The following Fedora 20 Security updates need testing: Age URL 187 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 81 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3.fc20 56 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 56 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 40 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 33 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 23 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20 18 https://admin.fedoraproject.org/updates/FEDORA-2014-12991/deluge-1.3.10-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-13777/Pound-2.6-8.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-13879/xml-security-1.5.7-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14033/qemu-1.6.2-10.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14058/mokutil-0.2.0-1.fc20,shim-signed-0.8-3 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14069/pidgin-2.10.10-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-14113/tnftp-20141031-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14234/claws-mail-plugins-3.11.1-1.fc20,claws-mail-3.11.1-2.fc20,libetpan-1.6-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14227/python-2.7.5-15.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14245/python3-3.3.2-18.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14247/aircrack-ng-1.2-0.3.rc1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2014-13448/libsoup-2.44.2-2.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2014-13575/xulrunner-33.0-2.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-13756/sddm-0.10.0-2.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-13875/python-nss-0.16.0-0.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-13873/device-mapper-persistent-data-0.4.1-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-13775/ibus-1.5.9-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14228/selinux-policy-3.12.1-193.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14227/python-2.7.5-15.fc20 The following builds have been pushed to Fedora 20 updates-testing R-3.1.2-1.fc20 aircrack-ng-1.2-0.3.rc1.fc20 bashmount-3.2.0-2.fc20 bindfs-1.12.6-1.fc20 claws-mail-3.11.1-2.fc20 claws-mail-plugins-3.11.1-1.fc20 dar-2.4.15-2.fc20 ettercap-0.8.1-1.fc20 getdns-0.1.5-1.fc20 gnuplot-py-1.8-18.fc20 google-noto-fonts-20141001-2.fc20 groonga-4.0.7-1.fc20 libetpan-1.6-1.fc20 libkscreen-1.0.5-2.fc20 mediawiki-1.23.6-1.fc20 opensips-1.10.3-1.fc20 perl-DateTime-TimeZone-1.76-1.fc20 perl-Return-MultiLevel-0.04-1.fc20 python-2.7.5-15.fc20 python3-3.3.2-18.fc20 rkward-0.6.1-10.fc20 rpy-2.3.10-3.fc20 selinux-policy-3.12.1-193.fc20 sonic-visualiser-2.4.1-1.fc20 sudo-1.8.11p2-1.fc20 the_silver_searcher-0.26.0-1.fc20 userspace-rcu-0.8.5-1.fc20 wine-1.7.30-1.fc20 youtube-dl-2014.11.02.1-1.fc20 Details about builds: ================================================================================ R-3.1.2-1.fc20 (FEDORA-2014-14261) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to R 3.1.2 Change /usr/lib[64]/R/etc/Makeconf from %config(noreplace) to %config to force it to be updated when upgrading. Without this change, the TCL_LIBS variable can be set incorrectly. The old Makeconf file will be preserved as Makeconf.rpmold -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.1.2-1 - update to 3.1.2 * Wed Oct 29 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.1.1-8 - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158425 - package install fails with infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=1158425 -------------------------------------------------------------------------------- ================================================================================ aircrack-ng-1.2-0.3.rc1.fc20 (FEDORA-2014-14247) 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-8321, CVE-2014-8322, CVE-2014-8323, CVE-2014-8324 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Till Maas <opensource@xxxxxxxxx> - 1.2-0.3.rc1 - Update to new release to address CVE-2014-8324, CVE-2014-8321, CVE-2014-8323 and CVE-2014-8322 * Wed Jan 15 2014 Till Maas <opensource@xxxxxxxxx> - 1.2-0.2.beta2 - Update to new release * Sun Oct 13 2013 Till Maas <opensource@xxxxxxxxx> - 1.2-0.1.beta1 - Update to new release - harden build - Run testsuite - fix bogus date in changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159812 - CVE-2014-8321 CVE-2014-8322 CVE-2014-8323 CVE-2014-8324 aircrack-ng: multiple vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1159812 -------------------------------------------------------------------------------- ================================================================================ bashmount-3.2.0-2.fc20 (FEDORA-2014-14260) A menu-driven bash script for mounting removable media -------------------------------------------------------------------------------- Update Information: Unretire package. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 26 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 3.2.0-2 - do not depend on udisks2 on EL6 * Sat Apr 19 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 3.2.0-1 - update to upstream release 3.2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1089493 - Review Request: bashmount - A menu-driven bash script for mounting removable media https://bugzilla.redhat.com/show_bug.cgi?id=1089493 -------------------------------------------------------------------------------- ================================================================================ bindfs-1.12.6-1.fc20 (FEDORA-2014-14249) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: Fix bug when --mirror @group is used: https://github.com/mpartel/bindfs/issues/19 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Till Maas <opensource@xxxxxxxxx> - 1.12.6-1 - Update to new release * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.12.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.12.