Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
 199  https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
  68  https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20
  68  https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20
  52  https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20
  45  https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
  36  https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-14506/oath-toolkit-2.4.1-6.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-14674/drupal7-ckeditor-1.16-2.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14791/mariadb-galera-5.5.40-2.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14898/polarssl-1.2.12-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14883/python-pillow-2.2.1-7.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15108/mantis-1.2.17-4.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-14963/avr-binutils-2.24-3.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15102/moodle-2.5.9-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-14833/arm-none-eabi-binutils-cs-2014.05.28-3.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15130/kwebkitpart-1.3.4-5.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-15228/libvirt-1.1.3.8-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-15200/kernel-3.17.3-200.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-14389/colord-1.1.8-1.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-14728/xkeyboard-config-2.10.1-3.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14798/device-mapper-persistent-data-0.4.1-2.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14933/pciutils-3.3.0-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14964/libtdb-1.3.1-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14861/libpipeline-1.2.4-3.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-15054/perl-Pod-Usage-1.64-2.fc20,perl-Pod-Checker-1.60-292.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-15046/man-db-2.6.5-6.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15120/dosfstools-3.0.27-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-15165/llvm-3.4-10.fc20


The following builds have been pushed to Fedora 20 updates-testing

    Zim-0.62-2.fc20
    kde-partitionmanager-1.1.0-3.fc20
    libvirt-1.1.3.8-1.fc20
    mock-1.2.1-1.fc20
    php-5.5.19-2.fc20
    python-shadowsocks-2.4.3-2.fc20
    scummvm-tools-1.7.0-1.fc20
    vim-latex-1.8.23-14.20141116.812.gitd0f31c9.fc20
    vtun-3.0.3-9.fc20
    xscreensaver-5.31-1.fc20

Details about builds:


================================================================================
 Zim-0.62-2.fc20 (FEDORA-2014-15222)
 Desktop wiki & notekeeper
--------------------------------------------------------------------------------
Update Information:

Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.62-2
- Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1046099 - [abrt] Zim: ipc.py:756:call:ValueError: No such object: <RemoteObject: zim.gui.GtkInterface(file:///home/apjena/Dropbox/ZIM)>
        https://bugzilla.redhat.com/show_bug.cgi?id=1046099
--------------------------------------------------------------------------------


================================================================================
 kde-partitionmanager-1.1.0-3.fc20 (FEDORA-2014-15223)
 KDE Partition Manager
--------------------------------------------------------------------------------
Update Information:

Backport upstream patch to fix detection of devices without partition table.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Mattia Verga <mattia.verga@xxxxxxxxxx> - 1.1.0-3
- Fix detection of devices without partition table
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 10 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-1
- 1.1.0 release, improve scriptlets/kde4 macro usage, include translations
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.3-14.20130815svn
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1086351 - kde-partitionmanager fails to see any devices after the first one
        https://bugzilla.redhat.com/show_bug.cgi?id=1086351
--------------------------------------------------------------------------------


================================================================================
 libvirt-1.1.3.8-1.fc20 (FEDORA-2014-15228)
 Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:

* Rebased to version 1.1.3.8
* CVE-2014-3633: out-of-bounds read in blockiotune (bz #1160823)
* CVE-2014-3657: Potential deadlock in domain_conf (bz #1160824)
* CVE-2014-7823: information leak with migratable flag (bz #1160822)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 15 2014 Cole Robinson <crobinso@xxxxxxxxxx> - 1.1.3.8-1
- Rebased to version 1.1.3.8
- CVE-2014-3633: out-of-bounds read in blockiotune (bz #1160823)
- CVE-2014-3657: Potential deadlock in domain_conf (bz #1160824)
- CVE-2014-7823: information leak with migratable flag (bz #1160822)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1141131 - CVE-2014-3633 libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
        https://bugzilla.redhat.com/show_bug.cgi?id=1141131
  [ 2 ] Bug #1145667 - CVE-2014-3657 libvirt: domain_conf: domain deadlock DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=1145667
  [ 3 ] Bug #1160817 - CVE-2014-7823 libvirt: dumpxml: information leak with migratable flag
        https://bugzilla.redhat.com/show_bug.cgi?id=1160817
--------------------------------------------------------------------------------


================================================================================
 mock-1.2.1-1.fc20 (FEDORA-2014-15217)
 Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:

Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 15 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct  9 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
        https://bugzilla.redhat.com/show_bug.cgi?id=1160428
  [ 2 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=1162637
  [ 3 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
        https://bugzilla.redhat.com/show_bug.cgi?id=1162631
  [ 4 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist
        https://bugzilla.redhat.com/show_bug.cgi?id=1162720
  [ 5 ] Bug #1163037 - Do not print ANSI escape characters into log
        https://bugzilla.redhat.com/show_bug.cgi?id=1163037
  [ 6 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
        https://bugzilla.redhat.com/show_bug.cgi?id=1162595
  [ 7 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option
        https://bugzilla.redhat.com/show_bug.cgi?id=1160765
  [ 8 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
        https://bugzilla.redhat.com/show_bug.cgi?id=1161112
  [ 9 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file
        https://bugzilla.redhat.com/show_bug.cgi?id=1160326
  [ 10 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd"
        https://bugzilla.redhat.com/show_bug.cgi?id=1159300
  [ 11 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch
        https://bugzilla.redhat.com/show_bug.cgi?id=1131279
  [ 12 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
        https://bugzilla.redhat.com/show_bug.cgi?id=1159794
  [ 13 ] Bug #1100923 - RFE: compress mock build logs when done building
        https://bugzilla.redhat.com/show_bug.cgi?id=1100923
  [ 14 ] Bug #1085308 - mock: User configuration is lost during update
        https://bugzilla.redhat.com/show_bug.cgi?id=1085308
  [ 15 ] Bug #1126117 - Mock should accept paths to target definition files
        https://bugzilla.redhat.com/show_bug.cgi?id=1126117
  [ 16 ] Bug #1126235 - PROMPT_COMMAND  does not include required escape codes
        https://bugzilla.redhat.com/show_bug.cgi?id=1126235
  [ 17 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
        https://bugzilla.redhat.com/show_bug.cgi?id=1154604
  [ 18 ] Bug #1152971 - Verbose mode is repeating lines
        https://bugzilla.redhat.com/show_bug.cgi?id=1152971
  [ 19 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128)
        https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------


================================================================================
 php-5.5.19-2.fc20 (FEDORA-2014-15061)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

13 Nov 2014, PHP 5.5.19

Core:
* Fixed bug #68095 (AddressSanitizer reports a heap buffer overflow in php_getopt()). (Stas)
* Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita)
* Fixed bug #68129 (parse_url() - incomplete support for empty usernames and passwords) (Tjerk)
* Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy). (Dmitry)

Fileinfo:
* Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
* Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710) (Remi)

FPM:
* Implemented FR #55508 (listen and listen.allowed_clients should take IPv6 addresses). (Robin Gloster)

GD:
* Fixed bug #65171 (imagescale() fails without height param). (Remi)

GMP:
* Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP). (Remi)

Mysqli:
* Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande)

ODBC:
* Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by a VARCHAR column) (Keyur Govande)

SPL:
* Fixed bug #68128 (Regression in RecursiveRegexIterator) (Tjerk)

CURL:
* Add CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, and CURL_SSLVERSION_TLSv1_2 constants if supported by libcurl (Rasmus)

Backported from 5.5.20

FPM:
* Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). (Remi)
* Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
* Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)

--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.5.19-2
- FPM: add upstream patch for https://bugs.php.net/68421
  access.format=R doesn't log ipv6 address
- FPM: add upstream patch for https://bugs.php.net/68420
  listen=9000 listens to ipv6 localhost instead of all addresses
- FPM: add upstream patch for https://bugs.php.net/68423
  will no longer load all pools
* Thu Nov 13 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.5.19-1
- Update to 5.5.19
  http://www.php.net/releases/5_5_19.php
- new version of systzdata patch, fix case sensitivity
--------------------------------------------------------------------------------


================================================================================
 python-shadowsocks-2.4.3-2.fc20 (FEDORA-2014-15243)
 A fast tunnel proxy that help you get through firewalls
--------------------------------------------------------------------------------
Update Information:

Upstream release with python3 support
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 2.4.3-2
- Build a subpackage for python3
* Sun Nov 16 2014 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 2.4.3-1
- Update to 2.4.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1143001 - python-shadowsocks-2.4.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1143001
--------------------------------------------------------------------------------


================================================================================
 scummvm-tools-1.7.0-1.fc20 (FEDORA-2014-15218)
 Tools for scummVM / S.C.U.M.M scripting language
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2014 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.7.0-1
- new upstream release
--------------------------------------------------------------------------------


================================================================================
 vim-latex-1.8.23-14.20141116.812.gitd0f31c9.fc20 (FEDORA-2014-15241)
 Tools to view, edit and compile LaTeX documents in Vim
--------------------------------------------------------------------------------
Update Information:

New upstream release with several bug fixes and appdata support.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Till Maas <opensource@xxxxxxxxx> - 1.8.23-14.20141116.812.gitd0f31c9
- Update to new release
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.23-13.20130116.788.git2ef9956
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1128816 - Add Addon metadata for GNOME Software to vim-latex
        https://bugzilla.redhat.com/show_bug.cgi?id=1128816
  [ 2 ] Bug #1163518 - LaTeX-suite clobbers the "a" macro
        https://bugzilla.redhat.com/show_bug.cgi?id=1163518
--------------------------------------------------------------------------------


================================================================================
 vtun-3.0.3-9.fc20 (FEDORA-2014-15231)
 Virtual tunnel over TCP/IP networks
--------------------------------------------------------------------------------
Update Information:

added /etc/sysconfig/vtun environment file; updated unit files
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 14 2014 Gabriel Somlo <somlo at cmu.edu> 3.0.3-9
- added /etc/sysconfig/vtun environment file
- updated unit files
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 xscreensaver-5.31-1.fc20 (FEDORA-2014-15229)
 X screen saver and locker
--------------------------------------------------------------------------------
Update Information:

New version 5.31 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.31-1
- Update to 5.31
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux