The following Fedora 21 Security updates need testing: Age URL 73 https://admin.fedoraproject.org/updates/FEDORA-2014-15342/rubygem-actionpack-4.1.5-2.fc21 72 https://admin.fedoraproject.org/updates/FEDORA-2014-15413/rubygem-sprockets-2.12.1-3.fc21 50 https://admin.fedoraproject.org/updates/FEDORA-2014-16782/mutt-1.5.23-7.fc21 49 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21 44 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21 40 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21 37 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21 35 https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.20140929b.fc21 24 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21 19 https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2-1.fc21 17 https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21 14 https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2015-0938/android-tools-20141219git8393e50-2.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2015-1023/dump-0.4-0.24.b44.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1066/seamonkey-2.32-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1058/php-5.6.5-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1068/mingw-jasper-1.900.1-26.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-30.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1129/qpid-cpp-0.30-7.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1161/puppetlabs-stdlib-4.5.1-1.20150121git7a91f20.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-1225/privoxy-3.0.23-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1419/mantis-1.2.19-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1465/websvn-2.3.3-8.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1198/maradns-2.0.11-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1505/kernel-3.18.5-200.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1091/perl-Filter-1.54-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1079/perl-Encode-2.68-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1087/network-manager-applet-0.9.10.1-2.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1152/imlib2-1.4.6-3.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-30.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-1254/rygel-0.24.3-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1297/polkit-0.112-7.fc21.1 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1456/perl-Getopt-Long-2.43-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1454/perl-Pod-Simple-3.29-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1436/koji-1.9.0-10.fc21.gitcd45e886 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1407/cairo-1.14.0-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1507/nspr-4.10.8-1.fc21,nss-util-3.17.4-1.fc21,nss-softokn-3.17.4-1.fc21,nss-3.17.4-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1504/lvm2-2.02.116-3.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1480/libgpg-error-1.17-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1509/selinux-policy-3.13.1-105.1.fc21 The following builds have been pushed to Fedora 21 updates-testing biblesync-1.1.2-1.fc21 coin-or-Ipopt-3.12.0-1.fc21 dovecot-2.2.15-2.fc21 doxygen-1.8.9.1-1.fc21 freeradius-client-1.1.7-3.fc21 gap-pkg-atlasrep-1.5.0-2.fc21 gap-pkg-browse-1.8.6-2.fc21 gap-pkg-ctbllib-1.2.2-3.fc21 gap-pkg-io-4.4.4-1.fc21 gap-pkg-sonata-2.6-4.fc21 gap-pkg-spinsym-1.5-1.fc21 gap-pkg-tomlib-1.2.5-3.fc21 glite-px-proxyrenewal-1.3.36-2.fc21 iotop-0.6-5.fc21 isdn4k-utils-3.2-99.fc21 kernel-3.18.5-200.fc21 libgpg-error-1.17-2.fc21 lvm2-2.02.116-3.fc21 maradns-2.0.11-1.fc21 mingw-gnutls-3.3.12-1.fc21 nodejs-dependency-lister-1.0.2-1.fc21 nodejs-read-all-stream-1.0.2-1.fc21 nspr-4.10.8-1.fc21 nss-3.17.4-1.fc21 nss-softokn-3.17.4-1.fc21 nss-util-3.17.4-1.fc21 oath-toolkit-2.4.1-9.fc21 pcsc-tools-1.4.23-1.fc21 php-aws-sdk-2.7.17-1.fc21 pigz-2.3.3-1.fc21 pulseaudio-equalizer-2.7-14.fc21 python-mwlib-0.15.14-1.fc21 python-tbgrep-0.3.0-1.fc21 rubygem-rmagick-2.13.4-2.fc21 schroot-1.6.5-8.fc21 selinux-policy-3.13.1-105.1.fc21 subtitleeditor-0.41.0-5.fc21 tcpcrypt-0.4-0.3.bb990b1b.fc21 torbrowser-launcher-0.1.9-1.fc21 vagrant-lxc-1.1.0-6.fc21 Details about builds: ================================================================================ biblesync-1.1.2-1.fc21 (FEDORA-2015-1482) A Cross-platform library for sharing Bible navigation -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 9 2014 Greg Hellings <greg.hellings@xxxxxxxxx> - 1.1.2-1 - New upstream version - API incompatible with 1.0 series -------------------------------------------------------------------------------- ================================================================================ coin-or-Ipopt-3.12.0-1.fc21 (FEDORA-2015-1491) Interior Point OPTimizer -------------------------------------------------------------------------------- Update Information: - **Update to 3.12.0** Correct aarch64 build (#1185848) - **Fix libraries's symlinks (bz#1152812)** - **Update to 3.11.10** - **Fix libraries's symlinks (bz#1152812)** - **Update to 3.11.10** -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 27 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.12.0-1 - Update to 3.12.0 (bz#1152812) * Mon Jan 26 2015 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 3.11.10-3 - Correct aarch64 build (#1185848) * Fri Jan 23 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-2 - Fix libraries's symlinks (bz#1152812) * Mon Jan 19 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-1 - Update to 3.11.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185848 - package fails to build on aarch64 due to very old config.{guess,sub} files https://bugzilla.redhat.com/show_bug.cgi?id=1185848 [ 2 ] Bug #1152812 - Dynamic library file should be symlink https://bugzilla.redhat.com/show_bug.cgi?id=1152812 [ 3 ] Bug #1183505 - coin-or-Ipopt-3.11.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1183505 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.15-2.fc21 (FEDORA-2015-1493) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - fix crash related to logging BYE notifications (#1176282) - update pigeonhole to 0.4.6 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 5 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.15-2 - fix crash related to logging BYE notifications (#1176282) - update pigeonhole to 0.4.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176282 - [abrt] dovecot: strlen(): log killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1176282 -------------------------------------------------------------------------------- ================================================================================ doxygen-1.8.9.1-1.fc21 (FEDORA-2015-1476) A documentation system for C/C++ -------------------------------------------------------------------------------- Update Information: update to 1.8.9.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2015 Than Ngo <than@xxxxxxxxxx> 1.8.9.1-1 - update to 1.8.9.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1176278 - [abrt] doxygen: Definition::localName(): doxygen killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1176278 -------------------------------------------------------------------------------- ================================================================================ freeradius-client-1.1.7-3.fc21 (FEDORA-2015-1501) RADIUS protocol client library -------------------------------------------------------------------------------- Update Information: Line wrapped description message -------------------------------------------------------------------------------- References: [ 1 ] Bug #1171129 - Review Request: freeradius-client - Client library and utilities for radius https://bugzilla.redhat.com/show_bug.cgi?id=1171129 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-atlasrep-1.5.0-2.fc21 (FEDORA-2015-1479) GAP interface to the Atlas of Group Representations -------------------------------------------------------------------------------- Update Information: This new package is a GAP interface to the Atlas of Group Representations, a database that comprises representations of many almost simple groups and information about their maximal subgroups. This database is available independent of GAP. The AtlasRep package consists of this database and a GAP interface. The latter allows the user to get an overview of the database, and to access the data in GAP format. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185014 - Review Request: gap-pkg-atlasrep - GAP interface to the Atlas of Group Representations https://bugzilla.redhat.com/show_bug.cgi?id=1185014 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-browse-1.8.6-2.fc21 (FEDORA-2015-1514) GAP browser for 2-dimensional arrays of data -------------------------------------------------------------------------------- Update Information: This package is a rename from the old gap-Browse package. It contains a GAP browser for 2-dimensional arrays of data. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185015 - Review Request: gap-pkg-browse - GAP browser for 2-dimensional arrays of data https://bugzilla.redhat.com/show_bug.cgi?id=1185015 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-ctbllib-1.2.2-3.fc21 (FEDORA-2015-1473) GAP Character Table Library -------------------------------------------------------------------------------- Update Information: This new package is a rename of the old gap-character-tables package. It contains the GAP Character Table Library by Thomas Breuer. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185020 - Review Request: gap-pkg-ctbllib - GAP Character Table Library https://bugzilla.redhat.com/show_bug.cgi?id=1185020 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-io-4.4.4-1.fc21 (FEDORA-2015-1508) Unix I/O functionality for GAP -------------------------------------------------------------------------------- Update Information: This new package is a rename of the old gap-io package. It contains an interface to Unix I/O functionality from GAP. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185016 - Review Request: gap-pkg-io - Unix I/O functionality for GAP https://bugzilla.redhat.com/show_bug.cgi?id=1185016 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-sonata-2.6-4.fc21 (FEDORA-2015-1483) GAP package for systems of nearrings -------------------------------------------------------------------------------- Update Information: This new package is a rename of the old gap-sonata package. It contains tools for working with systems of nearrings in GAP. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185018 - Review Request: gap-pkg-sonata - GAP package for systems of nearrings https://bugzilla.redhat.com/show_bug.cgi?id=1185018 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-spinsym-1.5-1.fc21 (FEDORA-2015-1503) GAP package for Brauer tables of spin-symmetric groups -------------------------------------------------------------------------------- Update Information: This new package contains some p-modular character tables of Schur covers of symmetric and alternating groups for GAP. It also provides some more functionalities related to these groups, for example, a method to construct character tables of their maximal Young subgroups. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185021 - Review Request: gap-pkg-spinsym - GAP package for Brauer tables of spin-symmetric groups https://bugzilla.redhat.com/show_bug.cgi?id=1185021 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-tomlib-1.2.5-3.fc21 (FEDORA-2015-1490) GAP Table of Marks package -------------------------------------------------------------------------------- Update Information: This new package is a rename of the old gap-table-of-marks package. It provides access to several hundred tables of marks of almost simple groups and their maximal subgroups. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185019 - Review Request: gap-pkg-tomlib - GAP Table of Marks package https://bugzilla.redhat.com/show_bug.cgi?id=1185019 -------------------------------------------------------------------------------- ================================================================================ glite-px-proxyrenewal-1.3.36-2.fc21 (FEDORA-2015-1511) gLite proxyrenewal renews existing proxy certificates for grid users -------------------------------------------------------------------------------- Update Information: New version released. Fixed build from source and manual page update. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 František Dvořák <valtri@xxxxxxxxxx> - 1.3.36-2 - Patch to fix build with recent build tools * Mon Oct 27 2014 František Dvořák <valtri@xxxxxxxxxx> - 1.3.36-1 - Release glite-px-proxyrenewal 1.3.36 - Patches merged upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187090 - [glite-px-proxyrenewal] FTBFS in fc22 https://bugzilla.redhat.com/show_bug.cgi?id=1187090 -------------------------------------------------------------------------------- ================================================================================ iotop-0.6-5.fc21 (FEDORA-2015-1502) Top like utility for I/O -------------------------------------------------------------------------------- Update Information: do not raise an exception when nocbreak() fails on exit -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 0.6-5 - always ignore nocbreak errors, there is way too many false positives (#1035503) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035503 - [abrt] iotop-0.6-1.fc19: wrapper.py:49:wrapper:error: nocbreak() returned ERR https://bugzilla.redhat.com/show_bug.cgi?id=1035503 -------------------------------------------------------------------------------- ================================================================================ isdn4k-utils-3.2-99.fc21 (FEDORA-2015-1487) Utilities for configuring an ISDN subsystem -------------------------------------------------------------------------------- Update Information: bug fix update -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1045909 - 32 and 64 bit isdn4k conflicts for file /usr/share/isdn/dest.cdb https://bugzilla.redhat.com/show_bug.cgi?id=1045909 [ 2 ] Bug #913721 - udev rules are installed into wrong directory https://bugzilla.redhat.com/show_bug.cgi?id=913721 [ 3 ] Bug #1073894 - Service files are installed with unnecessary executable perms https://bugzilla.redhat.com/show_bug.cgi?id=1073894 [ 4 ] Bug #1176116 - Configuration file /usr/lib/systemd/system/isdn.service is marked executable. https://bugzilla.redhat.com/show_bug.cgi?id=1176116 -------------------------------------------------------------------------------- ================================================================================ kernel-3.18.5-200.fc21 (FEDORA-2015-1505) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.18.5 stable update contains a number of important fixes across the tree. The 3.18.4 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.18.5-100 - Linux v3.18.5 * Thu Jan 29 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Backport patch from Rob Clark to toggle i915 state machine checks - Disable i915 state checks * Tue Jan 27 2015 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.18.4-200 - Linux v3.18.4 * Tue Jan 27 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448 1186453) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1186448 - CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code https://bugzilla.redhat.com/show_bug.cgi?id=1186448 -------------------------------------------------------------------------------- ================================================================================ libgpg-error-1.17-2.fc21 (FEDORA-2015-1480) Library for error values used by GnuPG components -------------------------------------------------------------------------------- Update Information: New upstream release with minor changes. Also fixes multilib conflict in the header file. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.17-2 - do not conflict on header file between architectures (#1180857) * Thu Jan 29 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.17-1 - new upstream release * Fri Sep 19 2014 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.16-1 - new upstream release - move from /lib to /usr/lib -------------------------------------------------------------------------------- References: [ 1 ] Bug #1180857 - libgpg-error-devel 32 vs. 64 bit header file conflict https://bugzilla.redhat.com/show_bug.cgi?id=1180857 -------------------------------------------------------------------------------- ================================================================================ lvm2-2.02.116-3.fc21 (FEDORA-2015-1504) Userland logical volume management tools -------------------------------------------------------------------------------- Update Information: New lvm2 upstream release containing fixes documented in WHATS_NEW file. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Peter Rajnoha <prajnoha@xxxxxxxxxx> - 2.02.116-3 - Deactivate unused thin pools activated with lvm2 pre-2.02.112 versions. - Check lock holding LV when lvconverting stacked raid LV in cluster. - Support udev external dev info for filters: PV min size, mpath, md, partition. - Add fw_raid_component_detection lvm.conf option to enable FW raid detection. - Add devices/external_device_info_source lvm.conf option ("none" by default). - Scan pools in for_each_sub_lv() and add for_each_sub_lv_except_pools(). - Fix lvm2app lvm_lv_get_property return value for fields with info/status ioctl. - Fix lvm2app regression in lvm_lv_get_attr causing unknown values (2.02.115). - Preserve chunk size with repair and metadata swap of a thin pool. - Fix raid --splitmirror 1 functionality (2.02.112). - Fix tree preload to handle splitting raid images. - Do not support unpartitioned DASD devices. - Improve config validation to check if setting with string value can be empty. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187481 - lvm2 2.02.115 breaks storaged, which breaks Cockpit https://bugzilla.redhat.com/show_bug.cgi?id=1187481 -------------------------------------------------------------------------------- ================================================================================ maradns-2.0.11-1.fc21 (FEDORA-2015-1198) Authoritative and recursive DNS server made with security in mind -------------------------------------------------------------------------------- Update Information: This upgrade fixes CERT VU#264212 (infinite referral loop) along with few other fixes. Full details at http://samiam.org/blog/2015-01-25.html -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Tomasz Torcz <ttorcz@xxxxxxxxxxxxxxxxx> - 2.0.11-1 - new upstream version * Sun Jan 25 2015 Tomasz Torcz <ttorcz@xxxxxxxxxxxxxxxxx> - 2.0.10-1 - new upstream version with important security fix - http://samiam.org/blog/2015-01-25.html -------------------------------------------------------------------------------- ================================================================================ mingw-gnutls-3.3.12-1.fc21 (FEDORA-2015-1496) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Michael Cronenworth <mike@xxxxxxxxxx> - 3.3.12-1 - Update to 3.3.12 -------------------------------------------------------------------------------- ================================================================================ nodejs-dependency-lister-1.0.2-1.fc21 (FEDORA-2015-1486) Lists your module's dependencies with URLs and licenses -------------------------------------------------------------------------------- Update Information: update to 1.0.2 upstream release Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1173205 - Review Request: nodejs-dependency-lister - Lists your module's dependencies with URLs and licenses https://bugzilla.redhat.com/show_bug.cgi?id=1173205 -------------------------------------------------------------------------------- ================================================================================ nodejs-read-all-stream-1.0.2-1.fc21 (FEDORA-2015-1471) Read all stream content and pass it to callback -------------------------------------------------------------------------------- Update Information: Update to 1.0.2 release -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 Parag Nemade <pnemade AT redhat DOT com> - 1.0.2-1 - Update to 1.0.2 release * Sat Jan 24 2015 Parag Nemade <pnemade AT redhat DOT com> - 1.0.1-1 - Update to 1.0.1 release -------------------------------------------------------------------------------- ================================================================================ nspr-4.10.8-1.fc21 (FEDORA-2015-1507) Netscape Portable Runtime -------------------------------------------------------------------------------- Update Information: Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8 For more details on the bugs fixed with this release, please see the upstream release notes at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 31 2015 Elio Maldonado <emaldona@xxxxxxxxxx> - 4.10.7-2 - Update to NSPR_4_10_8_RTM -------------------------------------------------------------------------------- ================================================================================ nss-3.17.4-1.fc21 (FEDORA-2015-1507) Network Security Services -------------------------------------------------------------------------------- Update Information: Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8 For more details on the bugs fixed with this release, please see the upstream release notes at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 28 2015 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.17.4-1 - Update to nss-3.17.4 * Sat Jan 24 2015 Ville Skyttä <ville.skytta@xxxxxx> - 3.17.3-4 - Own the %{_datadir}/doc/nss-tools dir -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.17.4-1.fc21 (FEDORA-2015-1507) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8 For more details on the bugs fixed with this release, please see the upstream release notes at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 28 2015 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.17.4-1 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release -------------------------------------------------------------------------------- ================================================================================ nss-util-3.17.4-1.fc21 (FEDORA-2015-1507) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8 For more details on the bugs fixed with this release, please see the upstream release notes at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 28 2015 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.17.4-1 - Update to nss-3.17.4 -------------------------------------------------------------------------------- ================================================================================ oath-toolkit-2.4.1-9.fc21 (FEDORA-2015-1484) One-time password components -------------------------------------------------------------------------------- Update Information: Fixed invalid reads in libpskc due to references to old (freed) xmlDoc -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 2.4.1-9 - Fixed invalid reads in libpskc due to references to old (freed) xmlDoc (by retain-original-xmldoc patch), patch provided by David Woodhouse Resolves: rhbz#1129491 * Tue Nov 11 2014 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 2.4.1-8 - Removed RHEL conditionals (not needed any more) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129491 - memory corruption after pskc_build_xml() https://bugzilla.redhat.com/show_bug.cgi?id=1129491 -------------------------------------------------------------------------------- ================================================================================ pcsc-tools-1.4.23-1.fc21 (FEDORA-2015-1485) Tools to be used with smart cards and PC/SC -------------------------------------------------------------------------------- Update Information: Update to the current upstream version. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> - 1.4.23-1 - upgrade to a latest upstream version - include latest smartcard_list.txt (#1183327) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183327 - SmartCard database outdated https://bugzilla.redhat.com/show_bug.cgi?id=1183327 -------------------------------------------------------------------------------- ================================================================================ php-aws-sdk-2.7.17-1.fc21 (FEDORA-2015-1498) Amazon Web Services framework for PHP -------------------------------------------------------------------------------- Update Information: ## 2.7.17 - 2015-01-27 * Added support for `getShippingLabel` to the AWS Import/Export client. * Updated the AWS Lambda client. ## 2.7.16 - 2015-01-20 * Added support for custom security groups to the Amazon EMR client. * Added support for the latest APIs to the Amazon Cognito Identity client. * Added support for ClassicLink to the Auto Scaling client. * Added the ability to set a client's API version to "latest" for forwards compatibility with v3. ## 2.7.15 - 2015-01-15 * Added support for [HLS Content Protection](https://aws.amazon.com/releasenotes/3388917394239147) to the Elastic Transcoder client. * Updated client factory logic to add the `SignatureListener`, even when `NullCredentials` have been specified. This way, you can update a client's credentials later if you want to begin signing requests. ## 2.7.14 - 2015-01-09 * Fixed a regression in the CloudSearch Domain client (#448). ## 2.7.13 - 2015-01-08 * Added the Amazon EC2 Container Service client. * Added the Amazon CloudHSM client. * Added support for dynamic fields to the Amazon CloudSearch client. * Added support for the ClassicLink feature to the Amazon EC2 client. * Updated the Amazon RDS client to use the latest 2014-10-31 API. * Updated S3 signature so retries use a new Date header on each attempt. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.7.17-1 - Updated to 2.7.17 (BZ #1180500) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1180500 - php-aws-sdk-2.7.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1180500 -------------------------------------------------------------------------------- ================================================================================ pigz-2.3.3-1.fc21 (FEDORA-2015-1488) Parallel implementation of gzip -------------------------------------------------------------------------------- Update Information: Update to 2.3.3, fixes CVE-2015-1191: - Return zero exit code when only warnings are issued - Increase speed of unlzw (Unix compress decompression) - Update zopfli to current google state - Allow larger maximum blocksize (-b), now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip any path from header name for -dN or -dNT - Remove use of PATH_MAX (PATH_MAX is not reliable) - Do not abort on inflate data error, do remaining files - Check gzip header CRC if present - Improve decompression error detection and reporting -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.3.3-1 - Update to 2.3.3, fixes CVE-2015-1191 (bug #1181045) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181045 - CVE-2015-1191 pigz: directory traversal vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1181045 -------------------------------------------------------------------------------- ================================================================================ pulseaudio-equalizer-2.7-14.fc21 (FEDORA-2015-1495) A 15 Bands Equalizer for PulseAudio -------------------------------------------------------------------------------- Update Information: - Fixing missing $HOME/.pulse dir -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Jaromir Capik <jcapik@xxxxxxxxxx> - 2.7-14 - Fixing crashes when $HOME/.pulse missing (#1183283) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185103 - [abrt] pulseaudio-equalizer: pulseaudio-equalizer.py:46:GetSettings:IOError: [Errno 2] No such file or directory: '/home/arcademan/.pulse/equalizerrc' https://bugzilla.redhat.com/show_bug.cgi?id=1185103 -------------------------------------------------------------------------------- ================================================================================ python-mwlib-0.15.14-1.fc21 (FEDORA-2015-1492) MediaWiki parser and utility library -------------------------------------------------------------------------------- Update Information: Update to latest upstream bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> - 0.15.14-1 - Update to 0.15.14 and enable tests (#1031279) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031279 - python-mwlib-0.15.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1031279 -------------------------------------------------------------------------------- ================================================================================ python-tbgrep-0.3.0-1.fc21 (FEDORA-2015-1477) Extract Python Tracebacks from text -------------------------------------------------------------------------------- Update Information: Latest upstream release with new functionality https://github.com/lmacken/tbgrep -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Luke Macken <lmacken@xxxxxxxxxx> - 0.3.0-1 - Update to 0.3.0 -------------------------------------------------------------------------------- ================================================================================ rubygem-rmagick-2.13.4-2.fc21 (FEDORA-2015-1472) Ruby binding to ImageMagick -------------------------------------------------------------------------------- Update Information: This is a new package -------------------------------------------------------------------------------- ================================================================================ schroot-1.6.5-8.fc21 (FEDORA-2015-1489) Execute commands in a chroot environment -------------------------------------------------------------------------------- Update Information: binary must be suid root. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 30 2015 Zach Carter <os@xxxxxxxxxxxxxx> - 1.6.5-8 - Make sure schroot is suid (BZ1045006,BZ1175351) * Mon Jan 26 2015 Petr Machata <pmachata@xxxxxxxxxx> - 1.6.5-7 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1175351 - schroot binary should be setuid root https://bugzilla.redhat.com/show_bug.cgi?id=1175351 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.13.1-105.1.fc21 (FEDORA-2015-1509) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=607962 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.13.1-105.1 - Add unconfined_setsched() interface - Add ipsec_rw_inherited_pipes() interface. - Update seutil_manage_config() interface. - journald now reads the netlink audit socket - Update ipsec_manage_pid() interface. - Allow netutils chown capability to make tcpdump working with -w - Label /ostree/deploy/rhel-atomic-host/deploy directory as system_conf_t. - Allow ipsec to execute _updown.netkey script to run unbound-control. - Add auditing support for ipsec. - Allow nut_upsmon_t to read random_device_t. BZ(1186072) - Allow fowner capability for sssd because of selinux_child handling. - ALlow bind to read/write inherited ipsec pipes - Allow hypervkvp to read /dev/urandom and read addition states/config files. - Allow cluster domain to dbus chat with systemd-logind. - Allow gluster rpm scripletto create glusterd socket with correct labeling. This is a workaround until we get fix in glusterd - Add glusterd_filetrans_named_pid() interface. - Allow radiusd to connect to radsec ports. - Allow setuid/setgid for selinux_child. - Allow pingd to read /dev/urandom. BZ(1181831) - Allow lsmd plugin to connect to tcp/5989 by default. - pkcsslotd_lock_t should be an alias for pkcs_slotd_lock_t. - Allow docker_t to changes it rlimit - Allow docker to setsched on unconfined_t user - Dontaudit couchdb search in gconf_home_t. BZ(1177717) - Call correct macro in virt_read_content(). - Allow neutron to read rpm DB. - Add labeling for pacemaker.log. - Allow radius to connect/bind radsec ports. - Allow pm-suspend running as virt_qemu_ga to read /var/log/pm-suspend.log. - Add devicekit_read_log_files() - Allow virt_qemu_ga to dbus chat with rpm. - Update virt_read_content() interface to allow read also char devices. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181831 - SELinux is preventing ping6 from read access on the chr_file urandom. https://bugzilla.redhat.com/show_bug.cgi?id=1181831 -------------------------------------------------------------------------------- ================================================================================ subtitleeditor-0.41.0-5.fc21 (FEDORA-2015-1470) GTK+2 tool to edit subtitles for GNU/Linux/*BSD -------------------------------------------------------------------------------- Update Information: Added patches for rhbz #1187152 (upstream #22857 and #23018) -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 Artur Szymczak <artur.szymczak@xxxxxxxxxxx> - 0.41.0-5 - Added patches for rhbz #1187152 (upstream #22857 and #23018) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187152 - Editing subtitles, start and end time, duration and CPS does not work with glib2 2.42 anymore https://bugzilla.redhat.com/show_bug.cgi?id=1187152 -------------------------------------------------------------------------------- ================================================================================ tcpcrypt-0.4-0.3.bb990b1b.fc21 (FEDORA-2015-1494) Opportunistically encrypt TCP connections -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1122777 - Review Request: tcpcrypt - Opportunistically encrypt TCP connections https://bugzilla.redhat.com/show_bug.cgi?id=1122777 -------------------------------------------------------------------------------- ================================================================================ torbrowser-launcher-0.1.9-1.fc21 (FEDORA-2015-1499) Tor Browser Bundle managing tool -------------------------------------------------------------------------------- Update Information: fix required txsocksx and service-identity -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 24 2015 Robert Mayr <robyduck@xxxxxxxxxxxxxxxxxx> 0.1.9-1 - fix required txsocksx and service-identity - bump to last version available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1177388 - torbrowser-launcher gives error checking for updates and python-txsocksx package is missing https://bugzilla.redhat.com/show_bug.cgi?id=1177388 -------------------------------------------------------------------------------- ================================================================================ vagrant-lxc-1.1.0-6.fc21 (FEDORA-2015-1469) LXC provider for vagrant -------------------------------------------------------------------------------- Update Information: Introduce vagrant-lxc package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185685 - Review Request: vagrant-lxc - LXC-provider for vagrant https://bugzilla.redhat.com/show_bug.cgi?id=1185685 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
