The following Fedora 21 Security updates need testing: Age URL 85 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21 81 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21 77 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21 74 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21 61 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21 54 https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21 37 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21 30 https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21 22 https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.fc21 21 https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3.10-1.fc21 16 https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21 11 https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.beta.r434svn.1.fc21 9 https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-2828/suricata-2.0.7-1.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1.6-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-3036/cups-filters-1.0.66-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-3032/jBCrypt-0.4-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3235/tcllib-1.16-5.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3249/libmspack-0.5-0.1.alpha.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3160/putty-0.64-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3218/xterm-308-3.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3186/dokuwiki-0-0.24.20140929c.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3336/phpMyAdmin-4.3.11.1-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3497/librsync-1.0.0-1.fc21,csync2-1.34-15.fc21,duplicity-0.6.25-3.fc21,rdiff-backup-1.2.8-14.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3381/xen-4.4.1-13.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3471/freexl-1.0.0i-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3489/libgcrypt-1.6.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3505/389-ds-base-1.3.3.9-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 4 https://admin.fedoraproject.org/updates/FEDORA-2015-3047/livecd-tools-21.5-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-2986/gnutls-3.3.13-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-3009/perl-Pod-Usage-1.67-1.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3303/libsoup-2.48.1-2.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3323/poppler-0.26.2-7.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3324/crypto-policies-20150305-1.gitf618101.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3226/perl-Encode-2.70-2.fc21 3 https://admin.fedoraproject.org/updates/FEDORA-2015-3202/exo-0.10.2-9.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3476/selinux-policy-3.13.1-105.6.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3379/gstreamer1-plugins-good-1.4.5-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3363/glib-networking-2.42.0-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3489/libgcrypt-1.6.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3484/dracut-038-33.git20141216.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-3017/ModemManager-1.4.4-2.fc21,libqmi-1.12.4-2.fc21,libmbim-1.12.0-1.fc21 The following builds have been pushed to Fedora 21 updates-testing 389-ds-base-1.3.3.9-1.fc21 HepMC-2.06.09-9.fc21 ModemManager-1.4.4-2.fc21 R-qtl-1.36.6-1.fc21 buildbot-0.8.10-2.fc21 cdbs-0.4.128-1.fc21 chrpath-0.16-1.fc21 clamtk-5.15-1.fc21 csdiff-1.2.1-1.fc21 csmock-1.7.2-1.fc21 cswrap-1.3.0-1.fc21 csync2-1.34-15.fc21 dogtag-pki-10.2.1-1.fc21 dogtag-pki-theme-10.2.1-1.fc21 dracut-038-33.git20141216.fc21 duplicity-0.6.25-3.fc21 eclipse-mpc-1.3.2-1.fc21 eclipse-webtools-3.6.3-2.fc21 farstream-0.1.2-10.fc21 florence-0.6.3-1.fc21 freerdp-1.2.0-0.6.beta.1.fc21.2 freexl-1.0.0i-1.fc21 fts-3.2.32-1.fc21 fts-monitoring-3.2.32-1.fc21 fts-mysql-3.2.32-1.fc21 glib-networking-2.42.0-2.fc21 globus-ftp-client-8.20-1.fc21 golang-github-google-gofuzz-0-0.5.gitbbcb9da.fc21 golang-github-rackspace-gophercloud-1.0.0-5.fc21 golang-github-stretchr-testify-0-0.7.gite4ec815.fc21 graphite-web-0.9.13-0.3.aa992b9.fc21 gstreamer1-plugins-bad-free-1.4.5-2.fc21 gstreamer1-plugins-good-1.4.5-2.fc21 guayadeque-0.3.7-7.svn1893.fc21 ibus-table-1.9.4-1.fc21 josm-0-0.66.8109svn.fc21 julia-0.3.6-2.fc21 kde-workspace-4.11.16-3.fc21 lhapdf-5.9.1-9.fc21 libgcrypt-1.6.3-1.fc21 libmbim-1.12.0-1.fc21 libqmi-1.12.4-2.fc21 librsync-1.0.0-1.fc21 liveusb-creator-3.13.3-1.fc21 mariadb-10.0.17-1.fc21 milter-greylist-4.5.12-2.fc21 mirall-1.7.1-2.fc21 munin-2.0.25-2.fc21 opendmarc-1.3.1-3.fc21 owncloud-7.0.4-3.fc21 oz-0.13.0-1.fc21 perl-Class-Virtual-0.07-1.fc21 php-google-apiclient-1.1.2-2.fc21 php-sabre-dav-1.8.12-1.fc21 php-sabredav-Sabre_VObject-2.1.7-1.fc21 pki-console-10.2.1-1.fc21 pki-core-10.2.1-1.fc21 plantuml-8020-1.fc21 pymodbus-1.2.0-1.fc21 pyserial-2.7-1.fc21 python-astroML-addons-0.2.1-7.fc21 python-carbon-0.9.13-0.1.pre1.fc21 python-gertty-1.1.0-1.fc21 python-ipgetter-0.6-1.fc21 python-whisper-0.9.13-0.1.pre1.fc21 qt-creator-3.3.2-1.fc21 rdiff-backup-1.2.8-14.fc21 selinux-policy-3.13.1-105.6.fc21 sflphone-1.4.1-6.fc21 strace-4.10-1.fc21 udt-4.11-4.fc21 varnish-4.0.3-1.fc21 weechat-1.1.1-1.fc21 wireshark-1.12.4-1.fc21 wxsqlite3-3.2.1-1.fc21 xen-4.4.1-13.fc21 xfce4-hamster-plugin-1.6.1-1.fc21 yoshimi-1.3.3-2.fc21 znc-1.6.0-1.fc21 Details about builds: ================================================================================ 389-ds-base-1.3.3.9-1.fc21 (FEDORA-2015-3505) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Release 1.3.3.9 with security bug fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Noriko Hosoi <nhosoi@xxxxxxxxxx> - 1.3.3.9-1 - bump version to 1.3.3.9 - Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 47801 - RHDS keeps on logging write_changelog_and_ruv: failed to update RUV for unknown - Ticket 47957 - Make ReplicaWaitForAsyncResults configurable - Ticket 47431 - CI test: added test cases for ticket 47431 - Ticket 47431 - Duplicate values for the attribute nsslapd-pluginarg are not handled correctly - Ticket 47936: Create a global lock to serialize write operations over several backends - Ticket 48021 - nsDS5ReplicaBindDNGroup checkinterval not working properly - Ticket 48048 - Fix coverity issues - 2015/3/1 - Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x*) - Ticket 48109 - CI test: added test cases for ticket 48109 - Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x*) - Ticket 48048 - Fix coverity issues - 2015/2/24 - Ticket 48030 - spec file should run "systemctl stop" against each running instance instead of dirsrv.target - Ticket 47828: DNA scope: allow to exlude some subtrees - Ticket 47988: test case - Ticket 47901: After total init, nsds5replicaLastInitStatus can report an erroneous error status (like 'Referral') - Ticket 48003 - add template scripts - Ticket 48003 - build "suite" framework - Ticket 48005 - CI test: added test cases for ticket 48005 - Ticket 48005 - ns-slapd crash in shutdown phase - Ticket 47742 - 64bit problem on big endian: auth method not supported - Ticket 47836 - Do not return '0' as empty fallback value of nsds5replicalastupdatestart and nsds5replicalastupdatestart - Ticket 47728 - compilation failed with ' incomplete struct/union/enum' if not set USE_POSIX_RWLOCKS - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 47451 - dynamic plugins - fix crash caused by invalid plugin config - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD * Wed Feb 25 2015 Noriko Hosoi <nhosoi@xxxxxxxxxx> - 1.3.3.8-2 - Fixes spec file to make sure all the server instances are stopped before upgrade - Ticket 48030 - DNS errors after IPA upgrade due to broken ReplSync -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1199675 -------------------------------------------------------------------------------- ================================================================================ HepMC-2.06.09-9.fc21 (FEDORA-2015-3477) C++ Event Record for Monte Carlo Generators -------------------------------------------------------------------------------- Update Information: Avoid hexfloat notation (gcc 5), Use greater allowed epsilon for test (fixes i686 build). -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.06.09-9 - Increase epsilon - for i686 Fedora 22+ tests * Fri Mar 6 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.06.09-8 - Do not trigger hexfloat output with gcc 5 -------------------------------------------------------------------------------- ================================================================================ ModemManager-1.4.4-2.fc21 (FEDORA-2015-3017) Mobile broadband modem management service -------------------------------------------------------------------------------- Update Information: This update suppresses GSM cell location messages at default log levels. This update also adds the mistakenly omitted libqmi and libmbim dependencies. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 2 2015 Dan Williams <dcbw@xxxxxxxxxx> - 1.4.4-2 - Don't print location information in logs (rh #1194492) * Wed Feb 11 2015 Lubomir Rintel <lkundrak@xxxxx> - 1.4.4-1 - Update to 1.4.4 release * Thu Jan 15 2015 Dan Williams <dcbw@xxxxxxxxxx> - 1.4.2-1 - Update to 1.4.2 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default log settings https://bugzilla.redhat.com/show_bug.cgi?id=1194492 -------------------------------------------------------------------------------- ================================================================================ R-qtl-1.36.6-1.fc21 (FEDORA-2015-3525) Tools for analyzing QTL experiments -------------------------------------------------------------------------------- Update Information: Version 1.36, 2015-03-05 Major changes: * None. Minor changes: * Added a function flip.order() for flipping the order of markers on selected chromosomes. * Added scanonevar.meanperm and scanonevar.varperm (from Robert Corty) for permutation tests with scanonevar(). * Revised plotPheno (aka plot.pheno) so that one can control the x-axis label and title (also, in a histogram, the breaks). * plotPXG: if infer=FALSE and there are no fully-informative genotypes (e.g., in a 4-way cross), give a more informative error. * geno.image: allow control of x- and y-axis labels; allow suppression of axes. * Removed some warnings about missing end-of-line characters, in read.cross with MapQTL format. * Fixed a bug in scanonevar; was failing with an error about coercing class "A" to a data.frame * Dropped the name summary.scantwo.old(); still available as summaryScantwoOld(). -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.36.6-1 - Update to 1.36.6 -------------------------------------------------------------------------------- ================================================================================ buildbot-0.8.10-2.fc21 (FEDORA-2015-3465) Build/test automation system -------------------------------------------------------------------------------- Update Information: apply patch from upstream for #1199283 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Gianluca Sforna <giallu@xxxxxxxxx> - 0.8.10-2 * add patch from upstream for # 1199283 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199283 - buildbot-master: page fails with “TypeError: 'NoneType' object has no attribute '__getitem__'” https://bugzilla.redhat.com/show_bug.cgi?id=1199283 -------------------------------------------------------------------------------- ================================================================================ cdbs-0.4.128-1.fc21 (FEDORA-2015-3510) Common build system for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.4.128, see http://metadata.ftp-master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.128_changelog for details. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Sandro Mani <manisandro@xxxxxxxxx> - 0.4.128-1 - Update to 0.4.128 -------------------------------------------------------------------------------- ================================================================================ chrpath-0.16-1.fc21 (FEDORA-2015-3530) Modify rpath of compiled programs -------------------------------------------------------------------------------- Update Information: Update to 0.16 (#1144863) -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 David King <amigadave@xxxxxxxxxxxxx> - 0.16-1 - Update to 0.16 (#1144863) - Remove clean section and BuildRoot tag - Update URL and Sourc0 - Use license macro for COPYING - Use parallel make flags - Preserve timestamps during install -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144863 - chrpath Missing biarch/multiarch/multilib support ; new upstream release https://bugzilla.redhat.com/show_bug.cgi?id=1144863 -------------------------------------------------------------------------------- ================================================================================ clamtk-5.15-1.fc21 (FEDORA-2015-3404) Easy to use graphical user interface for Clam anti virus -------------------------------------------------------------------------------- Update Information: Update to 5.15. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Dave M. <dave.nerd@xxxxxxxxx> - 5.15-1 - Updated to release 5.15. -------------------------------------------------------------------------------- ================================================================================ csdiff-1.2.1-1.fc21 (FEDORA-2015-3448) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information: latest upstream version of csmock and its dependencies -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 3 2015 Kamil Dudka <kdudka@xxxxxxxxxx> 1.2.1-1 - update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ csmock-1.7.2-1.fc21 (FEDORA-2015-3448) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: latest upstream version of csmock and its dependencies -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 3 2015 Kamil Dudka <kdudka@xxxxxxxxxx> 1.7.2-1 - update to latest upstream -------------------------------------------------------------------------------- ================================================================================ cswrap-1.3.0-1.fc21 (FEDORA-2015-3448) Generic compiler wrapper -------------------------------------------------------------------------------- Update Information: latest upstream version of csmock and its dependencies -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 18 2015 Kamil Dudka <kdudka@xxxxxxxxxx> 1.3.0-1 - update to latest upstream -------------------------------------------------------------------------------- ================================================================================ csync2-1.34-15.fc21 (FEDORA-2015-3497) Cluster synchronization tool -------------------------------------------------------------------------------- Update Information: Changes in librsync 1.0.0 (2015-01-23) ====================================== * SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff. For example this might occur in a database, mailbox, or VM image containing some attacker-controlled data. To mitigate this issue, signatures will by default be computed with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic number when given these signature files. Backward compatibility can be obtained using the new `rdiff sig --hash=md4` option or through specifying the "signature magic" in the API, but this should not be used when either the old or new file contain untrusted data. Deltas generated from those signatures will also use BLAKE2 during generation, but produce output that can be read by old versions. See https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net> for reporting this and offering an initial patch. * Various build fixes, thanks Timothy Gu. * Improved rdiff man page from Debian. * Improved librsync.spec file for building RPMs. * Fixed bug #1110812 'internal error: job made no progress'; on large files. * Moved hosting to https://github.com/librsync/librsync/ * Travis-CI.org integration test at https://travis-ci.org/librsync/librsync/ * Remove bundled copy of popt; it must be installed separately. * You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew where it is called `glibtoolize`. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 1 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.34-15 - Rebuild for librsync 1.0.0 (#1126712) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption https://bugzilla.redhat.com/show_bug.cgi?id=1126712 -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-10.2.1-1.fc21 (FEDORA-2015-3351) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information: PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 8 2015 Dogtag Team <pki-devel@xxxxxxxxxx> 10.2.1-1 - Update release number for release build * Tue Dec 16 2014 Matthew Harmsen <mharmsen@xxxxxxxxxx> - 10.2.1-0.4 - PKI TRAC Ticket #1205 - Outdated selinux-policy dependency. -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-theme-10.2.1-1.fc21 (FEDORA-2015-3460) Certificate System - Dogtag PKI Theme Components -------------------------------------------------------------------------------- Update Information: PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 8 2015 Dogtag Team <pki-devel@xxxxxxxxxx> 10.2.1-1 - Update release number for release build -------------------------------------------------------------------------------- ================================================================================ dracut-038-33.git20141216.fc21 (FEDORA-2015-3484) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information: - Do not fsck when resuming from hibernation to avoid root filesystem corruption -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Till Maas <opensource@xxxxxxxxx> - 038-33.git20141216 - Do not fsck on resum from hibernate Resolves: rhbz#1174945 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1174945 - Filesystem corruption after resume from suspend to disk (hibernation) https://bugzilla.redhat.com/show_bug.cgi?id=1174945 -------------------------------------------------------------------------------- ================================================================================ duplicity-0.6.25-3.fc21 (FEDORA-2015-3497) Encrypted bandwidth-efficient backup using rsync algorithm -------------------------------------------------------------------------------- Update Information: Changes in librsync 1.0.0 (2015-01-23) ====================================== * SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff. For example this might occur in a database, mailbox, or VM image containing some attacker-controlled data. To mitigate this issue, signatures will by default be computed with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic number when given these signature files. Backward compatibility can be obtained using the new `rdiff sig --hash=md4` option or through specifying the "signature magic" in the API, but this should not be used when either the old or new file contain untrusted data. Deltas generated from those signatures will also use BLAKE2 during generation, but produce output that can be read by old versions. See https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net> for reporting this and offering an initial patch. * Various build fixes, thanks Timothy Gu. * Improved rdiff man page from Debian. * Improved librsync.spec file for building RPMs. * Fixed bug #1110812 'internal error: job made no progress'; on large files. * Moved hosting to https://github.com/librsync/librsync/ * Travis-CI.org integration test at https://travis-ci.org/librsync/librsync/ * Remove bundled copy of popt; it must be installed separately. * You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew where it is called `glibtoolize`. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 2 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 0.6.25-3 - Patch out deprecation warning to fix deja-dup, BZ 1197627. * Sun Mar 1 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.6.25-2 - Rebuild for librsync 1.0.0 (#1126712) * Thu Feb 26 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 0.6.25-1 - 0.6.25. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption https://bugzilla.redhat.com/show_bug.cgi?id=1126712 -------------------------------------------------------------------------------- ================================================================================ eclipse-mpc-1.3.2-1.fc21 (FEDORA-2015-3473) Eclipse Marketplace Client -------------------------------------------------------------------------------- Update Information: Update to Luna SR2 release. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Mat Booth <mat.booth@xxxxxxxxxx> - 1.3.2-1 - Update to Luna SR2 release -------------------------------------------------------------------------------- ================================================================================ eclipse-webtools-3.6.3-2.fc21 (FEDORA-2015-3425) Eclipse Webtools Projects -------------------------------------------------------------------------------- Update Information: This update is the latest service release of Eclipse Webtools for Eclipse Luna SR2. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 2 2015 Gerard Ryan <gerard@xxxxxxx> - 3.6.3-2 - Update to latest upstream release tag R3_6_3 -------------------------------------------------------------------------------- ================================================================================ farstream-0.1.2-10.fc21 (FEDORA-2015-3501) Libraries for videoconferencing -------------------------------------------------------------------------------- Update Information: Fix crash when a SIPE call is received. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Michael Cronenworth <mike@xxxxxxxxxx> - 0.1.2-10 - Fix Pidgin crashing in SIPE calls (RHBZ#1032295) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032295 - [abrt] pidgin-2.10.7-3.fc19: sighandler: Process /usr/bin/pidgin was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=1032295 -------------------------------------------------------------------------------- ================================================================================ florence-0.6.3-1.fc21 (FEDORA-2015-3421) Extensible scalable on-screen virtual keyboard for GNOME -------------------------------------------------------------------------------- Update Information: Update to 0.6.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 Christopher Meng <rpm@xxxxxxxx> - 0.6.3-1 - Update to 0.6.3 - Temporarily disable at-spi support since it's broken here. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1168990 - [abrt] florence: _atspi_bus(): florence killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1168990 -------------------------------------------------------------------------------- ================================================================================ freerdp-1.2.0-0.6.beta.1.fc21.2 (FEDORA-2015-3504) Free implementation of the Remote Desktop Protocol (RDP) -------------------------------------------------------------------------------- Update Information: Backport upstream patch to avoid TCP_KEEPIDLE failure being fatal -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 1:1.2.0-0.6.beta.1.2 - Backport upstream patch to avoid TCP_KEEPIDLE failure being fatal -------------------------------------------------------------------------------- ================================================================================ freexl-1.0.0i-1.fc21 (FEDORA-2015-3471) Library to extract data from within an Excel spreadsheet -------------------------------------------------------------------------------- Update Information: Four potentially harmful bugs causing crashes and stack corruption were detected in FreeXL by American Fuzzy Lop and are solved in this release. Please note: such issues are never realistically expected to be encountered in real world XLS spreadsheets, anyway some purposely forged XLS document could be used as a "poisoned bait" to maliciously open a security breach. https://groups.google.com/forum/#!topic/spatialite-users/plxKNbYw184 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Volker Fröhlich <volker27@xxxxxx> 1.0.0i-1 - New release with security fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199328 - freexl-1.0.0i is available https://bugzilla.redhat.com/show_bug.cgi?id=1199328 -------------------------------------------------------------------------------- ================================================================================ fts-3.2.32-1.fc21 (FEDORA-2015-3380) File Transfer Service V3 -------------------------------------------------------------------------------- Update Information: fts 3.2.32 release -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Alejandro Alvarez Ayllon <aalvarez@xxxxxxx> - 3.2.31-1 - Update for new upstream release * Thu Jan 29 2015 Petr Machata <pmachata@xxxxxxxxxx> - 3.2.30-3 - Rebuild for boost 1.57.0 - Include <boost/scoped_ptr.hpp> in src/url-copy/main.cpp (fts-3.2.30-boost157.patch) * Mon Jan 26 2015 Alejandro Alvarez Ayllon <aalvarez@xxxxxxx> - 3.2.30-2 - Rebuilt for gsoap 2.8.21 -------------------------------------------------------------------------------- ================================================================================ fts-monitoring-3.2.32-1.fc21 (FEDORA-2015-3419) FTS3 Web Application for monitoring -------------------------------------------------------------------------------- Update Information: Release 3.2.32 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Alejandro Alarez Ayllon <aalvarez@xxxxxxx> - 3.2.32-1 - Update for new upstream release -------------------------------------------------------------------------------- ================================================================================ fts-mysql-3.2.32-1.fc21 (FEDORA-2015-3522) File Transfer Service V3 mysql plug-in -------------------------------------------------------------------------------- Update Information: New release 3.2.32 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Alejandro Alvarez Ayllon <aalvarez@xxxxxxx> - 3.2.32-1 - Update for new upstream release * Tue Feb 3 2015 Alejandro Alvarez Ayllon <aalvarez@xxxxxxx> - 3.2.30-2 - Rebuilt for new Boost release -------------------------------------------------------------------------------- ================================================================================ glib-networking-2.42.0-2.fc21 (FEDORA-2015-3363) Networking support for GLib -------------------------------------------------------------------------------- Update Information: Improve priority string and fallback rules for the post-POODLE world (#1177964) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Dan Winship <danw@xxxxxxxxxx> - 2.42.0-2 - Improve priority string and fallback rules for the post-POODLE world (#1177964) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1177964 - GnuTLS internal error connecting to https://www.timewarnercable.com/ https://bugzilla.redhat.com/show_bug.cgi?id=1177964 -------------------------------------------------------------------------------- ================================================================================ globus-ftp-client-8.20-1.fc21 (FEDORA-2015-3312) Globus Toolkit - GridFTP Client Library -------------------------------------------------------------------------------- Update Information: Improved fix for GGUS 109089/109576 (from upstream git) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.20-1 - GT6 update (upstream's release of previous fix) * Thu Mar 5 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.19-2 - Improved fix for GGUS 109089/109576 (from upstream git) -------------------------------------------------------------------------------- ================================================================================ golang-github-google-gofuzz-0-0.5.gitbbcb9da.fc21 (FEDORA-2015-3397) Library for populating go objects with random values -------------------------------------------------------------------------------- Update Information: Bump to upstream bbcb9da2d746f8bdbd6a936686a0a6067ada0ec5 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 8 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.5.gitbbcb9da - Bump to upstream bbcb9da2d746f8bdbd6a936686a0a6067ada0ec5 related: #1141817 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141817 - Review Request: golang-github-google-gofuzz - Library for populating go objects with random values https://bugzilla.redhat.com/show_bug.cgi?id=1141817 -------------------------------------------------------------------------------- ================================================================================ golang-github-rackspace-gophercloud-1.0.0-5.fc21 (FEDORA-2015-3402) The Go SDK for Openstack http://gophercloud.io -------------------------------------------------------------------------------- Update Information: Fix root provide, replace double % with one Fix Provides, used import_path macro instead of its value Bump to upstream 6753165c3bb83a2b41bc495210509eacb12926d6 Bump to upstream 75c3fecab50deff8ff90bce2147a9d3140c5a13f -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.0.0-5 - Fix root provide, replace double % with one related: #1153733 * Fri Mar 6 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.0.0-4 - Fix Provides, used import_path macro instead of its value related: #1153733 * Fri Mar 6 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.0.0-3 - Bump to upstream 6753165c3bb83a2b41bc495210509eacb12926d6 related: #1153733 * Wed Feb 25 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.0.0-2 - Bump to upstream 75c3fecab50deff8ff90bce2147a9d3140c5a13f related: #1153733 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153733 - Review Request: golang-github-rackspace-gophercloud - The Go SDK for Openstack http://gophercloud.io https://bugzilla.redhat.com/show_bug.cgi?id=1153733 -------------------------------------------------------------------------------- ================================================================================ golang-github-stretchr-testify-0-0.7.gite4ec815.fc21 (FEDORA-2015-3490) Tools for testifying that your code will behave as you intend -------------------------------------------------------------------------------- Update Information: update URL to point to github repository Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.7.gite4ec815 - update URL to point to github repository related: #1141872 * Thu Mar 5 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.6.gite4ec815 - Bump to upstream e4ec8152c15fc46bd5056ce65997a07c7d415325 related: #1141872 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools for testifying that your code will behave as you intend https://bugzilla.redhat.com/show_bug.cgi?id=1141872 -------------------------------------------------------------------------------- ================================================================================ graphite-web-0.9.13-0.3.aa992b9.fc21 (FEDORA-2015-3459) A Django web application for enterprise scalable realtime graphing -------------------------------------------------------------------------------- Update Information: update all Graphite packages to 0.9.13-pre1 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 17 2015 Piotr Popieluch <piotr1212@xxxxxxxxx> - 0.9.13-0.3.aa992b9 - fix IE 10 javascript issues * Thu Feb 5 2015 Piotr Popieluch <piotr1212@xxxxxxxxx> - 0.9.13-0.2.094cf54 - update to later commit to fix XSS * Mon Jan 19 2015 Piotr Popieluch <piotr1212@xxxxxxxxx> - 0.9.13-0.1.pre1 - update to upstream pre-release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon https://bugzilla.redhat.com/show_bug.cgi?id=1183270 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-bad-free-1.4.5-2.fc21 (FEDORA-2015-3362) GStreamer streaming media framework "bad" plugins -------------------------------------------------------------------------------- Update Information: Fix RTP/RTCP muxing (#1199578) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 1.4.5-2 - Fix RTP/RTCP muxing (#1199578) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199578 - srtpdec doesn't support RTP on the RTCP sink pad https://bugzilla.redhat.com/show_bug.cgi?id=1199578 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-good-1.4.5-2.fc21 (FEDORA-2015-3379) GStreamer plugins with good code and licensing -------------------------------------------------------------------------------- Update Information: Don't force RTP jitterbuffer clock-rate (#1199579) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 David Woodhouse <dwmw2@xxxxxxxxxxxxx> - 1.4.5-2 - Don't force RTP jitterbuffer clock-rate (#1199579) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199579 - RTP Jitterbuffer shouldn't force clock-rate on the caps https://bugzilla.redhat.com/show_bug.cgi?id=1199579 -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.3.7-7.svn1893.fc21 (FEDORA-2015-3463) Music player -------------------------------------------------------------------------------- Update Information: dropped CMAKE_INSTALL_PREFIX because already sets by %cmake macro -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.3.7-7.svn1893 - dropped CMAKE_INSTALL_PREFIX because already sets by %cmake macro - rebuild for new wxsqlite3 version -------------------------------------------------------------------------------- ================================================================================ ibus-table-1.9.4-1.fc21 (FEDORA-2015-3415) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Check existence of old log files before trying to delete them update to 1.9.3; Try to get the English name of the table if run in locale C/POSIX -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.9.4-1 - update to 1.9.4 - Check existence of old log files before trying to delete them - Resolves: rhbz#1199673 * Mon Mar 2 2015 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.9.3-1 - update to 1.9.3 - Try to get the English name of the table if run in locale C/POSIX - Resolves: rhbz#1197001 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1197001 - [abrt] ibus-table: main.py:222:main:AttributeError: 'NoneType' object has no attribute 'lower' https://bugzilla.redhat.com/show_bug.cgi?id=1197001 [ 2 ] Bug #1199673 - [abrt] ibus-table: factory.py:89:do_create_engine:Exception: Cannot create engine wubi-jidian86 https://bugzilla.redhat.com/show_bug.cgi?id=1199673 -------------------------------------------------------------------------------- ================================================================================ josm-0-0.66.8109svn.fc21 (FEDORA-2015-3518) An editor for OpenStreetMap (OSM) -------------------------------------------------------------------------------- Update Information: Update to 8109 svn revision -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 3 2015 Cédric OLIVIER <cedric.olivier@xxxxxxx> 0-0.66.8109svn - Update to 8109 svn revision -------------------------------------------------------------------------------- ================================================================================ julia-0.3.6-2.fc21 (FEDORA-2015-3456) High-level, high-performance dynamic language for technical computing -------------------------------------------------------------------------------- Update Information: Fix loading libcholmod, libfftw3_threads and libumfpack. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 2 2015 Milan Bouchet-Valat <nalimilan@xxxxxxx> - 0.3.6-2 - Fix loading libcholmod, libfftw3_threads and libumfpack. -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.16-3.fc21 (FEDORA-2015-3406) KDE Workspace -------------------------------------------------------------------------------- Update Information: New bugfix release, part of KDE Applications 14.12.3 release. See also: https://www.kde.org/announcements/announce-applications-14.12.3.php -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 4.11.16-3 - fix the colorschemes.knsrc file conflict correctly (also patch the code) * Fri Mar 6 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.16-2 - kcm_colors: avoid conflict with plasma-desktop * Mon Feb 23 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.16-1 - 4.11.16 * Wed Feb 11 2015 Than Ngo <than@xxxxxxxxxx> 4.11.15-6 - rebuilt * Sat Feb 7 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.15-5 - KDM writing incorrect XAUTHORITY file for XDMCP sessions (#1187957) * Tue Feb 3 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.11.15-4 - -devel: drop dep on kwin-gles-libs (#1188877) -------------------------------------------------------------------------------- ================================================================================ lhapdf-5.9.1-9.fc21 (FEDORA-2015-3356) Les Houches Accord PDF Interface -------------------------------------------------------------------------------- Update Information: Fix to example code. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.9.1-9 - Fix lhacontrol common block in example * Sun Oct 12 2014 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.9.1-8 - Re-enable octave for EPEL 7 -------------------------------------------------------------------------------- ================================================================================ libgcrypt-1.6.3-1.fc21 (FEDORA-2015-3489) A general-purpose cryptography library -------------------------------------------------------------------------------- Update Information: New upstream release fixing two minor security issues. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.6.3-1 - new upstream version * Wed Feb 25 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.6.2-4 - do not initialize secure memory during the selftest (#1195850) * Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1.6.2-3 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Wed Jan 14 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.6.2-2 - fix buildability of programs using gcrypt.h with -ansi (#1182200) * Mon Dec 8 2014 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.6.2-1 - new upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1198145 - CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack) https://bugzilla.redhat.com/show_bug.cgi?id=1198145 [ 2 ] Bug #1198147 - CVE-2015-0837 libgcrypt: last-level cache side-channel attack https://bugzilla.redhat.com/show_bug.cgi?id=1198147 -------------------------------------------------------------------------------- ================================================================================ libmbim-1.12.0-1.fc21 (FEDORA-2015-3017) Support library for the Mobile Broadband Interface Model protocol -------------------------------------------------------------------------------- Update Information: This update suppresses GSM cell location messages at default log levels. This update also adds the mistakenly omitted libqmi and libmbim dependencies. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 15 2015 Dan Williams <dcbw@xxxxxxxxxx> - 1.12.0-1 - Update to 1.12.0 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default log settings https://bugzilla.redhat.com/show_bug.cgi?id=1194492 -------------------------------------------------------------------------------- ================================================================================ libqmi-1.12.4-2.fc21 (FEDORA-2015-3017) Support library to use the Qualcomm MSM Interface (QMI) protocol -------------------------------------------------------------------------------- Update Information: This update suppresses GSM cell location messages at default log levels. This update also adds the mistakenly omitted libqmi and libmbim dependencies. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1.12.4-2 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Wed Feb 11 2015 Lubomir Rintel <lkundrak@xxxxx> - 1.12.4-1 - Update to 1.12.4 release * Tue Feb 10 2015 Lubomir Rintel <lkundrak@xxxxx> - 1.12.2-1 - Clean up the spec file a bit - Update to 1.12.2 release * Thu Jan 15 2015 Dan Williams <dcbw@xxxxxxxxxx> - 1.12.0-1 - Update to 1.12.0 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194492 - Possible location tracking in NetworkManager due to verbose default log settings https://bugzilla.redhat.com/show_bug.cgi?id=1194492 -------------------------------------------------------------------------------- ================================================================================ librsync-1.0.0-1.fc21 (FEDORA-2015-3497) Rsync libraries -------------------------------------------------------------------------------- Update Information: Changes in librsync 1.0.0 (2015-01-23) ====================================== * SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff. For example this might occur in a database, mailbox, or VM image containing some attacker-controlled data. To mitigate this issue, signatures will by default be computed with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic number when given these signature files. Backward compatibility can be obtained using the new `rdiff sig --hash=md4` option or through specifying the "signature magic" in the API, but this should not be used when either the old or new file contain untrusted data. Deltas generated from those signatures will also use BLAKE2 during generation, but produce output that can be read by old versions. See https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net> for reporting this and offering an initial patch. * Various build fixes, thanks Timothy Gu. * Improved rdiff man page from Debian. * Improved librsync.spec file for building RPMs. * Fixed bug #1110812 'internal error: job made no progress'; on large files. * Moved hosting to https://github.com/librsync/librsync/ * Travis-CI.org integration test at https://travis-ci.org/librsync/librsync/ * Remove bundled copy of popt; it must be installed separately. * You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew where it is called `glibtoolize`. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 1 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.0-1 - Upgrade to 1.0.0 (#1126712) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption https://bugzilla.redhat.com/show_bug.cgi?id=1126712 -------------------------------------------------------------------------------- ================================================================================ liveusb-creator-3.13.3-1.fc21 (FEDORA-2015-3491) A liveusb creator -------------------------------------------------------------------------------- Update Information: New upstream release to fix an issue with stripping LABEL parameters from the syslinux.cfg when used in 'destructive mode (cp)' -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Luke Macken <lmacken@xxxxxxxxxx> - 3.13.3-1 - Latest upstream release -------------------------------------------------------------------------------- ================================================================================ mariadb-10.0.17-1.fc21 (FEDORA-2015-3503) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: This is an update that fixes all issues described at https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-10017-changelog Enable tokudb -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2015 Honza Horak <hhorak@xxxxxxxxxx> - 1:10.0.17-1 - Rebase to version 10.0.17 * Wed Feb 18 2015 Matej Muzila <mmuzila@xxxxxxxxxx> - 1:10.0.16-3 - Enable tokudb * Tue Feb 10 2015 Honza Horak <hhorak@xxxxxxxxxx> - 1:10.0.16-3 - Fix openssl_1 test * Wed Feb 4 2015 Jakub Dorňák <jdornak@xxxxxxxxxx> - 1:10.0.16-2 - Include new certificate for tests - Update lists of failing tests Related: #1186110 * Tue Feb 3 2015 Jakub Dorňák <jdornak@xxxxxxxxxx> - 1:10.0.16-9 - Rebase to version 10.0.16 Resolves: #1187895 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1197278 - mariadb-10.0.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1197278 [ 2 ] Bug #1171767 - TokuDB plugin missing from MariaDB https://bugzilla.redhat.com/show_bug.cgi?id=1171767 -------------------------------------------------------------------------------- ================================================================================ milter-greylist-4.5.12-2.fc21 (FEDORA-2015-3468) Milter for greylisting, the next step in the spam control war -------------------------------------------------------------------------------- Update Information: Cumulative bug fix release from upstream. See package changelog for full details. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 4.5.12-2 - Include milter-greylist.m4 as %doc - Add preset support for EL-7 build - Tag README as %license where possible as it includes the license details * Thu Dec 18 2014 Paul Howarth <paul@xxxxxxxxxxxx> - 4.5.12-1 - Update to 4.5.12 - Prevent buffer overflow on IP address in DRAC code - Remove duplicate dkim check in configure - Let MX clause work if a MX has no DNS A record - Fix build on CentOS -------------------------------------------------------------------------------- ================================================================================ mirall-1.7.1-2.fc21 (FEDORA-2015-3347) The ownCloud Client -------------------------------------------------------------------------------- Update Information: Upstream 1.7.1 version with gcc5 compliance -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Dams <anvil[AT]livna.org> - 1.7.1-2 - Added gcc5 compliance patch * Fri Mar 6 2015 Dams <anvil[AT]livna.org> - 1.7.1-1 - Updated to 1.7.1 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.25-2.fc21 (FEDORA-2015-3426) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Merge 2.1 paches back to 2.0 -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 "D. Johnson" <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.25-2 - Merge 2.1 paches back to 2.0 - BZ# 1149949 - munin-async init script to override defaults (PR-274 backport) - BZ# 1049262 - munin ntp_ plugin uses perl features from perl 5.10.0 but can only use perl 5.8.8 - BZ# 1140015 - Munin mysql plugin fails to parse MariaDB status -------------------------------------------------------------------------------- References: [ 1 ] Bug #1149949 - munin-async init script to override defaults https://bugzilla.redhat.com/show_bug.cgi?id=1149949 [ 2 ] Bug #1049262 - munin ntp_ plugin uses perl features from perl 5.10.0 but can only use perl 5.8.8 https://bugzilla.redhat.com/show_bug.cgi?id=1049262 [ 3 ] Bug #1140015 - Munin mysql plugin fails to parse MariaDB status https://bugzilla.redhat.com/show_bug.cgi?id=1140015 -------------------------------------------------------------------------------- ================================================================================ opendmarc-1.3.1-3.fc21 (FEDORA-2015-3495) A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library -------------------------------------------------------------------------------- Update Information: * Fri Mar 06 2015 Steve Jenkins <steve@xxxxxxxxxxxxxxxx> 1.3.1-3 - Added libbsd and libbsd-devel build requirement to fix libstrl issue - initial packaged version of OpenDMARC for Fedora-based systems - initial packaged version of OpenDMARC for Fedora-based systems - initial packaged version of OpenDMARC for Fedora-based systems - initial packaged version of OpenDMARC for Fedora-based systems - initial packaged version of OpenDMARC for Fedora-based systems - initial packaged version of OpenDMARC for Fedora-based systems -------------------------------------------------------------------------------- References: [ 1 ] Bug #905304 - Review Request: OpenDMARC - Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library https://bugzilla.redhat.com/show_bug.cgi?id=905304 -------------------------------------------------------------------------------- ================================================================================ owncloud-7.0.4-3.fc21 (FEDORA-2015-3532) Private file sync and share server -------------------------------------------------------------------------------- Update Information: This update provides some improvements to the Apache configuration files that are included in the package to ease deployment (and to a smaller extent, also the Nginx configuration file). Most notably, this should fix the 'app store' function by providing the necessary Alias: Alias /owncloud/apps-appstore /var/lib/owncloud/apps if you have edited the /etc/httpd/conf.d/owncloud.conf file locally, the packaged version will install as owncloud.conf.rpmnew. We recommend you merge the changes into your own version, or keep the packaged owncloud.conf and move your changes to a file which overrides it, such as z-owncloud-local.conf . The update also provides a (hopefully) more convenient method for enabling and disabling remote access to the ownCloud installation. You can simply symlink the file owncloud-access-conf.avail to enable remote access, e.g.: ln -s /etc/httpd/conf.d/owncloud-access.conf.avail /etc/httpd/conf.d/z-owncloud-access.conf as long as the target name ends in .conf and sorts alphabetically after 'owncloud.conf', it will supersede owncloud.conf and enable remote access. If you need to lock down access to the server, you can simply remove the symlink. This removes the need for you to provide the appropriate syntax yourself, and the symlink approach will mean that if the required configuration changes in future ownCloud releases, the packaged owncloud-access.conf.avail file can be updated and your installation will keep working with no need for you to make manual changes. The new approach makes use of some files containing common directives, to be included by the .conf files (to reduce duplication of these directives between different config files and sections). These are named with the suffix .inc. Note that they only take effect when included by files whose names end with .conf. Only files whose name end with .conf are directly read by Apache. There are no functional changes to ownCloud itself in this update, it is concerned only with the web server configuration files. This update provides the latest upstream release of ownCloud, with various bug fixes. This is a minor release and should apply smoothly with no special handling. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 22 2015 Adam Williamson <awilliam@xxxxxxxxxx> - 7.0.4-3 - revise and strengthen Apache configuration layout, fix external apps - fix external apps for Nginx -------------------------------------------------------------------------------- ================================================================================ oz-0.13.0-1.fc21 (FEDORA-2015-3470) Library and utilities for automated guest OS installs -------------------------------------------------------------------------------- Update Information: Update to release 0.13.0 -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Chris Lalancette <clalancette@xxxxxxxxx> - 0.13.0-1 - Update to release 0.13.0 -------------------------------------------------------------------------------- ================================================================================ perl-Class-Virtual-0.07-1.fc21 (FEDORA-2015-3436) Base class for virtual base classes in Perl -------------------------------------------------------------------------------- Update Information: Update to 0.07 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195862 - Review Request: perl-Class-Virtual - Base class for virtual base classes in Perl https://bugzilla.redhat.com/show_bug.cgi?id=1195862 -------------------------------------------------------------------------------- ================================================================================ php-google-apiclient-1.1.2-2.fc21 (FEDORA-2015-3344) Client library for Google APIs -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream release of the library with various improvements and bug fixes. See https://github.com/google/google-api-php-client/releases for a handy summary of upstream changes. Since 1.1.1 the library includes an autoloader and recommends its use. However, including files directly should continue to work as it previously did. The only Fedora package which uses this library is ownCloud, so the best way to test it (unless you have your own unpackaged code that uses it) is to check ownCloud's integration with Google Drive storage continues to work. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 2 2015 Adam Williamson <awilliam@xxxxxxxxxx> - 1.1.2-2 - update autoloader relocation patch to match latest upstream submission -------------------------------------------------------------------------------- ================================================================================ php-sabre-dav-1.8.12-1.fc21 (FEDORA-2015-3358) WebDAV Framework for PHP -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream 1.8 release, which is a bugfix release with no expected compatibility changes. The upstream changes can be seen at https://github.com/fruux/sabre-dav/blob/1.8/ChangeLog . -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Adam Williamson <awilliam@xxxxxxxxxx> - 1.8.12-1 - update to 1.8.12 (bugfix release, no bc breaks) -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_VObject-2.1.7-1.fc21 (FEDORA-2015-3528) An intuitive reader for iCalendar and vCard objects -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream release of the 2.1 series. It is a stable bugfix release. The most significant change since 2.1.4 is a workaround for https://github.com/fruux/sabre-vobject/issues/94 , which should improve interoperability with several clients. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Adam Williamson <awilliam@xxxxxxxxxx> - 2.1.7-1 - update to 2.1.7 -------------------------------------------------------------------------------- ================================================================================ pki-console-10.2.1-1.fc21 (FEDORA-2015-3512) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 8 2015 Dogtag Team <pki-devel@xxxxxxxxxx> 10.2.1-1 - Update release number for release build -------------------------------------------------------------------------------- ================================================================================ pki-core-10.2.1-1.fc21 (FEDORA-2015-3529) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: PKI TRAC Ticket #1287 - Consider backporting Dogtag 10.2.1 to Fedora 21 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 8 2015 Dogtag Team <pki-devel@xxxxxxxxxx> 10.2.1-1 - Update release number for release build * Tue Dec 16 2014 Matthew Harmsen <mharmsen@xxxxxxxxxx> - 10.2.1-0.4 - PKI TRAC Ticket #1187 - mod_perl should be removed from requirements for 10.2 - PKI TRAC Ticket #1205 - Outdated selinux-policy dependency. - Removed perl(XML::LibXML), perl-Crypt-SSLeay, and perl-Mozilla-LDAP runtime dependencies * Fri Dec 12 2014 Ade Lee <alee@xxxxxxxxxx> 10.2.1-0.3 - Change resteasy dependencies for F22+ -------------------------------------------------------------------------------- ================================================================================ plantuml-8020-1.fc21 (FEDORA-2015-3427) Program to generate UML diagram from a text description -------------------------------------------------------------------------------- Update Information: Updating to a new upstream version. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Jan Safranek <jsafrane@xxxxxxxxxx> - 8020-1 - Update to ver. 8020 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199286 - Please update plantuml from 7978 to 8020 https://bugzilla.redhat.com/show_bug.cgi?id=1199286 -------------------------------------------------------------------------------- ================================================================================ pymodbus-1.2.0-1.fc21 (FEDORA-2015-3420) A Modbus Protocol Stack in Python -------------------------------------------------------------------------------- Update Information: New upstream release with various enhancements and bugfixes. Detailed changelog: https://github.com/bashwork/pymodbus/blob/master/CHANGELOG.rst -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 9 2015 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.0-1 - Update to new upstream release 1.2.0 - Add patch to avoid installation of ez_setup - Change URL and Source URL - Adjust requirements -------------------------------------------------------------------------------- ================================================================================ pyserial-2.7-1.fc21 (FEDORA-2015-3466) Python serial port access library -------------------------------------------------------------------------------- Update Information: New upstream version. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 8 2015 Paul Komkoff <i@xxxxxxxxxx> 2.7-1 - new upstream version -------------------------------------------------------------------------------- ================================================================================ python-astroML-addons-0.2.1-7.fc21 (FEDORA-2015-3394) Performance add-ons for the astroML package -------------------------------------------------------------------------------- Update Information: fixed wrong dependency in python 2 package (BZ #1199429) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Christian Dersch <chrisdersch@xxxxxxxxx> - 0.2.1-7 - fixed wrong dependency in python 2 package (BZ #1199429) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199429 - python-astroML-addons-0.2.1-6.fc21 wrong dependency in python3-scikit-learn https://bugzilla.redhat.com/show_bug.cgi?id=1199429 -------------------------------------------------------------------------------- ================================================================================ python-carbon-0.9.13-0.1.pre1.fc21 (FEDORA-2015-3459) Back-end data caching and persistence daemon for Graphite -------------------------------------------------------------------------------- Update Information: update all Graphite packages to 0.9.13-pre1 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 19 2015 Piotr Popieluch <piotr1212@xxxxxxxxx> - 0.9.13-0.1.pre1 - update to 0.9.13-pre1 * Mon Nov 24 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.9.12-7 - patch setup.py to prevent installation of upstream init scripts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon https://bugzilla.redhat.com/show_bug.cgi?id=1183270 -------------------------------------------------------------------------------- ================================================================================ python-gertty-1.1.0-1.fc21 (FEDORA-2015-3423) Gertty is a console-based interface to the Gerrit Code Review system -------------------------------------------------------------------------------- Update Information: New upstream release 1.1.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Kashyap Chamarthy <kashyapc@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - New upstream release 1.1.0 -------------------------------------------------------------------------------- ================================================================================ python-ipgetter-0.6-1.fc21 (FEDORA-2015-3392) A Python module to fetch the external IP address -------------------------------------------------------------------------------- Update Information: Update to latest upstream release 0.6 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.6-1 - Update to latest upstream release 0.6 -------------------------------------------------------------------------------- ================================================================================ python-whisper-0.9.13-0.1.pre1.fc21 (FEDORA-2015-3459) Simple database library for storing time-series data -------------------------------------------------------------------------------- Update Information: update all Graphite packages to 0.9.13-pre1 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 19 2015 Piotr Popieluch <piotr1212@xxxxxxxxx> - 0.9.13-0.1.pre1 - update to 0.9.13-pre1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183270 - twisted 14 incompatible with python-carbon https://bugzilla.redhat.com/show_bug.cgi?id=1183270 -------------------------------------------------------------------------------- ================================================================================ qt-creator-3.3.2-1.fc21 (FEDORA-2015-3458) Cross-platform IDE for Qt -------------------------------------------------------------------------------- Update Information: Update to version 3.3.2, see https://qt.gitorious.org/qt-creator/qt-creator/raw/2fb9c3c7abc93a9237e72972ee222b2a2628007e:dist/changes-3.3.2 for details. -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Sandro Mani <manisandro@xxxxxxxxx> - 3.3.2-1 - 3.3.2 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199110 - qt-creator-3.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1199110 -------------------------------------------------------------------------------- ================================================================================ rdiff-backup-1.2.8-14.fc21 (FEDORA-2015-3497) Convenient and transparent local/remote incremental mirror/backup -------------------------------------------------------------------------------- Update Information: Changes in librsync 1.0.0 (2015-01-23) ====================================== * SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff. For example this might occur in a database, mailbox, or VM image containing some attacker-controlled data. To mitigate this issue, signatures will by default be computed with a 256-bit BLAKE2 hash. Old versions of librsync will complain about a bad magic number when given these signature files. Backward compatibility can be obtained using the new `rdiff sig --hash=md4` option or through specifying the "signature magic" in the API, but this should not be used when either the old or new file contain untrusted data. Deltas generated from those signatures will also use BLAKE2 during generation, but produce output that can be read by old versions. See https://github.com/librsync/librsync/issues/5. Thanks to Michael Samuel <miknet.net> for reporting this and offering an initial patch. * Various build fixes, thanks Timothy Gu. * Improved rdiff man page from Debian. * Improved librsync.spec file for building RPMs. * Fixed bug #1110812 'internal error: job made no progress'; on large files. * Moved hosting to https://github.com/librsync/librsync/ * Travis-CI.org integration test at https://travis-ci.org/librsync/librsync/ * Remove bundled copy of popt; it must be installed separately. * You can set `$LIBTOOLIZE` before running `autogen.sh`, for example on OS X Homebrew where it is called `glibtoolize`. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 1 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 1.2.8-14 - Rebuild for librsync 1.0.0 (#1126712) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126712 - CVE-2014-8242 librsync: MD4 collision file corruption https://bugzilla.redhat.com/show_bug.cgi?id=1126712 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.13.1-105.6.fc21 (FEDORA-2015-3476) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=618340 More info:http://koji.fedoraproject.org/koji/buildinfo?buildID=615187 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.13.1-105.6 - Allow glusterd_t exec glusterd_var_lib_t files. BZ(1198406) - Add gluster_exec_lib interface. - Allow cyrus bind tcp berknet port. BZ(1198347) - Allow abrt_dump_oops_t read /etc/passwd file. BZ(1197190) - Allow l2tp to manage NetworkManager_var_run_t files. BZ(1197428) - Allow denyhosts execute iptables. BZ(1197371) - Allow brltty rw event device. BZ(1190349) - Allow cupsd config to execute ldconfig. BZ(1196608) - Allow ping_t read urand. BZ(1181831) - Add support for tcp/2005 port. * Wed Feb 25 2015 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.13.1-105.5 - Make sure NetworkManager configures resolv.conf correctly - Label /var/run/NetworkManager/resolv.conf.tmp as net_conf_t. - Added interface files_search_all_pids - Allow search all pid dirs when managing net_conf_t files - Fix path label to resolv.conf under NetworkManager * Mon Feb 23 2015 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.13.1-105.4 - Added logging_syslogd_pid_filetrans - Additional fix for labeleling /dev/log correctly - Label new strongswan binary swanctl and new unit file strongswan-swanctl.service. BZ(1193102) - Label /dev/log correctly. - Create dnf and yum directories in /var with correct label - Dontaudit sys_resource in prelink_cron)_system_t - Add filename transitions for /var/lib/rpm and /var/cache/rpm - Create dnf and yum directories in /var with correct label - Allow brltty ioctl on usb_device_t. BZ(1190349) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181831 - SELinux is preventing ping6 from read access on the chr_file urandom. https://bugzilla.redhat.com/show_bug.cgi?id=1181831 [ 2 ] Bug #1184389 - running a server with docker leads to selinux warnings https://bugzilla.redhat.com/show_bug.cgi?id=1184389 [ 3 ] Bug #1196608 - SELinux is preventing udev-add-printe from 'execute' accesses on the file /usr/sbin/ldconfig. https://bugzilla.redhat.com/show_bug.cgi?id=1196608 [ 4 ] Bug #1197371 - SELinux is preventing /usr/bin/bash from 'execute' accesses on the file /usr/sbin/xtables-multi. https://bugzilla.redhat.com/show_bug.cgi?id=1197371 [ 5 ] Bug #1197428 - SELinux is preventing nm-l2tp-service from 'unlink' accesses on the file nm-xl2tpd.conf.4356. https://bugzilla.redhat.com/show_bug.cgi?id=1197428 [ 6 ] Bug #1198406 - SELinux is preventing /usr/sbin/glusterfsd from 'execute' accesses on the file /var/lib/glusterd/hooks/1/start/post/S30samba-start.sh. https://bugzilla.redhat.com/show_bug.cgi?id=1198406 [ 7 ] Bug #1190349 - SELinux is preventing /usr/bin/brltty from ioctl access on the chr_file /dev/bus/usb/002/004. https://bugzilla.redhat.com/show_bug.cgi?id=1190349 [ 8 ] Bug #1193102 - /usr/sbin/charon-systemd needs policy https://bugzilla.redhat.com/show_bug.cgi?id=1193102 [ 9 ] Bug #1195752 - dnssec-triggerd is not allowed to write to /etc https://bugzilla.redhat.com/show_bug.cgi?id=1195752 -------------------------------------------------------------------------------- ================================================================================ sflphone-1.4.1-6.fc21 (FEDORA-2015-3444) SIP/IAX2 compatible enterprise-class software phone -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1180698 - Review Request: sflphone - SIP/IAX2 compatible enterprise-class software phone https://bugzilla.redhat.com/show_bug.cgi?id=1180698 -------------------------------------------------------------------------------- ================================================================================ strace-4.10-1.fc21 (FEDORA-2015-3365) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2015 Dmitry V. Levin <ldv@xxxxxxxxxxxx> - 4.10-1 - New upstream release: + enhanced ioctl decoding (#902788). -------------------------------------------------------------------------------- References: [ 1 ] Bug #902788 - RFE: strace should interpret also the direction and size fields for the ioctl() syscall https://bugzilla.redhat.com/show_bug.cgi?id=902788 -------------------------------------------------------------------------------- ================================================================================ udt-4.11-4.fc21 (FEDORA-2015-3450) UDP based Data Transfer Protocol -------------------------------------------------------------------------------- Update Information: Fix sed substitutions in case of slashes in rpm macros -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.11-4 - Fix sed substitutions in case of slashes in rpm macros -------------------------------------------------------------------------------- ================================================================================ varnish-4.0.3-1.fc21 (FEDORA-2015-3467) High-performance HTTP accelerator -------------------------------------------------------------------------------- Update Information: New upstream release. A bugfix release. Highlights from the changelog: * 26 reported bugs fixed. * Replaced objects are now expired immediately, instead of kept around until expiry. * Memory usage on chunked backend responses is lower Fore a detailed list of changes, please see the project's announcement at https://www.varnish-cache.org/content/varnish-cache-403 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> 4.0.3-1 - New upstream release - Removed systemd patch included upstream - Rebased trivial Werr-patch for varnish-4.0.3 - Added patch to build on el5 * Tue Nov 25 2014 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> 4.0.2-1 - New upstream release - Rebased sphinx makefile patch - Added systemd services patch from Federico Schwindt * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.0.1-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ weechat-1.1.1-1.fc21 (FEDORA-2015-3395) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: New upstream version 1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 8 2015 Paul Komkoff <i@xxxxxxxxxx> - 1.1.1-1 - new upstream version (#1181572) * Sat Jan 17 2015 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.0.1-3 - Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_2.2 - Build plugins with -fPIC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181572 - weechat-1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1181572 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.12.4-1.fc21 (FEDORA-2015-3507) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: Ver. 1.12.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Peter Hatina <phatina@xxxxxxxxxx> - 1.12.4-1 - Ver. 1.12.4 -------------------------------------------------------------------------------- ================================================================================ wxsqlite3-3.2.1-1.fc21 (FEDORA-2015-3455) C++ wrapper around the SQLite 3.x database -------------------------------------------------------------------------------- Update Information: update to 3.2.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> 3.2.1-1 - update to 3.2.1 -------------------------------------------------------------------------------- ================================================================================ xen-4.4.1-13.fc21 (FEDORA-2015-3381) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: enable building pngs from fig files which is working again, fix oxenstored.service preset preuninstall script, arm: vgic: incorrect rate limiting of guest triggered logging, Information leak via internal x86 system device emulation, Information leak through version information hypercall -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2015 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.4.1-13 - enable building pngs from fig files which is working again - fix oxenstored.service preset preuninstall script - arm: vgic: incorrect rate limiting of guest triggered logging [XSA-118, CVE-2015-1563] (#1187153) - Information leak via internal x86 system device emulation [XSA-121, CVE-2015-2044] - Information leak through version information hypercall [XSA-122, CVE-2015-2045] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187153 - CVE-2015-1563 xen: vgic: incorrect rate limiting of guest triggered logging on ARM architectures (XSA-118) https://bugzilla.redhat.com/show_bug.cgi?id=1187153 -------------------------------------------------------------------------------- ================================================================================ xfce4-hamster-plugin-1.6.1-1.fc21 (FEDORA-2015-3350) Time tracker port of the 'hamster project extension' for the xfce4 panel -------------------------------------------------------------------------------- Update Information: v1.6.1 add spanish translations -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Raphael Groner <projects.rg@xxxxxxxx> - 1.6.1-1 - v1.6.1 * Fri Mar 6 2015 Raphael Groner <projects.rg@xxxxxxxx> - 1.6-5 - add spanish translations - remove obsolete comments at closed upstream issues - remove some ridiculous globals and use shortifying URL macro * Sun Mar 1 2015 Raphael Groner <projects.rg@xxxxxxxx> - 1.6-4 - bump again due to wrong Release logic in f22 * Sun Mar 1 2015 Raphael Groner <projects.rg@xxxxxxxx> - 1.6-3 - bump and rebuild for xfce 4.12 * Wed Jan 28 2015 Raphael Groner <projects.rg (AT) smart.ms> - 1.6-2 - introduce license macro -------------------------------------------------------------------------------- References: [ 1 ] Bug #1199735 - xfce4-hamster-plugin-1.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1199735 -------------------------------------------------------------------------------- ================================================================================ yoshimi-1.3.3-2.fc21 (FEDORA-2015-3487) Rewrite of ZynAddSubFx aiming for better JACK support -------------------------------------------------------------------------------- Update Information: Update to 1.3.3 and include new SVG icon -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 7 2015 Adam Huffman <bloch@xxxxxxxxxxxx> - 1.3.3-2 - Include new SVG icon * Fri Mar 6 2015 Adam Huffman <bloch@xxxxxxxxxxxx> - 1.3.3-1 - Update to upstream release 1.3.3 -------------------------------------------------------------------------------- ================================================================================ znc-1.6.0-1.fc21 (FEDORA-2015-3389) An advanced IRC bouncer -------------------------------------------------------------------------------- Update Information: Update to 1.6.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 23 2015 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.6.0-1 - Update to 1.6.0 * Wed Aug 27 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.4-7 - Perl 5.20 rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
