The following Fedora 20 Security updates need testing: Age URL 63 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 20 https://admin.fedoraproject.org/updates/FEDORA-2014-15108/mantis-1.2.17-4.fc20 16 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20 16 https://admin.fedoraproject.org/updates/FEDORA-2014-15379/nodejs-0.10.33-1.fc20,libuv-0.10.29-1.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2014-15709/asterisk-11.14.1-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-16048/couchdb-1.6.1-4.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-15995/xen-4.3.3-6.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-16033/mediawiki-1.23.7-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-16003/mariadb-5.5.40-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-16132/libyaml-0.1.6-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-16106/qemu-1.6.2-11.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16214/erlang-R16B-03.10.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16270/mingw-flac-1.3.1-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16243/dbus-1.6.28-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16266/perl-YAML-LibYAML-0.54-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16215/pcre-8.33-8.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16241/antiword-0.37-17.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16250/cpio-2.11-28.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16273/pkcs11-helper-1.11-3.fc20,openvpn-2.3.6-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16262/kde-plasma-nm-0.9.3.5-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16350/pam-1.1.8-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16378/grub2-2.00-27.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16368/pwgen-2.07-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16358/phpMyAdmin-4.2.13.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16390/python-tornado-2.2.1-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16383/smack-3.2.2-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16397/php-horde-kronolith-4.2.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16393/python3-3.3.2-19.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-26.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16357/pyxdg-0.25-5.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16394/icecast-2.4.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16346/castor-1.3.3-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2014-15523/gdb-7.7.1-22.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-16032/libpcap-1.5.3-3.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16253/crda-1.1.3_2014.11.18-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16250/cpio-2.11-28.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16215/pcre-8.33-8.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-16243/dbus-1.6.28-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16350/pam-1.1.8-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16367/firewalld-0.3.13-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16357/pyxdg-0.25-5.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-26.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16341/openssh-6.4p1-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-16339/qt5-qttools-5.3.2-4.fc20,qt-4.8.6-18.fc20,zarafa-7.1.11-2.fc20,clucene09-0.9.21b-13.fc20 The following builds have been pushed to Fedora 20 updates-testing 2048-cli-0.8-2.fc20 ansible-lint-2.0.1-1.fc20 castor-1.3.3-1.fc20 clucene09-0.9.21b-13.fc20 devscripts-2.14.11-1.fc20 dogtag-pki-10.1.2-7.fc20 firewalld-0.3.13-1.fc20 gauche-0.9.4-1.fc20 gauche-gl-0.6-1.fc20 gauche-gtk-0.6-0.12.20121223gitceb4579.fc20 glances-2.1.2-2.fc20 goaccess-0.8.5-1.fc20 golang-googlecode-go-crypto-0-0.1.hg69e2a90ed92d.fc20 gphotoframe-2.0.1-2.hg0eed26d75481.fc20 grub2-2.00-27.fc20 icecast-2.4.1-1.fc20 iotop-0.6-3.fc20 jasper-1.900.1-26.fc20 libstoragemgmt-1.1.0-1.fc20 lmiwbem-0.5.0-1.fc20 lnst-6-1.fc20 mate-utils-1.8.1-2.fc20 mock-1.2.3-1.fc20 newsbeuter-2.8-6.fc20 nodejs-csscomb-core-2.0.4-1.fc20 nodejs-errs-0.3.2-1.fc20 openssh-6.4p1-7.fc20 openstack-neutron-2013.2.4-7.fc20 pam-1.1.8-2.fc20 pam-kwallet-0-0.7.20140508git49a5bc0.fc20 perl-Date-Manip-6.48-1.fc20 perl-Directory-Scratch-0.15-1.fc20 perl-Locale-Maketext-1.26-1.fc20 perl-autobox-2.82-1.fc20 php-horde-Horde-Dav-1.1.2-1.fc20 php-horde-Horde-Imap-Client-2.25.6-1.fc20 php-horde-Horde-JavascriptMinify-1.1.1-1.fc20 php-horde-Horde-Memcache-2.0.7-1.fc20 php-horde-Horde-Stream-1.6.2-1.fc20 php-horde-Horde-SyncMl-2.0.5-1.fc20 php-horde-imp-6.2.4-1.fc20 php-horde-ingo-3.2.3-1.fc20 php-horde-kronolith-4.2.4-1.fc20 php-horde-turba-4.2.4-1.fc20 php-horde-wicked-2.0.3-1.fc20 phpMyAdmin-4.2.13.1-1.fc20 pki-console-10.1.2-7.fc20 pngquant-2.3.1-1.fc20 powerline-1.3-2.fc20 pwgen-2.07-1.fc20 python-application-1.4.1-1.fc20 python-modestmaps-1.4.6-2.fc20 python-mpmath-0.19-2.fc20 python-ncclient-0.4.2-2.fc20 python-pyroute2-0.3.3-1.fc20 python-pysb-0.1.11-2.fc20 python-rfc6266-0.0.4-4.fc20 python-sievelib-0.8-2.fc20 python-tornado-2.2.1-7.fc20 python3-3.3.2-19.fc20 pyxdg-0.25-5.fc20 qt-4.8.6-18.fc20 qt5-qttools-5.3.2-4.fc20 rubygem-activeldap-4.0.4-1.fc20 rubygem-rhc-1.32.2-1.fc20 seqan-1.4.2-8.fc20 sl-5.02-1.fc20 smack-3.2.2-6.fc20 ugene-1.15.0-1.fc20 waffle-1.4.2-2.fc20 wammu-0.37-1.fc20 winpdb-1.4.8-8.fc20 x2goclient-4.0.3.1-1.fc20 zarafa-7.1.11-2.fc20 Details about builds: ================================================================================ 2048-cli-0.8-2.fc20 (FEDORA-2014-16379) The game 2048 for your Linux terminal -------------------------------------------------------------------------------- Update Information: initial rpm-release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170231 - Review Request: 2048-cli - The game 2048 for your Linux terminal https://bugzilla.redhat.com/show_bug.cgi?id=1170231 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-2.0.1-1.fc20 (FEDORA-2014-16377) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Update to 2.0.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Parag Nemade <pnemade AT redhat DOT com> - 2.0.1-1 - Update to 2.0.1 -------------------------------------------------------------------------------- ================================================================================ castor-1.3.3-1.fc20 (FEDORA-2014-16346) An open source data binding framework for Java -------------------------------------------------------------------------------- Update Information: Update to latest upstream point release containing fix for CVE-2014-3004 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Mat Booth <mat.booth@xxxxxxxxxx> - 1.3.3-1 - Update to latest upstream 1.3.3 - Fixes rhbz#1108691 CVE-2014-3004 * Mon Jun 9 2014 Alexander Kurtakov <akurtako@xxxxxxxxxx> 1.3.2-14 - Fix FTBFS. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.2-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Mar 28 2014 Michael Simacek <msimacek@xxxxxxxxxx> - 1.3.2-12 - Use Requires: java-headless rebuild (#1067528) * Wed Nov 27 2013 Mat Booth <fedora@xxxxxxxxxxxxxx> - 0:1.3.2-11 - Update for merge review comments and fix rawhide build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1108639 - CVE-2014-3004 castor: XML External Entity (XXE) attacks via a crafted XML document https://bugzilla.redhat.com/show_bug.cgi?id=1108639 -------------------------------------------------------------------------------- ================================================================================ clucene09-0.9.21b-13.fc20 (FEDORA-2014-16339) A C++ port of Lucene -------------------------------------------------------------------------------- Update Information: This update enables reference-counting in clucene09, as required for proper operation of the Qt 5 Assistant, and rebuilds qt5-qttools (for the qt5-assistant subpackage) and zarafa (for the zarafa-search subpackage) against the new clucene09. Additional Qt 4 improvements: * The Qt 4 Assistant now also uses the system clucene09 (which now works fine). * macros.qt4: introduce new `%%qmake_qt4` macro that supports global build flags (including `_hardened_build`) * qt-devel no longer includes some WebKit-related files that do not belong here (because we package qtwebkit separately). -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.9.21b-13 - rebuild * Sat Oct 25 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 0.9.21b-12 - Fix devel symlink * Sat Oct 25 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 