The following Fedora 21 Security updates need testing: Age URL 77 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21 72 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21 68 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21 65 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21 63 https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.20140929b.fc21 52 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21 46 https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2-1.fc21 45 https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21 42 https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21 28 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21 21 https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21 13 https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.fc21 12 https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3.10-1.fc21 7 https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-3.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.beta.r434svn.1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.1-5.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2710/lftp-4.5.4-4.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2746/cabextract-1.5-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2863/libpng10-1.0.63-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2828/suricata-2.0.7-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1.6-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2015-2145/tigervnc-1.4.2-1.fc21 10 https://admin.fedoraproject.org/updates/FEDORA-2015-2238/libquvi-scripts-0.9.20131130-4.fc21 9 https://admin.fedoraproject.org/updates/FEDORA-2015-2266/vino-3.14.2-1.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-2306/device-mapper-multipath-0.4.9-68.fc21.3 7 https://admin.fedoraproject.org/updates/FEDORA-2015-2359/kde-settings-21-3.fc21 7 https://admin.fedoraproject.org/updates/FEDORA-2015-2351/gtkspell3-3.0.7-1.fc21 7 https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2015-2419/colord-1.2.9-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-2460/perl-Pod-Usage-1.66-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-2463/xorg-x11-drv-evdev-2.9.1-2.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2602/abrt-2.3.0-4.fc21,libreport-2.3.0-6.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2609/ibus-1.5.10-1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.1-5.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2505/xdg-utils-1.1.0-0.39.rc3.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-3.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2475/satyr-0.16-1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2489/initscripts-9.56.1-7.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2545/perl-Getopt-Long-2.45-1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-2502/setup-2.9.0-4.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2743/spatialite-tools-4.2.0-8.fc21,sqlite-3.8.8.3-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2694/glib2-2.42.2-1.fc21 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2733/selinux-policy-3.13.1-105.5.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21 The following builds have been pushed to Fedora 21 updates-testing SIMVoleon-2.0.1-19.fc21 SoQt-1.5.0-14.fc21 amanda-3.3.6-6.fc21 armadillo-4.650.2-1.fc21 atomic-0-0.7.gita7ff4cb.fc21 autoconf-2.69-17.fc21 cairo-dock-3.4.0-11.fc21 cairo-dock-plug-ins-3.4.0-14.fc21 collectd-5.4.2-1.fc21 drupal6-admin_menu-1.9-1.fc21 drupal7-entity-1.6-1.fc21 drupal7-migrate-2.7-1.fc21 emacs-bbdb-3.1.2-3.fc21 freehdl-0.0.8-10.fc21 gdal-1.11.2-1.fc21 glibc-2.20-8.fc21 gnome-software-3.14.3-1.fc21 golang-github-beorn7-perks-0-0.1.gitb965b61.fc21 golang-github-docker-spdystream-0-0.1.git29e1da2.fc21 golang-github-prometheus-client_golang-0-0.2.git39e4bc8.fc21 golang-github-shurcooL-sanitized_anchor_name-0-0.1.git8e87604.fc21 httrack-3.48.20-1.fc21 ipython-2.4.1-1.fc21 itop-0.1-2.20150225git6dbb3c42.fc21 jd-2.8.9-1.fc21 libblockdev-0.7-1.fc21 libpng10-1.0.63-1.fc21 mydns-1.2.8.31-12.fc21 octave-netcdf-1.0.6-1.fc21 perl-Net-DNS-0.83-1.fc21 perl-Tie-Cache-0.21-1.fc21 php-pear-1.9.5-5.fc21 pl-6.6.6-5.fc21 pylint-1.3.1-3.fc21 python-flask-whooshalchemy-0.6-6.fc21 quake3-1.36-21.svn2102.fc21 redis-2.8.19-1.fc21.1 resiprocate-1.9.9-15.fc21 rubygem-rabbit-2.1.6-1.fc21 rxtx-2.2-0.10.20100211.fc21.2 suricata-2.0.7-1.fc21 vdr-screenshot-0.0.16-1.fc21 xscreensaver-5.32-9.fc21 Details about builds: ================================================================================ SIMVoleon-2.0.1-19.fc21 (FEDORA-2015-2834) Volume rendering library for Coin -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.0.1-19 - Modernise spec. - Remove %optflags and %__global_ld_flags from *.cfg. -------------------------------------------------------------------------------- ================================================================================ SoQt-1.5.0-14.fc21 (FEDORA-2015-2836) High-level 3D visualization library -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.5.0-14 - Fix bogus %changelog entry. - Let SoQt-devel require SoQt%{?_isa}. * Thu Feb 26 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.5.0-13 - Modernise spec. - Remove %optflags and %__global_ld_flags from *.cfg. -------------------------------------------------------------------------------- ================================================================================ amanda-3.3.6-6.fc21 (FEDORA-2015-2804) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: Fix for swig-3.0.5 (#1195297) -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Petr Hracek <phracek@xxxxxxxxxx> - 3.3.6-6 - Fix for swig-3.0.5 (#1195297) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195297 - amanda-3.3.6-9.fc23 FTBFS: ../perl/Amanda/Xfer.swg:536: Error: Unknown SWIG preprocessor directive: The (if this is a block of target language code, delimit it with %{ and %}) https://bugzilla.redhat.com/show_bug.cgi?id=1195297 -------------------------------------------------------------------------------- ================================================================================ armadillo-4.650.2-1.fc21 (FEDORA-2015-2844) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: Version 4.650 (Intravenous Caffeine Injector) * added randg() for generating random values from gamma distributions (C++11 only) * added .head_rows() and .tail_rows() to submatrix views * added .head_cols() and .tail_cols() to submatrix views * expanded eigs_sym() to optionally calculate eigenvalues with smallest/largest algebraic values * fixes for handling of sparse matrices -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 4.650.2-1 - update to 4.650.2 -------------------------------------------------------------------------------- ================================================================================ atomic-0-0.7.gita7ff4cb.fc21 (FEDORA-2015-2861) Tool for managing ProjectAtomic systems and containers -------------------------------------------------------------------------------- Update Information: remove pylint for rhel/centos runtime requirement: python-docker-py build commit#a7ff4cb -------------------------------------------------------------------------------- ================================================================================ autoconf-2.69-17.fc21 (FEDORA-2015-2829) A GNU tool for automatically configuring source code -------------------------------------------------------------------------------- Update Information: config.site: take AC_PREFIX_DEFAULT([/usr]) into account -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Pavel Raiskup <praiskup@xxxxxxxxxx> - 2.69-17 - config.site: take AC_PREFIX_DEFAULT([/usr]) into account, by agruen at kernel.org (rhbz#1196340) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196340 - lib64 bug in /usr/share/config.site https://bugzilla.redhat.com/show_bug.cgi?id=1196340 -------------------------------------------------------------------------------- ================================================================================ cairo-dock-3.4.0-11.fc21 (FEDORA-2015-2839) Light eye-candy fully themable animated dock -------------------------------------------------------------------------------- Update Information: Introducing cairo-dock, which was once removed from Fedora on 2009. Note that due to some reason, "zoom" effect was explicitly disabled. -------------------------------------------------------------------------------- ================================================================================ cairo-dock-plug-ins-3.4.0-14.fc21 (FEDORA-2015-2839) Plug-ins files for Cairo-Dock -------------------------------------------------------------------------------- Update Information: Introducing cairo-dock, which was once removed from Fedora on 2009. Note that due to some reason, "zoom" effect was explicitly disabled. -------------------------------------------------------------------------------- ================================================================================ collectd-5.4.2-1.fc21 (FEDORA-2015-2840) Statistics collection daemon for filling RRD files -------------------------------------------------------------------------------- Update Information: Upstream released new version. See https://collectd.org/news.shtml for the release notes. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 5.4.2-1 - Upstream released new version - Drop BuildRequires on owfs-capi, fixed in owfs - Drop collectd-fix-colors-in-collection.conf.patch, fixed upstream - Drop collectd-lvm-do-not-segfault-when-there-are-no-vgs.patch, fixed upstream * Tue Feb 10 2015 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 5.4.1-15 - OneWire libraries are in owfs-capi package * Tue Feb 10 2015 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 5.4.1-14 - Rebuilt for new OneWire version * Wed Feb 4 2015 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 5.4.1-13 - Exclude onewire.conf from main collectd package * Tue Dec 9 2014 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 5.4.1-12 - Improve the systemd unit a bit -------------------------------------------------------------------------------- ================================================================================ drupal6-admin_menu-1.9-1.fc21 (FEDORA-2015-2838) Provides a dropdown menu to most administrative tasks -------------------------------------------------------------------------------- Update Information: ## 6.x-1.9 - Issue #2360249 by pvasili, konstantin.komelin, Eyal Shalev, ofry, Plazik, dalin, gngn, marcmueller: Fixed tertiary menu items not visible in Firefox 34. - Issue #927018 by DamienMcKenna, mikeytown2: Fixed PHP notice in admin_menu_link_build(). -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.9-1 - Updated to 1.9 (BZ #1195728) - Removed RPM README b/c it only explained common Drupal workflow - %license usage - Spec cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195728 - drupal6-admin_menu-1.