Fedora 21 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 21 Security updates need testing:
 Age  URL
  77  https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21
  73  https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21
  69  https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21
  66  https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21
  63  https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.20140929b.fc21
  53  https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
  47  https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2-1.fc21
  45  https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21
  43  https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21
  29  https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21
  14  https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.fc21
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3.10-1.fc21
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-3.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.beta.r434svn.1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.1-5.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2710/lftp-4.5.4-4.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2746/cabextract-1.5-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2863/libpng10-1.0.63-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2828/suricata-2.0.7-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2895/qt-4.8.6-25.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1.6-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2886/qt3-3.3.8b-62.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2893/gnupg-1.4.19-1.fc21


The following Fedora 21 Critical Path updates have yet to be approved:
 Age URL
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-2238/libquvi-scripts-0.9.20131130-4.fc21
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-2145/tigervnc-1.4.2-1.fc21
  10  https://admin.fedoraproject.org/updates/FEDORA-2015-2266/vino-3.14.2-1.fc21
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-2306/device-mapper-multipath-0.4.9-68.fc21.3
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-2359/kde-settings-21-3.fc21
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-2351/gtkspell3-3.0.7-1.fc21
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-2419/colord-1.2.9-1.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-2460/perl-Pod-Usage-1.66-1.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-2463/xorg-x11-drv-evdev-2.9.1-2.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2602/abrt-2.3.0-4.fc21,libreport-2.3.0-6.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2609/ibus-1.5.10-1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.1-5.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2505/xdg-utils-1.1.0-0.39.rc3.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-3.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2475/satyr-0.16-1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2489/initscripts-9.56.1-7.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2545/perl-Getopt-Long-2.45-1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-2502/setup-2.9.0-4.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2743/spatialite-tools-4.2.0-8.fc21,sqlite-3.8.8.3-1.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2694/glib2-2.42.2-1.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-2733/selinux-policy-3.13.1-105.5.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2890/librsvg2-2.40.8-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2895/qt-4.8.6-25.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21


The following builds have been pushed to Fedora 21 updates-testing

    BibTool-2.58-1.fc21
    antimicro-2.11.1-1.fc21
    calligra-2.9.0-1.fc21
    calligra-l10n-2.9.0-1.fc21
    czmq-2.2.0-3.fc21
    darkhttpd-1.11-1.fc21
    dbmail-3.2.3-1.fc21
    epiphany-3.14.2-4.fc21
    gnupg-1.4.19-1.fc21
    golang-github-evanphx-json-patch-0-0.1.gita1ba76c.fc21
    librsvg2-2.40.8-1.fc21
    libticonv-1.1.4-4.fc21
    mate-themes-extras-3.14.6-2.fc21
    okteta-4.14.3-3.fc21
    parquet-format-2.1.0-1.fc21
    puppet-3.7.1-2.fc21
    qt-4.8.6-25.fc21
    qt3-3.3.8b-62.fc21
    seahorse-3.14.1-1.fc21
    wine-1.7.37-1.fc21

Details about builds:


================================================================================
 BibTool-2.58-1.fc21 (FEDORA-2015-2888)
 A Tool for manipulating BibTeX data bases
--------------------------------------------------------------------------------
Update Information:

rebase to BibTool 2.58
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> - 2.58-1
- rebase to BibTool 2.58
- drop obsolete patch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1133194 - BibTool-2.58 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1133194
--------------------------------------------------------------------------------


================================================================================
 antimicro-2.11.1-1.fc21 (FEDORA-2015-2902)
 Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:

new upstream release v2.11.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.11.1-1
- new upstream release v2.11.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196447 - antimicro-2.11.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1196447
--------------------------------------------------------------------------------


================================================================================
 calligra-2.9.0-1.fc21 (FEDORA-2015-2889)
 An integrated office suite
--------------------------------------------------------------------------------
Update Information:

Calligra 2.9.0 release, see: https://www.calligra.org/news/calligra-2-9-released/

--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.9.0-1
- 2.9.0
* Thu Feb 26 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.8.7-10
- rebuild (gcc5)
* Wed Feb  4 2015 Petr Machata <pmachata@xxxxxxxxxx> - 2.8.7-9
- Bump for rebuild.
--------------------------------------------------------------------------------


================================================================================
 calligra-l10n-2.9.0-1.fc21 (FEDORA-2015-2889)
 Language files for calligra
--------------------------------------------------------------------------------
Update Information:

Calligra 2.9.0 release, see: https://www.calligra.org/news/calligra-2-9-released/

--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.9.0-1
- 2.9.0 (-eu,-nds)
--------------------------------------------------------------------------------


================================================================================
 czmq-2.2.0-3.fc21 (FEDORA-2015-2892)
 High-level C binding for 0MQ (ZeroMQ)
--------------------------------------------------------------------------------
Update Information:

Renamed /usr/bin/makecert to avoid a file conflict (#1196483)
Update to 2.2.0.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-3
- Renamed /usr/bin/makecert to avoid a file conflict (#1196483)
* Fri Feb 20 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-2
- Add upstream patch eebf66a (0001-Use-_DEFAULT_SOURCE-instead-of-_BSD_SOURCE.patch)
* Tue Feb 17 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-1
- Update to 2.2.0.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196483 - /usr/bin/makecert conflicts with mono
        https://bugzilla.redhat.com/show_bug.cgi?id=1196483
--------------------------------------------------------------------------------


================================================================================
 darkhttpd-1.11-1.fc21 (FEDORA-2015-2910)
 A secure, lightweight, fast, single-threaded HTTP/1.1 server
--------------------------------------------------------------------------------
Update Information:

* Call setgroups() before setgid().

== Fedora package ==
* Fix erroneous %post section
* Add mimetype option for users in darkhttpd.sysconfig
* /bin/darkhttpd -> /sbin/darkhttpd
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 17 2015 Christopher Meng <rpm@xxxxxxxx> - 1.11-1
- Update to 1.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1178330 - darkhttpd-1.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1178330
--------------------------------------------------------------------------------


================================================================================
 dbmail-3.2.3-1.fc21 (FEDORA-2015-2900)
 A database backed mail storage system
--------------------------------------------------------------------------------
Update Information:

v 3.2.3
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 3.2.3-1
- v 3.2.3
- Introduce new systemd-rpm macros in dbmail spec file (bz #850081)
* Wed Sep 17 2014 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 3.2.0-1
- v 3.2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #850081 - Introduce new systemd-rpm macros in dbmail spec file
        https://bugzilla.redhat.com/show_bug.cgi?id=850081
--------------------------------------------------------------------------------


================================================================================
 epiphany-3.14.2-4.fc21 (FEDORA-2015-2891)
 Web browser for GNOME
--------------------------------------------------------------------------------
Update Information:

Add patches to fix a few crashes
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Michael Catanzaro <mcatanzaro@xxxxxxxxx> - 1:3.14.2-4
- Add patches to fix a few crashes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196847 - [abrt] webkitgtk4: __strcmp_sse2_unaligned(): WebKitWebProcess killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1196847
--------------------------------------------------------------------------------


================================================================================
 gnupg-1.4.19-1.fc21 (FEDORA-2015-2893)
 A GNU utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:

New upstream v1.4.19
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
- Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 Brian C. Lane <bcl@xxxxxxxxxx> 1.4.19-1
- New upstream v1.4.19
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
- Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
- Drop patches now included upstream
--------------------------------------------------------------------------------


================================================================================
 golang-github-evanphx-json-patch-0-0.1.gita1ba76c.fc21 (FEDORA-2015-2898)
 A Go library to apply RFC6902 patches to JSON documents
--------------------------------------------------------------------------------
Update Information:

First package for Fedora
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196992 - Review Request: golang-github-evanphx-json-patch - A Go library to apply RFC6902 patches to JSON documents
        https://bugzilla.redhat.com/show_bug.cgi?id=1196992
--------------------------------------------------------------------------------


================================================================================
 librsvg2-2.40.8-1.fc21 (FEDORA-2015-2890)
 An SVG library based on cairo
--------------------------------------------------------------------------------
Update Information:

Update to 2.40.8
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 David King <amigadave@xxxxxxxxxxxxx> - 2.40.8-1
- Update to 2.40.8
- Use license macro for COPYING and COPYING.LIB
- Use pkgconfig for BuildRequires
- Add URL
--------------------------------------------------------------------------------


================================================================================
 libticonv-1.1.4-4.fc21 (FEDORA-2015-2912)
 Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
Update Information:

Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1186494 - Review Request: libticonv - Texas Instruments calculators charsets library
        https://bugzilla.redhat.com/show_bug.cgi?id=1186494
--------------------------------------------------------------------------------


================================================================================
 mate-themes-extras-3.14.6-2.fc21 (FEDORA-2015-2908)
 Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:

- re-work of submarine themes GTK3
- disable spinner animation to avoid high cpu load , all themes
- some improvements for GnomishBeige
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 3.14.6.2
- build with a fixed tarball
* Sat Feb 28 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 3.14.6.1
- update to 3.14.6 release
- re-work of submarine themes GTK3
- disable spinner animation to avoid high cpu load , all themes
- some improvements for GnomishBeige
--------------------------------------------------------------------------------


================================================================================
 okteta-4.14.3-3.fc21 (FEDORA-2015-2905)
 Binary/hex editor
--------------------------------------------------------------------------------
Update Information:

Fix availability of algorithms in checksum tool.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.3-3
- lack of algorithms in checksum tool (#1197339)
* Sat Jan 17 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.3-2
- kde-applications fixes, cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197339 - lack of algorithms in checksum tool
        https://bugzilla.redhat.com/show_bug.cgi?id=1197339
--------------------------------------------------------------------------------


================================================================================
 parquet-format-2.1.0-1.fc21 (FEDORA-2015-2885)
 Columnar file format for Hadoop
--------------------------------------------------------------------------------
Update Information:

Initial import (#1073014).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1073014 - Review Request: parquet-format - Columnar file format for Hadoop
        https://bugzilla.redhat.com/show_bug.cgi?id=1073014
--------------------------------------------------------------------------------


================================================================================
 puppet-3.7.1-2.fc21 (FEDORA-2015-2899)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

Use systemd macros (RHBZ #1197239)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Haïkel Guémar <hguemar@xxxxxxxxxxxxxxxxx> - 3.7.1-2
- Use systemd macros (RHBZ #1197239)
* Tue Sep 30 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.7.1-1
- Drop server deps and configuration changes (bug #1144298)
* Wed Sep 17 2014 Jeroen van Meeuwen <vanmeeuwen@xxxxxxxxxxxx> - 3.7.1-1
- Update to 3.7.1
* Tue Aug 19 2014 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> 3.6.2-3
- 1131398 - added start-puppet-ca SELinux wrapper binary
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197239 - Unknown operation '/bin/systemctl' on puppet %preun
        https://bugzilla.redhat.com/show_bug.cgi?id=1197239
--------------------------------------------------------------------------------


================================================================================
 qt-4.8.6-25.fc21 (FEDORA-2015-2895)
 Qt toolkit
--------------------------------------------------------------------------------
Update Information:

DoS vulnerability in the BMP image handler (CVE-2015-0295)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-25
- DoS vulnerability in the BMP image handler (CVE-2015-0295)
* Mon Feb 16 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-24
- more gcc5 detection fixes, in particular, ensure same QT_BUILD_KEY as gcc4 for now
* Fri Feb 13 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:4.8.6-23
- Qt: FTBFS with gcc5 (#1192464)
- Make Adwaita the default theme for applications running in the GNOME DE (#1192453)
* Wed Feb 11 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-22
- rebuild (gcc5)
* Thu Jan 29 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-21
- refresh boost/moc patch (QTBUG-22829)
* Sun Jan 18 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-20
- fix %pre scriptlet (#1183299)
* Sat Jan 17 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.8.6-19
- ship /etc/xdg/qtchooser/4.conf alternative instead (of qt4.conf)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197273 - CVE-2015-0295 QT: BMP image handler crash
        https://bugzilla.redhat.com/show_bug.cgi?id=1197273
--------------------------------------------------------------------------------


================================================================================
 qt3-3.3.8b-62.fc21 (FEDORA-2015-2886)
 The shared library for the Qt 3 GUI toolkit
--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2015-0295, a division by zero when loading some specific invalid BMP/DIB image files, which could be exploited for denial of service (application crash) attacks. The security patch is backported from Qt 4.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 3.3.8b-62
- backport CVE-2015-0295 (BMP image handler DoS, #1197275) fix from Qt 4
* Fri Feb 27 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 3.3.8b-61
- rebuild (gcc5)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197273 - CVE-2015-0295 QT: BMP image handler crash
        https://bugzilla.redhat.com/show_bug.cgi?id=1197273
--------------------------------------------------------------------------------


================================================================================
 seahorse-3.14.1-1.fc21 (FEDORA-2015-2903)
 A GNOME application for managing encryption keys
--------------------------------------------------------------------------------
Update Information:

Update to 3.14.1
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 28 2015 David King <amigadave@xxxxxxxxxxxxx> - 3.14.1-1
- Update to 3.14.1
- Update URL
- Use license macro for COPYING and COPYING.LIB
- Use pkgconfig for BuildRequires
- Update man page glob in files section
- Validate AppData in check
--------------------------------------------------------------------------------


================================================================================
 wine-1.7.37-1.fc21 (FEDORA-2015-2911)
 A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:

What's new in this release:

 * Interface change notifications.
 * Support for the UTF-7 encoding.
 * A number of graphical fixes for themed controls.
 * Wininet now implemented on top of Win32 sockets.
 * Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 22 2015 Andreas Bierfert <andreas.bierfert@xxxxxxxxxxxxx>
- 1.7.37-1
- version upgrade
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux