Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
 100  https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20
  89  https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
  89  https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20
  80  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
  77  https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.fc20
  58  https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.fc20
  57  https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.fc20
  36  https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
  35  https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
  33  https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20
  25  https://admin.fedoraproject.org/updates/FEDORA-2015-2104/drupal7-views-3.10-1.fc20
  18  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  14  https://admin.fedoraproject.org/updates/FEDORA-2015-2600/echoping-6.1-0.beta.r434svn.1.fc20
  12  https://admin.fedoraproject.org/updates/FEDORA-2015-2826/drupal7-entity-1.6-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3211/dokuwiki-0-0.24.20140929c.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3201/xterm-297-2.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3205/libmspack-0.5-0.1.alpha.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3204/putty-0.64-1.fc20
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3253/gnupg-1.4.19-2.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-3329/phpMyAdmin-4.3.11.1-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-3372/freexl-1.0.0i-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-3366/librsync-1.0.0-1.fc20,csync2-1.34-15.fc20,duplicity-0.6.25-3.fc20,rdiff-backup-1.2.8-14.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.5-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-3573/qt-creator-3.2.2-2.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-3590/icu-50.1.2-11.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-3594/kernel-3.18.9-100.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  18  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.5-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-3577/elfutils-0.161-6.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-3590/icu-50.1.2-11.fc20


The following builds have been pushed to Fedora 20 updates-testing

    converseen-0.9.1-1.fc20
    elfutils-0.161-6.fc20
    gnofract4d-3.14.1-9.fc20
    icu-50.1.2-11.fc20
    kernel-3.18.9-100.fc20
    libmatekbd-1.8.1-1.fc20
    marco-1.8.3-1.fc20
    mate-screensaver-1.8.1-3.fc20
    nodejs-window-size-0.1.0-2.fc20
    perl-Params-Validate-1.18-1.fc20
    python-rhsm-1.14.2-1.fc20
    qt-creator-3.2.2-2.fc20
    subscription-manager-1.14.2-1.fc20
    texstudio-2.9.0-1.fc20

Details about builds:


================================================================================
 converseen-0.9.1-1.fc20 (FEDORA-2015-3586)
 A batch image conversion tool written in C++ with Qt4 and Magick++
--------------------------------------------------------------------------------
Update Information:

Rebuilt for new upstream version 0.9.1, fixes rhbz #1199061, #1197790
Rebuilt for new upstream version 0.9.0, fixes rhbz #1170952
Rebuilt for new upstream version 0.8.4, fixes rhbz #1148306
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Filipe Rosset <rosset.filipe@xxxxxxxxx> - 0.9.1-1
- Rebuilt for new upstream version 0.9.1, fixes rhbz #1199061, #1197790
* Wed Feb 18 2015 Filipe Rosset <rosset.filipe@xxxxxxxxx> - 0.9.0-1
- Rebuilt for new upstream version 0.9.0, fixes rhbz #1170952
* Thu Oct  2 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> - 0.8.4-1
- Rebuilt for new upstream version 0.8.4, fixes rhbz #1148306
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199061 - converseen-0.9.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1199061
  [ 2 ] Bug #1197790 - [abrt] converseen: ref(): converseen killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1197790
  [ 3 ] Bug #1170952 - converseen-0.9.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1170952
  [ 4 ] Bug #1148306 - converseen-0.8.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1148306
--------------------------------------------------------------------------------


================================================================================
 elfutils-0.161-6.fc20 (FEDORA-2015-3577)
 A collection of utilities and DSOs to handle compiled objects
--------------------------------------------------------------------------------
Update Information:

Consider sh_addralign 0 as 1 for golang binaries. Copy relocations are allowed in PIE executables. Fix .debug_type offset for sig8 lookup in dwarf_formref_die.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Mark Wielaard <mjw@xxxxxxxxxx> - 0.161-6
- Add elfutils-0.161-copyreloc.patch.
* Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 0.161-5
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Sat Feb  7 2015 Mark Wielaard <mjw@xxxxxxxxxx> - 0.161-4
- Add elfutils-0.161-addralign.patch (#1189928)
* Thu Feb  5 2015 Mark Wielaard <mjw@xxxxxxxxxx> - 0.161-3
- Add elfutils-0.161-formref-type.patch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196571 - Consider sh_addralign 0 as 1
        https://bugzilla.redhat.com/show_bug.cgi?id=1196571
--------------------------------------------------------------------------------


================================================================================
 gnofract4d-3.14.1-9.fc20 (FEDORA-2015-3572)
 Gnofract 4D is a Gnome-based program to draw fractals
--------------------------------------------------------------------------------
Update Information:

This update prevents more crashes due to reference counting and NULL pointer dereference bugs in gnofract4d.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Jerry James <loganjerry@xxxxxxxxx> - 3.14.1-9
- Update -refcount patch to fix bz 1199824
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199824 - [abrt] gnofract4d: image_buffer(): python2.7 killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1199824
--------------------------------------------------------------------------------


================================================================================
 icu-50.1.2-11.fc20 (FEDORA-2015-3590)
 International Components for Unicode
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2014-6585, CVE-2014-6591
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Eike Rathke <erack@xxxxxxxxxx> - 50.1.2-11
- TestTwoDigitYear build fix
- Resolves: rhbz#1184811 CVE-2014-6585 CVE-2014-6591
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489)
        https://bugzilla.redhat.com/show_bug.cgi?id=1183645
  [ 2 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)
        https://bugzilla.redhat.com/show_bug.cgi?id=1183646
--------------------------------------------------------------------------------


================================================================================
 kernel-3.18.9-100.fc20 (FEDORA-2015-3594)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

The 3.18.9 stable update contains a number of important fixes across the tree.
Update to the latest stable upstream release, Linux v3.18.8.  Numerous fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.18.9-100
- Linux v3.18.9
* Mon Mar  2 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- Add patch to fix nfsd soft lockup (rhbz 1185519)
- Enable ET131X driver (rhbz 1197842)
* Sat Feb 28 2015 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx>
- Fix Panda on ARMv7 crash on boot
* Fri Feb 27 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx - 3.18.8-100
- Linux v3.18.8
* Thu Feb 26 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions (rhbz 1196581 1196595)
* Wed Feb 25 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947)
* Tue Feb 24 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- Fix ext4 remount with journal_checksum option (rhbz 1190933)
* Mon Feb 23 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- Add patch for HID i2c from Seth Forshee (rhbz 1188439)
- CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178)
* Mon Feb 16 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
- CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864 1192079)
- CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196581 - CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions
        https://bugzilla.redhat.com/show_bug.cgi?id=1196581
  [ 2 ] Bug #1193907 - CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG()
        https://bugzilla.redhat.com/show_bug.cgi?id=1193907
  [ 3 ] Bug #1189864 - kernel: potential memory corruption (denial of service) in vhost/scsi driver
        https://bugzilla.redhat.com/show_bug.cgi?id=1189864
  [ 4 ] Bug #1192519 - CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=1192519
--------------------------------------------------------------------------------


================================================================================
 libmatekbd-1.8.1-1.fc20 (FEDORA-2015-3591)
 Libraries for mate kbd
--------------------------------------------------------------------------------
Update Information:

update to latest release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-1
- update to 1.8.1 release
--------------------------------------------------------------------------------


================================================================================
 marco-1.8.3-1.fc20 (FEDORA-2015-3591)
 MATE Desktop window manager
--------------------------------------------------------------------------------
Update Information:

update to latest release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.3-1
- update to 1.8.3 release
- remove upstreamed patches
- add BR zenity, drop mate-dialogs
--------------------------------------------------------------------------------


================================================================================
 mate-screensaver-1.8.1-3.fc20 (FEDORA-2015-3587)
 MATE Screensaver
--------------------------------------------------------------------------------
Update Information:

- fix polish translation rhbz (#1199754)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 10 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.1-3
- fix polish translation rhbz (#1199754)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199754 - Please apply the upstream patch (Polish translation, time format)
        https://bugzilla.redhat.com/show_bug.cgi?id=1199754
--------------------------------------------------------------------------------


================================================================================
 nodejs-window-size-0.1.0-2.fc20 (FEDORA-2015-3579)
 Get the height and width of the terminal in a node.js environment
--------------------------------------------------------------------------------
Update Information:

Initial packaging.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1194950 - Review Request: nodejs-window-size - Get the height and width of the terminal in a node.js environment
        https://bugzilla.redhat.com/show_bug.cgi?id=1194950
--------------------------------------------------------------------------------


================================================================================
 perl-Params-Validate-1.18-1.fc20 (FEDORA-2015-3567)
 Params-Validate Perl module
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 24 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.18-1
- Upstream update.
- BR: perl(Test::Version).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196050 - perl-Params-Validate-1.18 testsuite failure on f20
        https://bugzilla.redhat.com/show_bug.cgi?id=1196050
--------------------------------------------------------------------------------


================================================================================
 python-rhsm-1.14.2-1.fc20 (FEDORA-2015-3570)
 A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:

* Logging configuration for subscription-manager can now be modified through a configuration file
* Suppressed some irrelevant warnings
* Allow use of activation keys during migration
* Bugfixes for firstboot
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2015 Alex Wood <awood@xxxxxxxxxx> 1.14.2-1
- 1195446: Only set global socket timeout on RHEL 5. (alikins@xxxxxxxxxx)
- Cleanup up connection logging. (alikins@xxxxxxxxxx)
* Fri Feb  6 2015 Devan Goodwin <dgoodwin@xxxxxxxx> 1.14.1-1
- 976855: build_py now populates version.py with ver (alikins@xxxxxxxxxx)
- 1187587: Correct project URL in spec file. (awood@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 qt-creator-3.2.2-2.fc20 (FEDORA-2015-3573)
 Cross-platform IDE for Qt
--------------------------------------------------------------------------------
Update Information:

Add SSH host key verification to built-in SSH client.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Sandro Mani <manisandro@xxxxxxxxx> - 3.2.2-2
- Add SSH host key verification to built-in SSH client (#1161655)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1161654 - qt-creator: no SSH host key verification in built-in SSH client
        https://bugzilla.redhat.com/show_bug.cgi?id=1161654
--------------------------------------------------------------------------------


================================================================================
 subscription-manager-1.14.2-1.fc20 (FEDORA-2015-3570)
 Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:

* Logging configuration for subscription-manager can now be modified through a configuration file
* Suppressed some irrelevant warnings
* Allow use of activation keys during migration
* Bugfixes for firstboot
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Alex Wood <awood@xxxxxxxxxx> 1.14.2-1
- Move to fileConfig based logging. (alikins@xxxxxxxxxx)
- Ignore glib warnings about class properties. (alikins@xxxxxxxxxx)
- log level updates, mostly info->debug. (alikins@xxxxxxxxxx)
- Condense virt fact logging to one info level entry. (alikins@xxxxxxxxxx)
- Log to info when we update facts. (alikins@xxxxxxxxxx)
- Change branding 'nothing-happened' logs to debug. (alikins@xxxxxxxxxx)
- Condense cert_sorter logged info. (alikins@xxxxxxxxxx)
- Change most cache related log msgs to debug level. (alikins@xxxxxxxxxx)
- Make D-Bus related log entries debug level. (alikins@xxxxxxxxxx)
- Change heal logging to be more concise. (alikins@xxxxxxxxxx)
- Add log friendy str version of Identity (alikins@xxxxxxxxxx)
- 1133647: Fix messageWindow deprecation warning. (alikins@xxxxxxxxxx)
- 1183382: Fix test case to work with dateutil 2. (alikins@xxxxxxxxxx)
- Revert "Added check for /etc/oracle-release in hwprobe" (alikins@xxxxxxxxxx)
- 1196416: Migration should not need credentials with activation keys
  (awood@xxxxxxxxxx)
- 1196385: Add --activation-key option to migration man page.
  (awood@xxxxxxxxxx)
- 1196418: Add bash completion for --activation-key in migration.
  (awood@xxxxxxxxxx)
- Update spec to point to github / new project website. (dgoodwin@xxxxxxxxxx)
- Quiet "Whoever translated calendar*" warnings. (alikins@xxxxxxxxxx)
- Stop 'recently-used.xbel' warnings, disable mru (alikins@xxxxxxxxxx)
- 1154375: Allow use of activation keys during migration. (awood@xxxxxxxxxx)
- 1191237: Fix proxy "test connection" in firstboot. (alikins@xxxxxxxxxx)
- 1191237: Make proxy config "save" work in firstboot. (alikins@xxxxxxxxxx)
- 1191241: Handle network starting after subman does. (alikins@xxxxxxxxxx)
- 1145077, disabled column wrapping during redirects (jmolet@xxxxxxxxxx)
- Add syslog logging handler. (alikins@xxxxxxxxxx)
- 1191237: Fix problems exitting firstboot on errors (alikins@xxxxxxxxxx)
- 1163398, fixing rhsm-icon --help descriptions (jmolet@xxxxxxxxxx)
* Fri Feb  6 2015 Devan Goodwin <dgoodwin@xxxxxxxx> 1.14.1-1
- 976855: populate a "version.py" at build time (alikins@xxxxxxxxxx)
- Fixed typo in subscription-manager-gui (crog@xxxxxxxxxx)
- 1186386: Provide one and only one Red Hat CA to Docker. (awood@xxxxxxxxxx)
- 1114117: Stop collecting subs info by default. (alikins@xxxxxxxxxx)
- 1184940: Update container plugin config. (dgoodwin@xxxxxxxxxx)
- 1183122: Fix KeyErrors building dbus ent status (alikins@xxxxxxxxxx)
- 884285: Needs to maintain loop for dbus calls (wpoteat@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 texstudio-2.9.0-1.fc20 (FEDORA-2015-3585)
 A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:

- update to version 2.9.0
- http://texstudio.sourceforge.net/manual/current/usermanual_en.html#SECTIONNEW290
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  9 2015 Johannes Lips <hannes@xxxxxxxxxxxxxxxxx> 2.9.0-1
- Update to latest upstream version 2.9.0
- changelog cleaned up
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux