The following Fedora 20 Security updates need testing: Age URL 94 https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20 82 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20 82 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20 74 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 71 https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.fc20 52 https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.fc20 50 https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.fc20 31 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20 29 https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20 27 https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20 18 https://admin.fedoraproject.org/updates/FEDORA-2015-2104/drupal7-views-3.10-1.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2015-2382/krb5-1.11.5-18.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-2310/nodejs-0.10.36-3.fc20,libuv-0.10.34-1.fc20,v8-3.14.5.10-17.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-2600/echoping-6.1-0.beta.r434svn.1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-2736/lftp-4.5.4-3.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-2730/cabextract-1.5-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-2830/libpng10-1.0.63-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-2826/drupal7-entity-1.6-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-2901/qt3-3.3.8b-62.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-3003/cups-filters-1.0.53-6.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2990/kernel-3.18.8-100.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2994/jBCrypt-0.4-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3211/dokuwiki-0-0.24.20140929c.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3201/xterm-297-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3205/libmspack-0.5-0.1.alpha.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3204/putty-0.64-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3253/gnupg-1.4.19-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3329/phpMyAdmin-4.3.11.1-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2015-2357/kde-settings-20-18.fc20 12 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3325/poppler-0.24.3-6.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3174/perl-Encode-2.54-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3240/cups-1.7.5-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3251/exo-0.10.2-9.fc20 The following builds have been pushed to Fedora 20 updates-testing bash-argsparse-1.7-1.fc20 drupal7-features-2.4-1.fc20 globus-ftp-client-8.19-2.fc20 golang-github-matttproud-golang_protobuf_extensions-0-0.2.gitba7d65a.fc20 golang-github-prometheus-client_golang-0-0.3.gite5098ac.fc20 golang-github-stretchr-testify-0-0.6.gite4ec815.fc20 golang-googlecode-goprotobuf-0-0.13.gitc22ae3c.fc20 kubernetes-0.11.0-0.1.git754a2a8.fc20 mingw-SDL2_image-2.0.0-4.fc20 nodejs-onetime-1.0.0-1.fc20 php-horde-Horde-Core-2.19.2-1.fc20 php-horde-Horde-Service-Weather-2.1.6-1.fc20 phpMyAdmin-4.3.11.1-1.fc20 poppler-0.24.3-6.fc20 youtube-dl-2015.03.03.1-1.fc20 Details about builds: ================================================================================ bash-argsparse-1.7-1.fc20 (FEDORA-2015-3330) An high level argument parsing library for bash -------------------------------------------------------------------------------- Update Information: Update to upstream version 1.7 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Dams <bash-argsparse[AT]livna.org> - 1.7-1 - Version 1.7 * Wed Jan 28 2015 Dams <bash-argsparse[AT]livna.org> - 1.6.2-1 - Version 1.6.2 - Dropped fedora patch (included upstream) -------------------------------------------------------------------------------- ================================================================================ drupal7-features-2.4-1.fc20 (FEDORA-2015-3321) Provides feature management for Drupal -------------------------------------------------------------------------------- Update Information: Update to upstream 2.4 release for bug fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Jared Smith <jsmith@xxxxxxxxxxxxxxxxx> - 2.4-1 - Update to upstream 2.4 release for bug fixes - Upstream changelog for this release: https://www.drupal.org/node/2446159 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199065 - drupal7-features-2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1199065 -------------------------------------------------------------------------------- ================================================================================ globus-ftp-client-8.19-2.fc20 (FEDORA-2015-3332) Globus Toolkit - GridFTP Client Library -------------------------------------------------------------------------------- Update Information: Improved fix for GGUS 109089/109576 (from upstream git) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.19-2 - Improved fix for GGUS 109089/109576 (from upstream git) -------------------------------------------------------------------------------- ================================================================================ golang-github-matttproud-golang_protobuf_extensions-0-0.2.gitba7d65a.fc20 (FEDORA-2015-3326) Support for streaming Protocol Buffer messages for the Go language (golang) -------------------------------------------------------------------------------- Update Information: Bump to upstream ba7d65ac66e9da93a714ca18f6d1bc7a0c09100c -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.gitba7d65a - Bump to upstream ba7d65ac66e9da93a714ca18f6d1bc7a0c09100c related: #1190438 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190438 - Review Request: golang-github-matttproud-golang_protobuf_extensions - Support for streaming Protocol Buffer messages for the Go language (golang) https://bugzilla.redhat.com/show_bug.cgi?id=1190438 -------------------------------------------------------------------------------- ================================================================================ golang-github-prometheus-client_golang-0-0.3.gite5098ac.fc20 (FEDORA-2015-3334) Prometheus instrumentation library for Go applications -------------------------------------------------------------------------------- Update Information: Bump to upstream e5098ac1ff13c7f85b68b120b253dd834ba49682 Bump to upstream 39e4bc83f974fb141a9e67c042b26322bacc917b -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.3.gite5098ac - Bump to upstream e5098ac1ff13c7f85b68b120b253dd834ba49682 related: #1190442 * Thu Feb 26 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.git39e4bc8 - Bump to upstream 39e4bc83f974fb141a9e67c042b26322bacc917b related: #1190442 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190442 - Review Request: golang-github-prometheus-client_golang - Prometheus