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jun 5 2014 Till Maas <opensource@xxxxxxxxx> - 1.12.4-1 - Update to new release * Wed Jan 15 2014 Till Maas <opensource@xxxxxxxxx> - 1.12.3-1 - Update to new release - Harden build -------------------------------------------------------------------------------- References: [ 1 ] Bug #916910 - bindfs-1.12.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=916910 -------------------------------------------------------------------------------- ================================================================================ claws-mail-3.11.1-2.fc20 (FEDORA-2014-14234) Email client and news reader based on GTK+ -------------------------------------------------------------------------------- Update Information: * SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566. * Several PGP/Core plugin improvements * A new version of the RSSyl plugin, completely redesigned and rewritten. * The results of TAB address completion in the Compose window have improved ordering. * Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. * In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. * In the Compose window, a mnemonic (s) has been added to the Subject line. * The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. * When sorting messages by 'thread date', clicking the 'Date' column header will now toggle between ascending/descending and will not switch to 'date' sorting. * A new QuickSearch filter has been added that searches a header's content only. H S : messages which contain S in the value of any header. * A Reply-To field has been added to the main Template configuration. * The menubar can now be hidden, default hotkey: F12. * Fancy plugin: A user-controlled stylesheet can now be used. * Python plugin: Add flag attributes to MessageInfo object. * Python plugin: Make 'account' property of ComposeWindow read/write. * Libravatar plugin: a network timeout option has been added. * Use 'gnutls_priority' hidden account preference for POP3 and STARTTLS connections, in addition to SMTP. * RSSyl plugin: Enable use of .netrc to store network credentials. * The tbird2claws.py script, for converting a Thunderbird mailbox to a Claws Mail mailbox, now handles sub-directory recursion. * Updated translations * Various Bugfixes New in 3.10.1: * Add an account preference to allow automatically accepting unknown and changed SSL certificates, if they're valid (that is, if the root CA is trusted by the distro). * RFE 3196, 'When changing quicksearch Search Type, set focus to search input box' * PGP/Core plugin: Generate 2048 bit RSA keys. * Major code cleanup. * Extended claws-mail.desktop with Compose and Receive actions. * Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto, Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Bug fixes New in 3.10.0: * Complete SSL certificate chains are now saved, and if built with Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made available. Both of these allow correct certificate verification instead of a bogus 'No certificate issuer found' status. * Auto-configuration of account email servers, based on SRV records, is now possible. (GLib >= 2.22 is required.) * Added a preference to avoid automatically drafting emails that are to be sent encrypted, (Configuration/Preferences/Compose/Writing). * Messages saved as Drafts are now saved as New, highlighting the Drafts folder, in order to draw the attention to unfinished mails there. * It is now possible to add a 'Replace signature' button to the Compose window toolbar. * Quotation wrapping and undo/redo in the Compose window has been improved. * 'Reply to all' now excludes your own address. * The 'Generate X-Mailer header' option has been renamed 'Add user agent header' and applies to both X-Mailer and X-Newsreader headers. * Added hidden preferences, 'address_search_wildcard' and 'folder_search_wildcard', to choose between matching from start of the folder name/address or any part of the name. (Activating these options restores the previous behaviour.) * Added hidden preference 'enable_avatars' to control the internal capture/render process, and which allows disabling it by external plugins for example. * 'Check for new folders' now only updates the folder list, not updating the contents of folders. If needed, it can be followed by 'Check for new messages' * When using Redirect, the redirecting account's address is used in the SMTP MAIL FROM instead of the original sender's address. * NEW: Libravatar plugin, which displays avatars from https://www.libravatar.org/ * Added support for an arbitrary number and sources of 'avatars' and images for email senders, and migrated Face and X-Face headers. * Avatars are now included when printing mails. * The GPG keyring can now be used as the source for address auto-completion. * The vCalendar and RSSyl plugins now have an option to disable SSL certificate verification (and check them by default). * The ClamAV plugin now pops up an error message only once instead of repeatedly * Updated the man page and the manual. * Updated Brazilian Portuguese, British English, Czech, Dutch, Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Added Esperanto translation. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 1 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.11.1-2 - bump for libetpan 1.6 * Fri Oct 31 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.11.1-1 - version upgrade - appdata removed upstream * Sat Oct 25 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata * Thu Aug 28 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 3.10.1-3 - Perl 5.20 rebuild * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153970 - claws-mail: disable SSLv3 completely https://bugzilla.redhat.com/show_bug.cgi?id=1153970 [ 2 ] Bug #569478 - upstream bug 2769: crash when activating offline mode during IMAP remote activity https://bugzilla.redhat.com/show_bug.cgi?id=569478 [ 3 ] Bug #601982 - [abrt] crash in claws-mail-3.7.6-1.fc13: in compose_close at compose.c:11016 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=601982 [ 4 ] Bug #977924 - [abrt] IMAP interruption side-effects / claws-mail-3.9.2-1.fc19: folder_item_get_msginfo_by_msgid: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=977924 [ 5 ] Bug #982533 - [abrt] IMAP interruptions side-effects / claws-mail-3.9.2-1.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=982533 [ 6 ] Bug #990650 - [abrt] claws-mail-3.9.2-3.fc19: standard_calloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=990650 [ 7 ] Bug #1011098 - [abrt] claws-mail-3.9.2-7.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1011098 [ 8 ] Bug #1010993 - [abrt] claws-mail-3.9.2-7.fc19: gdata plugin gnutls_init in _int_malloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1010993 [ 9 ] Bug #1035851 - [abrt] mark as read / claws-mail-3.9.2-7.fc19: gtk_cmctree_is_viewable: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1035851 [ 10 ] Bug #1036346 - [abrt] claws-mail-3.9.2-7.fc20: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1036346 [ 11 ] Bug #1063035 - [abrt] claws-mail: allocator_memalign(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1063035 [ 12 ] Bug #1070480 - Claws-Mail IMAP related memory corruption crash while waiting for server response and a network reconnection happens https://bugzilla.redhat.com/show_bug.cgi?id=1070480 [ 13 ] Bug #1071327 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1071327 [ 14 ] Bug #1076387 - [abrt] claws-mail: summary_delete_row(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1076387 [ 15 ] Bug #1078996 - [abrt] claws-mail: malloc crash from within _cairo_polygon_intersect(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1078996 [ 16 ] Bug #1079509 - [abrt] claws-mail: folder_item_get_msginfo_by_msgid(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079509 [ 17 ] Bug #1079620 - [abrt] claws-mail: set_cell_contents(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079620 [ 18 ] Bug #1081224 - [abrt] claws-mail: summary_set_row_marks(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1081224 [ 19 ] Bug #1085382 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1085382 [ 20 ] Bug #1090300 - [abrt] claws-mail: row_is_selected(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1090300 [ 21 ] Bug #1096041 - [abrt] IMAP interruptions side-effects / g_malloc0(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096041 [ 22 ] Bug #1096895 - [abrt] IMAP interruptions side-effects / at malloc.c:3645 / _cairo_traps_grow(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096895 [ 23 ] Bug #1110255 - claws-mail: stack-based off-by-one in HTML parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1110255 -------------------------------------------------------------------------------- ================================================================================ claws-mail-plugins-3.11.1-1.fc20 (FEDORA-2014-14234) Additional plugins for Claws Mail -------------------------------------------------------------------------------- Update Information: * SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566. * Several PGP/Core plugin improvements * A new version of the RSSyl plugin, completely redesigned and rewritten. * The results of TAB address completion in the Compose window have improved ordering. * Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. * In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. * In the Compose window, a mnemonic (s) has been added to the Subject line. * The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. * When sorting messages by 'thread date', clicking the 'Date' column header will now toggle between ascending/descending and will not switch to 'date' sorting. * A new QuickSearch filter has been added that searches a header's content only. H S : messages which contain S in the value of any header. * A Reply-To field has been added to the main Template configuration. * The menubar can now be hidden, default hotkey: F12. * Fancy plugin: A user-controlled stylesheet can now be used. * Python plugin: Add flag attributes to MessageInfo object. * Python plugin: Make 'account' property of ComposeWindow read/write. * Libravatar plugin: a network timeout option has been added. * Use 'gnutls_priority' hidden account preference for POP3 and STARTTLS connections, in addition to SMTP. * RSSyl plugin: Enable use of .netrc to store network credentials. * The tbird2claws.py script, for converting a Thunderbird mailbox to a Claws Mail mailbox, now handles sub-directory recursion. * Updated translations * Various Bugfixes New in 3.10.1: * Add an account preference to allow automatically accepting unknown and changed SSL certificates, if they're valid (that is, if the root CA is trusted by the distro). * RFE 3196, 'When changing quicksearch Search Type, set focus to search input box' * PGP/Core plugin: Generate 2048 bit RSA keys. * Major code cleanup. * Extended claws-mail.desktop with Compose and Receive actions. * Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto, Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Bug fixes New in 3.10.0: * Complete SSL certificate chains are now saved, and if built with Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made available. Both of these allow correct certificate verification instead of a bogus 'No certificate issuer found' status. * Auto-configuration of account email servers, based on SRV records, is now possible. (GLib >= 2.22 is required.) * Added a preference to avoid automatically drafting emails that are to be sent encrypted, (Configuration/Preferences/Compose/Writing). * Messages saved as Drafts are now saved as New, highlighting the Drafts folder, in order to draw the attention to unfinished mails there. * It is now possible to add a 'Replace signature' button to the Compose window toolbar. * Quotation wrapping and undo/redo in the Compose window has been improved. * 'Reply to all' now excludes your own address. * The 'Generate X-Mailer header' option has been renamed 'Add user agent header' and applies to both X-Mailer and X-Newsreader headers. * Added hidden preferences, 'address_search_wildcard' and 'folder_search_wildcard', to choose between matching from start of the folder name/address or any part of the name. (Activating these options restores the previous behaviour.) * Added hidden preference 'enable_avatars' to control the internal capture/render process, and which allows disabling it by external plugins for example. * 'Check for new folders' now only updates the folder list, not updating the contents of folders. If needed, it can be followed by 'Check for new messages' * When using Redirect, the redirecting account's address is used in the SMTP MAIL FROM instead of the original sender's address. * NEW: Libravatar plugin, which displays avatars from https://www.libravatar.org/ * Added support for an arbitrary number and sources of 'avatars' and images for email senders, and migrated Face and X-Face headers. * Avatars are now included when printing mails. * The GPG keyring can now be used as the source for address auto-completion. * The vCalendar and RSSyl plugins now have an option to disable SSL certificate verification (and check them by default). * The ClamAV plugin now pops up an error message only once instead of repeatedly * Updated the man page and the manual. * Updated Brazilian Portuguese, British English, Czech, Dutch, Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Added Esperanto translation. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.11.1-1 - bump for 3.11.1 release * Sat Oct 25 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.11.0-1 - bump for 3.11.0 release * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153970 - claws-mail: disable SSLv3 completely https://bugzilla.redhat.com/show_bug.cgi?id=1153970 [ 2 ] Bug #569478 - upstream bug 2769: crash when activating offline mode during IMAP remote activity https://bugzilla.redhat.com/show_bug.cgi?id=569478 [ 3 ] Bug #601982 - [abrt] crash in claws-mail-3.7.6-1.fc13: in compose_close at compose.c:11016 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=601982 [ 4 ] Bug #977924 - [abrt] IMAP interruption side-effects / claws-mail-3.9.2-1.fc19: folder_item_get_msginfo_by_msgid: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=977924 [ 5 ] Bug #982533 - [abrt] IMAP interruptions side-effects / claws-mail-3.9.2-1.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=982533 [ 6 ] Bug #990650 - [abrt] claws-mail-3.9.2-3.fc19: standard_calloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=990650 [ 7 ] Bug #1011098 - [abrt] claws-mail-3.9.2-7.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1011098 [ 8 ] Bug #1010993 - [abrt] claws-mail-3.9.2-7.fc19: gdata plugin gnutls_init in _int_malloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1010993 [ 9 ] Bug #1035851 - [abrt] mark as read / claws-mail-3.9.2-7.fc19: gtk_cmctree_is_viewable: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1035851 [ 10 ] Bug #1036346 - [abrt] claws-mail-3.9.2-7.fc20: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1036346 [ 11 ] Bug #1063035 - [abrt] claws-mail: allocator_memalign(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1063035 [ 12 ] Bug #1070480 - Claws-Mail IMAP related memory corruption crash while waiting for server response and a network reconnection happens https://bugzilla.redhat.com/show_bug.cgi?id=1070480 [ 13 ] Bug #1071327 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1071327 [ 14 ] Bug #1076387 - [abrt] claws-mail: summary_delete_row(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1076387 [ 15 ] Bug #1078996 - [abrt] claws-mail: malloc crash from within _cairo_polygon_intersect(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1078996 [ 16 ] Bug #1079509 - [abrt] claws-mail: folder_item_get_msginfo_by_msgid(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079509 [ 17 ] Bug #1079620 - [abrt] claws-mail: set_cell_contents(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079620 [ 18 ] Bug #1081224 - [abrt] claws-mail: summary_set_row_marks(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1081224 [ 19 ] Bug #1085382 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1085382 [ 20 ] Bug #1090300 - [abrt] claws-mail: row_is_selected(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1090300 [ 21 ] Bug #1096041 - [abrt] IMAP interruptions side-effects / g_malloc0(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096041 [ 22 ] Bug #1096895 - [abrt] IMAP interruptions side-effects / at malloc.c:3645 / _cairo_traps_grow(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096895 [ 23 ] Bug #1110255 - claws-mail: stack-based off-by-one in HTML parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1110255 -------------------------------------------------------------------------------- ================================================================================ dar-2.4.15-2.fc20 (FEDORA-2014-14243) Software for making/restoring incremental CD/DVD backups -------------------------------------------------------------------------------- Update Information: libdar-devel: include pkg-config file -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 2 2014 Luis Bazan <lbazan@xxxxxxxxxxxxxxxxx> - 2.4.15-2 - add pkgconfig -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077403 - libdar-devel: include pkg-config file https://bugzilla.redhat.com/show_bug.cgi?id=1077403 -------------------------------------------------------------------------------- ================================================================================ ettercap-0.8.1-1.fc20 (FEDORA-2014-14262) Network traffic sniffer/analyser, NCURSES interface version -------------------------------------------------------------------------------- Update Information: Upstream maintenance release, including a crash fix. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 0.8.1-1 - 0.8.1. * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ getdns-0.1.5-1.fc20 (FEDORA-2014-14263) Modern asynchronous API to the DNS -------------------------------------------------------------------------------- Update Information: Updated to 0.1.5 with bugfixes and persistent TCP connections -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.1.5-1 - Updated to 0.1.5 with bugfixes and persistent TCP connections - Example code moved into spec/ * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Jul 2 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.1.3-1 - Updated to 0.1.3 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 22 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 0.1.1-2 - Build with libevent support -------------------------------------------------------------------------------- ================================================================================ gnuplot-py-1.8-18.fc20 (FEDORA-2014-14006) Python interface to Gnuplot -------------------------------------------------------------------------------- Update Information: Fixes a problem with python 2.7 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Sergio Pascual <sergiopr@xxxxxxxxxxxxxxxxx> - 1.8-18 - Revert change in build/install, it breaks eggs * Wed Oct 29 2014 Sergio Pascual <sergiopr@xxxxxxxxxxxxxxxxx> - 1.8-17 - Patch to fix bz #1158546 - Cleanup of old rpm macros * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158546 - gnuplot-py is not compatible with Python 2.7 https://bugzilla.redhat.com/show_bug.cgi?id=1158546 -------------------------------------------------------------------------------- ================================================================================ google-noto-fonts-20141001-2.fc20 (FEDORA-2014-14248) Hinted and Non Hinted open type fonts for Unicode scripts -------------------------------------------------------------------------------- Update Information: This is an update that resolved typo in fontconfig file. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Pravin Satpute <psatpute@xxxxxxxxxx> - 20141001-2 - Resolves #1159562: Typo in fontconfig file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159562 - Typo in /etc/fonts/conf.d/66-google-noto-sans-old-italic.conf https://bugzilla.redhat.com/show_bug.cgi?id=1159562 -------------------------------------------------------------------------------- ================================================================================ groonga-4.0.7-1.fc20 (FEDORA-2014-14267) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: Update to 4.0.7 See http://groonga.org/docs/news.html#release-4-0-7 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 4 2014 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 4.0.7-1 - new upstream release. - drop lzo support. - add lz4 support. - add groonga-plugin-token-filters sub package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153952 - groonga-4.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1153952 -------------------------------------------------------------------------------- ================================================================================ libetpan-1.6-1.fc20 (FEDORA-2014-14234) Portable, efficient middle-ware for different kinds of mail access -------------------------------------------------------------------------------- Update Information: * SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566. * Several PGP/Core plugin improvements * A new version of the RSSyl plugin, completely redesigned and rewritten. * The results of TAB address completion in the Compose window have improved ordering. * Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. * In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. * In the Compose window, a mnemonic (s) has been added to the Subject line. * The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. * When sorting messages by 'thread date', clicking the 'Date' column header will now toggle between ascending/descending and will not switch to 'date' sorting. * A new QuickSearch filter has been added that searches a header's content only. H S : messages which contain S in the value of any header. * A Reply-To field has been added to the main Template configuration. * The menubar can now be hidden, default hotkey: F12. * Fancy plugin: A user-controlled stylesheet can now be used. * Python plugin: Add flag attributes to MessageInfo object. * Python plugin: Make 'account' property of ComposeWindow read/write. * Libravatar plugin: a network timeout option has been added. * Use 'gnutls_priority' hidden account preference for POP3 and STARTTLS connections, in addition to SMTP. * RSSyl plugin: Enable use of .netrc to store network credentials. * The tbird2claws.py script, for converting a Thunderbird mailbox to a Claws Mail mailbox, now handles sub-directory recursion. * Updated translations * Various Bugfixes New in 3.10.1: * Add an account preference to allow automatically accepting unknown and changed SSL certificates, if they're valid (that is, if the root CA is trusted by the distro). * RFE 3196, 'When changing quicksearch Search Type, set focus to search input box' * PGP/Core plugin: Generate 2048 bit RSA keys. * Major code cleanup. * Extended claws-mail.desktop with Compose and Receive actions. * Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto, Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Bug fixes New in 3.10.0: * Complete SSL certificate chains are now saved, and if built with Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made available. Both of these allow correct certificate verification instead of a bogus 'No certificate issuer found' status. * Auto-configuration of account email servers, based on SRV records, is now possible. (GLib >= 2.22 is required.) * Added a preference to avoid automatically drafting emails that are to be sent encrypted, (Configuration/Preferences/Compose/Writing). * Messages saved as Drafts are now saved as New, highlighting the Drafts folder, in order to draw the attention to unfinished mails there. * It is now possible to add a 'Replace signature' button to the Compose window toolbar. * Quotation wrapping and undo/redo in the Compose window has been improved. * 'Reply to all' now excludes your own address. * The 'Generate X-Mailer header' option has been renamed 'Add user agent header' and applies to both X-Mailer and X-Newsreader headers. * Added hidden preferences, 'address_search_wildcard' and 'folder_search_wildcard', to choose between matching from start of the folder name/address or any part of the name. (Activating these options restores the previous behaviour.) * Added hidden preference 'enable_avatars' to control the internal capture/render process, and which allows disabling it by external plugins for example. * 'Check for new folders' now only updates the folder list, not updating the contents of folders. If needed, it can be followed by 'Check for new messages' * When using Redirect, the redirecting account's address is used in the SMTP MAIL FROM instead of the original sender's address. * NEW: Libravatar plugin, which displays avatars from https://www.libravatar.org/ * Added support for an arbitrary number and sources of 'avatars' and images for email senders, and migrated Face and X-Face headers. * Avatars are now included when printing mails. * The GPG keyring can now be used as the source for address auto-completion. * The vCalendar and RSSyl plugins now have an option to disable SSL certificate verification (and check them by default). * The ClamAV plugin now pops up an error message only once instead of repeatedly * Updated the man page and the manual. * Updated Brazilian Portuguese, British English, Czech, Dutch, Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations. * Added Esperanto translation. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 1 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.6-1 - version upgrade (rhbz#1159493) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153970 - claws-mail: disable SSLv3 completely https://bugzilla.redhat.com/show_bug.cgi?id=1153970 [ 2 ] Bug #569478 - upstream bug 2769: crash when activating offline mode during IMAP remote activity https://bugzilla.redhat.com/show_bug.cgi?id=569478 [ 3 ] Bug #601982 - [abrt] crash in claws-mail-3.7.6-1.fc13: in compose_close at compose.c:11016 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=601982 [ 4 ] Bug #977924 - [abrt] IMAP interruption side-effects / claws-mail-3.9.2-1.fc19: folder_item_get_msginfo_by_msgid: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=977924 [ 5 ] Bug #982533 - [abrt] IMAP interruptions side-effects / claws-mail-3.9.2-1.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=982533 [ 6 ] Bug #990650 - [abrt] claws-mail-3.9.2-3.fc19: standard_calloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=990650 [ 7 ] Bug #1011098 - [abrt] claws-mail-3.9.2-7.fc19: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1011098 [ 8 ] Bug #1010993 - [abrt] claws-mail-3.9.2-7.fc19: gdata plugin gnutls_init in _int_malloc: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1010993 [ 9 ] Bug #1035851 - [abrt] mark as read / claws-mail-3.9.2-7.fc19: gtk_cmctree_is_viewable: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1035851 [ 10 ] Bug #1036346 - [abrt] claws-mail-3.9.2-7.fc20: g_malloc0: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1036346 [ 11 ] Bug #1063035 - [abrt] claws-mail: allocator_memalign(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1063035 [ 12 ] Bug #1070480 - Claws-Mail IMAP related memory corruption crash while waiting for server response and a network reconnection happens https://bugzilla.redhat.com/show_bug.cgi?id=1070480 [ 13 ] Bug #1071327 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1071327 [ 14 ] Bug #1076387 - [abrt] claws-mail: summary_delete_row(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1076387 [ 15 ] Bug #1078996 - [abrt] claws-mail: malloc crash from within _cairo_polygon_intersect(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1078996 [ 16 ] Bug #1079509 - [abrt] claws-mail: folder_item_get_msginfo_by_msgid(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079509 [ 17 ] Bug #1079620 - [abrt] claws-mail: set_cell_contents(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079620 [ 18 ] Bug #1081224 - [abrt] claws-mail: summary_set_row_marks(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1081224 [ 19 ] Bug #1085382 - [abrt] claws-mail: g_malloc(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1085382 [ 20 ] Bug #1090300 - [abrt] claws-mail: row_is_selected(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1090300 [ 21 ] Bug #1096041 - [abrt] IMAP interruptions side-effects / g_malloc0(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096041 [ 22 ] Bug #1096895 - [abrt] IMAP interruptions side-effects / at malloc.c:3645 / _cairo_traps_grow(): claws-mail killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1096895 [ 23 ] Bug #1110255 - claws-mail: stack-based off-by-one in HTML parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1110255 -------------------------------------------------------------------------------- ================================================================================ libkscreen-1.0.5-2.fc20 (FEDORA-2014-14264) Display configuration library -------------------------------------------------------------------------------- Update Information: Latest stable bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 1 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.5-2 - pkgconfig-style deps, -devel: +Requires: pkgconfig(QJson) * Fri Oct 31 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.5-1 - 1.0.5 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:1.0.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:1.0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 15 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:1.0.4-2 - update URL * Tue May 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:1.0.4-1 - 1.0.4 -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.23.6-1.fc20 (FEDORA-2014-14231) A wiki engine -------------------------------------------------------------------------------- Update Information: * (bug 67440) Allow classes to be registered properly from installer * (bug 72274) Job queue not running (HTTP 411) due to missing Content-Length: header -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Michael Cronenworth <mike@xxxxxxxxxx> - 1.23.6-1 - Update to 1.23.6 - (bug 67440) Allow classes to be registered properly from installer - (bug 72274) Job queue not running (HTTP 411) due to missing Content-Length: header -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159500 - mediawiki-1.23.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1159500 -------------------------------------------------------------------------------- ================================================================================ opensips-1.10.3-1.fc20 (FEDORA-2014-14242) Open Source SIP Server -------------------------------------------------------------------------------- Update Information: * Ver. 1.10.3 (bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-1 - Ver. 1.10.3 - Fixed FTBFS in F22 (see rhbz #1124390) * Fri Aug 29 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.10.1-4 - Perl 5.20 rebuild * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124390 - opensips-1.10.1-2.fc22 FTBFS: array_del.c:29:23: fatal error: json/json.h: No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=1124390 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.76-1.fc20 (FEDORA-2014-14235) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: This release improves parsing old Olson database and improves internal tests. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1.76-1 - 1.76 bump - Keep preferring /etc/localtime (bug #1159509) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159509 - perl-DateTime-TimeZone-1.76 is available https://bugzilla.redhat.com/show_bug.cgi?id=1159509 -------------------------------------------------------------------------------- ================================================================================ perl-Return-MultiLevel-0.04-1.fc20 (FEDORA-2014-14230) Return across multiple call levels -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151415 - Review Request: perl-Return-MultiLevel - Return across multiple call levels https://bugzilla.redhat.com/show_bug.cgi?id=1151415 -------------------------------------------------------------------------------- ================================================================================ python-2.7.5-15.fc20 (FEDORA-2014-14227) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Slavek Kabrda <bkabrda@xxxxxxxxxx> - 2.7.5-15 - Fix CVE-2014-4650 - CGIHTTPServer URL handling Resolves: rhbz#1113528 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1113528 - CVE-2014-4650 python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1113528 -------------------------------------------------------------------------------- ================================================================================ python3-3.3.2-18.fc20 (FEDORA-2014-14245) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs. Fix for CVE-2014-4650 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Slavek Kabrda <bkabrda@xxxxxxxxxx> - 3.3.2-18 - Fix CVE-2014-4650 - CGIHTTPServer URL handling Resolves: rhbz#1113529 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1112285 - CVE-2014-4616 python: missing boundary check in JSON module https://bugzilla.redhat.com/show_bug.cgi?id=1112285 -------------------------------------------------------------------------------- ================================================================================ rkward-0.6.1-10.fc20 (FEDORA-2014-14261) Graphical frontend for R language -------------------------------------------------------------------------------- Update Information: Update to R 3.1.2 Change /usr/lib[64]/R/etc/Makeconf from %config(noreplace) to %config to force it to be updated when upgrading. Without this change, the TCL_LIBS variable can be set incorrectly. The old Makeconf file will be preserved as Makeconf.rpmold -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 0.6.1-10 - rebuild for R 3.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158425 - package install fails with infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=1158425 -------------------------------------------------------------------------------- ================================================================================ rpy-2.3.10-3.fc20 (FEDORA-2014-14261) Python interface to the R language -------------------------------------------------------------------------------- Update Information: Update to R 3.1.2 Change /usr/lib[64]/R/etc/Makeconf from %config(noreplace) to %config to force it to be updated when upgrading. Without this change, the TCL_LIBS variable can be set incorrectly. The old Makeconf file will be preserved as Makeconf.rpmold -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.3.10-3 - R 3.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158425 - package install fails with infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=1158425 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-193.fc20 (FEDORA-2014-14228) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=589696 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-193 - Label also logrotate.status.tmp as logrotate_var_lib_t. BZ(1158835) - xserver_manage_xdm_tmp_files is depracated and replaced with userdom_manage_user_tmp_files - Allow abrt to read software raid state. BZ (1157770) - Allow rabbitmq to read nfs state data. BZ(1122412) - Allow modemmanger to connectto itself -------------------------------------------------------------------------------- References: [ 1 ] Bug #1122412 - SELinux is preventing /usr/bin/df from 'search' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1122412 [ 2 ] Bug #1159241 - SELinux is preventing /usr/bin/pulseaudio from 'execute' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1159241 [ 3 ] Bug #1159699 - URL from selinux-policy-targeted RPM is wrong https://bugzilla.redhat.com/show_bug.cgi?id=1159699 -------------------------------------------------------------------------------- ================================================================================ sonic-visualiser-2.4.1-1.fc20 (FEDORA-2014-14258) A program for viewing and exploring audio data -------------------------------------------------------------------------------- Update Information: Latest upstream release, see CHANGELOG for full details -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 2 2014 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 2.4.1-1 - Update to 2.4.