Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 9.10-1 - GT6 update - Drop patches globus-gsi-cert-utils-deps.patch and globus-gsi-cert-utils-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-credential-7.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Credential Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 7.7-1 - GT6 update - Drop patch globus-gsi-credential-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-openssl-error-3.5-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus OpenSSL Error Handling -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.5-1 - GT6 update - Drop patch globus-gsi-openssl-error-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-proxy-core-7.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Proxy Core Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 7.7-1 - GT6 update - Drop patch globus-gsi-proxy-core-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-proxy-ssl-5.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Proxy SSL Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.7-1 - GT6 update - Drop patch globus-gsi-proxy-ssl-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-sysconfig-6.8-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI System Config Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.8-1 - GT6 update - Drop patch globus-gsi-sysconfig-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gss-assist-10.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GSSAPI Assist library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 10.12-1 - GT6 update - Update patch globus-gss-assist-doxygen.patch -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-error-5.4-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GSSAPI Error Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.4-1 - GT6 update - Drop patch globus-gssapi-error-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-11.13-1.fc19 (FEDORA-2014-14061) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 11.13-1 - GT6 update - Update patch globus-gssapi-gsi-doxygen.patch -------------------------------------------------------------------------------- ================================================================================ globus-io-10.12-1.fc19 (FEDORA-2014-14061) Globus Toolkit - uniform I/O interface -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 10.12-1 - GT6 update - Drop patch globus-io-doxygen.patch (obsolete) - Remove documentation package again (upstream changed their minds) -------------------------------------------------------------------------------- ================================================================================ globus-openssl-module-4.6-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus OpenSSL Module Wrapper -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.6-1 - GT6 update - Drop patch globus-openssl-module-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-proxy-utils-6.9-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus GSI Proxy Utility Programs -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.9-1 - GT6 update -------------------------------------------------------------------------------- ================================================================================ globus-rsl-10.9-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Resource Specification Language Library -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 10.9-1 - GT6 update - Drop patch globus-rsl-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-scheduler-event-generator-5.7-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Scheduler Event Generator -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.7-1 - GT6 update - Drop patch globus-scheduler-event-generator-doxygen.patch (fixed upstream) - Fix manpage typos -------------------------------------------------------------------------------- ================================================================================ globus-xio-4.15-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus XIO Framework -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.15-1 - GT6 update - Drop patch globus-xio-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-xio-gridftp-driver-2.8-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus XIO GridFTP Driver -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.8-1 - GT6 update - Drop patch globus-xio-gridftp-driver-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ globus-xio-gsi-driver-3.6-1.fc19 (FEDORA-2014-14061) Globus Toolkit - Globus XIO GSI Driver -------------------------------------------------------------------------------- Update Information: Updated Globus Toolkit packages. Many dropped patches since changes were accepted upstream. GRAM client library no longer forces the use of SSLv3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.6-1 - GT6 update - Drop patch globus-xio-gsi-driver-doxygen.patch (fixed upstream) -------------------------------------------------------------------------------- ================================================================================ gnuplot-py-1.8-17.fc19 (FEDORA-2014-14002) Python interface to Gnuplot -------------------------------------------------------------------------------- Update Information: Fixes a problem with python 2.7 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Sergio Pascual <sergiopr@xxxxxxxxxxxxxxxxx> - 1.8-17 - Patch to fix bz #1158546 - Cleanup of old rpm macros * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158546 - gnuplot-py is not compatible with Python 2.7 https://bugzilla.redhat.com/show_bug.cgi?id=1158546 -------------------------------------------------------------------------------- ================================================================================ holland-1.0.10-3.fc19 (FEDORA-2014-14030) Pluggable Backup Framework -------------------------------------------------------------------------------- Update Information: RH#884890 add requires for /usr/bin/mysqldump -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 22 2014 Ben Harper <ben.harper@xxxxxxxxxxxxx> - 1.0.10-3 - RH#884890 add requires for /usr/bin/mysqldump - add mysqldump-lvm.conf * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #884890 - holland-mysqldump doesn't require mysql https://bugzilla.redhat.com/show_bug.cgi?id=884890 -------------------------------------------------------------------------------- ================================================================================ kernel-3.14.23-100.fc19 (FEDORA-2014-14068) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.14.23 stable update contains a number of important fixes across the tree. Various security fixes for KVM and SCTP -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.14.23-100 - Linux v3.14.23 * Fri Oct 24 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) - CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) - CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) - CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) * Wed Oct 22 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.14.22-101 - CVE-2014-3688 sctp: remote memory pressure from excessive queuing (rhbz 1155745 1155751) - CVE-2014-3687 sctp: panic on duplicate ASCONF chunks (rhbz 1155731 1155738) - CVE-2014-3673 sctp: panic with malformed ASCONF chunks (rhbz 1147850 1155727) - CVE-2014-3690 kvm: invalid host cr4 handling (rhbz 1153322 1155372) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144883 - CVE-2014-3610 kernel: kvm: noncanonical MSR writes https://bugzilla.redhat.com/show_bug.cgi?id=1144883 [ 2 ] Bug #1156518 - CVE-2014-8369 kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path https://bugzilla.redhat.com/show_bug.cgi?id=1156518 [ 3 ] Bug #1144878 - CVE-2014-3611 kernel: kvm: PIT timer race condition https://bugzilla.redhat.com/show_bug.cgi?id=1144878 [ 4 ] Bug #1144825 - CVE-2014-3646 kernel: kvm: vmx: invvpid vm exit not handled https://bugzilla.redhat.com/show_bug.cgi?id=1144825 [ 5 ] Bug #1153322 - CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries https://bugzilla.redhat.com/show_bug.cgi?id=1153322 [ 6 ] Bug #1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing https://bugzilla.redhat.com/show_bug.cgi?id=1155745 [ 7 ] Bug #1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks https://bugzilla.redhat.com/show_bug.cgi?id=1155731 [ 8 ] Bug #1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks https://bugzilla.redhat.com/show_bug.cgi?id=1147850 -------------------------------------------------------------------------------- ================================================================================ konversation-1.5-7.fc19 (FEDORA-2014-13702) A user friendly IRC client -------------------------------------------------------------------------------- Update Information: pull in 1.5 branch fixes, including... out-of-bounds read flaw (#1157342,1156418) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.5-7 - add update-desktop-database scriptlets * Mon Oct 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.5-6 - pull in 1.5 branch fixes, including... out-of-bounds read flaw (#1157342,1156418) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Jun 19 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.5-4 - .spec cleanup * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.5-2 - Requires: kde-runtime -------------------------------------------------------------------------------- References: [ 1 ] Bug #1156418 - CVE-2014-8483 quassel, konversation: out-of-bounds read on a heap-allocated array https://bugzilla.redhat.com/show_bug.cgi?id=1156418 -------------------------------------------------------------------------------- ================================================================================ lightdm-1.10.3-1.fc19 (FEDORA-2014-14034) Lightweight Display Manager -------------------------------------------------------------------------------- Update Information: Update to lightdm-1.10.x branch, with long-term support. Backport fix for mouse cursors, and provide gtk2-based lightdm-gtk2 greeter (as an alternative to gtk3-based lightdm-gtk). -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.3-1 - lightdm-1.10.3 * Mon Oct 6 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.2-2 - respin/fix fedora_config.patch (properly use [SeatDefaults] section) * Wed Sep 17 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.2-1 - lightdm-1.10.2 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Tue Jul 22 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 1.10.1-4 - Rebuilt for gobject-introspection 1.41.4 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.1-2 - update pam config (+pam-kwallet,-mate-keying-pam) * Sun Apr 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.1-1 - lightdm-1.10.1 * Thu Apr 17 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.0-1 - lightdm-1.10.0 (#1077562) * Thu Mar 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.13-2 - Could not create user data directory /var/lib/lightdm-data/lightdm (#1081426) * Tue Mar 25 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.13-1 - lightdm-1.9.13 * Thu Mar 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.11-1 - lightdm-1.9.11 * Tue Mar 11 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.9-1 - lightdm-1.9.9 * Thu Feb 20 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.8-1 - lightdm-1.9.8 (#1021834) - lightdm adds /usr/libexec/lightdm: to user $PATH (#888337) * Thu Feb 6 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.7-1 - lightdm-1.8.7 * Wed Jan 22 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.6-1 - lightdm-1.8.6 * Fri Nov 15 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-2 - create/own lightdm.conf.d dirs * Fri Nov 8 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-1 - lightdm-1.8.5 * Fri Nov 1 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.4-1 - lightdm-1.8.4 * Wed Oct 30 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.3-1 - lightdm-1.8.3 * Wed Oct 16 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.2-1 - lightdm-1.8.2 * Thu Oct 10 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.1-1 - lightdm-1.8.1 * Wed Oct 9 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.0-2 - lightdm has no service file (#1017390) * Wed Oct 9 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.0-1 - lightdm-1.8.0 (#1017081) -------------------------------------------------------------------------------- ================================================================================ lightdm-gtk-1.8.5-9.fc19 (FEDORA-2014-14034) LightDM GTK3 Greeter -------------------------------------------------------------------------------- Update Information: Update to lightdm-1.10.x branch, with long-term support. Backport fix for mouse cursors, and provide gtk2-based lightdm-gtk2 greeter (as an alternative to gtk3-based lightdm-gtk). -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 6 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-9 - cursor theme doesn't change (#989152) * Sun Oct 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.8.5-8 - create/own %{_datadir}/lightdm-gtk-greeter/ - -gtk2: own lightdm-greeter.desktop alternatives target * Sun Oct 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-7 - -gtk2: fix alternatives, omit dup'd translations - -common: fix %posttrans icon scriptlet * Sat Oct 4 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-6 - lightdm-gtk2: support alternatives (for default lightdm greeter) * Sat Oct 4 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-5 - lightdm-gtk2, -common subpkgs * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Mon Aug 11 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-3 - missing icons, +Requires: gnome-icon-theme (#1128697) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon May 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.5-1 - 1.8.5 (#1094437) * Mon Mar 31 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.4-1 - 1.8.4 (#1076529) * Tue Mar 4 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.2-1 - 1.8.2 (#1047209) * Thu Feb 20 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.8.1-1 - 1.8.1 -------------------------------------------------------------------------------- ================================================================================ lightdm-kde-0.3.2.1-8.fc19 (FEDORA-2014-14034) LightDM KDE Greeter -------------------------------------------------------------------------------- Update Information: Update to lightdm-1.10.x branch, with long-term support. Backport fix for mouse cursors, and provide gtk2-based lightdm-gtk2 greeter (as an alternative to gtk3-based lightdm-gtk). -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Aug 3 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.3.2.1-6 - rebuild (lightdm-1.7.x) * Sat Aug 3 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.3.2.1-5 - pull in upstream fix to build against newer lightdm * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue May 7 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.3.2.1-3 - rebuild (lightdm) -------------------------------------------------------------------------------- ================================================================================ mg-20141007-1.fc19 (FEDORA-2014-14054) Tiny Emacs-like editor -------------------------------------------------------------------------------- Update Information: upgrade to 20141007 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 20141007-1 - upgrade to 20141007 (RHBZ#1150492) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20140414-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150492 - mg-20141007 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150492 -------------------------------------------------------------------------------- ================================================================================ mokutil-0.2.0-1.fc19 (FEDORA-2014-14059) Tool to manage UEFI Secure Boot MoK Keys -------------------------------------------------------------------------------- Update Information: This update fixes CVEs CVE-2014-3675, CVE-2014-3676, and CVE-2014-3677, as well as moving to the 0.8 release, which adds support for Aarch64 and fixes several bugs. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148230 - CVE-2014-3675 shim: out-of-bounds memory read flaw in DHCPv6 packet processing https://bugzilla.redhat.com/show_bug.cgi?id=1148230 [ 2 ] Bug #1148231 - CVE-2014-3676 shim: heap-based buffer overflow flaw in IPv6 address parsing https://bugzilla.redhat.com/show_bug.cgi?id=1148231 [ 3 ] Bug #1148232 - CVE-2014-3677 shim: memory corruption flaw when processing Machine Owner Keys (MOKs) https://bugzilla.redhat.com/show_bug.cgi?id=1148232 -------------------------------------------------------------------------------- ================================================================================ nodejs-chainsaw-0.1.0-1.fc19 (FEDORA-2014-14045) Build chainable fluent interfaces the easy way -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142049 - Review Request: nodejs-chainsaw - Build chainable fluent interfaces the easy way https://bugzilla.redhat.com/show_bug.cgi?id=1142049 -------------------------------------------------------------------------------- ================================================================================ nodejs-node-print-0.0.4-2.fc19 (FEDORA-2014-14072) Printf in JavaScript Node.js module -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144661 - Review Request: nodejs-node-print - Printf in JavaScript Node.js module https://bugzilla.redhat.com/show_bug.cgi?id=1144661 -------------------------------------------------------------------------------- ================================================================================ nodejs-nsp-api-1.0.0-2.fc19 (FEDORA-2014-14056) Node.js module for NSP API -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144662 - Review Request: nodejs-nsp-api - Node.js module for NSP API https://bugzilla.redhat.com/show_bug.cgi?id=1144662 -------------------------------------------------------------------------------- ================================================================================ nodejs-pegjs-0.8.0-2.fc19 (FEDORA-2014-14010) Parser generator for JavaScript -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144658 - Review Request: nodejs-pegjs - Parser generator for JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=1144658 -------------------------------------------------------------------------------- ================================================================================ nodejs-seq-0.3.5-2.fc19 (FEDORA-2014-14008) An asynchronous flow control library -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142050 - Review Request: nodejs-seq - An asynchronous flow control library https://bugzilla.redhat.com/show_bug.cgi?id=1142050 -------------------------------------------------------------------------------- ================================================================================ nodejs-silent-npm-registry-client-0.0.1-1.fc19 (FEDORA-2014-14076) Npm registry client that doesn't spam stdout/stderr -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144664 - Review Request: nodejs-silent-npm-registry-client - Npm registry client that doesn't spam stdout/stderr https://bugzilla.redhat.com/show_bug.cgi?id=1144664 -------------------------------------------------------------------------------- ================================================================================ nodejs-strscanner-0.0.8-2.fc19 (FEDORA-2014-14070) Lexical string analysis for javascript -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144660 - Review Request: nodejs-strscanner - Lexical string analysis for javascript https://bugzilla.redhat.com/show_bug.cgi?id=1144660 -------------------------------------------------------------------------------- ================================================================================ nodejs-xmldom-0.1.19-1.fc19 (FEDORA-2014-14071) A W3C Standard XML DOM implementation and parser -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142051 - Review Request: nodejs-xmldom - A W3C Standard XML DOM implementation and parser https://bugzilla.redhat.com/show_bug.cgi?id=1142051 -------------------------------------------------------------------------------- ================================================================================ owncloud-5.0.17-2.fc19 (FEDORA-2014-14066) Private file sync and share server -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 5.0.17-2 - drop db server deps, clean up docs, disable some admin checks (from master) * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 5.0.17-1 - update to 5.0.17 (latest release) - backport a further security fix from upstream (HTTP redirects only) * Fri Dec 20 2013 Adam Williamson <awilliam@xxxxxxxxxx> - 5.0.14a-2 * Correct location of php-symfony-routing: #1045301 * Fri Dec 20 2013 Adam Williamson <awilliam@xxxxxxxxxx> - 5.0.14a-1 - 5.0.14a * Sat Nov 16 2013 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 5.0.13-1 - 5.0.13 * Tue Oct 8 2013 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 5.0.12-1 - 5.0.12 * Tue Sep 24 2013 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 5.0.11-2 - keep MDB2/pgsql driver, genuine version causes upgrade problems (RBZ#962082) * Sat Sep 7 2013 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 5.0.11-1 - 5.0.11 * Wed Sep 4 2013 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 5.0.10-4 - unbundle sabredav again -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ pcp-3.10.0-1.fc19 (FEDORA-2014-14020) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Create new sub-packages for pcp-webjs and python3-pcp. pcp 3.9.10 community + pcpfans add-ons Update to latest PCP sources Update to latest PCP sources. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.10.0-1 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. * Fri Sep 5 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 3.9.10-1.1 - Perl 5.20 rebuild * Fri Sep 5 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.9.10-1 - Convert PCP init scripts to systemd services (BZ 996438) - Fix pmlogsummary -S/-T time window reporting (BZ 1132476) - Resolve pmdumptext segfault with invalid host (BZ 1131779) - Fix signedness in some service discovery codes (BZ 1136166) - New conditionally-built pcp-pmda-papi sub-package. - Update to latest PCP sources. * Tue Aug 26 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 3.9.9-1.2 - Perl 5.20 rebuild * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.9.9-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Aug 13 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.9.9-1 - Update to latest PCP sources. * Wed Jul 16 2014 Mark Goodwin <mgoodwin@xxxxxxxxxx> - 3.9.7-1 - Update to latest PCP sources. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1139529 - pmfind misleading error message when avahi not running https://bugzilla.redhat.com/show_bug.cgi?id=1139529 [ 2 ] Bug #996438 - Convert PCP init scripts to systemd https://bugzilla.redhat.com/show_bug.cgi?id=996438 [ 3 ] Bug #1132476 - pmlogsummary output improvements https://bugzilla.redhat.com/show_bug.cgi?id=1132476 [ 4 ] Bug #1131779 - pmdumptext segfaults when using invalid host https://bugzilla.redhat.com/show_bug.cgi?id=1131779 [ 5 ] Bug #1136166 - pmfind segfaults when avahi not running https://bugzilla.redhat.com/show_bug.cgi?id=1136166 -------------------------------------------------------------------------------- ================================================================================ perl-Net-DNS-0.81-1.fc19 (FEDORA-2014-14004) DNS resolver modules for Perl -------------------------------------------------------------------------------- Update Information: Updated to 0.81, Fixes AXFR BADSIG and infinite recursion in Net::DNS::Resolver -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.81-1 - Updated to 0.81, Fixes AXFR BADSIG and infinite recursion in Net::DNS::Resolver - Resolves rhbz#1151572 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151572 - Runaway rapid memory growth when handling Net::DNS::Packet https://bugzilla.redhat.com/show_bug.cgi?id=1151572 -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework2-2.2.8-1.fc19 (FEDORA-2014-14043) Zend Framework 2 -------------------------------------------------------------------------------- Update Information: # Security Fixes - **ZF2014-05**: Due to an issue that existed in PHP's LDAP extension, it is possible to perform an unauthenticated simple bind against a LDAP server by using a null byte for the password, regardless of whether or not the user normally requires a password. We have provided a patch in order to protect users of unpatched PHP versions (PHP 5.5 <= 5.5.11, PHP 5.4 <= 5.4.27, all versions of PHP 5.3 and below). If you use Zend\Ldap and are on an affected version of PHP, we recommend upgrading immediately. - **ZF2014-06**: A potential SQL injection vector existed when using a SQL Server adapter to manually quote values due to the fact that it was not escaping null bytes. Code was added to ensure null bytes are escaped, and thus mitigate the SQLi vector. We do not recommend manually quoting values, but if you do, and use the SQL Server adapter without PDO, we recommend upgrading immediately. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.2.8-1 - Updated to 2.2.8 - BZ #1151276 / CVE-2014-8088 / ZF2014-05 - BZ #1151277 / CVE-2014-8089 / ZF2014-06 - BZ #1151278 (fedora) - BZ #1151280 (epel6) - Added composer virtual provides and requires - APC optional for ProgressBar component - Added tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151276 - CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05) https://bugzilla.redhat.com/show_bug.cgi?id=1151276 [ 2 ] Bug #1151277 - CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06) https://bugzilla.redhat.com/show_bug.cgi?id=1151277 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_CalDAV-1.7.9-1.fc19 (FEDORA-2014-14066) Provides RFC4791 (CalDAV) support to Sabre_DAV -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.7.9-1 - new release 1.7.9 (from SabreDAV 1.7.13, EOL) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Sep 5 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.8-2 - fix package xml files incorrectly tagged by myself doc instead of php * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> 1.7.8-1 - update to 1.7.8 - use our own package.xml provided by Remi Collet as upstream doesn't use pear anymore -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_CardDAV-1.7.9-2.fc19 (FEDORA-2014-14066) Provides CardDAV support to Sabre_DAV -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.7.9-1 - new release 1.7.9 (from SabreDAV 1.7.13, EOL) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Sep 5 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.8-2 - fix package xml files incorrectly tagged by myself doc instead of php * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> 1.7.8-1 - update to 1.7.8 - use our own package.xml created by Remi Collet as upstream doesn't use pear anymore -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_DAV-1.7.13-1.fc19 (FEDORA-2014-14066) Sabre_DAV is a WebDAV framework for PHP -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.7.13-1 - new release 1.7.13 (EOL) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Sep 