Fedora 21 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 21 Security updates need testing:
 Age  URL
  97  https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21
  89  https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21
  73  https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
  65  https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21
  49  https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21
  42  https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21
  34  https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.fc21
  33  https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3.10-1.fc21
  22  https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.beta.r434svn.1.fc21
  21  https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12.fc21
  20  https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1.6-1.fc21
  15  https://admin.fedoraproject.org/updates/FEDORA-2015-3218/xterm-308-3.fc21
  15  https://admin.fedoraproject.org/updates/FEDORA-2015-3186/dokuwiki-0-0.24.20140929c.fc21
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-3556/patch-2.7.5-1.fc21
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-3505/389-ds-base-1.3.3.9-1.fc21
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-3569/icu-52.1-5.fc21
   7  https://admin.fedoraproject.org/updates/FEDORA-2015-3612/ImageMagick-6.8.8.10-6.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-3902/php-ZendFramework2-2.3.7-1.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-3944/xen-4.4.1-16.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-3948/nx-libs-3.5.0.29-1.fc21
   4  https://admin.fedoraproject.org/updates/FEDORA-2015-3984/ettercap-0.8.2-1.fc21
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-4079/varnish-4.0.3-3.fc21
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-4084/python-requests-2.5.3-2.fc21,python-urllib3-1.10.2-1.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-4143/powerpc-utils-python-1.2.1-7.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-4171/webkitgtk4-2.6.5-3.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-4197/mongodb-2.4.13-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4284/drupal7-ctools-1.7-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4236/php-5.6.7-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4321/mingw-xerces-c-3.1.1-11.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4230/libXfont-1.5.1-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4251/xerces-c-3.1.1-8.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4340/drupal7-7.35-1.fc21


The following Fedora 21 Critical Path updates have yet to be approved:
 Age URL
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-3379/gstreamer1-plugins-good-1.4.5-2.fc21
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-3363/glib-networking-2.42.0-2.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-3835/system-config-keyboard-1.4.0-6.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-3922/gnome-shell-3.14.3-2.fc21
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-4096/krb5-1.12.2-15.fc21
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-4044/gvfs-1.22.4-1.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-4191/upower-0.99.2-4.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4288/perl-Carp-1.36-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4223/control-center-3.14.4-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4253/pulseaudio-6.0-2.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4230/libXfont-1.5.1-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4238/libgsf-1.14.29-6.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4273/vte291-0.38.3-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-4263/libgweather-3.14.3-1.fc21


The following builds have been pushed to Fedora 21 updates-testing

    abduco-0.4-1.fc21
    antimicro-2.12-1.fc21
    control-center-3.14.4-1.fc21
    cups-x2go-3.0.1.1-1.fc21
    drupal7-7.35-1.fc21
    drupal7-ctools-1.7-1.fc21
    empathy-3.12.8-1.fc21
    folks-0.10.1-1.fc21
    ghc-tf-random-0.5-2.fc21
    gmusicbrowser-1.1.14-1.fc21
    gnome-user-share-3.14.2-1.fc21
    golang-1.4.2-2.fc21
    gssntlmssp-0.6.0-1.fc21
    hitori-3.14.3-1.fc21
    java-1.8.0-openjdk-1.8.0.40-21.b25.fc21
    libXfont-1.5.1-1.fc21
    libcss-0.5.0-1.fc21
    libgsf-1.14.29-6.fc21
    libgweather-3.14.3-1.fc21
    liblangtag-0.5.5-1.fc21
    libreoffice-4.3.6.2-4.fc21
    mapserver-6.2.2-3.fc21
    mate-power-manager-1.8.2-0.1.git20150319.dc4d2c3.fc21
    mingw-xerces-c-3.1.1-11.fc21
    mksh-50e-1.fc21
    netsurf-buildsystem-1.3-1.fc21
    openssl-1.0.1k-6.fc21
    pcsc-lite-asekey-3.7-1.fc21
    perl-Carp-1.36-1.fc21
    perl-Compress-Raw-Zlib-2.066-2.fc21
    perl-Excel-Writer-XLSX-0.83-1.fc21
    perl-GStreamer1-0.003-2.fc21
    php-5.6.7-1.fc21
    php-symfony-2.5.10-1.fc21
    pulseaudio-6.0-2.fc21
    python-rdflib-4.1.2-3.fc21
    ratools-0.6.1-1.fc21
    rubygem-sequel-4.20.0-1.fc21
    tonto-1.44-2.20150312gitbe1657a.fc21
    vim-jedi-0.7.0-7.fc21
    vte291-0.38.3-1.fc21
    xerces-c-3.1.1-8.fc21
    xfdashboard-0.3.90-1.fc21
    youtube-dl-2015.03.18-1.fc21

