Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
  79  https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
  32  https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20
  31  https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20
  17  https://admin.fedoraproject.org/updates/FEDORA-2014-16250/cpio-2.11-28.fc20
  16  https://admin.fedoraproject.org/updates/FEDORA-2014-16357/pyxdg-0.25-5.fc20
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-16459/gpgme-1.3.2-5.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16572/links-2.8-4.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16626/qemu-1.6.2-12.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16494/mutt-1.5.23-4.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16869/docker-io-1.4.0-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16854/freetype-2.5.0-7.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16932/libhtp-0.5.6-2.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16838/rpm-4.11.3-2.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-16964/mpfr-3.1.2-5.fc20
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-17067/denyhosts-2.6-29.fc20.1
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17107/ettercap-0.8.1-2.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-16530/nss-util-3.17.3-1.fc20,nss-3.17.3-2.fc20,nss-softokn-3.17.3-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17219/seamonkey-2.31-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17222/subversion-1.8.11-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-27.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17245/mailx-12.5-11.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17228/mediawiki-1.23.8-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17229/php-5.5.20-2.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17272/ca-certificates-2014.2.2-1.0.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17274/mingw-jasper-1.900.1-25.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17303/libssh-0.6.4-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17415/thermostat-1.0.6-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17461/roundcubemail-1.0.4-2.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-16810/ppp-2.4.5-35.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-16530/nss-util-3.17.3-1.fc20,nss-3.17.3-2.fc20,nss-softokn-3.17.3-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-17287/btrfs-progs-3.17.3-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-16705/ibus-1.5.9-8.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-27.fc20


The following builds have been pushed to Fedora 20 updates-testing

    4Pane-3.0-5.fc20
    aeskulap-0.2.2-0.20beta1.fc20
    dcmtk-3.6.1-1.fc20
    git-review-1.24-3.fc20
    mdds-0.11.2-1.fc20
    musique-1.4-1.fc20
    nemo-2.4.4-2.fc20
    orthanc-0.8.5-2.fc20
    owncloud-7.0.4-2.fc20
    php-google-apiclient-1.0.6-0.3.beta.fc20
    phpMyAdmin-4.3.3-1.fc20
    python-tilestache-1.49.11-3.fc20
    roundcubemail-1.0.4-2.fc20
    rubygem-domain_name-0.5.23-1.fc20
    scidavis-1.D8-6.fc20
    subsurface-4.3-1.fc20
    waffle-1.5.0-1.fc20

Details about builds:


================================================================================
 4Pane-3.0-5.fc20 (FEDORA-2014-17438)
 Multi-pane, detailed-list file manager
--------------------------------------------------------------------------------
Update Information:

Include man page
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 21 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.0-5
- Add man page, appdata (on F-21+)
--------------------------------------------------------------------------------


================================================================================
 aeskulap-0.2.2-0.20beta1.fc20 (FEDORA-2014-17089)
 A full open source replacement for commercially available DICOM viewers
--------------------------------------------------------------------------------
Update Information:

This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 16 2014 Mario Ceresa <mrceresa AT fedoraproject DOT org> - 0.2.2-0.20beta1
- Bump up for dcmtk rebuild
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2-0.19beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2-0.18beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------


================================================================================
 dcmtk-3.6.1-1.fc20 (FEDORA-2014-17089)
 Offis DICOM Toolkit (DCMTK)
--------------------------------------------------------------------------------
Update Information:

This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 15 2014 Mario Ceresa <mrceresa AT fedoraproject DOT org> - 3.6.1-1
- Upgraded to new upstream version.
- Various fixes to the specfile
- Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.6.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.6.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------


================================================================================
 git-review-1.24-3.fc20 (FEDORA-2014-17459)
 A Git helper for integration with Gerrit
--------------------------------------------------------------------------------
Update Information:

This update corrects an unreadable manpage.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 11 2014 Pete Zaitcev <zaitcev@xxxxxxxxxx> - 1.24-3
- Fix up the man page (#1170410)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1170410 - git-review's man page needs help
        https://bugzilla.redhat.com/show_bug.cgi?id=1170410
--------------------------------------------------------------------------------


================================================================================
 mdds-0.11.2-1.fc20 (FEDORA-2014-17447)
 A collection of multi-dimensional data structures and indexing algorithms
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 21 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.11.2-1
- new upstream release
--------------------------------------------------------------------------------


================================================================================
 musique-1.4-1.fc20 (FEDORA-2014-17446)
 A music player designed by and for people that love music
--------------------------------------------------------------------------------
Update Information:

Updated to new upstream version 1.4
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Germán A. Racca <skytux@xxxxxxxxxxxxxxxxx> - 1.4-1
- Updated to new upstream version 1.4
- Re-created patch to use system qtsingleapplication
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Aug 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3-3
- rebuild (qt/phonon)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 nemo-2.4.4-2.fc20 (FEDORA-2014-17434)
 File manager for Cinnamon
--------------------------------------------------------------------------------
Update Information:

- add patch to fix nemo desktop font colour\r\n- raise thunbnail file size limit
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 21 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.4.4-2
- add patch to fix nemo desktop font colour
- raise thunbnail file size limit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1176370 - "Adwaita" default gtk-theme results in incorrect title bar and desktop icon text colors
        https://bugzilla.redhat.com/show_bug.cgi?id=1176370
--------------------------------------------------------------------------------


================================================================================
 orthanc-0.8.5-2.fc20 (FEDORA-2014-17089)
 RESTful DICOM server for healthcare and medical research
--------------------------------------------------------------------------------
Update Information:

This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 16 2014 Mario Ceresa <mrceresa@xxxxxxxxx> 0.8.5-2
- Rebuild for dcmtk update
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------


================================================================================
 owncloud-7.0.4-2.fc20 (FEDORA-2014-17441)
 Private file sync and share server
--------------------------------------------------------------------------------
Update Information:

This update backports ownCloud support for v1.x of the Google API PHP library (plus some associated bug fixes) from upstream (it will be a part of the 8.x upstream release series), and drops ownCloud's bundled copy of the 0.6 version of the library. The update to the library package itself is a minor one which simply provides a new dependency according to the packaging guidelines.\r\n\r\nThe 0.6 version of the library is deprecated and has been for some time, and bundling is to be avoided when possible. There are many bug fixes in v1.x of the library compared to 0.6, and combined with the bug fixes to ownCloud's integration code, this update should substantially improve the experience of using Google Drive as an external storage provider with the Fedora ownCloud packages.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 7.0.4-2
- backport upstream support for google PHP lib 1.x and unbundle it
* Tue Dec  9 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 7.0.4-1
- new release 7.0.4
--------------------------------------------------------------------------------


================================================================================
 php-google-apiclient-1.0.6-0.3.beta.fc20 (FEDORA-2014-17441)
 Client library for Google APIs
--------------------------------------------------------------------------------
Update Information:

This update backports ownCloud support for v1.x of the Google API PHP library (plus some associated bug fixes) from upstream (it will be a part of the 8.x upstream release series), and drops ownCloud's bundled copy of the 0.6 version of the library. The update to the library package itself is a minor one which simply provides a new dependency according to the packaging guidelines.\r\n\r\nThe 0.6 version of the library is deprecated and has been for some time, and bundling is to be avoided when possible. There are many bug fixes in v1.x of the library compared to 0.6, and combined with the bug fixes to ownCloud's integration code, this update should substantially improve the experience of using Google Drive as an external storage provider with the Fedora ownCloud packages.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.0.6-0.3.beta
- use new ASL 2.0 directory
- add Packagist/Composer provide
* Fri Nov  7 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.0.6-0.2.beta
- apply CA trust store path substitution to Curl as well as Stream
* Fri Nov  7 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.0.6-0.1.beta
- new upstream release 1.0.6-beta
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.3-0.3.beta
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-4.3.3-1.fc20 (FEDORA-2014-17440)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 4.3.3.0 (2014-12-21)\r\n===============================\r\n\r\n  - The "Recently used tables" setting should be with Nav panel\r\n  - Can't disable Favorites\r\n  - Version Check Broken\r\n  - AJAX request infinite loop\r\n  - Attributes field size smaller than others\r\n  - Cannot remove table ordering on a Mac\r\n  - Fix initial replication configuration\r\n  - Undefined index central_columnswork\r\n  - Don't have default blowfish_secret\r\n  - Some error popups fade away too quickly\r\n  - Consistency in borders\r\n  - $cfg['Error_Handler']['display'] no longer necessary\r\n  - Leading and trailing whitespace in column name
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 21 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 4.3.3-1
- Upgrade to 4.3.3
* Fri Dec 12 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 4.3.2-1
- Upgrade to 4.3.2
* Thu Dec 11 2014 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 4.3.1-2
- Use %{pkgname} rather %{name} in %post scriptlet (#1173189)
--------------------------------------------------------------------------------


================================================================================
 python-tilestache-1.49.11-3.fc20 (FEDORA-2014-17433)
 A stylish alternative for caching your map tiles
--------------------------------------------------------------------------------
Update Information:

New package python-tilestache
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1147356 - Review Request: python-tilestache - A stylish alternative for caching your map tiles
        https://bugzilla.redhat.com/show_bug.cgi?id=1147356
--------------------------------------------------------------------------------


================================================================================
 roundcubemail-1.0.4-2.fc20 (FEDORA-2014-17461)
 Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:

This update provides Roundcube 1.0.4. This is a stable security update: the security fix is described by upstream as "Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins." More details on the update are available at http://roundcube.net/news/2014/12/18/update-1.0.4-released/ . The update should apply without any special handling by the system administrator.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.0.4-2
- drop tinymce bbcode plugin for safety (CVE-2012-4230)
* Sat Dec 20 2014 Adam Williamson <awilliam@xxxxxxxxxx> - 1.0.4-1
- new release 1.0.4 (security update)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1091438 - CVE-2012-4230 tinymce: XSS attacks via security policy bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1091438
--------------------------------------------------------------------------------


================================================================================
 rubygem-domain_name-0.5.23-1.fc20 (FEDORA-2014-17464)
 Domain Name manipulation library for Ruby
--------------------------------------------------------------------------------
Update Information:

New version 0.5.23 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 21 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.23-1
- 0.5.23
--------------------------------------------------------------------------------


================================================================================
 scidavis-1.D8-6.fc20 (FEDORA-2014-17460)
 Application for Scientific Data Analysis and Visualization
--------------------------------------------------------------------------------
Update Information:

Add scidavis to Fedora, added find_lang macro missing in release 5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1127636 - Review Request: scidavis - Application for Scientific Data Analysis and Visualization
        https://bugzilla.redhat.com/show_bug.cgi?id=1127636
--------------------------------------------------------------------------------


================================================================================
 subsurface-4.3-1.fc20 (FEDORA-2014-17437)
 A feature-full divelog in Qt
--------------------------------------------------------------------------------
Update Information:

Updates subsurface to 4.3
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 4.3
- Update to 4.3
--------------------------------------------------------------------------------


================================================================================
 waffle-1.5.0-1.fc20 (FEDORA-2014-17451)
 Platform independent GL API layer
--------------------------------------------------------------------------------
Update Information:

1.5.0 release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 16 2014 Dave Airlie <airlied@xxxxxxxxxx> 1.5.0-1
- 1.5.0 release
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux