The following Fedora 20 Security updates need testing: Age URL 194 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 63 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 63 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20 47 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20 39 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 30 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-14247/aircrack-ng-1.2-0.3.rc1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13791/konversation-1.5.1-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-14506/oath-toolkit-2.4.1-6.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-14493/python-requests-kerberos-0.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-14674/drupal7-ckeditor-1.16-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14775/python-pillow-2.2.1-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14760/gnutls-3.1.28-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 5 https://admin.fedoraproject.org/updates/FEDORA-2014-14389/colord-1.1.8-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-14526/pcre-8.33-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14769/systemd-208-28.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14728/xkeyboard-config-2.10.1-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14760/gnutls-3.1.28-1.fc20 The following builds have been pushed to Fedora 20 updates-testing gitolite3-3.6.2-1.fc20 gnutls-3.1.28-1.fc20 java-1.8.0-openjdk-1.8.0.25-3.b18.fc20 perl-Devel-OverloadInfo-0.002-2.fc20 perl-Parse-CPAN-Distributions-0.14-1.fc20 php-horde-Horde-Core-2.16.1-1.fc20 php-horde-Horde-Imap-Client-2.25.3-1.fc20 php-tcpdf-6.0.098-1.fc20 python-boto-2.34.0-4.fc20 python-fedmsg-genacls-0.4-1.fc20 python-pillow-2.2.1-6.fc20 python-pyrax-1.9.0-3.fc20 python-webassets-0.9-4.fc20 supybot-fedora-0.2.16-1.fc20 system-config-printer-1.4.7-1.fc20 systemd-208-28.fc20 vpnc-0.5.3-21.svn550.fc20 xkeyboard-config-2.10.1-3.fc20 xorg-x11-fonts-7.5-10.fc20 Details about builds: ================================================================================ gitolite3-3.6.2-1.fc20 (FEDORA-2014-14767) Highly flexible server for git directory version tracker -------------------------------------------------------------------------------- Update Information: Latest upstream. https://github.com/sitaramc/gitolite/blob/master/CHANGELOG -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 1:3.6.2-1 - Latest upstream. * Tue Aug 26 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1:3.6.1-2 - Perl 5.20 rebuild -------------------------------------------------------------------------------- ================================================================================ gnutls-3.1.28-1.fc20 (FEDORA-2014-14760) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-8564 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 3.1.28-1 - new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161443 - CVE-2014-8564 gnutls: Heap corruption when generating key ID for ECC (GNUTLS-SA-2014-5) https://bugzilla.redhat.com/show_bug.cgi?id=1161443 -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.25-3.b18.fc20 (FEDORA-2014-14763) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Update dedicated to fix and update aarch64 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 3 2014 Jiri Vanek <jvanek@xxxxxxxxxx> - 1:1.8.0.25-3.b12 - updated aarch64 tarball to u40b12 -------------------------------------------------------------------------------- ================================================================================ perl-Devel-OverloadInfo-0.002-2.fc20 (FEDORA-2014-14754) Introspect overloaded operators -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of perl-Devel-OverloadInfo. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161704 - Review Request: perl-Devel-OverloadInfo - Introspect overloaded operators https://bugzilla.redhat.com/show_bug.cgi?id=1161704 -------------------------------------------------------------------------------- ================================================================================ perl-Parse-CPAN-Distributions-0.14-1.fc20 (FEDORA-2014-14727) Provides an index for current CPAN distributions -------------------------------------------------------------------------------- Update Information: This package provides a Perl module for accessing index of current CPAN distributions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162178 - Review Request: perl-Parse-CPAN-Distributions - Provides an index for current CPAN distributions https://bugzilla.redhat.com/show_bug.cgi?id=1162178 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.16.1-1.fc20 (FEDORA-2014-14730) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: Horde_Core 2.16.1 * [mms] Fix file permissions of dynamically generated static CSS/JS files. * [jan] Use correct user name as a fallback for identity full names with existing authusername hook. Horde_Core 2.16.0 * [mjr] Add the activesync_provisioning_check hook. * [mjr] Fix determining multiplex settting for EAS notes (Bug #13637). * [mjr] Fix adding new tasklists from EAS (Bug #13642). * [jan] Update Czech translation (Michael Grafnetter). -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 6 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.16.1-1 - Update to 2.16.1 - raise dependency on Horde_Translation >= 2.2.0 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.25.3-1.fc20 (FEDORA-2014-14708) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: Horde_Imap_Client 2.25.3 * [mms] Fix determining whether a command requires a continuation request, when the literal occurs within a nested list. * [mms] Ensure we don't use the same authentication method multiple times when logging into IMAP server. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.25.3-1 - Update to 2.25.3 - raise dependency on Horde_Translation >= 2.2.0 -------------------------------------------------------------------------------- ================================================================================ php-tcpdf-6.0.098-1.fc20 (FEDORA-2014-14774) PHP class for generating PDF documents and barcodes -------------------------------------------------------------------------------- Update Information: 6.0.098 (2014-11-08) * Bug item #996 "getCharBBox($char) returns incorrect results for TTF glyphs without outlines" was fixed. * Bug item #991 "Text problem with SVG" was fixed (only the font style part). 6.0.097 (2014-10-20) * Bug item #988 "hyphenateText - charmin parameter not work" was fixed. * New 1D barcode method to print pre-formatted IMB - Intelligent Mail Barcode - Onecode - USPS-B-3200. 6.0.096 (2014-10-06) * Bug item #982 "Display style is not inherited in SVG" was fixed. * Bug item #984 "Double quote url in CSS" was fixed. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 6.0.098-1 - update to 6.0.098 -------------------------------------------------------------------------------- ================================================================================ python-boto-2.34.0-4.fc20 (FEDORA-2014-14631) A simple, lightweight interface to Amazon Web Services -------------------------------------------------------------------------------- Update Information: This update fixes a regression in python-boto's executables and adds support for AWS's new eu-central-1 region. It also fixes unit tests, provided one is running python-2.7.8-6 or earlier. See the following link for details on that issue: https://bugzilla.redhat.com/show_bug.cgi?id=1161166#c4 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 9 2014 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.34.0-4 - Fixed python3 requires * Fri Nov 7 2014 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.34.0-3 - Re-fix executables (RH #1152444) * Fri Nov 7 2014 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.34.0-2 - Added missing python-requests and python-rsa dependencies - Disabled unit tests due to rawhide/F21 python regression (RH #1161166:c4) * Fri Nov 7 2014 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.34.0-1 - Updated to 2.34.0 (RH #1072925, RH #1072928, RH #1161229) - Made executables point to python2 (RH #1152444) - Enabled unit tests on Fedora (RH #1072946) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1072928 - AssertionError: False != True FAIL: Test trimming snapshots with the default arguments https://bugzilla.redhat.com/show_bug.cgi?id=1072928 [ 2 ] Bug #1072925 - IOError: [Errno 2] No such file or directory: '/home/atodorov/boto-2.25.0/tests/unit/test_endpoints.json' https://bugzilla.redhat.com/show_bug.cgi?id=1072925 [ 3 ] Bug #1152444 - Broken executables in python-boto https://bugzilla.redhat.com/show_bug.cgi?id=1152444 [ 4 ] Bug #1161229 - Update python-boto to latest version https://bugzilla.redhat.com/show_bug.cgi?id=1161229 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-genacls-0.4-1.fc20 (FEDORA-2014-14709) A fedmsg consumer that sets gitosis acls in response to pkgdb messages -------------------------------------------------------------------------------- Update Information: Respond appropriately to more triggers. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4-1 - Latest upstream, improved triggers. -------------------------------------------------------------------------------- ================================================================================ python-pillow-2.2.1-6.fc20 (FEDORA-2014-14775) Python image processing library -------------------------------------------------------------------------------- Update Information: Followup fix for CVE-2014-1933. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Sandro Mani <manisandro@xxxxxxxxx> - 2.2.1-6 - CVE-2014-1933 followup (https://github.com/python-pillow/Pillow/pull/605) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063658 - CVE-2014-1932 python-pillow, python-imaging: insecure temporary file creation https://bugzilla.redhat.com/show_bug.cgi?id=1063658 -------------------------------------------------------------------------------- ================================================================================ python-pyrax-1.9.0-3.fc20 (FEDORA-2014-14784) Python language bindings for OpenStack Clouds -------------------------------------------------------------------------------- Update Information: SPEC change to add missing macros for EPEL 6 builds -------------------------------------------------------------------------------- ================================================================================ python-webassets-0.9-4.fc20 (FEDORA-2014-14770) Media asset management for python -------------------------------------------------------------------------------- Update Information: Backport of some issues fixed upstream in 0.10 (RHBZ#1142524, RHBZ#1142525) -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Dan Callaghan <dcallagh@xxxxxxxxxx> - 0.9-4 - RHBZ#1142524 escape backslashes in string literals in JST filter - RHBZ#1142525 fix UnicodeDecodeError for non-ASCII files - fix cache corruption when shared between multiple writers * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 0.9-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1142524 - JST filter does not correctly escape backslashes in string literals https://bugzilla.redhat.com/show_bug.cgi?id=1142524 [ 2 ] Bug #1142525 - Build fails with UnicodeDecodeError for files containing Unicode chars https://bugzilla.redhat.com/show_bug.cgi?id=1142525 -------------------------------------------------------------------------------- ================================================================================ supybot-fedora-0.2.16-1.fc20 (FEDORA-2014-14758) Plugin for Supybot to interact with Fedora services -------------------------------------------------------------------------------- Update Information: New .pushduty command. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.16-1 - Latest upstream with .pushduty command. -------------------------------------------------------------------------------- ================================================================================ system-config-printer-1.4.7-1.fc20 (FEDORA-2014-14778) A printer administration tool -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Tim Waugh <twaugh@xxxxxxxxxx> 1.4.7-1 - 1.4.7: - Extract hostname from hp:/net/...?hostname= URIs when grouping by physical device (bug #1154686). - Fixed lock handling when OpenPrintingRequest is cancelled (bug #1156660). - Install smbclient and libsane-hpaio on demand. - Tell user how to retrieve journal entries as root in troubleshooter (bug #1157253). - Codec fix for AuthDialog.get_auth_info (bug #1060453). - Cancel deferred timer on quit (possible fix for bug #1145388). - Catch IPPError when writing server settings (bug #1159584). - Fixed moving jobs between queues. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154686 - [abrt] system-config-printer: PhysicalDevice.py:102:add_device:ValueError https://bugzilla.redhat.com/show_bug.cgi?id=1154686 [ 2 ] Bug #1156660 - [abrt] system-config-printer: dequeue_pending_request(): python2.7 killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1156660 [ 3 ] Bug #1157253 - troubleshoot: empty journal means user doesn't have read access so give instructions https://bugzilla.redhat.com/show_bug.cgi?id=1157253 [ 4 ] Bug #1060453 - [abrt] system-config-printer: authconn.py:240:_authloop:UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 4: ordinal not in range(128) https://bugzilla.redhat.com/show_bug.cgi?id=1060453 [ 5 ] Bug #1145388 - [abrt] system-config-printer: system-config-printer.py:808:populateList:AttributeError: 'GUI' object has no attribute 'mainlist' https://bugzilla.redhat.com/show_bug.cgi?id=1145388 [ 6 ] Bug #1159584 - [abrt] system-config-printer: authconn.py:256:_authloop:IPPError: (0, 'Operation canceled') https://bugzilla.redhat.com/show_bug.cgi?id=1159584 -------------------------------------------------------------------------------- ================================================================================ systemd-208-28.fc20 (FEDORA-2014-14769) A System and Service Manager -------------------------------------------------------------------------------- Update Information: fix: machinectl doesn't respect remote username fix: rsyslogd logs kernel messages under the facility 'user' instead of 'kern' -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Jan Synáček <jsynacek@xxxxxxxxxx> - 208-28 - Always add syslog facility for messages coming from kmsg (#1161995) - Correctly apply user when connecting over ssh (#1156363) * Thu Nov 6 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> - 208-27 - Bump kmod requirement to make sure they are updated in lockstep - Increase the udev timeout to 180 seconds in two more places (#1091513) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161995 - rsyslogd logs kernel messages under the facility 'user' instead of 'kern' https://bugzilla.redhat.com/show_bug.cgi?id=1161995 [ 2 ] Bug #1156363 - machinectl doesn't respect remote username https://bugzilla.redhat.com/show_bug.cgi?id=1156363 -------------------------------------------------------------------------------- ================================================================================ vpnc-0.5.3-21.svn550.fc20 (FEDORA-2014-14780) IPSec VPN client compatible with Cisco equipment -------------------------------------------------------------------------------- Update Information: update vpnc to svn revision 550 which contains code to connect to VPNs provided by Fritz!Box routers (which are very popular in Germany). -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 6 2014 Felix Schwarz <fschwarz@xxxxxxxxxxxxxxxxx> - 0.5.3-21.svn550 - update to svn revision 550 (bz 1016215) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016215 - vpnc can't connect to fritzbox vpn https://bugzilla.redhat.com/show_bug.cgi?id=1016215 -------------------------------------------------------------------------------- ================================================================================ xkeyboard-config-2.10.1-3.fc20 (FEDORA-2014-14728) X Keyboard Extension configuration data -------------------------------------------------------------------------------- Update Information: Add U+05BA (point holam haser for vav) on il(biblical) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 2.10.1-3 - Add U+05BA (point holam haser for vav) on il(biblical) (#1132511) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1132511 - Missing U+05BA (point holam haser for vav) on the biblical hebrew layout (il biblical) https://bugzilla.redhat.com/show_bug.cgi?id=1132511 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-fonts-7.5-10.fc20 (FEDORA-2014-14733) X.Org X11 fonts -------------------------------------------------------------------------------- Update Information: Fix a bug in jisx0201.1976-0.enc -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 10 2014 Simone Caronni <negativo17@xxxxxxxxx> - 7.5-10 - Fix jisx0201 encoding (#1009350). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1009350 - generated output looks not correct https://bugzilla.redhat.com/show_bug.cgi?id=1009350 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
