The following Fedora 21 Security updates need testing: Age URL 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13535/file-5.19-7.fc21 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13537/wpa_supplicant-2.0-12.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13618/php-Smarty-3.1.21-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13647/subscription-manager-1.13.6-1.fc21,python-rhsm-1.13.6-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13628/Pound-2.7-0.4.d.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13632/seamonkey-2.30-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13910/fedup-0.9.0-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13837/konversation-1.5-7.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13983/xml-security-1.5.7-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13993/qemu-2.1.2-6.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14107/wget-1.16-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14112/pidgin-2.10.10-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14126/kernel-3.17.2-300.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14130/golang-1.3.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14096/ruby-2.1.4-24.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2014-13241/phonon-4.8.1-1.fc21 12 https://admin.fedoraproject.org/updates/FEDORA-2014-13322/perl-Encode-2.63-1.fc21 12 https://admin.fedoraproject.org/updates/FEDORA-2014-13337/libfm-1.2.3-1.fc21,pcmanfm-1.2.3-1.fc21 12 https://admin.fedoraproject.org/updates/FEDORA-2014-13273/device-mapper-multipath-0.4.9-68.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-13416/qtwebkit-2.3.4-1.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-13426/qt-4.8.6-13.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-12516/xdg-utils-1.1.0-0.31.rc2.fc21 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13104/cups-1.7.5-13.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13586/phonon-backend-gstreamer-4.8.0-3.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13583/iscsi-initiator-utils-6.2.0.873-24.gitc9d830b.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13671/spatialite-tools-4.2.0-4.fc21,sqlite-3.8.7-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13622/lldpad-0.9.46-8.git48a5f38.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13580/initial-setup-0.3.25-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13830/sddm-0.10.0-2.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13576/ibus-1.5.9-4.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13948/perl-5.18.4-305.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13900/ca-certificates-2014.2.1-1.3.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13958/emacs-24.4-2.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13975/selinux-policy-3.13.1-92.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13984/python-nss-0.16.0-0.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13976/device-mapper-persistent-data-0.4.1-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-13974/audit-2.4.1-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14134/mutter-3.14.1.5-1.fc21,gnome-shell-3.14.1.5-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14118/parted-3.2-4.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14090/createrepo_c-0.7.1-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14122/libfontenc-1.1.2-3.fc21,xorg-x11-font-utils-7.5-23.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14126/kernel-3.17.2-300.fc21 The following builds have been pushed to Fedora 21 updates-testing PyQuante-1.6.5-1.fc21 ceph-0.80.7-1.fc21 cinnamon-2.4.0-1.fc21 cinnamon-control-center-2.4.0-1.fc21 cinnamon-desktop-2.4.0-1.fc21 cinnamon-menus-2.4.0-1.fc21 cinnamon-screensaver-2.4.0-1.fc21 cinnamon-session-2.4.0-1.fc21 cinnamon-settings-daemon-2.4.1-1.fc21 cinnamon-translations-2.4.0-1.fc21 cjs-2.4.0-1.fc21 createrepo_c-0.7.1-1.fc21 dyninst-8.2.1-1.fc21 firebird-2.5.2.26539.0-13.fc21 gambit-c-4.7.3-1.fc21 girara-0.2.3-2.fc21 gnome-initial-setup-3.14.1-3.fc21 gnome-shell-3.14.1.5-1.fc21 golang-1.3.3-1.fc21 golang-github-cpuguy83-go-md2man-1-2.fc21 help2man-1.46.4-1.fc21 kernel-3.17.2-300.fc21 libfontenc-1.1.2-3.fc21 mg-20141007-1.fc21 muffin-2.4.0-1.fc21 mutter-3.14.1.5-1.fc21 nemo-2.4.0-1.fc21 nodejs-seq-0.3.5-3.fc21 parted-3.2-4.fc21 pcp-3.10.0-1.fc21 pdns-recursor-3.6.2-1.fc21 perl-Email-Sender-1.300016-1.fc21 perl-Net-DNS-SEC-0.21-1.fc21 perl-Throwable-0.200012-1.fc21 php-pear-Console-Table-1.2.1-1.fc21 pidgin-2.10.10-2.fc21 python-ase-3.8.1.3440-13.fc21 python-ndg_httpsclient-0.3.2-1.fc21 ruby-2.1.4-24.fc21 sip-4.16.4-1.fc21 stunnel-5.06-1.fc21 vile-9.8o-1.fc21 wget-1.16-1.fc21 xorg-x11-font-utils-7.5-23.fc21 zabbix-2.2.7-1.fc21 zathura-0.3.1-1.fc21 Details about builds: ================================================================================ PyQuante-1.6.5-1.fc21 (FEDORA-2014-14100) Python Quantum Chemistry -------------------------------------------------------------------------------- Update Information: Update to 1.6.5, just to fix FTBFS. No functional changes. Fix broken deps with libint on arm -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 1.6.5-1 - Update to 1.6.5. * Thu Oct 16 2014 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 1.6.4-13 - rebuilt to fix broken deps * Tue Sep 9 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 1.6.4-12 - Switch to requiring libint api version. -------------------------------------------------------------------------------- ================================================================================ ceph-0.80.7-1.fc21 (FEDORA-2014-14087) User space components of the Ceph file system -------------------------------------------------------------------------------- Update Information: This update brings the latest upstream ceph firefly version to fedora 21. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 16 2014 Boris Ranto <branto@xxxxxxxxxx - 1:0.80.7-1 - Rebase to latest upstream version * Sat Oct 11 2014 Boris Ranto <branto@xxxxxxxxxx> - 1:0.80.6-3 - Fix a typo in librados-devel vs librados2-devel dependency * Fri Oct 10 2014 Boris Ranto <branto@xxxxxxxxxx> - 1:0.80.6-2 - Provide empty file list for python-ceph-compat and ceph-devel-compat * Fri Oct 10 2014 Boris Ranto <branto@xxxxxxxxxx> - 1:0.80.6-1 - Rebase to 0.80.6 - Split ceph-devel and python-ceph packages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155264 - Provide 0.80.7 https://bugzilla.redhat.com/show_bug.cgi?id=1155264 -------------------------------------------------------------------------------- ================================================================================ cinnamon-2.4.0-1.fc21 (FEDORA-2014-14121) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-control-center-2.4.0-1.fc21 (FEDORA-2014-14121) Utilities to configure the Cinnamon desktop -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-desktop-2.4.0-1.fc21 (FEDORA-2014-14121) Shared code among cinnamon-session, nemo, etc -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-menus-2.4.0-1.fc21 (FEDORA-2014-14121) A menu system for the Cinnamon project -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-screensaver-2.4.0-1.fc21 (FEDORA-2014-14121) Cinnamon Screensaver -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-session-2.4.0-1.fc21 (FEDORA-2014-14121) Cinnamon session manager -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-settings-daemon-2.4.1-1.fc21 (FEDORA-2014-14121) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.1-1 - update to 2.4.1 * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cinnamon-translations-2.4.0-1.fc21 (FEDORA-2014-14121) Translations for Cinnamon and Nemo -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ cjs-2.4.0-1.fc21 (FEDORA-2014-14121) Javascript Bindings for Cinnamon -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ createrepo_c-0.7.1-1.fc21 (FEDORA-2014-14090) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information: Update to 0.7.1 Update to 0.7.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.1-1 - Mergerepo: Fix mergerepo - Mergerepo: Add some debugging of metadata read. * Mon Oct 20 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.0-1 - deltarpms: Update module to work with current version of drpm - mergerepo_c: Add --omit-baseurl option - craterepo_c: Gen empty repo if empty pkglist is used - Docs: Output python docs to separate directory - Several small fixes -------------------------------------------------------------------------------- ================================================================================ dyninst-8.2.1-1.fc21 (FEDORA-2014-14105) An API for Run-time Code Generation -------------------------------------------------------------------------------- Update Information: Update to point release 8.2.1. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Josh Stone <jistone@xxxxxxxxxx> - 8.2.1-1 - Update to point release 8.2.1. -------------------------------------------------------------------------------- ================================================================================ firebird-2.5.2.26539.0-13.fc21 (FEDORA-2014-14125) SQL relational database management system -------------------------------------------------------------------------------- Update Information: Remove lib64 rpaths -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Philippe Makowski <makowski@xxxxxxxxxxxxxxxxx> 2.5.2.26539.0-13 - Remove lib64 rpaths (#1154706) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154706 - rpath issue with firebird in f20 https://bugzilla.redhat.com/show_bug.cgi?id=1154706 -------------------------------------------------------------------------------- ================================================================================ gambit-c-4.7.3-1.fc21 (FEDORA-2014-14110) Scheme programming system -------------------------------------------------------------------------------- Update Information: Latest Gambit-C release, see https://github.com/feeley/gambit/commits for commits between 2014-02-05 and 2014-07-23 for changes -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 4.7.3-1 - Update to 4.7.