instrumentation library for Go applications https://bugzilla.redhat.com/show_bug.cgi?id=1190442 -------------------------------------------------------------------------------- ================================================================================ golang-github-stretchr-testify-0-0.6.gite4ec815.fc20 (FEDORA-2015-3339) Tools for testifying that your code will behave as you intend -------------------------------------------------------------------------------- Update Information: Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.6.gite4ec815 - Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325 related: #1141872 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools for testifying that your code will behave as you intend https://bugzilla.redhat.com/show_bug.cgi?id=1141872 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goprotobuf-0-0.13.gitc22ae3c.fc20 (FEDORA-2015-3306) Go support for Google protocol buffers -------------------------------------------------------------------------------- Update Information: Bump to upstream c22ae3cf020a21ebb7ae566dccbe90fc8ea4f9ea -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.13.gitc22ae3c - Bump to upstream c22ae3cf020a21ebb7ae566dccbe90fc8ea4f9ea related: #1018057 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1018057 - Review Request: golang-googlecode-goprotobuf - Go support for Google protocol buffers https://bugzilla.redhat.com/show_bug.cgi?id=1018057 -------------------------------------------------------------------------------- ================================================================================ kubernetes-0.11.0-0.1.git754a2a8.fc20 (FEDORA-2015-3338) Container cluster management -------------------------------------------------------------------------------- Update Information: Bump to upstream 754a2a8305c812121c3845d8293efdd819b6a704 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.11.0-0.1.git754a2a8 - Bump to upstream 754a2a8305c812121c3845d8293efdd819b6a704 turn off integration tests until "FAILED: unexpected endpoints: timed out waiting for the condition" problem is resolved Adding back devel subpackage ([B]R list outdated) * Fri Feb 20 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.10.1-0.3.git4c87805 - Bump to upstream 4c87805870b1b22e463c4bd711238ef68c77f0af * Tue Feb 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.10.1-0.2.git6f84bda - Bump to upstream 6f84bdaba853872dbac69c84d3ab4b6964e85d8c * Tue Feb 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.10.1-0.1.git7d6130e - Bump to upstream 7d6130edcdfabd7dd2e6a06fdc8fe5e333f07f5c * Sat Feb 7 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.9.1-0.7.gitc9c98ab - Bump to upstream c9c98ab19eaa6f0b2ea17152c9a455338853f4d0 Since some dependencies are broken, we can not build Kubernetes from Fedora deps. Switching to vendored source codes until Go draft is resolved -------------------------------------------------------------------------------- ================================================================================ mingw-SDL2_image-2.0.0-4.fc20 (FEDORA-2015-3337) MinGW Windows port of the Image loading library for SDL2 -------------------------------------------------------------------------------- Update Information: Initial build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1096807 - Review Request: mingw-SDL2_image - MinGW Windows port of the Image loading library for SDL2 https://bugzilla.redhat.com/show_bug.cgi?id=1096807 -------------------------------------------------------------------------------- ================================================================================ nodejs-onetime-1.0.0-1.fc20 (FEDORA-2015-3313) Only call a function once -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.19.2-1.fc20 (FEDORA-2015-3164) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.19.1** * [jan] Revert to using ECB mode for encryption, to not break existing credentials (Bug #13869). * [mjr] Fix replying to email from search results in some broken ActiveSync clients (Bug #13878). * [jan] Fix propagating the LDAP hostspec configuration field (Bug #13872). **Horde_Core 2.19.2** * [mjr] Fix combination X509 and http plain authentication with ActiveSync. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.19.2-1 - Update to 2.19.2 * Tue Mar 3 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.19.1-1 - Update to 2.19.1 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Service-Weather-2.1.6-1.fc20 (FEDORA-2015-3315) Horde Weather Provider -------------------------------------------------------------------------------- Update Information: **Horde_Service_Weather 2.1.6** * [mjr] Fix fatal error when using pecl_http (Bug #13897). -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.1.6-1 - Update to 2.1.6 - add dependency on Horde_Translation 2.2.0 - add provides php-composer(horde/horde-service-weather) -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.3.11.1-1.fc20 (FEDORA-2015-3329) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.3.11.1 (2015-03-04) ================================ - [security] Risk of BREACH attack, see PMASA-2015-1 -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 4.3.11.1-1 - Upgrade to 4.3.11.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1198794 - CVE-2015-2206 phpMyAdmin: Risk of BREACH attack due to reflected parameter (PMASA-2015-1) https://bugzilla.redhat.com/show_bug.cgi?id=1198794 -------------------------------------------------------------------------------- ================================================================================ poppler-0.24.3-6.fc20 (FEDORA-2015-3325) PDF rendering library -------------------------------------------------------------------------------- Update Information: This update fixes a crash caused by invalid matrix. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 23 2015 Marek Kasik <mkasik@xxxxxxxxxx> - 0.24.3-5 - Check for invalid matrix in annotation - Resolves: #1167020 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1167020 - [abrt] evince: evince killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1167020 -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2015.03.03.1-1.fc20 (FEDORA-2015-3333) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: Update to latest release (# 1195539, 1195779) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Matej Cepl <mcepl@xxxxxxxxxx> - 2015.03.03.1-1 - Update to latest release (# 1195539, 1195779) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195779 - [abrt] youtube-dl: common.py:235:report_progress:KeyError: u'total_bytes' https://bugzilla.redhat.com/show_bug.cgi?id=1195779 [ 2 ] Bug #1195539 - youtube-dl-2015.03.03.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1195539 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
