The following Fedora 20 Security updates need testing: Age URL 48 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 39 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-14791/mariadb-galera-5.5.40-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-15108/mantis-1.2.17-4.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-14963/avr-binutils-2.24-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-15102/moodle-2.5.9-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-14833/arm-none-eabi-binutils-cs-2014.05.28-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-15130/kwebkitpart-1.3.4-5.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-15228/libvirt-1.1.3.8-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-15244/wireshark-1.10.11-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-15266/python-django14-1.4.16-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15393/lsyncd-2.1.4-4.fc20.1 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15379/nodejs-0.10.33-1.fc20,libuv-0.10.29-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15394/erlang-R16B-03.9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-15464/python-eyed3-0.7.4-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-15473/clamav-0.98.5-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-15486/libreoffice-4.2.7.2-9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2014-14389/colord-1.1.8-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-14728/xkeyboard-config-2.10.1-3.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-14798/device-mapper-persistent-data-0.4.1-2.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-14964/libtdb-1.3.1-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2014-14861/libpipeline-1.2.4-3.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-15054/perl-Pod-Usage-1.64-2.fc20,perl-Pod-Checker-1.60-292.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-15120/dosfstools-3.0.27-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-15326/pycairo-1.10.0-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15384/xorg-x11-drv-intel-2.21.15-9.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-15395/gvfs-1.18.4-1.fc20 The following builds have been pushed to Fedora 20 updates-testing ark-4.14.3-2.fc20 atlas-3.8.4-13.fc20 clamav-0.98.5-1.fc20 clementine-1.2.3-2.fc20 enblend-4.1.3-1.fc20 estonianidcard-3.8.1-2.fc20 evince-3.10.3-2.fc20 firefox-esteid-plugin-3.8.0.1115-4.fc20 firefox-esteidpkcs11loader-3.8.0.1052-4.fc20 glusterfs-3.5.3-1.fc20 gpsim-0.28.1-1.fc20 gtk-gnutella-1.1.1-1.fc20 josm-0-0.60.7643svn.fc20 kde-baseapps-4.14.3-4.fc20 libdigidoc-3.9.1.1191-1.fc20 libdigidocpp-3.9.0.1237-2.fc20 libechonest-2.3.0-1.fc20 libreoffice-4.2.7.2-9.fc20 lucene++-3.0.6-1.fc20 myproxy-6.1.6-1.fc20 nodejs-utilities-1.0.4-1.fc20 php-EasyRdf-0.8.0-5.fc20 php-solarium-3.3.0-1.fc20 postgresql-odbc-09.03.0400-3.fc20 python-eyed3-0.7.4-4.fc20 python-pyroute2-0.3.2-1.fc20 python-rply-0.7.2-1.fc20 qdigidoc-3.9.1.1369-2.fc20 qesteidutil-3.8.0.1106-7.fc20 qpdfview-0.4.13-1.fc20 qpid-dispatch-0.2-8.fc20 rubygem-sprockets-2.8.2-5.fc20 tomahawk-0.8.1-1.fc20 w3c-markup-validator-1.3-9.fc20 websocketpp-0.4.0-2.fc20 xen-4.3.3-4.fc20 zsh-5.0.7-4.fc20 Details about builds: ================================================================================ ark-4.14.3-2.fc20 (FEDORA-2014-15485) Archive manager -------------------------------------------------------------------------------- Update Information: omit KXMLGUIClient patch, it was fixed differently upstream (kde#340991) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.3-2 - omit KXMLGUIClient patch, it was fixed differently upstream (kde#340991) -------------------------------------------------------------------------------- ================================================================================ atlas-3.8.4-13.fc20 (FEDORA-2014-15470) Automatically Tuned Linear Algebra Software -------------------------------------------------------------------------------- Update Information: fixed intel cpu detection -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Frantisek Kluknavsky <fkluknav@xxxxxxxxxx> - 3.8.4-13 - fixed intel cpu detection https://bugzilla.redhat.com/show_bug.cgi?id=1164967 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1164967 - Atlas misdetect CPU architecture for Intel CPU model 0x25 https://bugzilla.redhat.com/show_bug.cgi?id=1164967 -------------------------------------------------------------------------------- ================================================================================ clamav-0.98.5-1.fc20 (FEDORA-2014-15473) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: ClamAV 0.98.5 ============= ClamAV 0.98.5 also includes these new features and bug fixes: * Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support. * Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs. * Resolution of many of the warning messages from ClamAV compilation. * Improved detection of malicious PE files. * Security fix for ClamAV crash when using 'clamscan -a'. This issue was identified by Kurt Siefried of Red Hat. * Security fix for ClamAV crash when scanning maliciously crafted yoda's crypter files. This issue, as well as several other bugs fixed in this release, were identified by Damien Millescamp of Oppida. * ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode. Thanks to Reinhard Max for supplying the patch. * Bug fixes and other feature enhancements. Please see the ChangeLog file or GIT log for further details. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 0.98.5-1 - Upgrade to 0.98.5 and updated daily.cvd (#1138101) * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.98.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1138101 - CVE-2013-6497 ClamAV: -a segmentation fault when processing files https://bugzilla.redhat.com/show_bug.cgi?id=1138101 -------------------------------------------------------------------------------- ================================================================================ clementine-1.2.3-2.fc20 (FEDORA-2014-15472) A music player and library organizer -------------------------------------------------------------------------------- Update Information: New tomahawk 0.8 release, with a new design, a slew of new features, and major usability improvements. See also http://blog.tomahawk-player.org/post/101838247563/tomahawk-0-8-allow-ourselves-to-reintroduce -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.2.3-2 - rebuild (libechonest) -------------------------------------------------------------------------------- ================================================================================ enblend-4.1.3-1.fc20 (FEDORA-2014-15478) Image Blending with Multiresolution Splines -------------------------------------------------------------------------------- Update Information: stable bugfix release -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 22 2014 Bruno Postle <bruno@xxxxxxxxxx> - 4.1.3-1 - stable bugfix release * Mon Dec 16 2013 Bruno Postle - 4.1.2-2 - Rebuild for vigra soname bump -------------------------------------------------------------------------------- ================================================================================ estonianidcard-3.8.1-2.fc20 (FEDORA-2014-15487) Meta-package for Estonian ID-card software -------------------------------------------------------------------------------- Update Information: Remove doc since there is no documentation -------------------------------------------------------------------------------- ================================================================================ evince-3.10.3-2.fc20 (FEDORA-2014-15454) Document viewer -------------------------------------------------------------------------------- Update Information: This update fixes a memory leak in find-sidebar. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Marek Kasik <mkasik@xxxxxxxxxx> - 3.10.3-2 - Fix a memory leak in find-sidebar - Resolves: #1147619 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147619 - evince search leaks memory https://bugzilla.redhat.com/show_bug.cgi?id=1147619 -------------------------------------------------------------------------------- ================================================================================ firefox-esteid-plugin-3.8.0.1115-4.fc20 (FEDORA-2014-15493) Firefox plugin for signing with Estonian ID-cards -------------------------------------------------------------------------------- Update Information: Fix build and remove make install ... in spec file -------------------------------------------------------------------------------- ================================================================================ firefox-esteidpkcs11loader-3.8.0.1052-4.fc20 (FEDORA-2014-15456) Estonian ID card extension for Mozilla -------------------------------------------------------------------------------- Update Information: Use onepin module patch with opensc 0.14 -------------------------------------------------------------------------------- ================================================================================ glusterfs-3.5.3-1.fc20 (FEDORA-2014-15458) Cluster File System -------------------------------------------------------------------------------- Update Information: Bug fix update for GlusterFS 3.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Lalatendu Mohanty <lmohanty@xxxxxxxxxx> - Changes to remove regression-tests RPM from Fedora * Thu Nov 13 2014 Lalatendu Mohanty <lmohanty[at]redhat.com> - glusterfs-3.5.3 GA release * Tue Nov 4 2014 Lalatendu Mohanty <lmohanty[at]redhat.com> - glusterfs-3.5.3beta2 release * Mon Oct 6 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - glusterfs-3.5.3beta1 release * Wed Oct 1 2014 Humble Chirammal <hchiramm@xxxxxxxxxx> - glusterfs-3.6.0beta3 release * Thu Sep 25 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - add psmisc for -server - add smarter logic to restart glusterd in %post server * Thu Sep 25 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - glusterfs-3.6.0beta2.tar.gz * Wed Sep 24 2014 Balamurugan Arumugam <barumuga@xxxxxxxxxx> - remove /sbin/ldconfig as interpreter (#1145992) * Mon Sep 22 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - More make fedora master glusterfs spec compatible with upstream GlusterFS 3.6 spec * Mon Sep 22 2014 Humble Chirammal <hchiramm@xxxxxxxxxx> - Make fedora master glusterfs spec compatible with upstream GlusterFS 3.6 spec * Fri Sep 5 2014 Lalatendu Mohanty <lmohanty@xxxxxxxxxx> - Changed the description as "GlusterFS a distributed filesystem" * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Tue Aug 5 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - use upstream logrotate files exclusively (#1126788) -------------------------------------------------------------------------------- ================================================================================ gpsim-0.28.1-1.fc20 (FEDORA-2014-15457) A simulator for Microchip (TM) PIC (TM) microcontrollers -------------------------------------------------------------------------------- Update Information: Fix ^c bug Upstream bug fix release -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 20 2014 Roy Rankin <rrankin@xxxxxxxxxxx> - 0.28.1-1 - Fix CTRL+C crash - use website icon * Sun Nov 16 2014 Roy Rankin <rrankin@xxxxxxxxxxx> - 0.28.1-0 - Upstream update to 0.28.1 - Add desktop and appdatta which is now delivered from upstream -------------------------------------------------------------------------------- ================================================================================ gtk-gnutella-1.1.1-1.fc20 (FEDORA-2014-15455) GUI based Gnutella Client -------------------------------------------------------------------------------- Update Information: Upgrade to 1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> - 1.1.1-1 - Upgrade to 1.1.1 -------------------------------------------------------------------------------- ================================================================================ josm-0-0.60.7643svn.fc20 (FEDORA-2014-15483) An editor for OpenStreetMap (OSM) -------------------------------------------------------------------------------- Update Information: Include appdata -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 17 2014 Cédric OLIVIER <cedric.olivier@xxxxxxx> 0-0.60.7643svn - Include appdata * Mon Oct 27 2014 Cédric OLIVIER <cedric.olivier@xxxxxxx> 0-0.59.7643svn - Change commons-codec to apache-commons-codec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161093 - Appdata file for josm https://bugzilla.redhat.com/show_bug.cgi?id=1161093 -------------------------------------------------------------------------------- ================================================================================ kde-baseapps-4.14.3-4.fc20 (FEDORA-2014-15465) KDE Core Applications -------------------------------------------------------------------------------- Update Information: Add x-scheme-handler/http to kfmclient_html.desktop (kde#341055) -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 17 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.3-4 - add x-scheme-handler/http to kfmclient_html.desktop (kde#341055) -------------------------------------------------------------------------------- ================================================================================ libdigidoc-3.9.1.1191-1.fc20 (FEDORA-2014-15467) Library for handling digitally signed documents -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.9.1.1191-1 - New upstream release * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.9.0.1167-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Jul 3 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.9.0.1167-1 - New upstream release * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.0.1133-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1133-2 - Use cmake macro * Thu Apr 24 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1133-1 - First package based on new source code from RIA -------------------------------------------------------------------------------- ================================================================================ libdigidocpp-3.9.0.1237-2.fc20 (FEDORA-2014-15492) Library for creating and validating BDoc and DDoc containers -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.9.0.1237-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Jul 3 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.9.0.1237-1 - New upstream release - Create a separate sub-package for docs * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.0.1208-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun May 18 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1208-3 - Fix typo: ppython-digidoc -> python-digidoc * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1208-2 - Use cmake macro - Obsolete old subpackages * Thu Apr 24 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1208-1 - First package based on new source code from RIA -------------------------------------------------------------------------------- ================================================================================ libechonest-2.3.0-1.fc20 (FEDORA-2014-15472) C++ wrapper for the Echo Nest API -------------------------------------------------------------------------------- Update Information: New tomahawk 0.8 release, with a new design, a slew of new features, and major usability improvements. See also http://blog.tomahawk-player.org/post/101838247563/tomahawk-0-8-allow-ourselves-to-reintroduce -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.0-1 - 2.3.0, add -qt5 support * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.2.7.2-9.fc20 (FEDORA-2014-15486) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: * Fix for various crashes on parsing malformed RTF files * Fix interactive table resizing in Impress -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.2.7.2-9 - Resolves: rhbz#1165740 arbitrarily backport some rtf crash fixes * Wed Nov 19 2014 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.2.7.2-8 - table resizing etc in impress is mangled -------------------------------------------------------------------------------- References: [ 1 ] Bug #1165740 - libreoffice: crash importing malformed .rtf [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1165740 -------------------------------------------------------------------------------- ================================================================================ lucene++-3.0.6-1.fc20 (FEDORA-2014-15472) A high-performance, full-featured text search engine written in C++ -------------------------------------------------------------------------------- Update Information: New tomahawk 0.8 release, with a new design, a slew of new features, and major usability improvements. See also http://blog.tomahawk-player.org/post/101838247563/tomahawk-0-8-allow-ourselves-to-reintroduce -------------------------------------------------------------------------------- ================================================================================ myproxy-6.1.6-1.fc20 (FEDORA-2014-15476) Manage X.509 Public Key Infrastructure (PKI) security credentials -------------------------------------------------------------------------------- Update Information: MyProxy 6.1.6 * Allow TLS (no longer force SSLv3) * VOMS support now in a separate package (myproxy-voms) -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.1.6-1 - Update to 6.1.6 - Drop patch myproxy-deps.patch (fixed upstream) - Upstream source moved from sourceforge to the Globus Toolkit github repo - Use source tarball published by Globus - Use upstream's init scripts and systemd unit files - New binary package myproxy-voms (voms support split out as a plugin) -------------------------------------------------------------------------------- ================================================================================ nodejs-utilities-1.0.4-1.fc20 (FEDORA-2014-15494) A classic collection of JavaScript utilities -------------------------------------------------------------------------------- Update Information: Add new node module -------------------------------------------------------------------------------- References: [ 1 ] Bug #1164481 - Review Request: nodejs-utilities - A classic collection of JavaScript utilities https://bugzilla.redhat.com/show_bug.cgi?id=1164481 -------------------------------------------------------------------------------- ================================================================================ php-EasyRdf-0.8.0-5.fc20 (FEDORA-2014-15490) A PHP library designed to make it easy to consume and produce RDF -------------------------------------------------------------------------------- Update Information: RPM-only release * php-redland is now an optional dependency * Added php-composer(easyrdf/easyrdf) virtual provide -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 0.8.0-5 - Modified raptor and redland logic * Fri Nov 14 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 0.8.0-4 - No raptor or redland for el7 * Thu Nov 13 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 0.8.0-3 - Added php-composer(easyrdf/easyrdf) virtual provide - Added option to build without tests ("--without tests") - Reduce PHP min version from 5.3.3 to 5.2.8 (per composer.json) - %license usage * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-solarium-3.3.0-1.fc20 (FEDORA-2014-15484) Solarium PHP Solr client library -------------------------------------------------------------------------------- Update Information: See https://github.com/basdenooijer/solarium/issues/294 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 17 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.3.0-1 - update to 3.3.0 - provide php-composer(solarium/solarium) - fix license handling - don't run test suite with php 5.3 (EL-6) -------------------------------------------------------------------------------- ================================================================================ postgresql-odbc-09.03.0400-3.fc20 (FEDORA-2014-15452) PostgreSQL ODBC driver -------------------------------------------------------------------------------- Update Information: Rebase postgresql-odbc to 09.03.0400 to get in recent upstream fixes Rebase postgresql-odbc to 09.03.0400 to get in recent upstream fixes -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0400-3 - fix testsuite requirements * Wed Nov 19 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0400-2 - install the testsuite * Wed Oct 29 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0400-1 - rebase to latest upstream version, per release notes: http://psqlodbc.projects.pgfoundry.org/docs/release.html * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 09.03.0300-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 09.03.0300-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon May 19 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0300-2 - run upstream testsuite when '%runselftest' defined * Mon May 19 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0300-1 - rebase to latest upstream version, per release notes: http://psqlodbc.projects.pgfoundry.org/docs/release.html * Wed Apr 23 2014 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0210-1 - rebase to latest upstream version (#1090345), per release notes: http://psqlodbc.projects.pgfoundry.org/docs/release.html * Thu Dec 19 2013 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.03.0100-1 - rebase to latest upstream version * Mon Nov 18 2013 Pavel Raiskup <praiskup@xxxxxxxxxx> - 09.02.0100-1 - rebase to latest upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159940 - Rebase postgresql-odbc to 09.03.0400 to get in recent upstream fixes https://bugzilla.redhat.com/show_bug.cgi?id=1159940 -------------------------------------------------------------------------------- ================================================================================ python-eyed3-0.7.4-4.fc20 (FEDORA-2014-15464) Python audio data toolkit (ID3 and MP3) -------------------------------------------------------------------------------- Update Information: - Fixed CVE-2014-1934. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Mr Niranjan <mrniranjan@xxxxxxxxxxxxxxxxx> - 0.7.4-4 - Fixed CVE-2014-1934, patch from Travis Shirk. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063671 - CVE-2014-1934 python-eyed3: insecure temporary file creation https://bugzilla.redhat.com/show_bug.cgi?id=1063671 -------------------------------------------------------------------------------- ================================================================================ python-pyroute2-0.3.2-1.fc20 (FEDORA-2014-15481) Pure Python netlink library -------------------------------------------------------------------------------- Update Information: Update to 0.3.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Peter V. Saveliev <peter@xxxxxxxxxx> 0.3.2-1 - Update to 0.3.2 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Mar 18 2014 Jiri Pirko <jpirko@xxxxxxxxxx> - 0.2.7-1 - Update to 0.2.7 -------------------------------------------------------------------------------- ================================================================================ python-rply-0.7.2-1.fc20 (FEDORA-2014-15479) Pure Python parser generator -------------------------------------------------------------------------------- Update Information: python-rply - Pure Python parser generator -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097733 - Review Request: python-rply - Pure Python parser generator https://bugzilla.redhat.com/show_bug.cgi?id=1097733 -------------------------------------------------------------------------------- ================================================================================ qdigidoc-3.9.1.1369-2.fc20 (FEDORA-2014-15480) Estonian digital signature application -------------------------------------------------------------------------------- Update Information: enable internal crash handler only on supported arches -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Dan Horák <dan[at]danny.cz> - 3.9.1.1369-2 - enable internal crash handler only on supported arches * Sun Oct 26 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.9.1.1369-1 - New upstream release * Mon Aug 18 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 3.9.0.1297-4 - update mime scriptlets * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.9.0.1297-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jul 5 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.9.0.1297-2 - Add appdata support * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.1.1250-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.1.1250-3 - Use cmake macro * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.1.1250-2 - Obsolete qdigidoc-nautilus - Change minidump.cc permissions in prep - Patch right line with 0001-fix-cmake-flags.patch * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.1.1250-1 - First package based on new source code from RIA -------------------------------------------------------------------------------- ================================================================================ qesteidutil-3.8.0.1106-7.fc20 (FEDORA-2014-15469) Estonian ID card utility -------------------------------------------------------------------------------- Update Information: enable internal crash handler only on supported arches -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Dan Horák <dan[at]danny.cz> - 3.8.0.1106-7 - enable internal crash handler only on supported arches * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.0.1106-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jul 5 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1106-5 - New build for updated appdata file (add screenshots) * Sat Jul 5 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1106-4 - Add appdata support * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.0.1106-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1106-2 - Add desktop-file-validate to install section - Change minidump.cc permissions in prep - Use cmake macro * Wed Apr 30 2014 Mihkel Vain <mihkel@xxxxxxxxxxxxxxxxx> - 3.8.0.1106-1 - First package based on new source code from RIA -------------------------------------------------------------------------------- References: [ 1 ] Bug #1138399 - Cannot sign document - Aborted https://bugzilla.redhat.com/show_bug.cgi?id=1138399 -------------------------------------------------------------------------------- ================================================================================ qpdfview-0.4.13-1.fc20 (FEDORA-2014-15482) Tabbed PDF Viewer -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 TI_Eugene <ti.eugene@xxxxxxxxx> 0.4.13-1 - Version bump -------------------------------------------------------------------------------- ================================================================================ qpid-dispatch-0.2-8.fc20 (FEDORA-2014-15475) Dispatch router for Qpid -------------------------------------------------------------------------------- Update Information: DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.2-8 - DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage. - Include systemd service file for EPEL7 packages. - Brought systemd support up to current Fedora packaging guidelines. - Resolves: BZ#1165691 - Resolves: BZ#1165681 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1165691 - Man page for qdstat.conf is missing https://bugzilla.redhat.com/show_bug.cgi?id=1165691 [ 2 ] Bug #1165681 - RPMs do not provide a systemd service unit file https://bugzilla.redhat.com/show_bug.cgi?id=1165681 -------------------------------------------------------------------------------- ================================================================================ rubygem-sprockets-2.8.2-5.fc20 (FEDORA-2014-15489) Rack-based asset packaging system -------------------------------------------------------------------------------- Update Information: Contains fix for CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Josef Stribny <jstribny@xxxxxxxxxx> - 2.8.2-5 - Fix CVE-2014-7819 (rhbz#1164331) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161527 - CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1161527 -------------------------------------------------------------------------------- ================================================================================ tomahawk-0.8.1-1.fc20 (FEDORA-2014-15472) The Social Media Player -------------------------------------------------------------------------------- Update Information: New tomahawk 0.8 release, with a new design, a slew of new features, and major usability improvements. See also http://blog.tomahawk-player.org/post/101838247563/tomahawk-0-8-allow-ourselves-to-reintroduce -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.8.1-1 - tomahawk-0.8.1 (#1154274) * Wed Nov 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.0-12 - rebuild (libechonest) * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 28 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.0-10 - expclitly disable breakpad,crashreporter for aarch64 too * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 0.7.0-8 - Rebuild for boost 1.55.0 * Tue May 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.0-7 - rebuild (jreen) * Wed Mar 19 2014 Ville Skyttä <ville.skytta@xxxxxx> - 0.7.0-6 - Use system qxt instead of bundled one -------------------------------------------------------------------------------- ================================================================================ w3c-markup-validator-1.3-9.fc20 (FEDORA-2014-15453) W3C Markup Validator -------------------------------------------------------------------------------- Update Information: Fixes for Apache 2.4 configuration issues -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Nathanael Noblet <nathanael@xxxxxxx> - 1.3-9 - Fix for bug #1109575 based off submitted patch * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1109575 - Access to w3c markup validator is forbidden with its default configuration https://bugzilla.redhat.com/show_bug.cgi?id=1109575 -------------------------------------------------------------------------------- ================================================================================ websocketpp-0.4.0-2.fc20 (FEDORA-2014-15472) C++ WebSocket Protocol Library -------------------------------------------------------------------------------- Update Information: New tomahawk 0.8 release, with a new design, a slew of new features, and major usability improvements. See also http://blog.tomahawk-player.org/post/101838247563/tomahawk-0-8-allow-ourselves-to-reintroduce -------------------------------------------------------------------------------- ================================================================================ xen-4.3.3-4.fc20 (FEDORA-2014-15471) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.3.3-4 - Insufficient restrictions on certain MMU update hypercalls [XSA-109, CVE-2014-8594] (#1165205) - Missing privilege level checks in x86 emulation of far branches [XSA-110, CVE-2014-8595] (#1165204) - Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen (#1086776) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1160664 - CVE-2014-8594 kernel: xen: Insufficient restrictions on certain MMU update hypercalls (xsa109) https://bugzilla.redhat.com/show_bug.cgi?id=1160664 [ 2 ] Bug #1160643 - CVE-2014-8595 kernel: xen: Missing privilege level checks in x86 emulation of far branches (xsa110) https://bugzilla.redhat.com/show_bug.cgi?id=1160643 [ 3 ] Bug #1078846 - CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function https://bugzilla.redhat.com/show_bug.cgi?id=1078846 -------------------------------------------------------------------------------- ================================================================================ zsh-5.0.7-4.fc20 (FEDORA-2014-15451) Powerful interactive shell -------------------------------------------------------------------------------- Update Information: - replace an incorrect comment in /etc/zshenv (#1164313) - make the wait built-in work for already exited processes (#1162198) - make the wait built-in work for already exited processes (#1162198) -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2014 Kamil Dudka <kdudka@xxxxxxxxxx> - 5.0.7-4 - update documentation of POSIX_JOBS in the zshoptions.1 man page (#1162198) * Tue Nov 18 2014 Kamil Dudka <kdudka@xxxxxxxxxx> - 5.0.7-3 - replace an incorrect comment in /etc/zshenv (#1164313) * Mon Nov 10 2014 Kamil Dudka <kdudka@xxxxxxxxxx> - 5.0.7-2 - make the wait built-in work for already exited processes (#1162198) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1164313 - incorrect comment in default zshenv configuration file [Fedora] https://bugzilla.redhat.com/show_bug.cgi?id=1164313 [ 2 ] Bug #1162198 - zsh wait builtin does not work for already exited processes [Fedora] https://bugzilla.redhat.com/show_bug.cgi?id=1162198 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test