5 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.8-2 - fix package xml files incorrectly tagged by myself doc instead of php * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.8-1 - Update to 1.7.8 Uptream version - Add own pear configuration provided by Remi Collet from RH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_DAVACL-1.7.9-1.fc19 (FEDORA-2014-14066) RFC3744 implementation for SabreDAV -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.7.9-1 - new release 1.7.9 (from SabreDAV 1.7.13, EOL) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.8-1 - Update to 1.7.8 Upstream version - Add own pear configuration provided by Remi Collet from RH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_HTTP-1.7.11-1.fc19 (FEDORA-2014-14066) HTTP component for the SabreDAV WebDAV framework for PHP -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.7.11-1 - new release 1.7.11 (from Sabre 1.7.13 EOL) * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.7.3-1 - Update to 1.7.x Uptream version - Add own pear configuration provided by Remi Collet from RH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_VObject-2.1.4-1.fc19 (FEDORA-2014-14066) An intuitive reader for iCalendar and vCard objects -------------------------------------------------------------------------------- Update Information: This update provides ownCloud 5.0.17, the latest release in the 5.x series, plus an extra security-related fix backported from the stable5 branch. It also provides SabreDAV 1.7.13. This is also a major upgrade from SabreDAV 1.6, and has API incompatibilities. ownCloud is the only Fedora 19 package that requires SabreDAV, and ownCloud 5 cannot work with SabreDAV 1.6: the API-incompatible upgrade is unfortunate but necessary to provide a secure ownCloud release. ownCloud 4.5, the current version in Fedora 19, is un-maintained, subject to known security issues, and has no upgrade path beyond ownCloud 5. Upgrading directly from 4.5 to the current version in Fedora 20 or 21 - ownCloud 7 - would likely fail. I plan to update the package to 6.x before Fedora 19 goes EOL and maintain the 5.x and 6.x builds in a side repository to make sure there is a viable upgrade path from Fedora 19. Initial testing on the 4.x -> 5.x upgrade has been performed, but please back up your user data, ownCloud configuration and ownCloud database before performing the upgrade. Please file negative karma and a bug report for any issues encountered during the upgrade. Ideally, the upgrade should run smoothly on first access to the updated ownCloud instance with no manual intervention required. -------------------------------------------------------------------------------- ChangeLog: * Thu May 22 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 2.1.4-1 - update to 2.1.4 - sources from github - fix upstream URL * Wed Feb 12 2014 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> 2.1.3-1 - update to 2.1.3 * Tue Sep 3 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> 2.1.0-1 - update to 2.1.0 - use our own package.xml created by Remi Collet as upstream doesn't use pear anymore -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035593 - CVE-2013-6403 owncloud: possible security bypass on admin page (5.0.13) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1035593 -------------------------------------------------------------------------------- ================================================================================ python-ase-3.8.1.3440-13.fc19 (FEDORA-2014-14035) Atomic Simulation Environment -------------------------------------------------------------------------------- Update Information: larger icon -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Marcin Dulak <Marcin.Dulak@xxxxxxxxx> - 3.8.1.3440-13 - larger icon - https://bugzilla.redhat.com/show_bug.cgi?id=1157516 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.1.3440-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 3 2014 Björn Esser <bjoern.esser@xxxxxxxxx> - 3.8.1.3440-11 - failsafe backport of Python2-macros for RHEL <= 6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157516 - Application icon is too small to be used in the software center https://bugzilla.redhat.com/show_bug.cgi?id=1157516 -------------------------------------------------------------------------------- ================================================================================ qtwebkit-2.3.4-1.fc19 (FEDORA-2014-14047) Qt WebKit bindings -------------------------------------------------------------------------------- Update Information: New QtWebKit 2.3.4 bugfix release, enable hardened build. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 16 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.4-1 - qtwebkit-2.3.4 * Tue Sep 23 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-18 - enable hardened build (#1051790) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.3-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jul 20 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 2.3.3-16 - build against GStreamer1 on F21+ (#1092642, patch from openSUSE) * Fri Jun 20 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-15 - use pkgconfig deps for qt-mobility * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.3-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 7 2014 Jaromir Capik <jcapik@xxxxxxxxxx> - 2.3.3-13 - ppc64le support * Mon May 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-12 - Requires: mozilla-filesystem (#1000673) * Fri May 2 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-11 - no need to set empty qtdefines macro - no rpath for real, drop chrpath hacks * Sat Mar 8 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 2.3.3-10 - rebuild against fixed qt to fix -debuginfo (#1074041) * Thu Mar 6 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 2.3.3-9 - update aarch64 patchset * Fri Feb 28 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-8 - initial backport aarch64 javascriptcore fixes, needswork (#1070446) - apply downstream patches *after* upstream ones * Thu Feb 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-7 - backport more upstream fixes * Thu Feb 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-6 - ftbfs using bison3 * Wed Feb 12 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-5 - rebuild (libicu) * Wed Jan 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.3-4 - rebuild (libwebp) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1051790 - no hardening builds - KDE typically is "long running" https://bugzilla.redhat.com/show_bug.cgi?id=1051790 -------------------------------------------------------------------------------- ================================================================================ shim-signed-0.8-2 (FEDORA-2014-14059) First-stage UEFI bootloader -------------------------------------------------------------------------------- Update Information: This update fixes CVEs CVE-2014-3675, CVE-2014-3676, and CVE-2014-3677, as well as moving to the 0.8 release, which adds support for Aarch64 and fixes several bugs. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Peter Jones <pjones@xxxxxxxxxx> - 0.8-2 - Remove the dist tag so people don't complain about what it says. * Fri Oct 24 2014 Peter Jones <pjones@xxxxxxxxxx> - 0.8-1 - Update to shim 0.8 rhbz#1148230 rhbz#1148231 rhbz#1148232 - Handle building on aarch64 as well * Fri Jul 18 2014 Peter Jones <pjones@xxxxxxxxxx> - 0.7-2 - Don't do multi-signing; too many machines screw up verification. Resolves: rhbz#1049749 * Wed Nov 13 2013 Peter Jones <pjones@xxxxxxxxxx> - 0.7-1 - Update to shim 0.7 Resolves: rhbz#1023767 * Thu Oct 24 2013 Peter Jones <pjones@xxxxxxxxxx> - 0.5-1 - Update to shim 0.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148230 - CVE-2014-3675 shim: out-of-bounds memory read flaw in DHCPv6 packet processing https://bugzilla.redhat.com/show_bug.cgi?id=1148230 [ 2 ] Bug #1148231 - CVE-2014-3676 shim: heap-based buffer overflow flaw in IPv6 address parsing https://bugzilla.redhat.com/show_bug.cgi?id=1148231 [ 3 ] Bug #1148232 - CVE-2014-3677 shim: memory corruption flaw when processing Machine Owner Keys (MOKs) https://bugzilla.redhat.com/show_bug.cgi?id=1148232 -------------------------------------------------------------------------------- ================================================================================ trac-1.0.2-1.fc19 (FEDORA-2014-14064) Enhanced wiki and issue tracking system -------------------------------------------------------------------------------- Update Information: update to Trac 1.0.2 with many bug fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Felix Schwarz <fschwarz@xxxxxxxxxxxxxxxxx> - 1.0.2-1 - 1.0.2 * Wed May 1 2013 Luke Macken <lmacken@xxxxxxxxxx> - 1.0.1-2 - Run the test suite -------------------------------------------------------------------------------- ================================================================================ vile-9.8o-1.fc19 (FEDORA-2014-14018) VI Like Emacs -------------------------------------------------------------------------------- Update Information: upgrade to 9.8o -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 9.8o-1 - upgrade to 9.8o * Fri Sep 12 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 9.8n-1 - upgrade to 9.8n * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 9.8m-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116919 - vile-9.8o is available https://bugzilla.redhat.com/show_bug.cgi?id=1116919 -------------------------------------------------------------------------------- ================================================================================ xchat-2.8.8-20.fc19 (FEDORA-2014-14082) A popular and easy to use graphical IRC (chat) client -------------------------------------------------------------------------------- Update Information: Do not force SSLv3, also allow TLSv1_X -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 1:2.8.8-20 - Do not force SSLv3, also allow TLSv1_X (#1091544) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091544 - Do not force SSLv3, also allow TLSv1_X https://bugzilla.redhat.com/show_bug.cgi?id=1091544 -------------------------------------------------------------------------------- ================================================================================ xchat-gnome-0.26.2-13.git40c5bf988.fc19 (FEDORA-2014-14082) GNOME front-end to xchat -------------------------------------------------------------------------------- Update Information: Do not force SSLv3, also allow TLSv1_X -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2014 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 0.26.2-13.git40c5bf988 - Do not force SSLv3, also allow TLSv1_X (#1091544) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091544 - Do not force SSLv3, also allow TLSv1_X https://bugzilla.redhat.com/show_bug.cgi?id=1091544 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