0.9.21b-11 - Enable reference counting (LUCENE_ENABLE_REFCOUNT) for Qt Assistant (#1128293) - Bump soversion to 3.0.1, as apparently intended by upstream to begin with - Better GCC 4.8 fix, works with refcount without adding throwspecs everywhere - Make tests always verbose - Fix strcpy on overlapping areas and 2 unterminated buffers * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.21b-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.21b-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168259 - qt-devel contains some webkit components which probably were not meant to be included https://bugzilla.redhat.com/show_bug.cgi?id=1168259 [ 2 ] Bug #1128293 - System clucene09 should be built with LUCENE_ENABLE_REFCOUNT (crash in clucene when QtCreator indexes the help) https://bugzilla.redhat.com/show_bug.cgi?id=1128293 -------------------------------------------------------------------------------- ================================================================================ devscripts-2.14.11-1.fc20 (FEDORA-2014-16386) Scripts for Debian Package maintainers -------------------------------------------------------------------------------- Update Information: Update to version 2.14.11, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.14.11_changelog for details. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Sandro Mani <manisandro@xxxxxxxxx> - 2.14.11-1 - Update to 2.14.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082680 - /usr/bin/annotate-output errors for date format with spaces https://bugzilla.redhat.com/show_bug.cgi?id=1082680 -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-10.1.2-7.fc20 (FEDORA-2014-16355) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #1158410 - add TLS range support to server.xml by default and upgrade Bugzilla Bug #1158410 - add TLS range support to server.xml by default and upgrade -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Matthew Harmsen <mharmsen@xxxxxxxxxx> - 10.1.2-7 - Make dependencies comply with TLS changes - bump version to equal TLS-compliant pki-core package * Mon Nov 24 2014 Christina Fu <cfu@xxxxxxxxxx> 10.1.2-5 - Ticket 1198 Bugzilla 1158410 add TLS range support to server.xml by default and upgrade - updated various version dependencies - up the version release number to 10.1.2-5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158410 - ipa-server-install failing with error message - CA did not start in 300.0s https://bugzilla.redhat.com/show_bug.cgi?id=1158410 -------------------------------------------------------------------------------- ================================================================================ firewalld-0.3.13-1.fc20 (FEDORA-2014-16367) A firewall daemon with D-Bus interface providing a dynamic firewall -------------------------------------------------------------------------------- Update Information: New upstream release which fixes various bugs and adds new predefined services. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 0.3.13-1 - firewalld: - ipXtables: use -w or -w2 if supported (RHBZ#1161745, RHBZ#1151067) - DROP INVALID packets (RHBZ#1169837) - don't use ipv6header for protocol matching. (RHBZ#1065565) - removeAllPassthroughs(): remove passthroughs in reverse order (RHBZ#1167100) - fix config.service.removeDestination() (RHBZ#1164584) - firewall-config: - portProtoDialog: other protocol excludes port number/range - better fix for updating zoneStore also in update_active_zones() - fix typo in menu - configuration: - new services: tinc, vdsm, mosh, iscsi-target, rsyncd - ship and install XML Schema files. (#8) - man pages: - firewalld.dbus, firewalld.direct, firewalld, firewall-cmd - spec file: - filesystem subpackage - make dirs&files in /usr/lib/ world-readable (RHBZ#915988) -------------------------------------------------------------------------------- References: [ 1 ] Bug #915988 - /usr/lib/firewalld/zones/drop.xml is not readable by everyone https://bugzilla.redhat.com/show_bug.cgi?id=915988 [ 2 ] Bug #1065565 - Unable to permit OSPF for IPv6 https://bugzilla.redhat.com/show_bug.cgi?id=1065565 [ 3 ] Bug #1161122 - Please include firewalld predefined service and permissions for tinc https://bugzilla.redhat.com/show_bug.cgi?id=1161122 [ 4 ] Bug #1164584 - Firewalld throws exeption when trying to remove destination from service through d-bus https://bugzilla.redhat.com/show_bug.cgi?id=1164584 [ 5 ] Bug #1167100 - removeAllPassthroughs dbus method fails to remove dependent passthroughs https://bugzilla.redhat.com/show_bug.cgi?id=1167100 [ 6 ] Bug #1169837 - Be more careful when creating REJECT firewall rules. https://bugzilla.redhat.com/show_bug.cgi?id=1169837 -------------------------------------------------------------------------------- ================================================================================ gauche-0.9.4-1.fc20 (FEDORA-2014-16389) Scheme script interpreter with multibyte character handling -------------------------------------------------------------------------------- Update Information: Major feature upgrades: - R7RS support - Improved REPL - New and enhanced modules see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.9.4-1 - Update to 0.9.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124051 - gauche-0.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124051 -------------------------------------------------------------------------------- ================================================================================ gauche-gl-0.6-1.fc20 (FEDORA-2014-16389) OpenGL binding for Gauche -------------------------------------------------------------------------------- Update Information: Major feature upgrades: - R7RS support - Improved REPL - New and enhanced modules see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.6-1 - Update to 0.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124051 - gauche-0.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124051 -------------------------------------------------------------------------------- ================================================================================ gauche-gtk-0.6-0.12.20121223gitceb4579.fc20 (FEDORA-2014-16389) Gauche extension module to use GTK -------------------------------------------------------------------------------- Update Information: Major feature upgrades: - R7RS support - Improved REPL - New and enhanced modules see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 1:0.6-0.12.20121223gitceb4579 - Rebuild for Gauche 0.9.4 and Gauche-gl 0.6 - Update to latest snapshot -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124051 - gauche-0.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124051 -------------------------------------------------------------------------------- ================================================================================ glances-2.1.2-2.fc20 (FEDORA-2014-16343) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: upgrade to 2.1.2 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 20 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 2.1.2-2 - Remove old python-setuptools-devel, now using python-setuptools instead * Mon Oct 20 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 2.1.2-1 - Updat to 2.1.2 * Thu Aug 7 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 2.0-1 - Update to 2.0.0 * Thu Jun 12 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.7.7-1 - Update to 1.7.7 -------------------------------------------------------------------------------- ================================================================================ goaccess-0.8.5-1.fc20 (FEDORA-2014-16348) Real-time web log analyzer and interactive viewer -------------------------------------------------------------------------------- Update Information: Update to 0.8.5 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Eduardo Echeverria <echevemaster@xxxxxxxxx> - 0.8.5-1 - Update to 0.8.5 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-go-crypto-0-0.1.hg69e2a90ed92d.fc20 (FEDORA-2014-16362) Supplementary Go cryptography libraries -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148704 - Review Request: golang-googlecode-go-crypto - Supplementary Go cryptography libraries https://bugzilla.redhat.com/show_bug.cgi?id=1148704 -------------------------------------------------------------------------------- ================================================================================ gphotoframe-2.0.1-2.hg0eed26d75481.fc20 (FEDORA-2014-16385) Photo Frame Gadget for the GNOME Desktop -------------------------------------------------------------------------------- Update Information: New version 2.0.1 is released. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.0.1-2.hg0eed26d75481 - Add appdata * Tue Dec 2 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.0.1-1.hg82fdb3350fbd - 2.0.1 * Wed Nov 26 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.0.1-0.1.b1.hga78a9b1d0cee - 2.0.1-b1 -------------------------------------------------------------------------------- ================================================================================ grub2-2.00-27.fc20 (FEDORA-2014-16378) Bootloader with support for Linux, Multiboot and more -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-4607 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Peter Jones <pjones@xxxxxxxxxx> - 2.00-27 - Update minilzo to 2.08 for CVE-2014-4607 Resolves: rhbz#1131793 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1112418 -------------------------------------------------------------------------------- ================================================================================ icecast-2.4.1-1.fc20 (FEDORA-2014-16394) ShoutCast compatible streaming media server -------------------------------------------------------------------------------- Update Information: **fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)** **fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)** **enabled fully hardened build (#954320)** * update new to release v2.4.1 (#1101950) * added doc-subpkg -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Björn Esser <bjoern.esser@xxxxxxxxx> - 2.4.1-1 - update new to release v2.4.1 (#1101950) - fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149) - fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885) - unified spec-file for el5+ and Fedora - some improvements to readability - added doc-subpkg * Thu Dec 4 2014 Björn Esser <bjoern.esser@xxxxxxxxx> - 2.3.3-6 - enabled fully hardened build (#954320) * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168146 - CVE-2014-9091 icecast: supplementary groups are not overriden https://bugzilla.redhat.com/show_bug.cgi?id=1168146 [ 2 ] Bug #1165880 - CVE-2014-9018 icecast: possible leak of on-connect scripts https://bugzilla.redhat.com/show_bug.cgi?id=1165880 -------------------------------------------------------------------------------- ================================================================================ iotop-0.6-3.fc20 (FEDORA-2014-16391) Top like utility for I/O -------------------------------------------------------------------------------- Update Information: - ignore curses failures during termination -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 0.6-3 - ignore curses failures during termination (#1035503) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035503 - [abrt] iotop-0.6-1.fc19: wrapper.py:49:wrapper:error: nocbreak() returned ERR https://bugzilla.redhat.com/show_bug.cgi?id=1035503 -------------------------------------------------------------------------------- ================================================================================ jasper-1.900.1-26.fc20 (FEDORA-2014-16349) Implementation of the JPEG-2000 standard, Part 1 -------------------------------------------------------------------------------- Update Information: Fixes CVE-2014-9029 vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 1.900.1-26 - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1170650) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1167537 - CVE-2014-9029 jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009) https://bugzilla.redhat.com/show_bug.cgi?id=1167537 -------------------------------------------------------------------------------- ================================================================================ libstoragemgmt-1.1.0-1.fc20 (FEDORA-2014-16374) Storage array management library -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Tony Asleson <tasleson@xxxxxxxxxx> 1.1.0-1 - New upstream release - Fix udev files directory - Move command line files to python package * Wed Oct 8 2014 Tony Asleson <tasleson@xxxxxxxxxx> - 1.0.0-3 - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package -------------------------------------------------------------------------------- ================================================================================ lmiwbem-0.5.0-1.fc20 (FEDORA-2014-16333) Python WBEM Client -------------------------------------------------------------------------------- Update Information: upgrade to 0.5.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Peter Hatina <phatina@xxxxxxxxxx> - 0.5.0-1 - upgrade to 0.5.0 * Wed Aug 27 2014 Peter Hatina <phatina@xxxxxxxxxx> - 0.2.0-10 - fix CIMInstance::getitem() return value by reference -------------------------------------------------------------------------------- ================================================================================ lnst-6-1.fc20 (FEDORA-2014-16356) Common code for lnst-ctl and lnst-slave -------------------------------------------------------------------------------- Update Information: update to version 6 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Jiri Pirko <jpirko@xxxxxxxxxx> - 6-1 - Updating to stable release 6 -------------------------------------------------------------------------------- ================================================================================ mate-utils-1.8.1-2.fc20 (FEDORA-2014-16380) MATE utility programs -------------------------------------------------------------------------------- Update Information: - push forgotten update -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-2 - bump version * Thu Oct 2 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-1 - update to 1.8.1 release -------------------------------------------------------------------------------- ================================================================================ mock-1.2.3-1.fc20 (FEDORA-2014-16334) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: Mostly bugfixes. RFEs: New option --symlink-dereference. Tmpfs new option 'keep_mounted'. Bump in plugin ABI. New LVM plugin. Nosync for better IO performance. DNF support. Printing more useful output on terminal. Concurrent shell acces to buildroot. Executing package management commands. --enablerepo and --disablerepo options Short circuit options. Automatic initialization. Python 3 support. Experimental support for building using systemd-nspawn. Accept path as config. New compress_logs plugin. And lots of bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.3-1 - fixed incorrect command construction in PackageManager:build_invocation [RHBZ#1170230] - completion: correctly expand --install [RHBZ#1168220] - copyin: when source is directory, then handle corner cases [RHBZ#1169051] - increase default for tmpfs to 768 - check if key exist [RHBZ#476837] - Added tmpfs new option 'keep_mounted' [RHBZ#476837] - add 2 common tmpfs dirs to find_non_nfs_dir() - Added new option --symlink-dereference used with --buildsrpm [BZ# 1165242] - accept None as macro value in config [RHBZ#1165778] - Don't do yum update when --no-clean specified [RHBZ#1165716] - do not delete /buildir when --no-clean was set [RHBZ#483486] - bash completation for --copyin and --sources - bash_completion.d/mock: fix syntax error - Correct check for --source cmd option, single file can be used [RHBZ#1165213] - update BUGS part of man page - add missing options to man page * Tue Nov 18 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.2-1 - add missing import [RHBZ#1165061] * Sat Nov 15 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.1-1 - allow mockchain to accept path as config - end yum's installroot path with a slash [RHBZ#1160428] - add --mount option [RHBZ#1162637] - add some missing bash completation strings - run --shell as root with --new-chroot - Don't fail scrub when there's no pool [RHBZ#1162631] - Globbing and tilde expansion - move restoring priviledges to finally [RHBZ#1162720] - Remove "Buildroot must be already initialized" note - Add missing --print-root-path to manpage - Do not print ANSI escape characters into log [RHBZ#1163037] - in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595] - Disable empty names and values in config_opts[macros] [RHBZ#1160765] - Disable single macros in -D cmd option [RHBZ#1160765] - rpmbuild is in /usr/bin [RHBZ#1161112] - man page for --macro-file [RHBZ#1160326] - Added option [--macro-file] to support