Details about builds:


================================================================================
 abduco-0.4-1.fc21 (FEDORA-2015-4252)
 Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:

Update to 0.4 release
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Denis Fateyev <denis@xxxxxxxxxxx> - 0.4-1
- Update to 0.4 release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203475 - abduco-0.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1203475
--------------------------------------------------------------------------------


================================================================================
 antimicro-2.12-1.fc21 (FEDORA-2015-4346)
 Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:

new upstream release v2.12 (#1202803)
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1202803 - antimicro-2.12 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1202803
--------------------------------------------------------------------------------


================================================================================
 control-center-3.14.4-1.fc21 (FEDORA-2015-4223)
 Utilities to configure the GNOME desktop
--------------------------------------------------------------------------------
Update Information:

New upstream release 3.14.4
This update fixes a number of crashes and bugs.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Rui Matos <rmatos@xxxxxxxxxx> - 1:3.14.4-1
- Update to 3.14.4
* Thu Mar 12 2015 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 1:3.14.3-1
- Update to 3.14.3
--------------------------------------------------------------------------------


================================================================================
 cups-x2go-3.0.1.1-1.fc21 (FEDORA-2015-4342)
 CUPS backend for printing from X2Go
--------------------------------------------------------------------------------
Update Information:

Update to 3.0.1.1:

- Add a short README that provides some getting started information.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 11 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.0.1.1-1
- Update to 3.0.1.1
- Require openssh-clients
--------------------------------------------------------------------------------


================================================================================
 drupal7-7.35-1.fc21 (FEDORA-2015-4340)
 An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:

- Upstream release notes: https://www.drupal.org/drupal-7.35-release-notes
- Official security advisory: https://www.drupal.org/SA-CORE-2015-001
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Peter Borsa <peter.borsa@xxxxxxxxx> - 7.35-1
- 7.35, DRUPAL-SA-CORE-2015-001.
--------------------------------------------------------------------------------


================================================================================
 drupal7-ctools-1.7-1.fc21 (FEDORA-2015-4284)
 Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:

Update to upstream 1.7 release for security fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Jared Smith <jsmith@xxxxxxxxxxxxxxxxx> - 1.7-1
- Update to upstream 1.7 release for security fixes
- SA-CONTRIB-2015-079 details at https://www.drupal.org/node/2454909
- Full upstream changelog at https://www.drupal.org/node/2454883
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203480 - drupal7-ctools-1.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1203480
--------------------------------------------------------------------------------


================================================================================
 empathy-3.12.8-1.fc21 (FEDORA-2015-4267)
 Instant Messaging Client for GNOME
--------------------------------------------------------------------------------
Update Information:

Empathy 3.12.8 release. For details, please see https://mail.gnome.org/archives/ftp-release-list/2015-March/msg00113.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 16 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.12.8-1
- Update to 3.12.8
* Thu Nov 13 2014 Richard Hughes <richard@xxxxxxxxxxx> - 3.12.7-2
- Fix non-Fedora build
--------------------------------------------------------------------------------


================================================================================
 folks-0.10.1-1.fc21 (FEDORA-2015-4271)
 GObject contact aggregation library
--------------------------------------------------------------------------------
Update Information:

folks 0.10.1 release with translation updates.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1:0.10.1-1
- Update to 0.10.1
* Mon Nov  3 2014 Richard Hughes <richard@xxxxxxxxxxx> - 1:0.10.0-2
- Fix non-Fedora build
--------------------------------------------------------------------------------


================================================================================
 ghc-tf-random-0.5-2.fc21 (FEDORA-2015-4333)
 High-quality splittable pseudorandom number generator
--------------------------------------------------------------------------------
Update Information:

High-quality splittable pseudorandom number generator
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196960 - Review Request: ghc-tf-random - High-quality splittable pseudorandom number generator
        https://bugzilla.redhat.com/show_bug.cgi?id=1196960
--------------------------------------------------------------------------------


================================================================================
 gmusicbrowser-1.1.14-1.fc21 (FEDORA-2015-4327)
 Jukebox for large collections of music files
--------------------------------------------------------------------------------
Update Information:

>From upstream NEWS:
* add way to edit "persistent" labels, and dialog to rename labels
* add "new label" entry to the "edit labels" submenu
* make scroll wheel increase/decrease numbers in the search bar
* add options to override default web browser and file browser
* add thousand separators in most displayed numbers
* various number-related improvements/fixes
* fix auto-selected embedded pictures always showing the first picture (only fix newly autoselected pictures)
* translations updates: Finnish, French, German, Polish, Korean, Serbian
* new translations: Lithuanian, Malay (Malaysia)

Notice: Gstreamer 1.x support is available when new package perl-GStreamer1 is installed.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.14.1
- update to 1.1.14
--------------------------------------------------------------------------------


================================================================================
 gnome-user-share-3.14.2-1.fc21 (FEDORA-2015-4347)
 Gnome user file sharing
--------------------------------------------------------------------------------
Update Information:

gnome-user-share 3.14.2 release.

- Fix crasher in gsettings-data-convert
- Updated translations
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 19 2014 Richard Hughes <rhughes@xxxxxxxxxx> - 3.14.2-1
- Update to 3.14.2
--------------------------------------------------------------------------------


================================================================================
 golang-1.4.2-2.fc21 (FEDORA-2015-4301)
 The Go Programming Language
--------------------------------------------------------------------------------
Update Information:

update to go1.4.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.4.2-2
- obsoleting deprecated packages
* Wed Feb 18 2015 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.4.2-1
- updating to go1.4.2
* Fri Jan 16 2015 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.4.1-1
- updating to go1.4.1
* Fri Jan  2 2015 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.4-2
- doc organizing
* Thu Dec 11 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.4-1
- update to go1.4 release
* Wed Dec  3 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.99-3.1.4rc2
- update to go1.4rc2
* Mon Nov 17 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.99-2.1.4rc1
- update to go1.4rc1
* Thu Oct 30 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.99-1.1.4beta1
- update to go1.4beta1
* Thu Oct 30 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.3-3
- macros will need to be in their own rpm
* Fri Oct 24 2014 Vincent Batts <vbatts@xxxxxxxxxxxxxxxxx> - 1.3.3-2
- split out rpm macros (bz1156129)
- progress on gccgo accomodation
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203811 - update to go1.4 :: for etcd requirement
        https://bugzilla.redhat.com/show_bug.cgi?id=1203811
--------------------------------------------------------------------------------


================================================================================
 gssntlmssp-0.6.0-1.fc21 (FEDORA-2015-4235)
 GSSAPI NTLMSSP Mechanism
--------------------------------------------------------------------------------
Update Information:

Fixes for 32bit arches
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Simo Sorce <simo@xxxxxxxxx> - 0.6.0-1
- New verion with fixes for 32 bit arches
- drop patches, they are included in he new upstream release
--------------------------------------------------------------------------------


================================================================================
 hitori-3.14.3-1.fc21 (FEDORA-2015-4277)
 Logic puzzle game for GNOME
--------------------------------------------------------------------------------
Update Information:

Hitori 3.14.3 release with translation updates.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.14.3-1
- Update to 3.14.3
* Thu Dec 18 2014 Richard Hughes <rhughes@xxxxxxxxxx> - 3.14.2.1-1
- Update to 3.14.2.1
--------------------------------------------------------------------------------


================================================================================
 java-1.8.0-openjdk-1.8.0.40-21.b25.fc21 (FEDORA-2015-4248)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

updated to u40b25 newest release + few minor rpm specific fixes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar  3 2015 Severin Gehwolf <sgehwolf@xxxxxxxxxx> - 1:1.8.0.40-21.b25
- Added compiler no-warn-
* Fri Feb 20 2015 Omair Majid <omajid@xxxxxxxxxx> - 1:1.8.0.40-21.b25
- Fix zero interpreter build.
--------------------------------------------------------------------------------


================================================================================
 libXfont-1.5.1-1.fc21 (FEDORA-2015-4230)
 X.Org X11 libXfont runtime library
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.5.1-1
- libXfont 1.5.1 (CVE-2015-1802, CVE-2015-1803, CVE-2015-1804)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203715 - CVE-2015-1802 libXfont: missing range check in bdfReadProperties
        https://bugzilla.redhat.com/show_bug.cgi?id=1203715
  [ 2 ] Bug #1203718 - CVE-2015-1803 libXfont: crash on invalid read in bdfReadCharacters
        https://bugzilla.redhat.com/show_bug.cgi?id=1203718
  [ 3 ] Bug #1203719 - CVE-2015-1804 libXfont: out-of-bounds memory access in bdfReadCharacters
        https://bugzilla.redhat.com/show_bug.cgi?id=1203719
--------------------------------------------------------------------------------


================================================================================
 libcss-0.5.0-1.fc21 (FEDORA-2015-4310)
 A CSS parser and selection engine
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 16 2015 David Tardon <dtardon@xxxxxxxxxx> - 0.5.0-1
- new upstream release
* Mon Sep  1 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.4.0-1
- new upstream release
--------------------------------------------------------------------------------


================================================================================
 libgsf-1.14.29-6.fc21 (FEDORA-2015-4238)
 GNOME Structured File library
--------------------------------------------------------------------------------
Update Information:

Missing gdk-pixbuf support so not working without ImageMagick out of the box like it should
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Caolán McNamara <caolanm@xxxxxxxxxx> 1.14.29-6
- Resolves: rhbz#1202683 thumbnails not created in absence of ImageMagick
  because gdk-pixbuf2-devel not present at build time
* Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1.14.29-5
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1202683 - No LibreOiffce Thumbnails in Nautilus, gsf-office-thumbnailer fails to run
        https://bugzilla.redhat.com/show_bug.cgi?id=1202683
--------------------------------------------------------------------------------


================================================================================
 libgweather-3.14.3-1.fc21 (FEDORA-2015-4263)
 A library for weather information
--------------------------------------------------------------------------------
Update Information:

libgweather 3.14.3 release.

* Fixed a crash in the location entry
* Location database fixes
* Updated translations
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.14.3-1
- Update to 3.14.3
--------------------------------------------------------------------------------


================================================================================
 liblangtag-0.5.5-1.fc21 (FEDORA-2015-4219)
 An interface library to access tags for identifying languages
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2015 David Tardon <dtardon@xxxxxxxxxx> - 0.5.5-1
- new upstream release
--------------------------------------------------------------------------------


================================================================================
 libreoffice-4.3.6.2-4.fc21 (FEDORA-2015-4240)
 Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:

Fix a crash on exit under certain circumstances
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:4.3.6.2-4
- Resolves: rhbz#1202138 fix crash on exit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1202138 - [abrt] libreoffice-core: __pthread_mutex_lock(): soffice.bin killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1202138
--------------------------------------------------------------------------------