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1195728 -------------------------------------------------------------------------------- ================================================================================ drupal7-entity-1.6-1.fc21 (FEDORA-2015-2849) Extends the entity API to provide a unified way to deal with entities -------------------------------------------------------------------------------- Update Information: ## 7.x-1.6 See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://www.drupal.org/node/2437905) Changes since 7.x-1.5: - by klausi: Sanitize field labels before passing them to the Token API. - Issue #2264079 by Amitaibu, fago: Fixed $wrapper->access() might be wrong for single entity reference field. - Issue #2039601 by DuaelFr, fago: Added Ease EntityMetadataWrapper usage with a getter. - Issue #2160355 by wodenx, gmercer, fgm, jgullstr: Fixed Trying to get property of non-object in entity_metadata_user_access(). - Issue #1651824 by meatsack | joachim: Fixed 'entity_test' table has incorrect declaration of foreign keys. - Issue #2309697 by kristiaanvandeneynde; joachim: Fixed variable mistake in entity_views_handler_relationship_by_bundle. - Issue #2003826 by greenmother, stella, jazzdrive3, fago: Fixed template_preprocess_entity does not check for existing 'path' index. - Issue #1104286: Support generating database schema for date properties. - Issue #2013473 by fietserwin: Title attribute of image field not listed as possible token. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.6-1 - Updated to 1.6 (BZ #1196750 / SA-CONTRIB-2015-053) - Removed RPM README b/c it only explained common Drupal workflow - %license usage -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196750 - drupal7-entity-1.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1196750 -------------------------------------------------------------------------------- ================================================================================ drupal7-migrate-2.7-1.fc21 (FEDORA-2015-2827) Import content from external sources -------------------------------------------------------------------------------- Update Information: # Migrate 2.7 ## Bug fixes - 2415597 - Make batching of SQL sources optional, and force map_joinable FALSE. # Migrate 2.7 Release Candidate 1 ## Features and enhancements - 2296911 - Add a source handler for IBM DB2. - 2256761 - Add a destination handler for variables. - 2047815 - Support multi-column source keys in idlist. - 1751438 - Add spreadsheet source plugin. ## Bug fixes - 2403593 - SQL batching messes up cases with altered queries, such as idlist. - 2298969 - Verify wizard validation function exists. - 2268863 - Fix drush --all option. - 2410523 - Remove inconsistent escaping of migrate_drush_path. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.7-1 - Updated to 2.7 (BZ #1191439) - Removed RPM README b/c it only explained common Drupal workflow - %license usage - Spec cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1191439 - drupal7-migrate-2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1191439 -------------------------------------------------------------------------------- ================================================================================ emacs-bbdb-3.1.2-3.fc21 (FEDORA-2015-2805) A contact management utility for use with Emacs -------------------------------------------------------------------------------- Update Information: Remove the info file. It does not contain any real documentation. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Göran Uddeborg <goeran@xxxxxxxxxxx> 1:3.1.2-3 - Remove the info file. It currently does not contain any real documentation but just a template (BZ #1192873) - Clean up a warning during RPM build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1192873 - emacs-bbdb info manual is useless https://bugzilla.redhat.com/show_bug.cgi?id=1192873 -------------------------------------------------------------------------------- ================================================================================ freehdl-0.0.8-10.fc21 (FEDORA-2015-2859) GPLed free VHDL -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.0.8-10 - Remove %{optflags} from freehdl.pc (RHBZ#1196512). - Modernize spec. - Remove *.las. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196512 - %optflags in freehdl.pc https://bugzilla.redhat.com/show_bug.cgi?id=1196512 -------------------------------------------------------------------------------- ================================================================================ gdal-1.11.2-1.fc21 (FEDORA-2015-2848) GIS file format library -------------------------------------------------------------------------------- Update Information: http://trac.osgeo.org/gdal/wiki/Release/1.11.2-News -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 17 2015 Volker Fröhlich <volker27@xxxxxx> - 1.11.2-1 - New release - Remove obsolete sqlite patch -------------------------------------------------------------------------------- ================================================================================ glibc-2.20-8.fc21 (FEDORA-2015-2837) The GNU libc libraries -------------------------------------------------------------------------------- Update Information: - Fix CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified - Fix CVE-2014-9402 glibc: denial of service in getnetbyname function - CVE-2015-1472 glibc: heap buffer overflow in glibc swscanf - Fix segfault when LD_LIBRARY_PATH is set to non-existent directory. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Siddhesh Poyarekar <siddhesh@xxxxxxxxxx> - 2.20-8 - wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, #1167569). - Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, #1175370). - wscanf allocates too little memory (CVE-2015-1472, #1188237). - Fix segmentation fault when LD_LIBRARY_PATH contains only non-existing paths (#1184234). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188235 - CVE-2015-1472 glibc: heap buffer overflow in glibc swscanf https://bugzilla.redhat.com/show_bug.cgi?id=1188235 [ 2 ] Bug #1175369 - CVE-2014-9402 glibc: denial of service in getnetbyname function https://bugzilla.redhat.com/show_bug.cgi?id=1175369 [ 3 ] Bug #1157689 - CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified https://bugzilla.redhat.com/show_bug.cgi?id=1157689 -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.14.3-1.fc21 (FEDORA-2015-2843) A software center for GNOME -------------------------------------------------------------------------------- Update Information: This update fixes several gnome-software issues that have come up during Fedora 21 lifetime: - Fix several possible crashes when clicking the back button - Fix a crash in the screenshot loader - Show an error message when we fail to load details about a local file - Make sure back button always leads back to overview -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.14.3-1 - Update to 3.14.3 * Thu Nov 13 2014 Richard Hughes <rhughes@xxxxxxxxxx> - 3.14.2-3 - Fix non-Fedora build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1137027 - [abrt] gnome-software: gs_screenshot_image_complete_cb(): gnome-software killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1137027 [ 2 ] Bug #1145782 - [abrt] gnome-software: gs_shell_back_button_cb(): gnome-software killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1145782 -------------------------------------------------------------------------------- ================================================================================ golang-github-beorn7-perks-0-0.1.gitb965b61.fc21 (FEDORA-2015-2825) Effective Computation of Things -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196432 - Review Request: golang-github-beorn7-perks - Effective Computation of Things https://bugzilla.redhat.com/show_bug.cgi?id=1196432 -------------------------------------------------------------------------------- ================================================================================ golang-github-docker-spdystream-0-0.1.git29e1da2.fc21 (FEDORA-2015-2824) A multiplexed stream library using spdy -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196363 - Review Request: golang-github-docker-spdystream - A multiplexed stream library using spdy https://bugzilla.redhat.com/show_bug.cgi?id=1196363 -------------------------------------------------------------------------------- ================================================================================ golang-github-prometheus-client_golang-0-0.2.git39e4bc8.fc21 (FEDORA-2015-2862) Prometheus instrumentation library for Go applications -------------------------------------------------------------------------------- Update Information: Bump to upstream 39e4bc83f974fb141a9e67c042b26322bacc917b -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.git39e4bc8 - Bump to upstream 39e4bc83f974fb141a9e67c042b26322bacc917b related: #1190442 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190442 - Review Request: golang-github-prometheus-client_golang - Prometheus instrumentation library for Go applications https://bugzilla.redhat.com/show_bug.cgi?id=1190442 -------------------------------------------------------------------------------- ================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.1.git8e87604.fc21 (FEDORA-2015-2813) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196551 - Review Request: golang-github-shurcooL-sanitized_anchor_name - Package sanitized_anchor_name provides a func to create sanitized anchor names https://bugzilla.redhat.com/show_bug.cgi?id=1196551 -------------------------------------------------------------------------------- ================================================================================ httrack-3.48.20-1.fc21 (FEDORA-2015-2822) Website copier and offline browser -------------------------------------------------------------------------------- Update Information: == Software == 3.48-20 * Fixed: webhttrack incompatibility with Chrome == Fedora package == * Rewrite %pretrans and %posttrans script from shell to lua to avoid exit during fresh Fedora installation. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Christopher Meng <rpm@xxxxxxxx> - 3.48.20-1 - Update to 3.48.20 - Fix %pretrans scriptlet bug. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1130550 - scriptlet error in httrack %pretrans https://bugzilla.redhat.com/show_bug.cgi?id=1130550 -------------------------------------------------------------------------------- ================================================================================ ipython-2.4.1-1.fc21 (FEDORA-2015-2713) An enhanced interactive Python shell -------------------------------------------------------------------------------- Update Information: Update to 2.4.1, which adds support for the new notebook format coming in IPython 3.0, along with fixing bugs in the 2.x series, including compatibility with PyQt5 and Pygments 2.0. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.4.1-1 - update to 2.4.1 * Wed Feb 25 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.4.0-1 - update to 2.4.0 -------------------------------------------------------------------------------- ================================================================================ itop-0.1-2.20150225git6dbb3c42.fc21 (FEDORA-2015-2812) Interactive interrupt viewer -------------------------------------------------------------------------------- Update Information: Fix issue in Package Versioning -------------------------------------------------------------------------------- ================================================================================ jd-2.8.9-1.fc21 (FEDORA-2015-2833) A 2ch browser -------------------------------------------------------------------------------- Update Information: New version 2.8.9 is released. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.9-1 - 2.8.9 * Thu Feb 12 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - Update to the latest trunk (r4207) -------------------------------------------------------------------------------- ================================================================================ libblockdev-0.7-1.fc21 (FEDORA-2015-2806) A library for low-level manipulation with block devices -------------------------------------------------------------------------------- Update Information: New (upstream) version providing bug fixes and enhancements. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Vratislav Podzimek <vpodzime@xxxxxxxxxx> - 0.7-1 - Be ready for mdadm --examine to not provide some of the values we want (vpodzime) - Add exit code information to exec logging (vpodzime) - Improve and add tests (vpodzime) - Mark the test_force_plugin and test_reload as slow (vpodzime) - Make sure we get some devices when creating btrfs volume (vpodzime) - Add override for the lvremove function (vpodzime) - Do not create LUKS format with no passphrase and no key file (vpodzime) - Make sure we use the /dev/mapper/... path for luks_status (vpodzime) -------------------------------------------------------------------------------- ================================================================================ libpng10-1.0.63-1.fc21 (FEDORA-2015-2863) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: This update addresses a couple of buffer overflows that might allow context-dependent attackers to execute arbitrary code via very wide PNG images. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 1.0.63-1 - Update to 1.0.63 - Issue a png_error() instead of a png_warning() when width is potentially too large for the architecture, in case the calling application has overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and CVE-2015-0973) - Quieted some harmless warnings from Coverity-scan - Display user limits in the output from pngtest (not packaged) - Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000; it only affects the maximum memory that can be allocated to an ancillary chunk, and does not limit the size of IDAT data, which is instead limited by PNG_USER_WIDTH_MAX - Rebuilt configure scripts with automake-1.15 and libtool-2.4.6 - Update soname patch * Fri Nov 21 2014 Paul Howarth <paul@xxxxxxxxxxxx> 1.0.62-1 - update to 1.0.62 - avoid out-of-bounds memory access while checking version string in pngread.c and pngwrite.c - build fix for Windows - use %license where possible -------------------------------------------------------------------------------- References: [ 1 ] Bug #1179186 - CVE-2014-9495 libpng: buffer overflow in png_combine_row https://bugzilla.redhat.com/show_bug.cgi?id=1179186 [ 2 ] Bug #1177327 - CVE-2015-0973 libpng: Heap-buffer overflow png_combine_row() with very wide interlaced images https://bugzilla.redhat.com/show_bug.cgi?id=1177327 -------------------------------------------------------------------------------- ================================================================================ mydns-1.2.8.31-12.fc21 (FEDORA-2015-2815) A Database based DNS server -------------------------------------------------------------------------------- Update Information: Fix build of the mydns-pgsql so that it actually supports pgsql (#985909) -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Matej Cepl <mcepl@xxxxxxxxxx> - 1.2.8.31-12 - Fix build of the mydns-pgsql so that it actually supports pgsql (#985909) Thanks for the patch by Tomasz Sterna. * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.8.31-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #985909 - mydns-pgsql is built for MySQL https://bugzilla.redhat.com/show_bug.cgi?id=985909 -------------------------------------------------------------------------------- ================================================================================ octave-netcdf-1.0.6-1.fc21 (FEDORA-2015-2860) A MATLAB compatible NetCDF interface for Octave -------------------------------------------------------------------------------- Update Information: Update to 1.0.6: * ncread: do not replace _FillValue by NaNs for characters * ncdisp: fix for attributes value with %-sign -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> 1.0.6-1 - Update to 1.0.6 -------------------------------------------------------------------------------- ================================================================================ perl-Net-DNS-0.83-1.fc21 (FEDORA-2015-2856) DNS resolver modules for Perl -------------------------------------------------------------------------------- Update Information: A new version of Net::DNS is available. See http://cpansearch.perl.org/src/NLNETLABS/Net-DNS-0.83/Changes for details on what's new in this release. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Petr Šabata <contyk@xxxxxxxxxx> - 0.83-1 - 0.83 bump - Correct the dependency list - Modernize the spec a bit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196916 - perl-Net-DNS-0.83 is available https://bugzilla.redhat.com/show_bug.cgi?id=1196916 -------------------------------------------------------------------------------- ================================================================================ perl-Tie-Cache-0.21-1.fc21 (FEDORA-2015-2851) LRU Cache in Memory -------------------------------------------------------------------------------- Update Information: perl-Tie-Cache: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196763 - Review Request: perl-Tie-Cache - LRU Cache in Memory https://bugzilla.redhat.com/show_bug.cgi?id=1196763 -------------------------------------------------------------------------------- ================================================================================ php-pear-1.9.5-5.fc21 (FEDORA-2015-2450) PHP Extension and Application Repository framework -------------------------------------------------------------------------------- Update Information: **Structures_Graph 1.1.0** * Set minimum PHP version to 5.3 * Fix bug #19367: Incorrect FSF address in LICENSE * Change license from LGPL-2.1+ to LGPL-3.0+ **Archive_Tar 1.3.14** * Fix Bug #18505: Possible incorrect handling of file names in TAR [mrook] **Console_Getopt 1.4.0** * Change license to BSD-2-Clause * Set minimum PHP version to 5.4.0 * Mark static methods with "static" keyword **Packaging changes** * update Console_Getopt to 1.4.0 * raise php minimum version to 5.4 * cleanup registry after removal * drop old php-pear-XML-Util scriptlets * remove PHP from License, Console_Getopt is now BSD -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 1:1.9.5-5 - update Structures_Graph to 1.1.0 - update Archive_Tar to 1.3.14 * Mon Feb 23 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 1:1.9.5-4 - update Console_Getopt to 1.4.0 - raise php minimum version to 5.4 - cleanup registry after removal - drop old php-pear-XML-Util scriptlets - remove PHP from License, Console_Getopt is now BSD -------------------------------------------------------------------------------- ================================================================================ pl-6.6.6-5.fc21 (FEDORA-2015-2857) SWI-Prolog - Edinburgh compatible Prolog compiler -------------------------------------------------------------------------------- Update Information: This release adds binding for libarchive which was missing unintentionally before. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 6.6.6-5 - Build binding for libarchive (bug #1195960) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195960 - SWI-Prolog (pl): library "archive" missing https://bugzilla.redhat.com/show_bug.cgi?id=1195960 -------------------------------------------------------------------------------- ================================================================================ pylint-1.3.1-3.fc21 (FEDORA-2015-2821) Analyzes Python code looking for bugs and signs of poor quality -------------------------------------------------------------------------------- Update Information: Make sure python3- files aren't included in the python2 package. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Brian C. Lane <bcl@xxxxxxxxxx> 1.3.1-3 - Exclude the python3-* files from the python2 package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1169142 - [abrt] pylint: pkg_resources.py:567:resolve:pkg_resources.DistributionNotFound: pylint==1.3.1 https://bugzilla.redhat.com/show_bug.cgi?id=1169142 -------------------------------------------------------------------------------- ================================================================================ python-flask-whooshalchemy-0.6-6.fc21 (FEDORA-2015-2865) Whoosh extension to Flask/SQLAlchemy -------------------------------------------------------------------------------- Update Information: Removing check section. -------------------------------------------------------------------------------- ================================================================================ quake3-1.36-21.svn2102.fc21 (FEDORA-2015-2852) Quake 3 Arena engine (ioquake3 version) -------------------------------------------------------------------------------- Update Information: Fix for crash: recursive error after: program tried to execute code outside VM -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 1.36.21.svn2102 - Move argument passing from VM to engine to global variables (rhbz#1018398) - per Jeff Layton <jlayton@xxxxxxxxxxxxxxx> -------------------------------------------------------------------------------- References: [ 1 ] Bug #1018398 - openarena crash: recursive error after: program tried to execute code outside VM https://bugzilla.redhat.com/show_bug.cgi?id=1018398 -------------------------------------------------------------------------------- ================================================================================ redis-2.8.19-1.fc21.1 (FEDORA-2015-2818) A persistent key-value database -------------------------------------------------------------------------------- Update Information: Upstream 2.8.19 (RHBZ #1175232) Upstream 2.8.19 (RHBZ #1175232) -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Haïkel Guémar <hguemar@xxxxxxxxxxxxxxxxx> - 2.8.19-1 - Upstream 2.8.19 (RHBZ #1175232) - Fix permissions for tmpfiles (RHBZ #1182913) - Add limits config files - Spec cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #1175232 - redis-2.8.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1175232 [ 2 ] Bug #1182913 - Permission in the rpm do not correspond to tmpfiles one https://bugzilla.redhat.com/show_bug.cgi?id=1182913 -------------------------------------------------------------------------------- ================================================================================ resiprocate-1.9.9-15.fc21 (FEDORA-2015-2854) SIP and TURN stacks, with SIP proxy and TURN server implementations -------------------------------------------------------------------------------- Update Information: Change from dependency radiusclient-ng to freeradius-client -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Daniel Pocock <<daniel@xxxxxxxxxx> - 1.9.9-15 - Add support for freeradius-client (Closes: #1191894) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1191894 - switch to freeradius-client from radiusclient-ng, which will be dropped from fedora https://bugzilla.redhat.com/show_bug.cgi?id=1191894 -------------------------------------------------------------------------------- ================================================================================ rubygem-rabbit-2.1.6-1.fc21 (FEDORA-2015-2835) RD-document-based presentation application -------------------------------------------------------------------------------- Update Information: New version 2.1.6 is released. New version 2.1.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.1.6-1 - 2.1.6 * Tue Feb 24 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.1.4-1 - 2.1.4 -------------------------------------------------------------------------------- ================================================================================ rxtx-2.2-0.10.20100211.fc21.2 (FEDORA-2015-2850) Parallel communication for the Java Development Toolkit -------------------------------------------------------------------------------- Update Information: add maven support -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Alec Leamas <leamas.alec@xxxxxxxxx> - 2.2-0.10.20100211.2 - Use mvn_artifact et. al. instead of deprecated add_maven_depmap. - Fix packaging bug with jni-related jar in /usr/share/java. * Tue Feb 24 2015 Alec Leamas <leamas.alec@xxxxxxxxx> - 2.2-0.10.20100211.1 - Add add_maven_depmap, provide meta informtation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196849 - Please add maven metadata; also fix packaging GL bug https://bugzilla.redhat.com/show_bug.cgi?id=1196849 -------------------------------------------------------------------------------- ================================================================================ suricata-2.0.7-1.fc21 (FEDORA-2015-2828) Intrusion Detection System -------------------------------------------------------------------------------- Update Information: This release fixes a parsing issue in the DCERPC parser that can happen when Suricata runs out of memory. The exact scope of the problem isn’t clear, but it could certainly lead to crashes. CVE-2015-0928 is assigned for this. The second issue is certain characters in the URI could confuse the parsing of the HTTP request line, leading to possible detection bypass for ‘http_uri’ and to incomplete logging of the URI. Upgrading is recommended. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2015 Steve Grubb <sgrubb@xxxxxxxxxx> 2.0.7-1 - New upstream security bug fix release for CVE-2015-0928 -------------------------------------------------------------------------------- ================================================================================ vdr-screenshot-0.0.16-1.fc21 (FEDORA-2015-2808) VDR plugin: Takes screenshots -------------------------------------------------------------------------------- Update Information: rebuild for new release 0.0.16 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.0.16-1 - rebuild for new release 0.0.16 - cleanup spec file - mark license files as %license where available -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.32-9.fc21 (FEDORA-2015-2858) X screen saver and locker -------------------------------------------------------------------------------- Update Information: A bug was reported that fontglide hack may crash on certain environment where appropriate font sometimes failed to be found. This new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 27 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.32-9 - pick_font_1: rescue when XftFontOpenXlfd fails correctly (bug 1195437) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195437 - [abrt] xscreensaver-extras: XftCharIndex(): fontglide killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1195437 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test