The following Fedora 21 Security updates need testing: Age URL 36 https://admin.fedoraproject.org/updates/FEDORA-2014-15342/rubygem-actionpack-4.1.5-2.fc21 34 https://admin.fedoraproject.org/updates/FEDORA-2014-15413/rubygem-sprockets-2.12.1-3.fc21 32 https://admin.fedoraproject.org/updates/FEDORA-2014-15570/python-pip-1.5.6-3.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16557/bind-9.9.6-5.P1.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16782/mutt-1.5.23-7.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16823/tcpdump-4.6.2-3.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16880/libhtp-0.5.16-1.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-16967/mpfr-3.1.2-8.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2014-17049/openvas-cli-1.3.1-1.fc21,openvas-manager-5.0.7-1.fc21,openvas-scanner-4.0.5-1.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17090/ettercap-0.8.1-2.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17118/subversion-1.8.11-1.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17126/seamonkey-2.31-1.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17177/python-django-horizon-2014.1.3-2.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17241/php-5.6.4-2.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17259/mingw-jasper-1.900.1-25.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-16292/jasper-1.900.1-29.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17243/mailx-12.5-14.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17278/mediawiki-1.24.1-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17281/unrtf-0.21.7-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-17324/libssh-0.6.4-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-17341/eclipse-jgit-3.5.3-1.fc21,eclipse-egit-3.5.3-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2014-17384/thermostat-1.0.6-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2014-17450/roundcubemail-1.0.4-2.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-17497/glpi-0.84.8-3.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17595/mingw-dbus-1.8.12-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17543/mingw-libjpeg-turbo-1.3.1-4.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17609/mingw-libxml2-2.9.2-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17586/mingw-binutils-2.25-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17576/mingw-openssl-1.0.1j-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17601/mingw-curl-7.39.0-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17550/mingw-freetype-2.5.4-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16645/libinput-0.7.0-2.20141211git58abea394.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16548/tracker-1.2.5-1.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16591/libsoup-2.48.1-1.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16536/device-mapper-multipath-0.4.9-68.fc21.2 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16509/anaconda-21.48.22-1.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2014-16566/libevdev-1.3.2-1.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16899/sqlite-3.8.7.4-1.fc21,spatialite-tools-4.2.0-6.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16905/ppp-2.4.7-6.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2014-16855/perl-Filter-1.51-1.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-16970/libnl3-3.2.25-5.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2014-16967/mpfr-3.1.2-8.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2014-17060/sgml-common-0.6.3-42.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17124/libteam-1.15-1.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17192/ca-certificates-2014.2.2-1.0.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17137/initscripts-9.56.1-6.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17120/crypto-policies-20140905-2.git4649b7d.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17180/dracut-038-32.git20141216.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2014-17105/pungi-3.12-3.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17240/dbus-1.8.12-3.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17271/llvm-3.5.0-5.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17268/hwdata-0.273-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17285/poppler-0.26.2-6.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-17232/upower-0.99.2-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-16630/ibus-1.5.9-8.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2014-16292/jasper-1.900.1-29.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-17342/mutter-3.14.3-1.fc21,gnome-shell-3.14.3-1.fc21,gnome-shell-extensions-3.14.3-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-17371/mesa-10.4.0-4.20141214.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2014-17330/systemd-216-13.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2014-17403/pykickstart-1.99.65-2.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2014-17388/librepo-1.7.11-1.fc21,libhif-0.1.7-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2014-17526/libical-1.0-8.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2014-17610/harfbuzz-0.9.36-1.fc21 The following builds have been pushed to Fedora 21 updates-testing CGAL-4.5.1-1.fc21 bluedevil-2.1-1.fc21 calligra-2.8.7-3.fc21 control-center-3.14.2-2.fc21 dnf-langpacks-0.6.0-1.fc21 drupal7-google_analytics-2.1-1.fc21 drupal7-webform-4.2-1.fc21 flannel-0.2.0-1.fc21 fprobe-ulog-1.2-1.fc21 golang-github-abbot-go-http-auth-0-0.1.gitc0ef453.fc21 golang-github-ghodss-yaml-0-0.2.git4fb5c72.fc21 golang-github-jonboulle-clockwork-0-0.1.git3f831b6.fc21 golang-github-spf13-cobra-0-0.5.gite1e66f7.fc21 google-noto-fonts-20141117-5.fc21 google-roboto-fonts-1.2-8.fc21 harfbuzz-0.9.36-1.fc21 jpegoptim-1.4.2-1.fc21 libbluedevil-2.1-1.fc21 llvm34-3.4.2-5.fc21 mapserver-6.2.2-1.fc21 mariadb-10.0.15-3.fc21 mingw-binutils-2.25-1.fc21 mingw-curl-7.39.0-1.fc21 mingw-dbus-1.8.12-1.fc21 mingw-freetype-2.5.4-1.fc21 mingw-libjpeg-turbo-1.3.1-4.fc21 mingw-libxml2-2.9.2-1.fc21 mingw-openssl-1.0.1j-1.fc21 nodejs-browser-request-0.3.3-1.fc21 nodejs-crc32-stream-0.3.1-1.fc21 nodejs-dtree-0.0.7-1.fc21 nodejs-end-of-stream-1.1.0-1.fc21 nodejs-hash_file-0.1.1-1.fc21 nodejs-minstache-1.2.0-1.fc21 os-prober-1.65-2.fc21 perl-Rose-DB-Object-0.813-1.fc21 phoronix-test-suite-5.4.1-1.fc21 python-cups-1.9.70-1.fc21 python-stem-1.3.0-1.fc21 rubygem-pam-1.5.4-20.fc21 sqlitebrowser-3.4.0-1.fc21 virtme-0.0.2-1.fc21 vtun-3.0.3-11.fc21 Details about builds: ================================================================================ CGAL-4.5.1-1.fc21 (FEDORA-2014-17560) Computational Geometry Algorithms Library -------------------------------------------------------------------------------- Update Information: New upstream release (bug-fix 4.5.1) -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Laurent Rineau <lrineau@xxxxxxxxxxxxxxxxxxxxxxxxxx> - 4.5.1-1 - New upstream release (bug-fix 4.5.1) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176863 - CGAL-4.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1176863 -------------------------------------------------------------------------------- ================================================================================ bluedevil-2.1-1.fc21 (FEDORA-2014-17010) Bluetooth stack for KDE -------------------------------------------------------------------------------- Update Information: New Bluedevil 2.1 stable release, see also: http://davidrosca.blogspot.com/2014/12/bluedevil-21-released.html -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.1-1 - 2.1 * Sun Dec 14 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0.0-2 - pull in upstream fix for systray icon visibility when offline (kde#341768) * Sat Dec 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0.0-1 - 2.0 -------------------------------------------------------------------------------- ================================================================================ calligra-2.8.7-3.fc21 (FEDORA-2014-17585) An integrated office suite -------------------------------------------------------------------------------- Update Information: Make calligra installable without pulling in calligra-kexi unconditionally. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 21 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.8.7-3 - move libcalligradb to -libs, likoreport now depends on it (#1176398) * Wed Dec 10 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.8.7-2 - rebuild (marble) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176398 - calligra-libs requires Kexi https://bugzilla.redhat.com/show_bug.cgi?id=1176398 -------------------------------------------------------------------------------- ================================================================================ control-center-3.14.2-2.fc21 (FEDORA-2014-17606) Utilities to configure the GNOME desktop -------------------------------------------------------------------------------- Update Information: Don't crash when closing fingerprint dialog (#1172352) -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 17 2014 Ondrej Holy <oholy@xxxxxxxxxx> - 1:3.14.2-2 - Don't crash when closing fingerprint dialog (#1172352) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172352 - [abrt] control-center: um_editable_button_set_text(): gnome-control-center killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1172352 -------------------------------------------------------------------------------- ================================================================================ dnf-langpacks-0.6.0-1.fc21 (FEDORA-2014-17611) Langpacks plugin for dnf -------------------------------------------------------------------------------- Update Information: update to 0.6.0 release -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.6.0-1 - update to 0.6.0 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151849 - Output is not clear, unicode warning for some languages. https://bugzilla.redhat.com/show_bug.cgi?id=1151849 [ 2 ] Bug #1151850 - [dnf langinstall] Message for already installed language can be more informative https://bugzilla.redhat.com/show_bug.cgi?id=1151850 -------------------------------------------------------------------------------- ================================================================================ drupal7-google_analytics-2.1-1.fc21 (FEDORA-2014-17568) Adds the Google Analytics web statistics tracking system to your website -------------------------------------------------------------------------------- Update Information: - Updated to 2.1 (BZ #1173033; release notes https://www.drupal.org/node/2384245) -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 24 2014 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.1-1 - Updated to 2.1 (BZ #1173033; release notes https://www.drupal.org/node/2384245) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173033 - drupal7-google_analytics-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1173033 -------------------------------------------------------------------------------- ================================================================================ drupal7-webform-4.2-1.fc21 (FEDORA-2014-17614) Webform is the module for making surveys in Drupal -------------------------------------------------------------------------------- Update Information: - Update to 4.2\r\n- Release notes can be found at https://www.drupal.org/node/2381793 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Peter Borsa <peter.borsa@xxxxxxxxx> 4.2-1 - Update to 4.2 - Release notes can be found at https://www.drupal.org/node/2381793 * Tue Nov 25 2014 Peter Borsa <peter.borsa@xxxxxxxxx> 4.1-1 - Update to 4.1 - Release notes can be found at https://www.drupal.org/node/2351973 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150458 - drupal7-webform-4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150458 -------------------------------------------------------------------------------- ================================================================================ flannel-0.2.0-1.fc21 (FEDORA-2014-17557) Etcd address management agent for overlay networks -------------------------------------------------------------------------------- Update Information: update to upstream v0.2.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxxxxxxxxx> - 0.2.0-1 - update to upstream v0.2.0 - append FLANNEL_OPTIONS variable to unitfile command - systemd-units merged into systemd for fedora18+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176844 - add ${FLANNEL_OPTIONS} to flanneld.service unitfile https://bugzilla.redhat.com/show_bug.cgi?id=1176844 -------------------------------------------------------------------------------- ================================================================================ fprobe-ulog-1.2-1.fc21 (FEDORA-2014-17597) NetFlow probe -------------------------------------------------------------------------------- Update Information: Update to 1.2 - Uses libnetfilter_log_libipulog compatibility library to work with NFLOG iptables target. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 1.2-1 - Update to 1.2 (fixes bug #1172032) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172032 - Unable to create netlink socket https://bugzilla.redhat.com/show_bug.cgi?id=1172032 -------------------------------------------------------------------------------- ================================================================================ golang-github-abbot-go-http-auth-0-0.1.gitc0ef453.fc21 (FEDORA-2014-17613) Basic and Digest HTTP Authentication for golang http -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1175673 - Review Request: golang-github-abbot-go-http-auth - Basic and Digest HTTP Authentication for golang http https://bugzilla.redhat.com/show_bug.cgi?id=1175673 -------------------------------------------------------------------------------- ================================================================================ golang-github-ghodss-yaml-0-0.2.git4fb5c72.fc21 (FEDORA-2014-17604) A better way to marshal and unmarshal YAML in Golang -------------------------------------------------------------------------------- Update Information: Bump to 4fb5c728a37b361a1e971a3bb3d785fcc96b6ef5 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 24 2014 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.git92ff9d3 - Bump to 4fb5c728a37b361a1e971a3bb3d785fcc96b6ef5 related: #1172603 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172603 - Review Request: golang-github-ghodss-yaml - A better way to marshal and unmarshal YAML in Golang https://bugzilla.redhat.com/show_bug.cgi?id=1172603 -------------------------------------------------------------------------------- ================================================================================ golang-github-jonboulle-clockwork-0-0.1.git3f831b6.fc21 (FEDORA-2014-17564) A fake clock for golang -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1175771 - Review Request: golang-github-jonboulle-clockwork - A fake clock for golang https://bugzilla.redhat.com/show_bug.cgi?id=1175771 -------------------------------------------------------------------------------- ================================================================================ golang-github-spf13-cobra-0-0.5.gite1e66f7.fc21 (FEDORA-2014-17553) A Commander for modern go CLI interactions -------------------------------------------------------------------------------- Update Information: Bump to e1e66f7b4e667751cf530ddb6e72b79d6eeb0235 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 24 2014 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.5.gitb1e90a7 - Bump to e1e66f7b4e667751cf530ddb6e72b79d6eeb0235 related: #1085881 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085881 - Review Request: golang-github-spf13-cobra - A Commander for modern go CLI interactions https://bugzilla.redhat.com/show_bug.cgi?id=1085881 -------------------------------------------------------------------------------- ================================================================================ google-noto-fonts-20141117-5.fc21 (FEDORA-2014-17592) Hinted and Non Hinted OpenType fonts for Unicode scripts -------------------------------------------------------------------------------- Update Information: - update to latest git (aae16d0cd626)\r\n- package Chinese, Japanese, Korean, and CJK fonts\r\n- new Thaana font\r\n- fonts subpackages now created with a macro and for-loop\r\n- rename hanunno to hanunoo, linearb to linear-b, and meeteimayek to meetei-mayek\r\n- generate the appinfo metainfo for the subpackages\r\n- add common subpackage\r\n -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 15 2014 Jens Petersen <petersen@xxxxxxxxxx> - 20141117-5 - improve generated font subpackage descriptions - it is Hanunoo not Hanuno! - specify font filenames more precisely * Mon Dec 15 2014 Jens Petersen <petersen@xxxxxxxxxx> - 20141117-4 - add obsoletes to cover the change of package names for Hanuno, Linear B, and Meetei Mayek * Tue Dec 2 2014 Jens Petersen <petersen@xxxxxxxxxx> - 20141117-3 - create the fonts subpackages with a macro * Fri Nov 21 2014 Jens Petersen <petersen@xxxxxxxxxx> - 20141117-2 - move cjk fonts fontconfig priority from 65-0 to 66 - generate the appinfo metainfo for the subpackages - use a single for-loop to install the font config and appdata files - move parent appinfo metainfo to common (Parag Nemade) * Thu Nov 20 2014 Jens Petersen <petersen@xxxxxxxxxx> - 20141117-1 - update to latest git (aae16d0cd626) - package Japanese, Korean, and CJK fonts - add Thaana font - add common subpackage for license and doc files - order spec subpackages lexically * Wed Nov 19 2014 Peng Wu <pwu@xxxxxxxxxx> - 20141001-5 - Rename Chinese sub-packages * Wed Nov 12 2014 Peng Wu <pwu@xxxxxxxxxx> - 20141001-4 - Add Chinese fonts -------------------------------------------------------------------------------- ================================================================================ google-roboto-fonts-1.2-8.fc21 (FEDORA-2014-17572) Google Roboto fonts -------------------------------------------------------------------------------- Update Information: Fix placement of fontconfig .conf files.\nUpdate to what is presumably the latest release -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 David Tardon <dtardon@xxxxxxxxxx> - 1.2-8 - revert the previous "update" - Resolves: rhbz#1174935 fix font metadata * Tue Dec 23 2014 David Tardon <dtardon@xxxxxxxxxx> - 1.2-7 - drop obsolete requires * Wed Dec 17 2014 David Tardon <dtardon@xxxxxxxxxx> - 1.2-6 - Resolves: rhbz#1174935 update to what is presumably the latest release of the font -------------------------------------------------------------------------------- References: [ 1 ] Bug #1174935 - Roboto Black and Roboto Condensed have bad metadata which results in misrendered web pages (among other things) https://bugzilla.redhat.com/show_bug.cgi?id=1174935 -------------------------------------------------------------------------------- ================================================================================ harfbuzz-0.9.36-1.fc21 (FEDORA-2014-17610) Text shaping library -------------------------------------------------------------------------------- Update Information: Update to 0.9.36 upstream release. http://cgit.freedesktop.org/harfbuzz/plain/NEWS?id=0.9.36 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 25 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.9.36-1 - Update to 0.9.36 upstream release -------------------------------------------------------------------------------- ================================================================================ jpegoptim-1.4.2-1.fc21 (FEDORA-2014-17547) Utility to optimize JPEG files -------------------------------------------------------------------------------- Update Information: Update to version 1.4.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Denis Fateyev <denis@xxxxxxxxxxx> - 1.4.2-1 - Update to version 1.4.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176901 - jpegoptim-1.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1176901 -------------------------------------------------------------------------------- ================================================================================ libbluedevil-2.1-1.fc21 (FEDORA-2014-17010) A Qt wrapper for bluez -------------------------------------------------------------------------------- Update Information: New Bluedevil 2.1 stable release, see also: http://davidrosca.blogspot.com/2014/12/bluedevil-21-released.html -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.1-1 - 2.1 * Sat Dec 13 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.0-1 - 2.0 -------------------------------------------------------------------------------- ================================================================================ llvm34-3.4.2-5.fc21 (FEDORA-2014-17571) The Low Level Virtual Machine -------------------------------------------------------------------------------- Update Information: LLVM 3.4 is needed by ghc on ARMv7, since llvm was updated to 3.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161014 - Review Request: llvm34 - The Low Level Virtual Machine https://bugzilla.redhat.com/show_bug.cgi?id=1161014 -------------------------------------------------------------------------------- ================================================================================ mapserver-6.2.2-1.fc21 (FEDORA-2014-17567) Environment for building spatially-enabled internet applications -------------------------------------------------------------------------------- Update Information: Update to latest 6.2 release -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Pavel Lisý <pali@xxxxxxxxxxxxxxxxx> - 6.2.2-1 - Update to latest 6.2 release - BZ 1048689 - CVE-2013-7262 mapserver: SQL injections with postgis TIME filters - BZ 747409 - MapServer uses internal AGG and does not depend on agg-devel * Tue Aug 26 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 6.2.1-10 - Perl 5.20 rebuild - Regenerated the wrapper to work with new Perl -------------------------------------------------------------------------------- References: [ 1 ] Bug #1048689 - CVE-2013-7262 mapserver: SQL injections with postgis TIME filters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1048689 [ 2 ] Bug #747409 - Port from ELGIS: Simplfy spec https://bugzilla.redhat.com/show_bug.cgi?id=747409 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.0.15-3.fc21 (FEDORA-2014-17347) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: This is an update that fixes all issues described at https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-10015-changelog/ and also fixes pip install MySQL-python and other packages build against mariadb-devel.\r\nThis update has also fixed configuration file. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 22 2014 Honza Horak <hhorak@xxxxxxxxxx> - 1:10.0.15-3 - Revert removing compat files, will do for F22 * Fri Dec 5 2014 Honza Horak <hhorak@xxxxxxxxxx> - 1:10.0.15-2 - Rework usage of macros and remove some compatibility artefacts * Thu Nov 27 2014 Jakub Dorňák <jdornak@xxxxxxxxxx> - 1:10.0.15-1 - Update to 10.0.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173702 - Can't pip install MySQL-python https://bugzilla.redhat.com/show_bug.cgi?id=1173702 [ 2 ] Bug #1176094 - /etc/my.cnf config pb with mariadb-config-10.0.15-2.fc21.x86_64.rpm https://bugzilla.redhat.com/show_bug.cgi?id=1176094 -------------------------------------------------------------------------------- ================================================================================ mingw-binutils-2.25-1.fc21 (FEDORA-2014-17586) Cross-compiled version of binutils for Win32 and Win64 environments -------------------------------------------------------------------------------- Update Information: Fix various CVE's -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.25-1 - Update to 2.25 * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.24-5 - Fix CVE-2014-8501 (RHBZ #1162578 #1162583) - Fix CVE-2014-8502 (RHBZ #1162602) - Fix CVE-2014-8503 (RHBZ #1162612) - Fix CVE-2014-8504 (RHBZ #1162626) - Fix CVE-2014-8737 (RHBZ #1162660) - Fix CVE-2014-8738 (RHBZ #1162673) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162578 - CVE-2014-8501 mingw-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162578 [ 2 ] Bug #1162602 - CVE-2014-8502 mingw-binutils: binutils: heap overflow in objdump [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162602 [ 3 ] Bug #1162612 - CVE-2014-8503 mingw-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162612 [ 4 ] Bug #1162626 - CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162626 [ 5 ] Bug #1162660 - mingw-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162660 [ 6 ] Bug #1162673 - mingw-binutils: binutils: out of bounds memory write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162673 -------------------------------------------------------------------------------- ================================================================================ mingw-curl-7.39.0-1.fc21 (FEDORA-2014-17601) MinGW Windows port of curl and libcurl -------------------------------------------------------------------------------- Update Information: * Update to 7.39.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 7.39.0-1 - Update to 7.39.0 - Fixes CVE-2014-3707 (RHBZ #1160724) - Fixes CVE-2014-3620 CVE-2014-3613 (RHBZ #1140037) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1160724 - CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1160724 [ 2 ] Bug #1140037 - CVE-2014-3620 CVE-2014-3613 mingw-curl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1140037 -------------------------------------------------------------------------------- ================================================================================ mingw-dbus-1.8.12-1.fc21 (FEDORA-2014-17595) MinGW Windows port of D-Bus -------------------------------------------------------------------------------- Update Information: * Update to 1.8.12\\r\\n* Fixes various CVE's -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.8.12-1 - Update to 1.8.12 * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.6.28-1 - Update to 1.6.28 - Fixes CVE-2014-7824 (RHBZ #1173557) - Fixes CVE-2014-3638 CVE-2014-3639 CVE-2014-3636 CVE-2014-3637 and CVE-2014-3635 (RHBZ #1142582) - Fixes CVE-2014-3477 (RHBZ #1117395) - Fixes CVE-2014-3533 CVE-2014-3532 (RHBZ #1115637) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173557 - CVE-2014-7824 mingw-dbus: dbus: local denial of service via incomplete fix for CVE-2014-3636 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1173557 [ 2 ] Bug #1142582 - CVE-2014-3638 CVE-2014-3639 CVE-2014-3636 CVE-2014-3637 CVE-2014-3635 mingw-dbus: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1142582 [ 3 ] Bug #1115637 - CVE-2014-3533 CVE-2014-3532 mingw-dbus: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1115637 [ 4 ] Bug #1117395 - CVE-2014-3477 mingw-dbus: dbus: denial of service flaw in dbus-daemon [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1117395 -------------------------------------------------------------------------------- ================================================================================ mingw-freetype-2.5.4-1.fc21 (FEDORA-2014-17550) Free and portable font rendering engine -------------------------------------------------------------------------------- Update Information: * Update to 2.5.4\r\n* Updated subpixel rendering patch to 2.5.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.5.4-1 - Update to 2.5.4 - Fixes RHBZ #1172635 * Thu Jul 10 2014 Nicola Fontana <ntd@xxxxxxxxx> - 2.5.3-3 - Update subpixel rendering patch to 2.5.3 (RHBZ #1118276) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172635 - mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240). [fedora-20] https://bugzilla.redhat.com/show_bug.cgi?id=1172635 [ 2 ] Bug #1118276 - Subpixel rendering patch invalid https://bugzilla.redhat.com/show_bug.cgi?id=1118276 -------------------------------------------------------------------------------- ================================================================================ mingw-libjpeg-turbo-1.3.1-4.fc21 (FEDORA-2014-17543) MinGW Windows Libjpeg-turbo library -------------------------------------------------------------------------------- Update Information: Fix CVE-2014-9092 -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 22 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.3.1-4 - Fix CVE-2014-9092 (RHBZ #1169851 #1169853) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1169851 - CVE-2014-9092 mingw-libjpeg-turbo: libjpeg-turbo: denial of service via specially-crafted JPEG file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169851 -------------------------------------------------------------------------------- ================================================================================ mingw-libxml2-2.9.2-1.fc21 (FEDORA-2014-17609) MinGW Windows libxml2 XML processing library -------------------------------------------------------------------------------- Update Information: Update to libxml2 2.9.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.9.2-1 - Update to 2.9.2 - Avoid corrupting the xml catalogs - Fix CVE-2014-0191 (RHBZ #1107557) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1107557 - CVE-2014-0191 mingw-libxml2: libxml2: external parameter entity loaded when entity substitution is disabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1107557 -------------------------------------------------------------------------------- ================================================================================ mingw-openssl-1.0.1j-1.fc21 (FEDORA-2014-17576) MinGW port of the OpenSSL toolkit -------------------------------------------------------------------------------- Update Information: * Synced with native openssl-1.0.1j-3.fc22\r\n* Add support for RFC 5649\r\n* Prevent compiler warning "Please include winsock2.h before windows.h" when using the OpenSSL headers\r\n* Fixes various CVE's -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 22 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.0.1j-1 - Synced with native openssl-1.0.1j-3.fc22 - Add support for RFC 5649 - Prevent compiler warning "Please include winsock2.h before windows.h" when using the OpenSSL headers - Fixes various CVE's (RHBZ #1127889 #1127709 #1152851) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1152851 - CVE-2014-3566 mingw-openssl: openssl: Padding Oracle On Downgraded Legacy Encryption attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1152851 [ 2 ] Bug #1127705 - CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1127705 [ 3 ] Bug #1096234 - CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470 mingw-openssl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1096234 -------------------------------------------------------------------------------- ================================================================================ nodejs-browser-request-0.3.3-1.fc21 (FEDORA-2014-17599) Browser port of the Node.js 'request' package -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173387 - Review Request: nodejs-browser-request - Browser port of the Node.js 'request' package https://bugzilla.redhat.com/show_bug.cgi?id=1173387 -------------------------------------------------------------------------------- ================================================================================ nodejs-crc32-stream-0.3.1-1.fc21 (FEDORA-2014-17556) A streaming CRC32 checksumer -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176887 - Review Request: nodejs-crc32-stream - A streaming CRC32 checksumer https://bugzilla.redhat.com/show_bug.cgi?id=1176887 -------------------------------------------------------------------------------- ================================================================================ nodejs-dtree-0.0.7-1.fc21 (FEDORA-2014-17569) Command-line tool to view the dependency tree of any single js file -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1171750 - Review Request: nodejs-dtree - Command-line tool to view the dependency tree of any single js file https://bugzilla.redhat.com/show_bug.cgi?id=1171750 -------------------------------------------------------------------------------- ================================================================================ nodejs-end-of-stream-1.1.0-1.fc21 (FEDORA-2014-17546) Call a callback when a readable/writable/duplex stream has completed or failed -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176809 - Review Request: nodejs-end-of-stream - Call a callback when a readable/writable/duplex stream has completed or failed https://bugzilla.redhat.com/show_bug.cgi?id=1176809 -------------------------------------------------------------------------------- ================================================================================ nodejs-hash_file-0.1.1-1.fc21 (FEDORA-2014-17581) A simple utility for getting a hash of a file -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176880 - Review Request: nodejs-hash_file - A simple utility for getting a hash of a file https://bugzilla.redhat.com/show_bug.cgi?id=1176880 -------------------------------------------------------------------------------- ================================================================================ nodejs-minstache-1.2.0-1.fc21 (FEDORA-2014-17577) Mini mustache template engine -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173206 - Review Request: nodejs-minstache - Mini mustache template engine https://bugzilla.redhat.com/show_bug.cgi?id=1173206 -------------------------------------------------------------------------------- ================================================================================ os-prober-1.65-2.fc21 (FEDORA-2014-17566) Probes disks on the system for installed operating systems -------------------------------------------------------------------------------- Update Information: Fixes the referenced bug, so that Windows version is correctly determined. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Hedayat Vatankhah <hedayat.fwd+rpmchlog@xxxxxxxxx> - 1.65-2 - Fix using grep for searching binary files, fixes #1172405. Thanks Paul Eggert for initial patch fixing grep usage in 83haiku * Sun Dec 7 2014 Hedayat Vatankhah <hedayat.fwd+rpmchlog@xxxxxxxxx> - 1.65-1 - Using latest upstream version tarball to be consistent with upstream versioning -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172405 - grub2-mkconfig misidentifies windows partition as Vista https://bugzilla.redhat.com/show_bug.cgi?id=1172405 -------------------------------------------------------------------------------- ================================================================================ perl-Rose-DB-Object-0.813-1.fc21 (FEDORA-2014-17565) Extensible, high performance object-relational mapper (ORM) -------------------------------------------------------------------------------- Update Information: Update to version 0.813, several bug and documentation fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Bill Pemberton <wfp5p@xxxxxxxxxxxxxxx> - 0.813-1 - Update to version 0.813 - This version has several bug and documentation fixes. * Mon Sep 1 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.811-3 - Perl 5.20 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163291 - perl-Rose-DB-Object-0.813 is available https://bugzilla.redhat.com/show_bug.cgi?id=1163291 -------------------------------------------------------------------------------- ================================================================================ phoronix-test-suite-5.4.1-1.fc21 (FEDORA-2014-17582) An Automated, Open-Source Testing Framework -------------------------------------------------------------------------------- Update Information: Update to new upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 24 2014 Markus Mayer <lotharlutz@xxxxxx> 5.4.1-1 - new upstream release * Thu Oct 2 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.2.1-2 - update mime scriptlets -------------------------------------------------------------------------------- ================================================================================ python-cups-1.9.70-1.fc21 (FEDORA-2014-16280) Python bindings for CUPS -------------------------------------------------------------------------------- Update Information: Latest version, and a bug-fix preventing a NULL dereference when collecting the result from a password callback. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Tim Waugh <twaugh@xxxxxxxxxx> - 1.9.70-1 - 1.9.70. * Sat Dec 13 2014 Tim Waugh <twaugh@xxxxxxxxxx> - 1.9.69-2 - Fixed password_callback so it obtains UTF-8 password correctly (bug #1155469). * Thu Dec 4 2014 Tim Waugh <twaugh@xxxxxxxxxx> - 1.9.69-1 - 1.9.69. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155469 - [abrt] python3: strlen(): python3.4 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1155469 -------------------------------------------------------------------------------- ================================================================================ python-stem-1.3.0-1.fc21 (FEDORA-2014-17588) Python controller library for Tor -------------------------------------------------------------------------------- Update Information: Version 1.3.0 and add documentation in text format -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Juan Orti Alcaine <jorti@xxxxxxxxxxxxxxxxx> - 1.3.0-1 - Version 1.3.0 - Add documentation in text format -------------------------------------------------------------------------------- ================================================================================ rubygem-pam-1.5.4-20.fc21 (FEDORA-2014-17554) Ruby bindings for pam -------------------------------------------------------------------------------- Update Information: Current rubygem-pam package on F-21 does not install some needed file, which makes every ruby software using gem non-functional when rubygem-pam is installed.\r\n\r\nThis new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.4-20 - Install gem.build_complete on F-21+ (bug 1176450) - Fix directory ownership for extension files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176450 - rubygem-pam does not install gem.build_complete file https://bugzilla.redhat.com/show_bug.cgi?id=1176450 -------------------------------------------------------------------------------- ================================================================================ sqlitebrowser-3.4.0-1.fc21 (FEDORA-2014-17602) Create, design, and edit SQLite database files -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173375 - Review Request: sqlitebrowser - Create, design, and edit SQLite database files https://bugzilla.redhat.com/show_bug.cgi?id=1173375 -------------------------------------------------------------------------------- ================================================================================ virtme-0.0.2-1.fc21 (FEDORA-2014-17544) Virtualize the running distro or a simple rootfs -------------------------------------------------------------------------------- Update Information: New upstream version. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Andy Lutomirski <luto@xxxxxxx> - 0.0.2-1 - New upstream version. -------------------------------------------------------------------------------- ================================================================================ vtun-3.0.3-11.fc21 (FEDORA-2014-17549) Virtual tunnel over TCP/IP networks -------------------------------------------------------------------------------- Update Information: enhanced service file (remove "KillMode", use default "cgroup" mode) -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 23 2014 Gabriel Somlo <somlo at cmu.edu> 3.0.3-11 - enhanced service file (remove "KillMode", use default "cgroup" mode) -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