================================================================================
 mapserver-6.2.2-3.fc21 (FEDORA-2015-4341)
 Environment for building spatially-enabled internet applications
--------------------------------------------------------------------------------
Update Information:

removed dejavu-sans-fonts dependency
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Pavel Lisý <pali@xxxxxxxxxxxxxxxxx> - 6.2.2-3
- removed dejavu-sans-fonts dependency
- BZ 1197070 - mapserver: FTBFS with SWIG 3.0.5
- added: --with-kml=yes
* Wed Mar 11 2015 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 6.2.2-2
- Rebuilt for Proj 4.9.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197070 - mapserver: FTBFS with SWIG 3.0.5
        https://bugzilla.redhat.com/show_bug.cgi?id=1197070
--------------------------------------------------------------------------------


================================================================================
 mate-power-manager-1.8.2-0.1.git20150319.dc4d2c3.fc21 (FEDORA-2015-4350)
 MATE power management service
--------------------------------------------------------------------------------
Update Information:

- update to latest git snapshot from 2015-03-19
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.8.2-0.1.git20150319.dc4d2c3
- update to latest git snapshot from 2015-03-19
- remove upstreamed patch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1195898 - [abrt] mate-power-manager: up_device_get_object_path(): mate-power-statistics killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1195898
--------------------------------------------------------------------------------


================================================================================
 mingw-xerces-c-3.1.1-11.fc21 (FEDORA-2015-4321)
 MingGW Windows validating XML parser
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-0252.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.1.1-11
- Fix CVE-2015-0252
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199103 - CVE-2015-0252 xerces-c: crashes on malformed input
        https://bugzilla.redhat.com/show_bug.cgi?id=1199103
--------------------------------------------------------------------------------


================================================================================
 mksh-50e-1.fc21 (FEDORA-2015-4337)
 MirBSD enhanced version of the Korn Shell
--------------------------------------------------------------------------------
Update Information:

R50e is a required bugfix release:

  * Add more tests detailing behaviour difference from GNU bash
  * Introduce a memory leak for x=<< fixing use of freed memory instead, bug tracked as LP#1380389 still live
  * Add x+=<< parallel to x=<<
  * POSIX “command” loses builtin special-ness
  * Fix LP#1381965 and LP#1381993 (more field splitting)
  * Update location of FreeBSD testsuite for test(1)
  * Remove dead NULL elements from Emacs keybindings
  * Change several testcases for $*/$@ expansion with/without quotes to expected-fail, with even more to come ☹
  * Fix miscalculating required memory for encoding the double-quoted parts of a here document or here string delimiter, leading to a buffer overflow; discovered by zacts from IRC
  * Rename a function conflicting with a MacRelix system header
  * Use size_t (and ssize_t) consistently, stop using ptrdiff_t; fixes some arithmetics and S/390 bugs
  * Remove old workarounds for Clang 3.2 scan-build
  * Remove all Clang/Coverity assertions, making room for new checks
  * Fix NSIG generation on Debian sid gcc-snapshot
  * Make a testcase not fail in a corner case
  * Fix issues detected by GCC’s new sanitisers: data type of a value to be shifted constantly must be unsigned (what not, in C…); shebang check array accesses are always unsigned char
  * Be even more explicit wrt. POSIX in the manpage
  * Fix shebang / file magic decoding
  * More int → bool conversion
  * Let Build.sh be run by GNU bash 1.12.1 (Slackware 1.01)
  * Fix here string parsing issue
  * Point out more future changes in the manpage
  * Call setgid(2), setegid(2), setuid(2) before seteuid(2)
  * Fix spurious empty line after ENOENT “whence -v”, found by Ypnose
  * Optimise dot.mkshrc and modernise it a bit
  * Use MAXPATHLEN from <sys/param.h> for PATH_MAX fallback
  * Some code cleanup and warnings fixes
  * Add options -a argv0 and -c to exec
  * Prevent use-after-free when hitting multiple errors unwinding
  * Fix use of $* and $@ in scalar context: within [[ … ]] and after case (spotted by Stéphane Chazelas) and in here documents (spotted by tg@); fix here document expansion
  * Unbreak when $@ shares double quotes with others
  * Fix set -x in PS4 expansion infinite loop
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 50e-1
- Upgrade to 50e
- Apply https://fedoraproject.org/wiki/Features/UsrMove
--------------------------------------------------------------------------------


================================================================================
 netsurf-buildsystem-1.3-1.fc21 (FEDORA-2015-4306)
 Makefiles shared by NetSurf projects
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 16 2015 David Tardon <dtardon@xxxxxxxxxx> - 1.3-1
- new upstream release
* Mon Sep  1 2014 David Tardon <dtardon@xxxxxxxxxx> - 1.2-1
- new upstream release
--------------------------------------------------------------------------------


================================================================================
 openssl-1.0.1k-6.fc21 (FEDORA-2015-4303)
 Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292, CVE-2015-0287, CVE-2015-0286, CVE-2015-0288

--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1k-6
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
* Mon Mar 16 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1k-5
- fix bug in the CRYPTO_128_unwrap()
* Fri Feb 27 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1k-4
- fix bug in the RFC 5649 support (#1185878)
* Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1:1.0.1k-3
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Thu Jan 15 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1k-2
- test in the non-FIPS RSA keygen for minimal distance of p and q
  similarly to the FIPS RSA keygen
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1196737 - CVE-2015-0209 openssl: use-after-free on invalid EC private key import
        https://bugzilla.redhat.com/show_bug.cgi?id=1196737
  [ 2 ] Bug #1202366 - CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp()
        https://bugzilla.redhat.com/show_bug.cgi?id=1202366
  [ 3 ] Bug #1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption
        https://bugzilla.redhat.com/show_bug.cgi?id=1202380
  [ 4 ] Bug #1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=1202384
  [ 5 ] Bug #1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=1202418
  [ 6 ] Bug #1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding
        https://bugzilla.redhat.com/show_bug.cgi?id=1202395
  [ 7 ] Bug #1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers
        https://bugzilla.redhat.com/show_bug.cgi?id=1202404
--------------------------------------------------------------------------------


================================================================================
 pcsc-lite-asekey-3.7-1.fc21 (FEDORA-2015-4296)
 ASEKey USB token driver
--------------------------------------------------------------------------------
Update Information:

This package brings PCSC driver for ASEKey USB cryptographic token.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #893399 - Review Request: pcsc-lite-asekey - ASEKey USB token driver
        https://bugzilla.redhat.com/show_bug.cgi?id=893399
--------------------------------------------------------------------------------


================================================================================
 perl-Carp-1.36-1.fc21 (FEDORA-2015-4288)
 Alternative warn and die for modules
--------------------------------------------------------------------------------
Update Information:

This release corrects internal tests.
This release fixes working on non-ASCII platforms, it fixes handling DEL character on perl older than 5.14 and relaxes check for Carp::Heavy version.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 1.36-1
- 1.36 bump
* Mon Mar 16 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 1.35-1
- 1.35 bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204113 - perl-Carp-1.36 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1204113
  [ 2 ] Bug #1202095 - perl-Carp-1.35 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1202095
--------------------------------------------------------------------------------


================================================================================
 perl-Compress-Raw-Zlib-2.066-2.fc21 (FEDORA-2015-4349)
 Low-level interface to the zlib compression library
--------------------------------------------------------------------------------
Update Information:

Correct license from (GPL+ or Artistic) to ((GPL+ or Artistic) and zlib)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 2.066-2
- Correct license from (GPL+ or Artistic) to ((GPL+ or Artistic) and zlib)
--------------------------------------------------------------------------------


================================================================================
 perl-Excel-Writer-XLSX-0.83-1.fc21 (FEDORA-2015-4268)
 Create a new file in the Excel 2007+ XLSX format
--------------------------------------------------------------------------------
Update Information:

Update to 0.83
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 David Dick <ddick@xxxxxxxx> - 0.83-1
- Update to 0.83
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1202069 - perl-Excel-Writer-XLSX-0.83 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1202069
--------------------------------------------------------------------------------


================================================================================
 perl-GStreamer1-0.003-2.fc21 (FEDORA-2015-4328)
 Bindings for GStreamer 1.x
--------------------------------------------------------------------------------
Update Information:

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline.

This package provides the perl language bindings.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203610 - Review Request: perl-GStreamer1 - Bindings for GStreamer 1.0
        https://bugzilla.redhat.com/show_bug.cgi?id=1203610
--------------------------------------------------------------------------------


================================================================================
 php-5.6.7-1.fc21 (FEDORA-2015-4236)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

**19 Mar 2015, PHP 5.6.7**

Core:
* Fixed bug #69174 (leaks when unused inner class use traits precedence). (Laruence)
* Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). (Laruence)
* Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build). (dan at syneto dot net)
* Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike)
* Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not validated in memory.c). (nayana at ddproperty dot com)
* Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)
* Fixed bug #69141 (Missing arguments in reflection info for some builtin functions). (kostyantyn dot lysyy at oracle dot com)
* Fixed bug #68976 (Use After Free Vulnerability in unserialize()) (CVE-2015-0231). (Stas)
* Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)
* Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)

CGI:
* Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)

CLI:
* Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia)

cURL:
* Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on Win32). (Grant Pannell)
* Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by libcurl. (Linus Unneback)

Ereg:
* Fixed bug #69248 (heap overflow vulnerability in regcomp.c) (CVE-2015-2305). (Stas)

FPM:
* Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com)

ODBC:
* Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)

Opcache:
* Fixed bug #69159 (Opcache causes problem when passing a variable variable  to a function). (Dmitry, Laruence)
* Fixed bug #69125 (Array numeric string as key). (Laruence)
* Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence)

OpenSSL:
* Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence)
* Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe socket timeouts). (Brad Broerman)
* Fixed bug #68920 (use strict peer_fingerprint input checks) (Daniel Lowrey)
* Fixed bug #68879 (IP Address fields in subjectAltNames not used) (Daniel Lowrey)
* Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)
* Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)
* Fixed bug (#69195 Inconsistent stream crypto values across versions) (Daniel Lowrey)

pgsql:
* Fixed bug #68638 (pg_update() fails to store infinite values). (william dot welter at 4linux dot com dot br, Laruence)

Readline:
* Fixed bug #69054 (Null dereference in readline_(read|write)_history() without parameters). (Laruence)

SOAP:
* Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (andrea dot palazzo at truel dot it, Laruence)

SPL:
* Fixed bug #69108 ("Segmentation fault" when (de)serializing SplObjectStorage). (Laruence)
* Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after calling getChildren()). (Julien)

ZIP:
* Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary) (CVE-2015-2331). (Stas)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.6.7-1
- Update to 5.6.7
  http://www.php.net/releases/5_6_7.php
--------------------------------------------------------------------------------


================================================================================
 php-symfony-2.5.10-1.fc21 (FEDORA-2015-4246)
 PHP framework for web projects
--------------------------------------------------------------------------------
Update Information:

Release notes:
* http://symfony.com/blog/symfony-2-5-9-released
* http://symfony.com/blog/symfony-2-5-10-released
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.5.10-1
- Update to 2.5.10
--------------------------------------------------------------------------------


================================================================================
 pulseaudio-6.0-2.fc21 (FEDORA-2015-4253)
 Improved Linux Sound Server
--------------------------------------------------------------------------------
Update Information:

Update to pulseaudio 6.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Richard Hughes <rhughes@xxxxxxxxxx> 6.0-2
- pulseaudio-6.0 (#1192384)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1192384 - pulseaudio-6.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1192384
--------------------------------------------------------------------------------


================================================================================
 python-rdflib-4.1.2-3.fc21 (FEDORA-2015-4311)
 Python library for working with RDF
--------------------------------------------------------------------------------
Update Information:

add python3 subpackage (rhbz#1086844)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan  5 2015 Matthias Runge <mrunge@xxxxxxxxxx> - 4.1.2-3
- add python3 subpackage (rhbz#1086844)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1086844 - Python 3 version of RDFLib
        https://bugzilla.redhat.com/show_bug.cgi?id=1086844
  [ 2 ] Bug #1203123 - Broken dependencies for python3-selenium-2.45.0-1.fc21.noarch
        https://bugzilla.redhat.com/show_bug.cgi?id=1203123
--------------------------------------------------------------------------------


================================================================================
 ratools-0.6.1-1.fc21 (FEDORA-2015-4295)
 Framework for IPv6 Router Advertisements
--------------------------------------------------------------------------------
Update Information:

Update to Version 0.6.1
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Florian Lehner <dev@xxxxxxxxxxx> - 0.6.1-1
- Update to Version 0.6.1
- Use license-Macro
--------------------------------------------------------------------------------


================================================================================
 rubygem-sequel-4.20.0-1.fc21 (FEDORA-2015-4318)
 The Database Toolkit for Ruby
--------------------------------------------------------------------------------
Update Information:

Ugrade to sequel 4.20.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Alejandro Perez <alejandro.perez.torres@xxxxxxxxx> - 4.20.0-1
- Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1093689 - rubygem-sequel-4.20.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1093689
--------------------------------------------------------------------------------


================================================================================
 tonto-1.44-2.20150312gitbe1657a.fc21 (FEDORA-2015-4269)
 Tools for Pronto programmable remote controls
--------------------------------------------------------------------------------
Update Information:

Initial release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197471 - Review Request: tonto - Tools for Pronto programmable remote controls
        https://bugzilla.redhat.com/show_bug.cgi?id=1197471
--------------------------------------------------------------------------------


================================================================================
 vim-jedi-0.7.0-7.fc21 (FEDORA-2015-4274)
 The Jedi vim plugin
--------------------------------------------------------------------------------
Update Information:

Standard installation of vim-jedi is broken (#1190187)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Petr Hracek <phracek@xxxxxxxxxx> - 0.7.0-7
- Standard installation of vim-jedi is broken (#1190187)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1190187 - Standard installation of vim-jedi is broken
        https://bugzilla.redhat.com/show_bug.cgi?id=1190187
--------------------------------------------------------------------------------


================================================================================
 vte291-0.38.3-1.fc21 (FEDORA-2015-4273)
 Terminal emulator library
--------------------------------------------------------------------------------
Update Information:

vte 0.38.3 release. For details, see https://mail.gnome.org/archives/ftp-release-list/2014-December/msg00064.html
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 0.38.3-1
- Update to 0.38.3
--------------------------------------------------------------------------------


================================================================================
 xerces-c-3.1.1-8.fc21 (FEDORA-2015-4251)
 Validating XML Parser
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-0252.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 3.1.1-8
- Fix CVE-2015-0252
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199103 - CVE-2015-0252 xerces-c: crashes on malformed input
        https://bugzilla.redhat.com/show_bug.cgi?id=1199103
--------------------------------------------------------------------------------


================================================================================
 xfdashboard-0.3.90-1.fc21 (FEDORA-2015-4221)
 GNOME shell like dashboard for Xfce
--------------------------------------------------------------------------------
Update Information:

Update to 0.3.90; multiple monitors supported
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2015 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.3.90-1
- Update to 0.3.90
- Removed patch for forcing X11 backend in clutter
* Mon Mar  9 2015 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.3.9-4
- Force X11 backend for clutter
* Sun Mar  1 2015 Mukundan Ragavan <nonamedotc@xxxxxxxxx> - 0.3.9-3
- Rebuild from Xfce 4.12
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1197361 - [abrt] xfdashboard: _xfdashboard_image_content_load_from_icon_name(): xfdashboard killed by SIGTRAP
        https://bugzilla.redhat.com/show_bug.cgi?id=1197361
  [ 2 ] Bug #1136184 - [abrt] xfdashboard: glx_event_filter_cb(): xfdashboard killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1136184
--------------------------------------------------------------------------------


================================================================================
 youtube-dl-2015.03.18-1.fc21 (FEDORA-2015-4283)
 A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:

Update to latest release (# 1201585)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 19 2015 Matej Cepl <mcepl@xxxxxxxxxx> - 2015.03.18-1
- Update to latest release (# 1201585)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1201585 - youtube-dl-2015.03.18 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1201585
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux