The following Fedora 20 Security updates need testing: Age URL 122 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20 75 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20 73 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20 52 https://admin.fedoraproject.org/updates/FEDORA-2014-16494/mutt-1.5.23-4.fc20 51 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20 51 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20 46 https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2.fc20 42 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 39 https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.fc20 37 https://admin.fedoraproject.org/updates/FEDORA-2014-17641/dokuwiki-0-0.23.20140929b.fc20 20 https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.fc20 16 https://admin.fedoraproject.org/updates/FEDORA-2015-0773/arc-5.21p-5.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.35.rc3.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-1007/dump-0.4-0.24.b44.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1085/puppetlabs-stdlib-4.5.1-1.20150121git7a91f20.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1101/php-5.5.21-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1133/seamonkey-2.32-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1162/community-mysql-5.5.41-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1159/jasper-1.900.1-28.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-1176/privoxy-3.0.23-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-1191/vorbis-tools-1.4.0-13.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-1294/qpid-cpp-0.30-7.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1354/firefox-35.0.1-3.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1364/mantis-1.2.19-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-1439/websvn-2.3.3-8.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1263/maradns-2.0.11-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1497/kernel-3.18.5-100.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1510/pigz-2.3.3-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 12 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.35.rc3.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2015-0959/redhat-rpm-config-9.1.0-55.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-1033/sddm-0.10.0-3.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1095/perl-Filter-1.54-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-1159/jasper-1.900.1-28.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-1214/hwdata-0.274-2.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-1285/polkit-0.112-7.fc20.1 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1384/cairo-1.14.0-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1423/amor-14.12.1-1.fc20,ark-14.12.1-1.fc20,audiocd-kio-14.12.1-1.fc20,blinken-14.12.1-1.fc20,cantor-14.12.1-1.fc20,dragon-14.12.1-1.fc20,filelight-14.12.1-1.fc20,jovie-14.12.1-2.fc20,juk-14.12.1-1.fc20,kaccessible-14.12.1-1.fc20,kalzium-14.12.1-1.fc20,kamera-14.12.1-1.fc20,kanagram-4.14.3-3.fc20,kbruch-14.12.1-1.fc20,kcalc-14.12.1-1.fc20,kcharselect-14.12.1-1.fc20,kcolorchooser-14.12.1-1.fc20,kcron-14.12.1-2.fc20,kdeartwork-14.12.1-1.fc20,kde-baseapps-14.12.1-1.fc20,kde-base-artwork-14.12.1-1.fc20,kdegraphics-mobipocket-14.12.1-1.fc20,kdegraphics-strigi-analyzer-14.12.1-1.fc20,kdegraphics-thumbnailers-14.12.1-1.fc20,kdelibs-4.14.4-2.fc20,kdenetwork-filesharing-14.12.1-1.fc20,kdenetwork-strigi-analyzers-14.12.1-1.fc20,kdepim-4.14.4-2.fc20,kdepimlibs-4.14.4-1.fc20,kdepim-runtime-4.14.4-1.fc20,kdeplasma-addons-4.14.3-3.fc20,kde-runtime-14.12.1-2.fc20,kde-wallpapers-14.12.1-1.fc20,kdf-14.12.1-1.fc20,kdnssd-14.12.1-1.fc20,kfloppy-14.12.1-1.fc20,kgamma-14.12.1-1.fc20,kgeography-14.12.1-1.fc20,kget-14.12.1-1.fc20,kgpg-14.12.1-1.fc20,khangman-4.14.3-3.fc20,kiten-14.12.1-1.fc20,klettres-14.12.1-1.fc20,kmag-14.12.1-1.fc20,kmousetool-14.12.1-1.fc20,kmouth-14.12.1-1.fc20,kmplot-14.12.1-1.fc20,kolourpaint-14.12.1-1.fc20,kopete-14.12.1-1.fc20,kppp-14.12.1-1.fc20,kqtquickcharts-14.12.1-1.fc20,krdc-14.12.1-1.fc20,kremotecontrol-14.12.1-1.fc20,krfb-14.12.1-1.fc20,kruler-14.12.1-1.fc20,ksaneplugin-14.12.1-1.fc20,kscd-14.12.1-1.fc20,ksnapshot-14.12.1-1.fc20,kstars-14.12.1-1.fc20,ksystemlog-14.12.1-2.fc20,kteatime-14.12.1-1.fc20,ktimer-14.12.1-1.fc20,ktouch-14.12.1-1.fc20,kturtle-14.12.1-1.fc20,ktux-14.12.1-1.fc20,kuser-14.12.1-2.fc20,kwalletmanager-14.12.1-1.fc20,kwordquiz-14.12.1-1.fc20,libkcddb-14.12.1-1.fc20,libkcompactdisc-14.12.1-1.fc20,libkdcraw-14.12.1-1.fc20,libkdeedu-14.12.1-3.fc20,libkexiv2-14.12.1-1.fc20,libkipi-14.12.1-1.fc20,libksane-14.12.1-1.fc20,marble-14.12.1-1.fc20,oxygen-icon-theme-14.12.1-1.fc20,pairs-14.12.1-1.fc20,rocs-14.12.1-2.fc20,step-14.12.1-1.fc2 0,superkaramba-14.12.1-1.fc20,svgpart-14.12.1-1.fc20,sweeper-14.12.1-1.fc20,calligra-2.8.7-4.fc20,digikam-4.6.0-1.fc20.1,kdeedu-data-14.12.1-3.fc20,kde-workspace-4.11.15-3.fc20,kphotoalbum-4.5-4.fc20,subsurface-4.3-1.fc20.1 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1420/zip-3.0-10.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1398/selinux-policy-3.12.1-197.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-1425/perl-Getopt-Long-2.43-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-1434/perl-Pod-Simple-3.29-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-1448/koji-1.9.0-10.fc20.gitcd45e886 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1525/nss-util-3.17.4-1.fc20,nss-softokn-3.17.4-1.fc20,nss-3.17.4-1.fc20,nspr-4.10.8-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-1497/kernel-3.18.5-100.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1528/xorg-x11-server-1.14.4-14.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20 The following builds have been pushed to Fedora 20 updates-testing haproxy-1.5.11-1.fc20 inadyn-mt-2.24.44-1.fc20 jd-2.8.9-0.3.rc150201.fc20 nodejs-caller-callsite-1.0.0-1.fc20 nodejs-infinity-agent-1.0.2-1.fc20 nodejs-is-stream-1.0.1-1.fc20 nodejs-lowercase-keys-1.0.0-1.fc20 nodejs-prepend-http-1.0.1-1.fc20 patch-2.7.4-1.fc20 perl-Apache-Session-NoSQL-0.1-2.fc20 perl-Params-Validate-1.17-1.fc20 perl-Redis-1.978-1.fc20 rubygem-narray-0.6.1.1-1.fc20 siege-3.0.9-1.fc20 xorg-x11-server-1.14.4-14.fc20 xscreensaver-5.32-4.fc20 Details about builds: ================================================================================ haproxy-1.5.11-1.fc20 (FEDORA-2015-1554) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information: Update to upstream stable release 1.5.11 -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Ryan O'Hara <rohara@xxxxxxxxxx> - 1.5.11-1 - Update to 1.5.11 (#1188029) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188029 - haproxy-1.5.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1188029 -------------------------------------------------------------------------------- ================================================================================ inadyn-mt-2.24.44-1.fc20 (FEDORA-2015-1555) Dynamic DNS Client -------------------------------------------------------------------------------- Update Information: New upstream release with bug fixes -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 31 2015 Jochen Schmitt <Jochen herr-schmitt de> - 2.24.44-1 - New upstream release -------------------------------------------------------------------------------- ================================================================================ jd-2.8.9-0.3.rc150201.fc20 (FEDORA-2015-1561) A 2ch browser -------------------------------------------------------------------------------- Update Information: New version 2.8.9 rc 150201 is released. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.9-0.3.rc150201 - 2.8.9 rc 150201 * Wed Jan 28 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - Update to the latest trunk * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.8.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Jun 12 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.8-2 - F-21: mass rebuild -------------------------------------------------------------------------------- ================================================================================ nodejs-caller-callsite-1.0.0-1.fc20 (FEDORA-2015-1529) Get the callsite of the caller function -------------------------------------------------------------------------------- Update Information: update to 1.0.0 release -------------------------------------------------------------------------------- ================================================================================ nodejs-infinity-agent-1.0.2-1.fc20 (FEDORA-2015-1549) Creates HTTP/HTTPS Agent with Infinity maxSockets -------------------------------------------------------------------------------- Update Information: update to 1.0.2 upstream release -------------------------------------------------------------------------------- ================================================================================ nodejs-is-stream-1.0.1-1.fc20 (FEDORA-2015-1559) Check if something is a Node.js stream -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- ================================================================================ nodejs-lowercase-keys-1.0.0-1.fc20 (FEDORA-2015-1542) Lowercase the keys of an object -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- ================================================================================ nodejs-prepend-http-1.0.1-1.fc20 (FEDORA-2015-1531) Prepend http:// to humanized URLs like todomvc.com and localhost -------------------------------------------------------------------------------- Update Information: update to 1.0.1 upstream release -------------------------------------------------------------------------------- ================================================================================ patch-2.7.4-1.fc20 (FEDORA-2015-1165) Utility for modifying/upgrading files -------------------------------------------------------------------------------- Update Information: Security fixes for CVE-2014-9637 and CVE-2015-1196. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Tim Waugh <twaugh@xxxxxxxxxx> - 2.7.4-1 - 2.7.4, including a better fix for CVE-2015-1196 that still allows symlinks referencing ".." to be created. * Fri Jan 23 2015 Tim Waugh <twaugh@xxxxxxxxxx> - 2.7.3-1 - 2.7.3 (bug #1182157, CVE-2015-1196, bug #1184491, CVE-2014-9637). * Tue Jan 20 2015 Tim Waugh <twaugh@xxxxxxxxxx> - 2.7.1-12 - Apply upstream patch to fix line numbering integer overflow. * Tue Jan 20 2015 Tim Waugh <twaugh@xxxxxxxxxx> - 2.7.1-11 - Apply upstream patch to fix directory traversal via symlinks (bug #1182157, CVE-2015-1196). * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.7.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Jun 6 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.7.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185262 - CVE-2014-9637 patch: local denial of service with a crafted patch https://bugzilla.redhat.com/show_bug.cgi?id=1185262 [ 2 ] Bug #1184490 - CVE-2015-1395 patch: directory traversal via file rename https://bugzilla.redhat.com/show_bug.cgi?id=1184490 -------------------------------------------------------------------------------- ================================================================================ perl-Apache-Session-NoSQL-0.1-2.fc20 (FEDORA-2015-1530) NoSQL implementation of Apache::Session -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of perl-Apache-Session-NoSQL. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1186725 - Review Request: perl-Apache-Session-NoSQL - NoSQL implementation of Apache::Session https://bugzilla.redhat.com/show_bug.cgi?id=1186725 [ 2 ] Bug #1181654 - Please package perl-Apache-Session-NoSQL into EPEL 5/6/7 https://bugzilla.redhat.com/show_bug.cgi?id=1181654 -------------------------------------------------------------------------------- ================================================================================ perl-Params-Validate-1.17-1.fc20 (FEDORA-2015-1532) Params-Validate Perl module -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.17-1 - Upstream update. * Mon Jan 12 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 1.16-2 - Remove unused test-time dependency on Readonly:::XS -------------------------------------------------------------------------------- ================================================================================ perl-Redis-1.978-1.fc20 (FEDORA-2015-1552) Perl binding for Redis database -------------------------------------------------------------------------------- Update Information: Upgrade to 1.978. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 David Dick <ddick@xxxxxxxx> - 1.978-1 - Upgrade to 1.978. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187912 - perl-Redis-1.978 is available https://bugzilla.redhat.com/show_bug.cgi?id=1187912 -------------------------------------------------------------------------------- ================================================================================ rubygem-narray-0.6.1.1-1.fc20 (FEDORA-2015-1546) N-dimensional Numerical Array class for Ruby -------------------------------------------------------------------------------- Update Information: * new upstream release (#1178432) -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Björn Esser <bjoern.esser@xxxxxxxxx> - 0.6.1.1-1 - new upstream release (#1178432) * Fri Jan 16 2015 Vít Ondruch <vondruch@xxxxxxxxxx> - 0.6.0.9-4 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.2 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.0.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.0.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1178432 - rubygem-narray-0.6.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1178432 -------------------------------------------------------------------------------- ================================================================================ siege-3.0.9-1.fc20 (FEDORA-2015-1558) A HTTP regression testing and benchmarking utility -------------------------------------------------------------------------------- Update Information: Update to new upstream release 3.0.9 (rhbz#1178439) -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 11 2015 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 3.0.9-1 - Update to new upstream release 3.0.9 (rhbz#1178439) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1178439 - siege-3.0.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1178439 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-server-1.14.4-14.fc20 (FEDORA-2015-1528) X.Org X11 X server -------------------------------------------------------------------------------- Update Information: backport two fixes from master, randr + udev -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Dave Airlie <airlied@xxxxxxxxxx> 1.14.4-14 - backport two fixes from master, randr + udev -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.32-4.fc20 (FEDORA-2015-1556) X screen saver and locker -------------------------------------------------------------------------------- Update Information: A possible problem is found on xscreensaver with gcc5. This rpm will fix the issue. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 1 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.32-4 - Temporarily disable sse2 when gcc5 with -fsanitize=foo - gcc5 address sanitizer fix for pick_best_gl_visual -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