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124050 - gambit-c-4.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124050 -------------------------------------------------------------------------------- ================================================================================ girara-0.2.3-2.fc21 (FEDORA-2014-14124) Simple user interface library -------------------------------------------------------------------------------- Update Information: Fix segmentation fault caused by bidirectional scrolling. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Petr Šabata <contyk@xxxxxxxxxx> - 0.2.3-2 - Release bump for the f21 override; needed for zathura 0.3.1 The update previous update is blocked by f21 freeze and the override cannot be reenabled -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157624 - zathura-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1157624 -------------------------------------------------------------------------------- ================================================================================ gnome-initial-setup-3.14.1-3.fc21 (FEDORA-2014-14098) Bootstrapping your OS -------------------------------------------------------------------------------- Update Information: Fixes bug 1151519 - gnome-initial-setup resets keyboard layout -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Rui Matos <rmatos@xxxxxxxxxx> - 3.14.1-3 - Resolves: rhbz#1151519 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151519 - gnome-initial-setup resets keyboard layout https://bugzilla.redhat.com/show_bug.cgi?id=1151519 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-3.14.1.5-1.fc21 (FEDORA-2014-14134) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: Update to 3.14.1.5 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Florian Müllner <fmuellner@xxxxxxxxxx> - 3.14.1.5-1 - Update to 3.14.1.5 -------------------------------------------------------------------------------- ================================================================================ golang-1.3.3-1.fc21 (FEDORA-2014-14130) The Go Programming Language -------------------------------------------------------------------------------- Update Information: update to go1.3.3 (bz1146882) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 1 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.3-1 - update to go1.3.3 (bz1146882) * Mon Sep 29 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.2-1 - update to go1.3.2 (bz1147324) * Thu Sep 11 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.1-3 - patching the tzinfo failure * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147324 - CVE-2014-7189 golang: TLS client authentication issue fixed in version 1.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=1147324 -------------------------------------------------------------------------------- ================================================================================ golang-github-cpuguy83-go-md2man-1-2.fc21 (FEDORA-2014-14129) Process markdown into manpages -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1156492 - initial fedora upload -------------------------------------------------------------------------------- References: [ 1 ] Bug #1156492 - Review Request: golang-github-cpuguy83-go-md2man - Process markdown into manpages https://bugzilla.redhat.com/show_bug.cgi?id=1156492 -------------------------------------------------------------------------------- ================================================================================ help2man-1.46.4-1.fc21 (FEDORA-2014-14092) Create simple man pages from --help output -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.46.4-1 - Upstream update. -------------------------------------------------------------------------------- ================================================================================ kernel-3.17.2-300.fc21 (FEDORA-2014-14126) The Linux kernel -------------------------------------------------------------------------------- Update Information: Linux v3.17.2. A wide variety of fixes across the tree. Even more KVM CVE fixes CVE fixes for KVM and SCTP. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.17.2-300 - Linux v3.17.2 * Tue Oct 28 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add quirk for rfkill on Yoga 3 machines (rhbz 1157327) * Fri Oct 24 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.17.1-304.fc21 - CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) - CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) - CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) - CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) - CVE-2014-8480 CVE-2014-8481 kvm: NULL pointer dereference during rip relative instruction emulation (rhbz 1156615 1156616) - Add touchpad quirk for Fujitsu Lifebook A544/AH544 models (rhbz 1111138) * Wed Oct 22 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.17.1-303 - CVE-2014-3688 sctp: remote memory pressure from excessive queuing (rhbz 1155745 1155751) - CVE-2014-3687 sctp: panic on duplicate ASCONF chunks (rhbz 1155731 1155738) - CVE-2014-3673 sctp: panic with malformed ASCONF chunks (rhbz 1147850 1155727) - CVE-2014-3690 kvm: invalid host cr4 handling (rhbz 1153322 1155372) - Add patch to fix synaptics forcepad issues (rhbz 1153381) - Add patch to fix wifi on X550VB machines (rhbz 1089731) * Fri Oct 17 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.17.1-302 - CVE-2014-8086 ext4: race condition (rhbz 1151353 1152608) * Fri Oct 17 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.17.1-301 - Enable B43_PHY_G to fix b43 driver regression (rhbz 1152502) - Add even more btrfs corruption/error fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144883 - CVE-2014-3610 kernel: kvm: noncanonical MSR writes https://bugzilla.redhat.com/show_bug.cgi?id=1144883 [ 2 ] Bug #1156615 - CVE-2014-8480 CVE-2014-8481 kernel: kvm: NULL pointer dereference during rip relative instruction emulation https://bugzilla.redhat.com/show_bug.cgi?id=1156615 [ 3 ] Bug #1156518 - CVE-2014-8369 kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path https://bugzilla.redhat.com/show_bug.cgi?id=1156518 [ 4 ] Bug #1144825 - CVE-2014-3646 kernel: kvm: vmx: invvpid vm exit not handled https://bugzilla.redhat.com/show_bug.cgi?id=1144825 [ 5 ] Bug #1144878 - CVE-2014-3611 kernel: kvm: PIT timer race condition https://bugzilla.redhat.com/show_bug.cgi?id=1144878 [ 6 ] Bug #1153322 - CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries https://bugzilla.redhat.com/show_bug.cgi?id=1153322 [ 7 ] Bug #1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing https://bugzilla.redhat.com/show_bug.cgi?id=1155745 [ 8 ] Bug #1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks https://bugzilla.redhat.com/show_bug.cgi?id=1155731 [ 9 ] Bug #1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks https://bugzilla.redhat.com/show_bug.cgi?id=1147850 -------------------------------------------------------------------------------- ================================================================================ libfontenc-1.1.2-3.fc21 (FEDORA-2014-14122) X.Org X11 libfontenc runtime library -------------------------------------------------------------------------------- Update Information: - xorg-x11-font-utils: - Drop /usr/share/fonts/X11 symlink, it causes fc-cache to scan all X11 fonts, which leads to the wrong fonts being used (rhbz#1158468) - Pass --with-fontrootdir to ./configure so that fontutil.pc gets it right - Upgrade fonttosfnt to 1.0.4 - Upgrade mkfontscale to 1.1.1 - libfontenc: - Pass --with-fontrootdir to ./configure so that libfontenc can find the encoding files (rhbz#1046341) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.1.2-3 - Pass --with-fontrootdir to ./configure so that libfontenc can find the encoding files (rhbz#1046341) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1046341 - xterm does not display EUCJP encoding https://bugzilla.redhat.com/show_bug.cgi?id=1046341 [ 2 ] Bug #1158468 - problems to print pure text files with the lpr or lp command in F21: only blank sheets are printed https://bugzilla.redhat.com/show_bug.cgi?id=1158468 -------------------------------------------------------------------------------- ================================================================================ mg-20141007-1.fc21 (FEDORA-2014-14093) Tiny Emacs-like editor -------------------------------------------------------------------------------- Update Information: upgrade to 20141007 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 20141007-1 - upgrade to 20141007 (RHBZ#1150492) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150492 - mg-20141007 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150492 -------------------------------------------------------------------------------- ================================================================================ muffin-2.4.0-1.fc21 (FEDORA-2014-14121) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ mutter-3.14.1.5-1.fc21 (FEDORA-2014-14134) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: Update to 3.14.1.5 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Florian Müllner <fmuellner@xxxxxxxxxx> - 3.14.1.5-1 - Update to 3.14.1.5 -------------------------------------------------------------------------------- ================================================================================ nemo-2.4.0-1.fc21 (FEDORA-2014-14121) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: - update to 2.4.x release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 * Tue Oct 28 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.0-0.3.gitb157906 - update to latest git -------------------------------------------------------------------------------- ================================================================================ nodejs-seq-0.3.5-3.fc21 (FEDORA-2014-14120) An asynchronous flow control library -------------------------------------------------------------------------------- Update Information: Initial package Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142050 - Review Request: nodejs-seq - An asynchronous flow control library https://bugzilla.redhat.com/show_bug.cgi?id=1142050 -------------------------------------------------------------------------------- ================================================================================ parted-3.2-4.fc21 (FEDORA-2014-14118) The GNU disk partition manipulation program -------------------------------------------------------------------------------- Update Information: Update to current master commit ac74b83 to fix fat16 resize (#1159083) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Brian C. Lane <bcl@xxxxxxxxxx> 3.2-4 - Update to current master commit ac74b83 to fix fat16 resize (#1159083) - tests: t3000-resize-fs.sh: Add requirement on mkfs.vfat (mike.fleetwood) - tests: t3000-resize-fs.sh: Add FAT16 resizing test (mike.fleetwood) - lib-fs-resize: Prevent crash resizing FAT16 file systems (mike.fleetwood) - libparted: also link to UUID_LIBS (heirecka) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159083 - libparted crashes resizing fat16 file systems https://bugzilla.redhat.com/show_bug.cgi?id=1159083 -------------------------------------------------------------------------------- ================================================================================ pcp-3.10.0-1.fc21 (FEDORA-2014-14133) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Create new sub-packages for pcp-webjs and python3-pcp. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.10.0-1 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1139529 - pmfind misleading error message when avahi not running https://bugzilla.redhat.com/show_bug.cgi?id=1139529 -------------------------------------------------------------------------------- ================================================================================ pdns-recursor-3.6.2-1.fc21 (FEDORA-2014-14095) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information: - Update to 3.6.2 - Enable security status polling Version 3.6.2 is a bugfix update to 3.6.1. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.6.2-1 - Update to 3.6.2 - Enable security status polling -------------------------------------------------------------------------------- ================================================================================ perl-Email-Sender-1.300016-1.fc21 (FEDORA-2014-14123) A library for sending email -------------------------------------------------------------------------------- Update Information: Update to the latest version -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> -1.300016-1 - 1.300016 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159047 - Please update to at least v1.300011 https://bugzilla.redhat.com/show_bug.cgi?id=1159047 -------------------------------------------------------------------------------- ================================================================================ perl-Net-DNS-SEC-0.21-1.fc21 (FEDORA-2014-14088) DNSSEC modules for Perl -------------------------------------------------------------------------------- Update Information: Updated to 0.21, restores canonicalization of a RRSIG’s Signer Name -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.21-1 - Updated to 0.21, restores canonicalization of a RRSIG’s Signer Name * Thu Aug 28 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.20-2 - Perl 5.20 rebuild * Sat Aug 16 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.20-1 - Updated to 0.20, fixes "-" (zero) salt fields in NSEC3 representation - Remove inappropriate deprecation warning in DNSKEY.pm (0.19 upstream) -------------------------------------------------------------------------------- ================================================================================ perl-Throwable-0.200012-1.fc21 (FEDORA-2014-14117) Role for classes that can be thrown -------------------------------------------------------------------------------- Update Information: Update is required for perl-Email-Sender-1.300016 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.200012-1 - 0.200012 bump -------------------------------------------------------------------------------- ================================================================================ php-pear-Console-Table-1.2.1-1.fc21 (FEDORA-2014-14114) Class that makes it easy to build console style tables -------------------------------------------------------------------------------- Update Information: Upstream changelog: Version 1.2.1: * Add travis configuration (Christian Weiske). * Try to autoload Console_Color2 first (Jurgen Rutten, PR #11). * Fix Composer definition syntax (Rob Loach, PR #9). Version 1.2.0: * Make border visibility configurable (Christian Weiske, Request #20186). * Allow to customize all border characters (Christian Weiske, Request #20182). * Fix notice when using setAlign() on other than first column (Christian Weiske, Bug #20181). * Use Console_Color2 to avoid notices from PHP 4 code (Christian Weiske, Bug #20188) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2.1-1 - Version 1.2.1 (stable) - API 1.2.0 (stable) - require Console_Color2 instead of Console_Color - drop generated changelog -------------------------------------------------------------------------------- ================================================================================ pidgin-2.10.10-2.fc21 (FEDORA-2014-14112) A Gtk+ based multiprotocol instant messaging client -------------------------------------------------------------------------------- Update Information: fix build on arches without valgrind Update to 2.10.10 Security fix for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Dan Horák <dan[at]danny.cz> - 2.10.10-2 - valgrind available only on selected arches * Wed Oct 29 2014 Jan Synáček <jsynacek@xxxxxxxxxx> - 2.10.10-1 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 * Mon Sep 15 2014 Jan Synacek <jsynacek@xxxxxxxxxx> - 2.10.9-6 - Use system valgrind.h, BZ 1141477 * Thu Aug 28 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 2.10.9-5 - Perl 5.20 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154908 - CVE-2014-3694 pidgin: SSL/TLS plug-ins failed to check Basic Constraints https://bugzilla.redhat.com/show_bug.cgi?id=1154908 [ 2 ] Bug #1154909 - CVE-2014-3695 pidgin: crash in MXit protocol plug-in https://bugzilla.redhat.com/show_bug.cgi?id=1154909 [ 3 ] Bug #1154910 - CVE-2014-3696 pidgin: denial of service parsing Groupwise server message https://bugzilla.redhat.com/show_bug.cgi?id=1154910 [ 4 ] Bug #1154911 - CVE-2014-3698 pidgin: remote information leak via crafted XMPP message https://bugzilla.redhat.com/show_bug.cgi?id=1154911 -------------------------------------------------------------------------------- ================================================================================ python-ase-3.8.1.3440-13.fc21 (FEDORA-2014-14086) Atomic Simulation Environment -------------------------------------------------------------------------------- Update Information: larger icon -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Marcin Dulak <Marcin.Dulak@xxxxxxxxx> - 3.8.1.3440-13 - larger icon - https://bugzilla.redhat.com/show_bug.cgi?id=1157516 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157516 - Application icon is too small to be used in the software center https://bugzilla.redhat.com/show_bug.cgi?id=1157516 -------------------------------------------------------------------------------- ================================================================================ python-ndg_httpsclient-0.3.2-1.fc21 (FEDORA-2014-14106) Provides enhanced HTTPS support for httplib and urllib2 using PyOpenSSL -------------------------------------------------------------------------------- Update Information: Provides enhanced HTTPS support for httplib and urllib2 using PyOpenSSL -------------------------------------------------------------------------------- References: [ 1 ] Bug #1152897 - Review Request: python-ndg_httpsclient - Provides enhanced HTTPS support for httplib and urllib2 using PyOpenSSL https://bugzilla.redhat.com/show_bug.cgi?id=1152897 -------------------------------------------------------------------------------- ================================================================================ ruby-2.1.4-24.fc21 (FEDORA-2014-14096) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information: Update to Ruby 2.1.4. Include only vendor directories, not their content (rhbz#1114071). Fix "invalid regex" warning for non-rubygem packages (rhbz#1154067). Use load macro introduced in RPM 4.12. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Vít Ondruch <vondruch@xxxxxxxxxx> - 2.1.4-24 - Update to Ruby 2.1.4. - Include only vendor directories, not their content (rhbz#1114071). - Fix "invalid regex" warning for non-rubygem packages (rhbz#1154067). - Use load macro introduced in RPM 4.12. * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157709 - CVE-2014-8080 ruby: REXML billion laughs attack via parameter entity expansion https://bugzilla.redhat.com/show_bug.cgi?id=1157709 [ 2 ] Bug #1118158 - CVE-2014-4975 ruby: off-by-one stack-based buffer overflow in the encodes() function https://bugzilla.redhat.com/show_bug.cgi?id=1118158 -------------------------------------------------------------------------------- ================================================================================ sip-4.16.4-1.fc21 (FEDORA-2014-14119) SIP - Python/C++ Bindings Generator -------------------------------------------------------------------------------- Update Information: New bugfix release (will be required by future pyqt releases). -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.16.4-1 - sip-4.16.4 -------------------------------------------------------------------------------- ================================================================================ stunnel-5.06-1.fc21 (FEDORA-2014-14111) An SSL-encrypting socket wrapper -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 17 2014 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.06-1 - New upstream release 5.06 - Addresses Poodle security issue * Wed Oct 8 2014 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.05b5-1 - rhbz #1144393: New upstream beta release - systemd socket activation support -------------------------------------------------------------------------------- ================================================================================ vile-9.8o-1.fc21 (FEDORA-2014-14135) VI Like Emacs -------------------------------------------------------------------------------- Update Information: upgrade to 9.8o -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 9.8o-1 - upgrade to 9.8o * Fri Sep 12 2014 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 9.8n-1 - upgrade to 9.8n -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116919 - vile-9.8o is available https://bugzilla.redhat.com/show_bug.cgi?id=1116919 -------------------------------------------------------------------------------- ================================================================================ wget-1.16-1.fc21 (FEDORA-2014-14107) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: security update -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Tomas Hozza <thozza@xxxxxxxxxx> - 1.16-1 - update to 1.16 - fixes CVE-2014-4877 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1139181 - CVE-2014-4877 wget: FTP symlink arbitrary filesystem access https://bugzilla.redhat.com/show_bug.cgi?id=1139181 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-font-utils-7.5-23.fc21 (FEDORA-2014-14122) X.Org X11 font utilities -------------------------------------------------------------------------------- Update Information: - xorg-x11-font-utils: - Drop /usr/share/fonts/X11 symlink, it causes fc-cache to scan all X11 fonts, which leads to the wrong fonts being used (rhbz#1158468) - Pass --with-fontrootdir to ./configure so that fontutil.pc gets it right - Upgrade fonttosfnt to 1.0.4 - Upgrade mkfontscale to 1.1.1 - libfontenc: - Pass --with-fontrootdir to ./configure so that libfontenc can find the encoding files (rhbz#1046341) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 1:7.5-23 - Drop /usr/share/fonts/X11 symlink, it causes fc-cache to scan all X11 fonts, which leads to the wrong fonts being used (rhbz#1158468) - Pass --with-fontrootdir to ./configure so that fontutil.pc gets it right - Upgrade fonttosfnt to 1.0.4 - Upgrade mkfontscale to 1.1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1046341 - xterm does not display EUCJP encoding https://bugzilla.redhat.com/show_bug.cgi?id=1046341 [ 2 ] Bug #1158468 - problems to print pure text files with the lpr or lp command in F21: only blank sheets are printed https://bugzilla.redhat.com/show_bug.cgi?id=1158468 -------------------------------------------------------------------------------- ================================================================================ zabbix-2.2.7-1.fc21 (FEDORA-2014-14138) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: http://www.zabbix.com/rn2.2.7.php -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2014 Volker Fröhlich <volker27@xxxxxx> - 2.2.7-1 - New upstream release * Mon Sep 1 2014 Volker Fröhlich <volker27@xxxxxx> - 2.2.6-2 - Install tmpfiles configuration in the proper location per guidelines, thus solving the startup trouble due to missing directories (respectively BZ 1115251, 1081584, 982001, 1135696) - Clean between builds, otherwise zabbix_{proxy,server} are compiled again on install; make server and proxy package noarch now - Set the service type to forking in unit files (BZ 1132437), add PIDFile entry, remove RemainAfterExit, change /var/run to /run - Correct path to traceroute in DB dumps again - Leave database-specific datadir subdirectories to the dbfiles sub-packages - Harmonize package descriptions and summaries -------------------------------------------------------------------------------- ================================================================================ zathura-0.3.1-1.fc21 (FEDORA-2014-14124) A lightweight document viewer -------------------------------------------------------------------------------- Update Information: Fix segmentation fault caused by bidirectional scrolling. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Petr Šabata <contyk@xxxxxxxxxx> - 0.3.1-1 - 0.3.1 bugfix bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157624 - zathura-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1157624 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