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #991788 - sonic-visualiser-2.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=991788 -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.11p2-1.fc20 (FEDORA-2014-14265) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: Update to 1.8.11p2 Major upstream changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag Distribution specific changes: - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.8.11p2-1 - update to 1.8.11p2 - added patch to fix upstream bug #671 -- exiting immediately when audit is disabled * Tue Sep 30 2014 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.8.11-1 - update to 1.8.11 - major changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i * Tue Aug 5 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.8.8-5 - fix license handling * Sat May 31 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.8.8-4 - Drop ChangeLog, we ship NEWS * Mon Mar 10 2014 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.8.8-3 - remove bundled copy of zlib before compilation - drop the requiretty Defaults setting from sudoers * Sat Jan 25 2014 Ville Skyttä <ville.skytta@xxxxxx> - 1.8.8-2 - Own the %{_libexecdir}/sudo dir. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065423 - -sesh replaces /path/to/myshell with /path/to-myshell instead of -myshell https://bugzilla.redhat.com/show_bug.cgi?id=1065423 [ 2 ] Bug #979382 - sudo packages requires vim-minimal https://bugzilla.redhat.com/show_bug.cgi?id=979382 [ 3 ] Bug #1006611 - sudo: internal error, tried to erealloc3(0) on sudorule with hostgroup https://bugzilla.redhat.com/show_bug.cgi?id=1006611 [ 4 ] Bug #1034533 - inclusion of system-auth for session hooks missing in sudo PAM snippets https://bugzilla.redhat.com/show_bug.cgi?id=1034533 [ 5 ] Bug #917887 - sudo does not honour PAM environment set from PAM session hooks https://bugzilla.redhat.com/show_bug.cgi?id=917887 -------------------------------------------------------------------------------- ================================================================================ the_silver_searcher-0.26.0-1.fc20 (FEDORA-2014-14236) Super-fast text searching tool (ag) -------------------------------------------------------------------------------- Update Information: update to 0.26.0 update to 0.25.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Kenjiro Nakayama <nakayamakenjiro@xxxxxxxxx> - 0.26.0-1 - update to 0.26.0 * Wed Oct 15 2014 Kenjiro Nakayama <nakayamakenjiro@xxxxxxxxx> - 0.25.0-1 - update to 0.25.0 -------------------------------------------------------------------------------- ================================================================================ userspace-rcu-0.8.5-1.fc20 (FEDORA-2014-14259) RCU (read-copy-update) implementation in user space -------------------------------------------------------------------------------- Update Information: New upstream release New upstream release -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 2 2014 Suchakra Sharma <suchakra@xxxxxxxxxxxxxxxxx> - 0.8.5-1 - New upstream release * Mon Feb 10 2014 Yannick Brosseau <yannick.brosseau@xxxxxxxxx> 0.8.1-1 - New upstream release * Sat Jan 18 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.7.9-1 - Update to 0.7.9 -------------------------------------------------------------------------------- ================================================================================ wine-1.7.30-1.fc20 (FEDORA-2014-14256) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: * More support for fonts in DirectWrite. * Improved ATL thunk support. * A few more C runtime functions. * Regedit import/export fixes. * Various bug fixes. * Support for shaping and BiDi mirroring in DirectWrite. * Some page fault handling fixes. * A few more C runtime functions. * Various bug fixes. * Support for shaping and BiDi mirroring in DirectWrite. * Some page fault handling fixes. * A few more C runtime functions. * Various bug fixes. * Support for shaping and BiDi mirroring in DirectWrite. * Some page fault handling fixes. * A few more C runtime functions. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 2 2014 Andreas Bierfert <andreas.bierfert@xxxxxxxxxxxxx> - 1.7.30-1 - version upgrade (rhbz#1159548) - use winepulse patch from compholio patchset when build w/o compholio (rhbz#1151862) * Fri Oct 24 2014 Michael Cronenworth <mike@xxxxxxxxxx> - 1.7.29-1 - version upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151862 - No need for un-workable wine-pulse patch https://bugzilla.redhat.com/show_bug.cgi?id=1151862 [ 2 ] Bug #1154275 - wine-1.7.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1154275 -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2014.11.02.1-1.fc20 (FEDORA-2014-14232) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: - Update to latest upstream release - add zsh completion -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Till Maas <opensource@xxxxxxxxx> - 2014.11.02.1-1 - Update to latest release - Add zsh completion file - Add GPG key verification -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146499 - youtube-dl-2014.11.02.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1146499 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