external rpm macros file [RHBZ#1160326] - Don't output installation/build output when redirected - Better log message for intial buildroot installation - Be more specific when installing configs - Install into correct sitelib when using Python 3 - Fix nosync on aarch64 - wrap all remaining getcwd() [RHBZ#1159300] - do not use rpm in %post scriptlet [RHBZ#1131279] - Fix unclear legal host output [RHBZ#1159794] - allow running from directory, which is deleted [RHBZ#1159300] - create compress_logs plugin [RHBZ#1100923] - when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308] - accept paths to target definition files [RHBZ#1126117] - set title bar in xterm [RHBZ#1126235] - pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604] - Fix incorrect printing of binary strings on py3 - Add missing Requires rpm-python3 - Don't print Yum and build output when quiet - Prevent output being printed twice with --verbose (rhbz#1152971) - Fix printing non-ascii characters with output redirected (rhbz#1152952) - replace urlgrabber by python-requests - use python3 for Fedora22+ - Don't print we're doing rpmbuild -bb, when it may not be true - 'prep' choice missing in short-circuit option parser - Don't execute prebuild in short-circuit mode * Thu Oct 9 2014 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2.0-1 - update configs for secondary architecture (Dan Horák) - caching of buildroots using LVM (Michael Simacek) - add support for DNF (Michael Simacek) - initial porting to python3 (Michael Simacek) - new config option nosync (Michael Simacek) - add CentOS extra repository [BZ# 1108402] - correctly create default.cfg on arm [BZ# 1033786] - postpone loading of rpm after chroot is set [BZ# 1111147] - use systemd-nspawn instead of chroot [RHBZ# 1132762] - in --copyout do not fail on symlinks [BZ# 971474] - allow to short circuit to prep phase [BZ# 966985] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170230 - mock failed rebuild multiple packages https://bugzilla.redhat.com/show_bug.cgi?id=1170230 [ 2 ] Bug #1168220 - bash completion for --install should not suggest srpm https://bugzilla.redhat.com/show_bug.cgi?id=1168220 [ 3 ] Bug #1169051 - [abrt] mock: os.py:157:makedirs:OSError: [Errno 17] File exists: '/var/lib/mock/fedora-rawhide-x86_64/root/' https://bugzilla.redhat.com/show_bug.cgi?id=1169051 [ 4 ] Bug #476837 - RFE: add option to not umount tmpfs only for clean https://bugzilla.redhat.com/show_bug.cgi?id=476837 [ 5 ] Bug #1165242 - mock --sources can't handle symlinks https://bugzilla.redhat.com/show_bug.cgi?id=1165242 [ 6 ] Bug #1165778 - fedpkg mockbuild doesn't work with mock-1.2 https://bugzilla.redhat.com/show_bug.cgi?id=1165778 [ 7 ] Bug #1165716 - mock must *not* automatically update packages in build root https://bugzilla.redhat.com/show_bug.cgi?id=1165716 [ 8 ] Bug #483486 - Can't build 'nosrc' srpms using mock (--no-clean does not work) https://bugzilla.redhat.com/show_bug.cgi?id=483486 [ 9 ] Bug #1165213 - mock --sources single file does not work https://bugzilla.redhat.com/show_bug.cgi?id=1165213 [ 10 ] Bug #1165061 - update to mock-1.2.1-1.fc21 breaks existing mock profiles https://bugzilla.redhat.com/show_bug.cgi?id=1165061 [ 11 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot https://bugzilla.redhat.com/show_bug.cgi?id=1160428 [ 12 ] Bug #1162637 - Provide --umount counterpart for LVM plugin https://bugzilla.redhat.com/show_bug.cgi?id=1162637 [ 13 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories https://bugzilla.redhat.com/show_bug.cgi?id=1162631 [ 14 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist https://bugzilla.redhat.com/show_bug.cgi?id=1162720 [ 15 ] Bug #1163037 - Do not print ANSI escape characters into log https://bugzilla.redhat.com/show_bug.cgi?id=1163037 [ 16 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work https://bugzilla.redhat.com/show_bug.cgi?id=1162595 [ 17 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option https://bugzilla.redhat.com/show_bug.cgi?id=1160765 [ 18 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock https://bugzilla.redhat.com/show_bug.cgi?id=1161112 [ 19 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file https://bugzilla.redhat.com/show_bug.cgi?id=1160326 [ 20 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd" https://bugzilla.redhat.com/show_bug.cgi?id=1159300 [ 21 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch https://bugzilla.redhat.com/show_bug.cgi?id=1131279 [ 22 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output https://bugzilla.redhat.com/show_bug.cgi?id=1159794 [ 23 ] Bug #1100923 - RFE: compress mock build logs when done building https://bugzilla.redhat.com/show_bug.cgi?id=1100923 [ 24 ] Bug #1085308 - mock: User configuration is lost during update https://bugzilla.redhat.com/show_bug.cgi?id=1085308 [ 25 ] Bug #1126117 - Mock should accept paths to target definition files https://bugzilla.redhat.com/show_bug.cgi?id=1126117 [ 26 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes https://bugzilla.redhat.com/show_bug.cgi?id=1126235 [ 27 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo https://bugzilla.redhat.com/show_bug.cgi?id=1154604 [ 28 ] Bug #1152971 - Verbose mode is repeating lines https://bugzilla.redhat.com/show_bug.cgi?id=1152971 [ 29 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128) https://bugzilla.redhat.com/show_bug.cgi?id=1152952 -------------------------------------------------------------------------------- ================================================================================ newsbeuter-2.8-6.fc20 (FEDORA-2014-16353) Configurable text-based feed reader -------------------------------------------------------------------------------- Update Information: add solarized-light colorscheme include contrib/ folder -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 2.8-6 - add solarized-light colorscheme * Thu Dec 4 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 2.8-5 - remove executable permissions from contrib/ scripts - improve solarized dark colorscheme * Thu Dec 4 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 2.8-4 - include contrib/ folder * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ nodejs-csscomb-core-2.0.4-1.fc20 (FEDORA-2014-16336) Framework for writing postprocessors -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1131978 - Review Request: nodejs-csscomb-core - Framework for writing postprocessors https://bugzilla.redhat.com/show_bug.cgi?id=1131978 -------------------------------------------------------------------------------- ================================================================================ nodejs-errs-0.3.2-1.fc20 (FEDORA-2014-16340) Simple error creation and passing utilities -------------------------------------------------------------------------------- Update Information: Update to 0.3.2 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.3.2-1 - Update to 0.3.2 -------------------------------------------------------------------------------- ================================================================================ openssh-6.4p1-7.fc20 (FEDORA-2014-16341) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: When ssh client connects to Cisco-* servers, it uses a preferred size of DH groups 4096b at maximum and powers of 2. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Petr Lautrbach <plautrba@xxxxxxxxxx> 6.4p1-7 + 0.9.3-1 - use different values for DH for Cisco servers (#1026430) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1026430 - OpenSSH can no longer connect to Cisco routers/switches https://bugzilla.redhat.com/show_bug.cgi?id=1026430 -------------------------------------------------------------------------------- ================================================================================ openstack-neutron-2013.2.4-7.fc20 (FEDORA-2014-16338) OpenStack Networking Service -------------------------------------------------------------------------------- Update Information: Readded missing dep on python-pbr. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ pam-1.1.8-2.fc20 (FEDORA-2014-16350) An extensible library which provides authentication for applications -------------------------------------------------------------------------------- Update Information: Update fixing minor security issues and bugs. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.1.8-2 - fix CVE-2014-2583: potential path traversal issue in pam_timestamp - fix CVE-2013-7041: use case sensitive comparison in pam_userdb - be tolerant to corrupted opasswd file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080243 - CVE-2014-2583 pam: path traversal issue in pam_timestamp's format_timestamp_name() https://bugzilla.redhat.com/show_bug.cgi?id=1080243 [ 2 ] Bug #1038555 - CVE-2013-7041 pam: pam_userdb case insensitive password hash comparison https://bugzilla.redhat.com/show_bug.cgi?id=1038555 -------------------------------------------------------------------------------- ================================================================================ pam-kwallet-0-0.7.20140508git49a5bc0.fc20 (FEDORA-2014-16364) PAM module for KWallet -------------------------------------------------------------------------------- Update Information: Add runtime dependency on socat to ensure proper function. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0-0.7.20140508git - Requires: socat (#1155873) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155873 - pam-kwallet fails to send hash to kwalletd https://bugzilla.redhat.com/show_bug.cgi?id=1155873 -------------------------------------------------------------------------------- ================================================================================ perl-Date-Manip-6.48-1.fc20 (FEDORA-2014-16388) Date manipulation routines -------------------------------------------------------------------------------- Update Information: Fixed a bug in the printf method that would not handle embedded newlines correctly (and resulted in an infinite loop if it were preceded by a '%'). Fixed a bug where '24:00' was not parsed correctly (though '24:00:00' was). Fixed a bug where fractional values separated by a comma weren't parsed correctly. Parsing special date formats with timezones is now supported. The parse_time routine wouldn't correctly parse ISO 8601 times. This is now fixed. Newest zoneinfo data (tzdata 2014j). -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Petr Šabata <contyk@xxxxxxxxxx> - 6.48-1 - 6.48 bump - various bugfixes and tzdata updates -------------------------------------------------------------------------------- References: [ 1 ] Bug #1171023 - perl-Date-Manip-6.48 is available https://bugzilla.redhat.com/show_bug.cgi?id=1171023 -------------------------------------------------------------------------------- ================================================================================ perl-Directory-Scratch-0.15-1.fc20 (FEDORA-2014-16337) Self-cleaning scratch space for tests -------------------------------------------------------------------------------- Update Information: This release fixes internal tests and corrects documentation. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 0.15-1 - 0.15 bump -------------------------------------------------------------------------------- ================================================================================ perl-Locale-Maketext-1.26-1.fc20 (FEDORA-2014-16342) Framework for localization -------------------------------------------------------------------------------- Update Information: This release corrects misspellings in the documentation. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1.26-1 - 1.26 bump -------------------------------------------------------------------------------- ================================================================================ perl-autobox-2.82-1.fc20 (FEDORA-2014-16373) Call methods on native types -------------------------------------------------------------------------------- Update Information: This release fixes various crashes. This release exports autobox::universal at RPM level again. This release adds support for importing via hash reference. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2.82-1 - 2.82 bump -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Dav-1.1.2-1.fc20 (FEDORA-2014-16363) Horde library for WebDAV, CalDAV, CardDAV -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.2-1 - Update to 1.1.2 - add dependency on Horde_Translation -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.25.6-1.fc20 (FEDORA-2014-16363) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.25.6-1 - Update to 2.25.6 - raise dependency on Horde_Mime >= 2.5.2 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-JavascriptMinify-1.1.1-1.fc20 (FEDORA-2014-16363) Javascript Minification -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.1-1 - Update to 1.1.1 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Memcache-2.0.7-1.fc20 (FEDORA-2014-16363) Horde Memcache API -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.7-1 - Update to 2.0.7 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Stream-1.6.2-1.fc20 (FEDORA-2014-16363) Horde stream handler -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.6.2-1 - Update to 1.6.2 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-SyncMl-2.0.5-1.fc20 (FEDORA-2014-16363) Horde_SyncMl provides an API for processing SyncML requests -------------------------------------------------------------------------------- Update Information: Horde_Memcache 2.0.7 * [mms] Fix race condition where memcache lock could be removed before the underlying locked data could be updated. Horde_JavascriptMinify 1.1.1 * [jan] Raise log level of errors from Closure compiler. Horde_Stream 1.6.2 * [jan] Throw InvalidArgumentException if passing incorrect arguments to constructors. Horde_Imap_Client 2.25.6 * [mms] Better cache unserialization error handling for all backends. Horde_SyncMl 2.0.5 * [jan] Fix exporting notes to Funambol clients (horde@xxxxxxxxxxxx, Bug #9487). * [jan] Fix creating server-client-mapping if backend returns multiple server IDs per client ID (horde@xxxxxxxxxxxx, Bug #13706). Horde_Dav 1.1.2 * [jan] Fix DAV client always using Digest authentication (Bug #13319). * [jan] Fix PUT request not passing content to the backend. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.5-1 - Update to 2.0.5 - raise dependency on Horde_Translation >= 2.2.0 -------------------------------------------------------------------------------- ================================================================================ php-horde-imp-6.2.4-1.fc20 (FEDORA-2014-16369) A web based webmail system -------------------------------------------------------------------------------- Update Information: Imp 6.2.4 * [mms] Don't persist dynamic filter views across page reloads. * [mms] Fix message saving when using a POP3 server. * [jan] Fix JS error when using regexp characters in search string. * [mjr] Ensure we have a valid MIME part to display in thread view (Bug #13653). -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 6.2.4-1 - Update to 6.2.4 - raide dependency: Horde_Core >= 2.17.0 -------------------------------------------------------------------------------- ================================================================================ php-horde-ingo-3.2.3-1.fc20 (FEDORA-2014-16345) An email filter rules manager -------------------------------------------------------------------------------- Update Information: Ingo 3.2.3 * [mms] Fix determination of preferred backend (Bug #13548). -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.2.3-1 - Update to 3.2.3 -------------------------------------------------------------------------------- ================================================================================ php-horde-kronolith-4.2.4-1.fc20 (FEDORA-2014-16397) A web based calendar -------------------------------------------------------------------------------- Update Information: kronolith 4.2.4 * [jan] Make access to non-CalDAV remote calendars faster (Bug #12379). * [jan] Continue with further events if parsing of one remote event date fails. * [jan] Fix JS error in month view with more events today than the maximum threshold. * [mjr] Fix fatal error when creating or modifying an entry via PUT. * [mjr] Don't show private event details in daily agenda emails if not the owner (Bug #13660). -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 4.2.4-1 - Update to 4.2.4 -------------------------------------------------------------------------------- ================================================================================ php-horde-turba-4.2.4-1.fc20 (FEDORA-2014-16382) A web based address book -------------------------------------------------------------------------------- Update Information: Turba 4.2.4 * [jan] Use the SHOW permission to determine the sidebar address book list. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 4.2.4-1 - Update to 4.2.4 -------------------------------------------------------------------------------- ================================================================================ php-horde-wicked-2.0.3-1.fc20 (FEDORA-2014-16372) Wiki application -------------------------------------------------------------------------------- Update Information: Wicked 2.0.3 * [jan] Fix updating annotated links when renaming pages. * [jan] Add ReST rendering rule for horizontal rulers. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.3-1 - Update to 2.0.3 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.2.13.1-1.fc20 (FEDORA-2014-16358) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.2.13.1 (2014-12-03) ================================ - [security] XSS vulnerability in redirection mechanism - [security] DOS attack with long passwords -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 4.2.13.1-1 - Upgrade to 4.2.13.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170597 - CVE-2014-9218 phpMyAdmin: Denial of Service with long passwords https://bugzilla.redhat.com/show_bug.cgi?id=1170597 [ 2 ] Bug #1170604 - CVE-2014-9219 phpMyAdmin: XSS vulnerability in redirection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1170604 -------------------------------------------------------------------------------- ================================================================================ pki-console-10.1.2-7.fc20 (FEDORA-2014-16395) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #1158410 - add TLS range support to server.xml by default and upgrade Bugzilla Bug #1158410 - add TLS range support to server.xml by default and upgrade -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Matthew Harmsen <mharmsen@xxxxxxxxxx> - 10.1.2-7 - Make dependencies comply with TLS changes - bump version to equal TLS-compliant pki-core package * Mon Nov 24 2014 Christina Fu <cfu@xxxxxxxxxx> 10.1.2-5 - Ticket 1198 Bugzilla 1158410 add TLS range support to server.xml by default and upgrade (cfu) - PKI Trac Ticket #1211 - New release overwrites old source tarball (mharmsen) - updated various version dependencies (cfu) - up the version release number to 10.1.2-5 (cfu) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1158410 - ipa-server-install failing with error message - CA did not start in 300.0s https://bugzilla.redhat.com/show_bug.cgi?id=1158410 -------------------------------------------------------------------------------- ================================================================================ pngquant-2.3.1-1.fc20 (FEDORA-2014-16365) PNG quantization tool for reducing image file size -------------------------------------------------------------------------------- Update Information: New bug fixing release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 17 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 2.3.1-1 - New bug fixing release * Sat Sep 27 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 2.3.0-2 - Disable SSE on i386, to workaround building on i386 , https://github.com/pornel/pngquant/issues/122 * Sat Sep 27 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 2.3.0-1 - New upstream version 2.3.0 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1022907 - pngquant-2.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1022907 [ 2 ] Bug #1153989 - pngquant-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1153989 -------------------------------------------------------------------------------- ================================================================================ powerline-1.3-2.fc20 (FEDORA-2014-16384) The ultimate status-line/prompt utility -------------------------------------------------------------------------------- Update Information: Fix powerline-config. Update to version 1.3. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 - Andreas Schneider <asn@xxxxxxxxxx> - 1.3-2 - Fix powerline-config. * Wed Dec 3 2014 - Andreas Schneider <asn@xxxxxxxxxx> - 1.3-1 - Update to version 1.3. -------------------------------------------------------------------------------- ================================================================================ pwgen-2.07-1.fc20 (FEDORA-2014-16368) Automatic password generation -------------------------------------------------------------------------------- Update Information: Update to 2.07 (bug 1159526) fixes: - CVE-2013-4440 (bug 1020222, 1020223) - CVE-2013-4442 (bug 1020259, 1020261) -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.07-1 - Update to 2.07 (bug 1159526) fixes: CVE-2013-4440 (bug 1020222, 1020223) CVE-2013-4442 (bug 1020259, 1020261) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.06-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.06-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1020220 - CVE-2013-4440 pwgen: non-tty passwords are trivially weak by default https://bugzilla.redhat.com/show_bug.cgi?id=1020220 [ 2 ] Bug #1020258 - CVE-2013-4442 pwgen: silent fallback to insecure entropy https://bugzilla.redhat.com/show_bug.cgi?id=1020258 -------------------------------------------------------------------------------- ================================================================================ python-application-1.4.1-1.fc20 (FEDORA-2014-16366) Basic building blocks for python applications -------------------------------------------------------------------------------- Update Information: Fixed cleaning up weak references in weakobjectmap during shutdown -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.4.1-1 - Update to 1.4.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1120161 - python-application-1.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1120161 -------------------------------------------------------------------------------- ================================================================================ python-modestmaps-1.4.6-2.fc20 (FEDORA-2014-16381) Modest Maps python port -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147351 - Review Request: python-modestmaps - Modest Maps python port https://bugzilla.redhat.com/show_bug.cgi?id=1147351 -------------------------------------------------------------------------------- ================================================================================ python-mpmath-0.19-2.fc20 (FEDORA-2014-16335) A pure Python library for multiprecision floating-point arithmetic -------------------------------------------------------------------------------- Update Information: Patch for BZ #1127796. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.19-2 - Patch for BZ #1127796. * Tue Jun 24 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> - 0.19-1 - Update to 0.19. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.18-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 14 2014 Bohuslav Kabrda <bkabrda@xxxxxxxxxx> - 0.18-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1127796 - mpmath: calculus/polynomials.py doesn't define orig https://bugzilla.redhat.com/show_bug.cgi?id=1127796 -------------------------------------------------------------------------------- ================================================================================ python-ncclient-0.4.2-2.fc20 (FEDORA-2014-16352) Python library for NETCONF clients -------------------------------------------------------------------------------- Update Information: Initial upload of the package to repos. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170629 - Review Request: python-ncclient - Python library for NETCONF clients https://bugzilla.redhat.com/show_bug.cgi?id=1170629 -------------------------------------------------------------------------------- ================================================================================ python-pyroute2-0.3.3-1.fc20 (FEDORA-2014-16359) Pure Python netlink library -------------------------------------------------------------------------------- Update Information: Fix-ups, 0.3.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Peter V. Saveliev <peter@xxxxxxxxxx> 0.3.3-1 - Fix-ups, 0.3.3 - Bugfixes for Python 2.6 -------------------------------------------------------------------------------- ================================================================================ python-pysb-0.1.11-2.fc20 (FEDORA-2014-16351) Rule-based modeling of biochemical systems as Python programs -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- ================================================================================ python-rfc6266-0.0.4-4.fc20 (FEDORA-2014-16392) Parse and generate Content-Disposition headers -------------------------------------------------------------------------------- Update Information: Parse and generate Content-Disposition headers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170072 - Review Request: python-rfc6266 - Parse and generate Content-Disposition headers https://bugzilla.redhat.com/show_bug.cgi?id=1170072 -------------------------------------------------------------------------------- ================================================================================ python-sievelib-0.8-2.fc20 (FEDORA-2014-16376) Client-side SIEVE library -------------------------------------------------------------------------------- Update Information: Client-side SIEVE library -------------------------------------------------------------------------------- References: [ 1 ] Bug #1169895 - Review Request: python-sievelib - Client-side SIEVE library https://bugzilla.redhat.com/show_bug.cgi?id=1169895 -------------------------------------------------------------------------------- ================================================================================ python-tornado-2.2.1-7.fc20 (FEDORA-2014-16390) Scalable, non-blocking web server and tools -------------------------------------------------------------------------------- Update Information: - Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627) - Drop requires python-simplejson, not needed for modern python -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.2.1-7 - Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627) - Drop requires python-simplejson, not needed for modern python -------------------------------------------------------------------------------- References: [ 1 ] Bug #963260 - CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns https://bugzilla.redhat.com/show_bug.cgi?id=963260 -------------------------------------------------------------------------------- ================================================================================ python3-3.3.2-19.fc20 (FEDORA-2014-16393) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Fixes CVEs 2013-7338 and 2014-2667. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Slavek Kabrda <bkabrda@xxxxxxxxxx> - 3.3.2-19 - Fix CVE-2013-7338 and CVE-2014-2667. Resolves: rhbz#1078015 Resolves: rhbz#1083594 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1078014 - CVE-2013-7338 python: malformed ZIP files could cause 100% CPU usage https://bugzilla.redhat.com/show_bug.cgi?id=1078014 [ 2 ] Bug #1082177 - CVE-2014-2667 python: os.makedirs(exist_ok=True) is not thread-safe in Python 3.x https://bugzilla.redhat.com/show_bug.cgi?id=1082177 -------------------------------------------------------------------------------- ================================================================================ pyxdg-0.25-5.fc20 (FEDORA-2014-16357) Python library to access freedesktop.org standards -------------------------------------------------------------------------------- Update Information: Fix CVE-2014-1624 pyxdg: TOCTOU race condition in get_runtime_dir() when strict=False -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 0.25-5 - fix CVE-2014-1624 * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.25-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue May 27 2014 Kalev Lember <kalevlember@xxxxxxxxx> - 0.25-3 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056338 - CVE-2014-1624 pyxdg: TOCTOU race condition in get_runtime_dir() when strict=False https://bugzilla.redhat.com/show_bug.cgi?id=1056338 -------------------------------------------------------------------------------- ================================================================================ qt-4.8.6-18.fc20 (FEDORA-2014-16339) Qt toolkit -------------------------------------------------------------------------------- Update Information: This update enables reference-counting in clucene09, as required for proper operation of the Qt 5 Assistant, and rebuilds qt5-qttools (for the qt5-assistant subpackage) and zarafa (for the zarafa-search subpackage) against the new clucene09. Additional Qt 4 improvements: * The Qt 4 Assistant now also uses the system clucene09 (which now works fine). * macros.qt4: introduce new `%%qmake_qt4` macro that supports global build flags (including `_hardened_build`) * qt-devel no longer includes some WebKit-related files that do not belong here (because we package qtwebkit separately). -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 26 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-18 - omit previously-overlooked webkit bits (#1168259) * Sun Nov 9 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-17 - Broken qmake_qt4 in /usr/lib/rpm/macros.d/macros.qt4 (#1161927) * Mon Nov 3 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-16 - macros.qt4: standalone, improved %qmake_qt4 macro (sync'd with qt5 version) * Sat Nov 1 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1:4.8.6-15 - sync system-clucene patch from qt5-qttools (some QDir::mkpath in QtCLucene) * Sun Oct 26 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1:4.8.6-14 - build against the system clucene09-core (same patch as for qt5-qttools) * Tue Sep 16 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:4.8.6-13 - qmlviewer: -qt4 wrapper, move to -devel - pull in some upstream fixes * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:4.8.6-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Tue Aug 12 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 4.8.6-11 - drop Phonon-GStreamer0.10 support from qtconfig-qt4 on F21+ (#1123112) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168259 - qt-devel contains some webkit components which probably were not meant to be included https://bugzilla.redhat.com/show_bug.cgi?id=1168259 [ 2 ] Bug #1128293 - System clucene09 should be built with LUCENE_ENABLE_REFCOUNT (crash in clucene when QtCreator indexes the help) https://bugzilla.redhat.com/show_bug.cgi?id=1128293 -------------------------------------------------------------------------------- ================================================================================ qt5-qttools-5.3.2-4.fc20 (FEDORA-2014-16339) Qt5 - QtTool components -------------------------------------------------------------------------------- Update Information: This update enables reference-counting in clucene09, as required for proper operation of the Qt 5 Assistant, and rebuilds qt5-qttools (for the qt5-assistant subpackage) and zarafa (for the zarafa-search subpackage) against the new clucene09. Additional Qt 4 improvements: * The Qt 4 Assistant now also uses the system clucene09 (which now works fine). * macros.qt4: introduce new `%%qmake_qt4` macro that supports global build flags (including `_hardened_build`) * qt-devel no longer includes some WebKit-related files that do not belong here (because we package qtwebkit separately). -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 5.3.2-4 - system-clucene patch fixes: some required QDir::mkpath in QtCLucene, cleanups - F20+/EL7+: BR reference-counting-enabled clucene09 (#1128293) - disable system-clucene where refcounted clucene09 not available (#1128293) * Wed Dec 3 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.3.2-3 - rebuild (clucene09) * Fri Oct 17 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.3.2-2 - -devel: Requires: qt5-designer-plugin-webkit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168259 - qt-devel contains some webkit components which probably were not meant to be included https://bugzilla.redhat.com/show_bug.cgi?id=1168259 [ 2 ] Bug #1128293 - System clucene09 should be built with LUCENE_ENABLE_REFCOUNT (crash in clucene when QtCreator indexes the help) https://bugzilla.redhat.com/show_bug.cgi?id=1128293 -------------------------------------------------------------------------------- ================================================================================ rubygem-activeldap-4.0.4-1.fc20 (FEDORA-2014-16375) Ruby/ActiveLdap is a object-oriented API to LDAP -------------------------------------------------------------------------------- Update Information: New version 4.0.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 4.0.4-1 - 4.0.4 * Fri Jul 4 2014 Josef Stribny <jstribny@xxxxxxxxxx> - 4.0.3-1 - Update to 4.0.3 - Update project URLs - Add support for Ruby on Rails 4.1. * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rubygem-rhc-1.32.2-1.fc20 (FEDORA-2014-16396) OpenShift Express Client Tools -------------------------------------------------------------------------------- Update Information: Updated version 1.32.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Guillermo Gomez <gomix@xxxxxxxxxxxxxxxxx> - 1.32.2-1 - Updated to version 1.32.2 - Fixed some bogus changelogs dates -------------------------------------------------------------------------------- ================================================================================ seqan-1.4.2-8.fc20 (FEDORA-2014-16371) Open source C++ library of efficient algorithms and data structures -------------------------------------------------------------------------------- Update Information: - **Fixed shared libraries** - **Update to 1.4.2** -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-8 - Excluded bs_tools test on ARM * Mon Dec 1 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-7 - Parallel tests not performed on ARM * Mon Dec 1 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-6 - DBUILD_SHARED_LIBS boolean disabled - Test enabled * Tue Nov 25 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-5 - Parallel make excluded on ARM arch * Tue Nov 25 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-4 - Tests disabled temporarily * Sat Nov 22 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-3 - Packaged private libraries - Performed tests - Splazers and fiona tests excluded * Sat Nov 22 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-2 - Parallel make excluded on ARM arch * Fri Nov 21 2014 Antonio Trande <sagitterATfedoraproject.org> - 1.4.2-1 - Update to 1.4.2 - Fixed cmake compiler flags - Fixed declaration of multiple license - A doc sub-package is now built * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168312 - Error while loading shared libraries: libseqan_flexlib.so libmason_sim.so https://bugzilla.redhat.com/show_bug.cgi?id=1168312 -------------------------------------------------------------------------------- ================================================================================ sl-5.02-1.fc20 (FEDORA-2014-16387) Joke command for when you type 'sl' instead of 'ls' -------------------------------------------------------------------------------- Update Information: Update to the new upstream (and new build system; #1170931) -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2014 Matej Cepl <mcepl@xxxxxxxxxx> - 5.02-1 - Update to the new upstream (and new build system; #1170931) * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.03-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.03-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1170931 - RFE: update to 5.02 https://bugzilla.redhat.com/show_bug.cgi?id=1170931 -------------------------------------------------------------------------------- ================================================================================ smack-3.2.2-6.fc20 (FEDORA-2014-16383) Open Source XMPP (Jabber) client library -------------------------------------------------------------------------------- Update Information: fix for CVE-2014-0363 (rhbz#1093274) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 gil cattaneo <puntogil@xxxxxxxxx> 3.2.2-6 - fix for CVE-2014-0363 (rhbz#1093274) - remove jzlib systemPath in smackx pom -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093273 - CVE-2014-0363 smack: incorrect X.509 certificate validation https://bugzilla.redhat.com/show_bug.cgi?id=1093273 -------------------------------------------------------------------------------- ================================================================================ ugene-1.15.0-1.fc20 (FEDORA-2014-16360) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information: Important changes in this major release 1.15.0 include: 1. Quick search in a sequence without creation of annotations 2. PCR in silico 3. NGS: a) Spades de novo assembler b) Export of a short reads assembly coverage c) Raw NGS filtering workflow samples 4. Circular View and circular sequences: a) Support of all algorithms for circular sequences: ORF, restriction sites, BLAST, etc. b) Circular View visualisation settings 5. Shared database: a) Support of shared databases in the UGENE Workflow Designer 6. Usability improvements: a) Welcome page b) Remembering of Options Panel setting within one -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 3 2014 Yulia Algaer <yalgaer@xxxxxxxxx> 1.15.0-1 - Upstream version change -------------------------------------------------------------------------------- ================================================================================ waffle-1.4.2-2.fc20 (FEDORA-2014-16370) Platform independent GL API layer -------------------------------------------------------------------------------- Update Information: Upstream release (with modifications to build w/cmake < 2.8.12). -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Matej Cepl <mcepl@xxxxxxxxxx> - 1.4.2-2 - Merge with master. - Patch out commit 92116dae to make building possible on cmake < 2.8.12. * Thu Dec 4 2014 Matej Cepl <mcepl@xxxxxxxxxx> - 1.4.2-1 - Upstream release (#1161826) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161826 - New version 1.4.2 https://bugzilla.redhat.com/show_bug.cgi?id=1161826 -------------------------------------------------------------------------------- ================================================================================ wammu-0.37-1.fc20 (FEDORA-2014-16347) Mobile Phone Manager - Gammu GUI -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 17 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 0.37-1 - New upstream release. * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.36-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ winpdb-1.4.8-8.fc20 (FEDORA-2014-16344) An advanced python debugger -------------------------------------------------------------------------------- Update Information: Fix winpdb debugger to run properly from gnome-terminal. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 4 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.4.8-8 - fix issue where winpdb doesn't launch in gnome-terminal properly anymore (bz1149030) * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149030 - any attempt to debug any program results in *** Failed to find script." https://bugzilla.redhat.com/show_bug.cgi?id=1149030 -------------------------------------------------------------------------------- ================================================================================ x2goclient-4.0.3.1-1.fc20 (FEDORA-2014-16361) X2Go Client application (Qt4) -------------------------------------------------------------------------------- Update Information: Update to 4.0.3.1: - Fix broken X2Go Desktop Sharing (cross-user) - Split-up the session profile dialog's "Settings" tab into two tabs (fixes size issues with session profile dialog on small screens). - Make sound options configurable though session broker. - Danish translation update (THANKS to Mark from fleten.net). -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 1 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.3.1-1 - Update to 4.0.3.1 -------------------------------------------------------------------------------- ================================================================================ zarafa-7.1.11-2.fc20 (FEDORA-2014-16339) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: This update enables reference-counting in clucene09, as required for proper operation of the Qt 5 Assistant, and rebuilds qt5-qttools (for the qt5-assistant subpackage) and zarafa (for the zarafa-search subpackage) against the new clucene09. Additional Qt 4 improvements: * The Qt 4 Assistant now also uses the system clucene09 (which now works fine). * macros.qt4: introduce new `%%qmake_qt4` macro that supports global build flags (including `_hardened_build`) * qt-devel no longer includes some WebKit-related files that do not belong here (because we package qtwebkit separately). -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 25 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 7.1.11-2 - Rebuild for reference-counting-enabled clucene09 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168259 - qt-devel contains some webkit components which probably were not meant to be included https://bugzilla.redhat.com/show_bug.cgi?id=1168259 [ 2 ] Bug #1128293 - System clucene09 should be built with LUCENE_ENABLE_REFCOUNT (crash in clucene when QtCreator indexes the help) https://bugzilla.redhat.com/show_bug.cgi?id=1128293 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
