Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
 128  https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20
 116  https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
 108  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
  64  https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20
  63  https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
  61  https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20
  46  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  31  https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
  26  https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4486/ca-certificates-2015.2.3-1.0.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4587/qt5-qtwebkit-5.4.1-4.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4551/qtwebkit-2.3.4-6.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4554/rest-0.7.93-1.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4556/libzip-0.11.2-5.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4719/libxml2-2.9.1-4.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4693/owncloud-7.0.5-2.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-4953/tcpdump-4.5.1-4.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-5182/libtasn1-3.8-3.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-5398/thunderbird-31.6.0-1.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-5402/xen-4.3.4-2.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-5390/mingw-libtasn1-3.8-2.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-5464/php-symfony-2.5.11-1.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-5456/asterisk-11.17.0-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-5546/arj-3.10.22-22.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-5569/mediawiki-1.23.9-1.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-5601/perl-DBD-Firebird-1.19-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-5723/firefox-37.0.1-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-5732/tor-0.2.5.12-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5840/perl-Test-Signature-1.11-1.fc20,perl-Module-Signature-0.77-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5809/chrony-1.31.1-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5864/zarafa-7.1.12-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5874/ntp-4.2.6p5-21.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5812/knot-1.6.3-1.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  46  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4486/ca-certificates-2015.2.3-1.0.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4551/qtwebkit-2.3.4-6.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4554/rest-0.7.93-1.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-4611/lcms2-2.7-1.fc20
  11  https://admin.fedoraproject.org/updates/FEDORA-2015-4892/btrfs-progs-3.19.1-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-5182/libtasn1-3.8-3.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-5398/thunderbird-31.6.0-1.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-5361/libidn-1.28-3.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-5488/perl-5.18.4-293.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-5448/ibus-1.5.10-2.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-5723/firefox-37.0.1-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5859/testdisk-6.14-4.fc20,ntfs-3g-2015.3.14-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5824/emacs-24.3-26.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-5809/chrony-1.31.1-1.fc20


The following builds have been pushed to Fedora 20 updates-testing

    chrony-1.31.1-1.fc20
    clufter-0.10.4-1.fc20
    cross-binutils-2.25-4.fc20
    cross-gcc-4.9.2-4.fc20
    dcraw-9.24.4-1.fc20
    digikam-4.9.0-1.fc20
    drupal6-ctools-1.12-1.fc20
    drupal7-crumbs-2.3-1.fc20
    drupal7-jquery_update-2.5-1.fc20
    drupal7-l10n_update-2.0-1.fc20
    emacs-24.3-26.fc20
    globus-common-15.29-1.fc20
    globus-gatekeeper-10.10-1.fc20
    globus-gridftp-server-7.25-1.fc20
    globus-scheduler-event-generator-5.11-1.fc20
    globus-simple-ca-4.19-1.fc20
    globus-xio-5.8-1.fc20
    hedgewars-0.9.21.1-4.fc20
    isync-1.2.0-2.fc20
    kde-plasma-nm-0.9.3.6-1.fc20
    knot-1.6.3-1.fc20
    libkpeople-0.3.0-3.fc20
    libnm-qt-0.9.8.4-1.fc20
    libspf2-1.2.10-5.20150405gitd57d79fd.fc20
    libxmp-4.3.8-1.fc20
    lz4-r128-2.fc20
    myproxy-6.1.13-1.fc20
    ntfs-3g-2015.3.14-1.fc20
    ntp-4.2.6p5-21.fc20
    osbs-0.2-2.c1216ba.fc20
    perl-MCE-1.605-1.fc20
    perl-Module-Signature-0.77-1.fc20
    perl-Test-Signature-1.11-1.fc20
    php-pear-DB-DataObject-1.11.4-1.fc20
    recoll-1.20.5-1.fc20
    testdisk-6.14-4.fc20
    xforms-1.2.4-2.fc20
    zarafa-7.1.12-1.fc20

Details about builds:


================================================================================
 chrony-1.31.1-1.fc20 (FEDORA-2015-5809)
 An NTP client/server
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 1.31.1-1
- update to 1.31.1 (CVE-2015-1853 CVE-2015-1821 CVE-2015-1822)
* Thu Sep 11 2014 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 1.31-1
- update to 1.31
- add servers from DHCP with iburst option by default
- use upstream configuration files and scripts
- don't package configuration examples
- compress chrony.txt
* Thu Aug 21 2014 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 1.31-0.1.pre1
- update to 1.31-pre1
- use license macro if available
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.30-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209631 - CVE-2015-1821 chrony: Heap out of bound write in address filter
        https://bugzilla.redhat.com/show_bug.cgi?id=1209631
  [ 2 ] Bug #1209572 - CVE-2015-1853 chrony: authentication doesn't protect symmetric associations against DoS attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1209572
  [ 3 ] Bug #1209632 - CVE-2015-1822 chrony: uninitialized pointer in cmdmon reply slots
        https://bugzilla.redhat.com/show_bug.cgi?id=1209632
--------------------------------------------------------------------------------


================================================================================
 clufter-0.10.4-1.fc20 (FEDORA-2015-5817)
 Tool/library for transforming/analyzing cluster configuration formats
--------------------------------------------------------------------------------
Update Information:

bump upstream package (incl. several bugfixes, e.g., rhbz#1207345)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Jan Pokorný <jpokorny+rpm-clufter@xxxxxxxxxxxxxxxxx> - 0.10.4-1
- bump upstream package
--------------------------------------------------------------------------------


================================================================================
 cross-binutils-2.25-4.fc20 (FEDORA-2015-5853)
 A GNU collection of cross-compilation binary utilities
--------------------------------------------------------------------------------
Update Information:

Fix microblaze extra-large constant handling [binutils bz 18189]
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  6 2015 David Howells <dhowells@xxxxxxxxxx> - 2.25-4
- Microblaze: Fix extra-large constant handling [binutils bz 18189].
--------------------------------------------------------------------------------


================================================================================
 cross-gcc-4.9.2-4.fc20 (FEDORA-2015-5852)
 Cross C compiler
--------------------------------------------------------------------------------
Update Information:

Rebase on gcc-4.9.2-6
Use cross-binutils-2.25, move to gcc-4.9.2, import fixes from gcc rpm and fix sh64 and openrisc target tuples
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 David Howells <dhowells@xxxxxxxxxx> - 4.9.2-4
- Rebase on gcc-4.9.2-6 [BZ 1183401].
* Mon Feb  9 2015 David Howells <dhowells@xxxxxxxxxx> - 4.9.2-3
- Need to build-depend on isl-devel and cloog-devel.
* Tue Jan 13 2015 David Howells <dhowells@xxxxxxxxxx> - 4.9.2-2
- Rebase on gcc-4.9.2-5.
- Use binutils-2.25.
* Fri Dec 12 2014 David Howells <dhowells@xxxxxxxxxx> - 4.9.2-1
- Rebase on gcc-4.9.2-2.
* Fri Dec 12 2014 David Howells <dhowells@xxxxxxxxxx> - 4.9.1-3
- Enable libgcc building on sh64 [gcc BZ 61844].
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.9.1-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Tue Aug 12 2014 Kyle McMartin <kyle@xxxxxxxxxxxxxxxxx> - 4.9.1-2
- Add --with-ld to ensure the cross-compiler can find the appropriate
  linker without having to search high and low. [BZ 1122003]
--------------------------------------------------------------------------------


================================================================================
 dcraw-9.24.4-1.fc20 (FEDORA-2015-5837)
 Tool for decoding raw image data from digital cameras
--------------------------------------------------------------------------------
Update Information:

Upstream bugfix and enhancement release with these changes:

* Added Romanian manpage and message table.
* Support all format options of the Nikon D4S and D810.
* Guess which filter pattern OmniVision cameras use.
* Canon multi-exposure files are already white-balanced.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Nils Philippsen <nils@xxxxxxxxxx> - 9.24.4-1
- version 9.24.4
--------------------------------------------------------------------------------


================================================================================
 digikam-4.9.0-1.fc20 (FEDORA-2015-5811)
 A digital camera accessing & photo management application
--------------------------------------------------------------------------------
Update Information:

digiKam 4.9.0

See release notes https://www.digikam.org/node/735
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 4.9.0-1
- digikam-4.9.0
- removed libkgeomap translations
--------------------------------------------------------------------------------


================================================================================
 drupal6-ctools-1.12-1.fc20 (FEDORA-2015-5867)
 Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:

- Updated to 1.12 (BZ #1203478)
- Removed RPM README b/c it only explained common Drupal workflow
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  4 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.12-1
- Updated to 1.12 (BZ #1203478)
- Removed RPM README b/c it only explained common Drupal workflow
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203478 - drupal6-ctools-1.12 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1203478
--------------------------------------------------------------------------------


================================================================================
 drupal7-crumbs-2.3-1.fc20 (FEDORA-2015-5799)
 The ultimate breadcrumbs module
--------------------------------------------------------------------------------
Update Information:

- Updated to 2.3 (SA-CONTRIB-2015-082 / BZ #1205941)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  4 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.3-1
- Updated to 2.3 (SA-CONTRIB-2015-082 / BZ #1205941)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205941 - drupal7-crumbs-2.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1205941
--------------------------------------------------------------------------------


================================================================================
 drupal7-jquery_update-2.5-1.fc20 (FEDORA-2015-5848)
 Upgrades the version of jQuery in Drupal core to a newer version of jQuery
--------------------------------------------------------------------------------
Update Information:

- Update to 2.5 (BZ 1186191)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.5-1
- Update to 2.5 (BZ 1186191)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1186191 - drupal7-jquery_update-2.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1186191
--------------------------------------------------------------------------------


================================================================================
 drupal7-l10n_update-2.0-1.fc20 (FEDORA-2015-5831)
 Provides automatic downloads and updates for translations
--------------------------------------------------------------------------------
Update Information:

- Updated to 2.0 (BZ #1198580)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  4 2015 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 2.0-1
- Updated to 2.0 (BZ #1198580)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1198580 - drupal7-l10n_update-2.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1198580
--------------------------------------------------------------------------------


================================================================================
 emacs-24.3-26.fc20 (FEDORA-2015-5824)
 GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:

Cannot enter umlaut in TeX input mode (#1145526)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Petr Hracek <phracek@xxxxxxxxxx> - 1:24.3-26
- Cannot enter umlaut in TeX input mode (#1145526)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1145526 - Cannot enter umlaut in TeX input mode
        https://bugzilla.redhat.com/show_bug.cgi?id=1145526
--------------------------------------------------------------------------------


================================================================================
 globus-common-15.29-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 15.29-1
- GT6 update
- Drop patch globus-common-disable-network-tests.patch
  Use NO_EXTERNAL_NET environment variable implemented upstream instead
--------------------------------------------------------------------------------


================================================================================
 globus-gatekeeper-10.10-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Globus Gatekeeper
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 10.10-1
- GT6 update
--------------------------------------------------------------------------------


================================================================================
 globus-gridftp-server-7.25-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 7.25-1
- GT6 update (Fix order of drivers when using netmgr)
--------------------------------------------------------------------------------


================================================================================
 globus-scheduler-event-generator-5.11-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Scheduler Event Generator
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.11-1
- GT6 update
--------------------------------------------------------------------------------


================================================================================
 globus-simple-ca-4.19-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.19-1
- GT6 update (Add support for additional DN components)
--------------------------------------------------------------------------------


================================================================================
 globus-xio-5.8-1.fc20 (FEDORA-2015-5803)
 Globus Toolkit - Globus XIO Framework
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.8-1
- GT6 update (Check push result in globus_xio_driver_list_to_stack_attr)
--------------------------------------------------------------------------------


================================================================================
 hedgewars-0.9.21.1-4.fc20 (FEDORA-2015-5869)
 Funny turn-based artillery game, featuring fighting Hedgehogs!
--------------------------------------------------------------------------------
Update Information:

Fixes rpath issue
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Bruno Wolff III <bruno@xxxxxxxx> - 0.9.21.1-4
- Fix rpath issue
- Fix appdata issues
--------------------------------------------------------------------------------


================================================================================
 isync-1.2.0-2.fc20 (FEDORA-2015-5857)
 A tool to synchronize IMAP4 and Maildir mailboxes
--------------------------------------------------------------------------------
Update Information:

Build against cyrus-sasl-devel
Update to new upstream version 1.2.0 (rhbz#1208851, rhbz#1193063)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Ralph Bean <rbean@xxxxxxxxxx> - 1.2.0-2
- Build against cyrus-sasl-devel
* Sun Apr  5 2015 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.2.0-1
- Update to new upstream version 1.2.0 (rhbz#1208851, rhbz#1193063)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209597 - [PATCH] Needs to be built against sasl
        https://bugzilla.redhat.com/show_bug.cgi?id=1209597
  [ 2 ] Bug #1208851 - isync-1.2.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1208851
  [ 3 ] Bug #1193063 - mbsync no longer syncs old Maildir after updating to 1.1.2
        https://bugzilla.redhat.com/show_bug.cgi?id=1193063
--------------------------------------------------------------------------------


================================================================================
 kde-plasma-nm-0.9.3.6-1.fc20 (FEDORA-2015-5834)
 Plasma applet written in QML for managing network connections
--------------------------------------------------------------------------------
Update Information:

Plasma-nm 0.9.3.6 release. See https://grulja.wordpress.com/2015/04/08/plasma-nm-0-9-3-6-release/.

Networkmanager-qt 0.9.8.4 release. See http://lamarque-lvs.blogspot.cz/2015/04/networkmanagerqt-0984-is-out.html.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.6-1
- Update to 0.9.3.6
--------------------------------------------------------------------------------


================================================================================
 knot-1.6.3-1.fc20 (FEDORA-2015-5812)
 An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Jan Vcelak <jvcelak@xxxxxxxxxxxxxxxxx> 1.6.3-1
- new upstream release:
  + fix: performance drop for NSEC-signed zones
  + fix: proper handling of TCP short-writes
  + fix: possible out-of-bound reads in zone parser and packet parser
  + feature: CDS and CDNSKEY support in zone parser
  + improvement: add defaults for TCP config options into documentation
  + improvement: detailed error message if zone reload fails
--------------------------------------------------------------------------------


================================================================================
 libkpeople-0.3.0-3.fc20 (FEDORA-2015-5843)
 Meta-contact aggregation library
--------------------------------------------------------------------------------
Update Information:

Use non-conflicting libkpeople4 translation catalog.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.3.0-3
- use non-conflicting libkpeople4 translation catalog (#1208946)
- minor .spec cleanup
* Fri Nov 14 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.3.0-2
- -devel: own %{_kde4_libdir}/cmake/KPeople/
* Wed Sep 17 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.3.0-1
- Update to 0.3.0
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1208946 - libkpeople.mo from install of kf5-kpeople-5.8.0-1.fc21.x86_64 conflicts with file from package libkpeople-0.3.0-1.fc21.x86_64
        https://bugzilla.redhat.com/show_bug.cgi?id=1208946
--------------------------------------------------------------------------------


================================================================================
 libnm-qt-0.9.8.4-1.fc20 (FEDORA-2015-5834)
 Qt-only wrapper for NetworkManager DBus API
--------------------------------------------------------------------------------
Update Information:

Plasma-nm 0.9.3.6 release. See https://grulja.wordpress.com/2015/04/08/plasma-nm-0-9-3-6-release/.

Networkmanager-qt 0.9.8.4 release. See http://lamarque-lvs.blogspot.cz/2015/04/networkmanagerqt-0984-is-out.html.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Jan Grulich <jgrulich@xxxxxxxxxx> - 2:0.9.8.4-1
- Update to 0.9.8.4
--------------------------------------------------------------------------------


================================================================================
 libspf2-1.2.10-5.20150405gitd57d79fd.fc20 (FEDORA-2015-5814)
 An implementation of the SPF specification
--------------------------------------------------------------------------------
Update Information:

initial release for Fedora and EPEL
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1057874 - Review Request: libspf2 - Implementation of the Sender Policy Framework for SMTP authorization
        https://bugzilla.redhat.com/show_bug.cgi?id=1057874
--------------------------------------------------------------------------------


================================================================================
 libxmp-4.3.8-1.fc20 (FEDORA-2015-5822)
 A multi-format module playback library
--------------------------------------------------------------------------------
Update Information:

Numerous bugfixes. Upstream changelog:

https://sourceforge.net/projects/xmp/files/libxmp/4.3.8/Changelog/view
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> - 4.3.8-1
- update to 4.3.8 (http://sourceforge.net/projects/xmp/files/libxmp/4.3.8/Changelog/view)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205001 - libxmp-4.3.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1205001
--------------------------------------------------------------------------------


================================================================================
 lz4-r128-2.fc20 (FEDORA-2015-5855)
 Extremely fast compression algorithm
--------------------------------------------------------------------------------
Update Information:

- New release
- New -static sub package
- Fixed missing debuginfo for liblz4
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  6 2015 pjp <pjp@xxxxxxxxxxxxxxxxx> - r128-2
- Update files section to install unlz4 & its manual
* Wed Apr  1 2015 pjp <pjp@xxxxxxxxxxxxxxxxx> - r128-1
- lz4cli sparse file support
- Restored lz4hc compression ratio
- lz4 cli supports long commands
- Introduced lz4-static sub package BZ#1208203
* Thu Jan  8 2015 pjp <pjp@xxxxxxxxxxxxxxxxx> - r127-2
- Bump dist to override an earlier build.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1207664 - lz4-r128 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1207664
  [ 2 ] Bug #1208203 - RFE: Add lz4-static subpackage build to 'Everything' to allow for zlib-static migration
        https://bugzilla.redhat.com/show_bug.cgi?id=1208203
  [ 3 ] Bug #1204611 - liblz4 missing valid debuginfo
        https://bugzilla.redhat.com/show_bug.cgi?id=1204611
--------------------------------------------------------------------------------


================================================================================
 myproxy-6.1.13-1.fc20 (FEDORA-2015-5803)
 Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* myproxy 6.1.13
* globus-xio 5.8
* globus-simple-ca 4.19
* globus-scheduler-event-generator 5.11
* globus-gridftp-server 7.25
* globus-gatekeeper 10.10
* globus-common 15.29

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.1.13-1
- Update to 6.1.13
--------------------------------------------------------------------------------


================================================================================
 ntfs-3g-2015.3.14-1.fc20 (FEDORA-2015-5859)
 Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:

Update ntfs-3g to 2015.3.14. Rebuild testdisk against it.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> 2:2015.3.14-1
- update to 2015.3.14
* Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 2:2014.2.15-8
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Tue Jan 13 2015 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2:2014.2.15-7
- add patch to ignore -s option
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:2014.2.15-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Tue Aug  5 2014 Richard W.M. Jones <rjones@xxxxxxxxxx> - 2:2014.2.15-5
- Add upstream patch to fix fstrim so it works on partitions as well
  as whole disks.
* Thu Jul 31 2014 Richard W.M. Jones <rjones@xxxxxxxxxx> - 2:2014.2.15-4
- Upstream patches which add fstrim support.
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:2014.2.15-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Apr 24 2014 Tomáš Mráz <tmraz@xxxxxxxxxx> - 2:2014.2.15-2
- Rebuild for new libgcrypt
--------------------------------------------------------------------------------


================================================================================
 ntp-4.2.6p5-21.fc20 (FEDORA-2015-5874)
 The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-1799, CVE-2015-1798
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 4.2.6p5-21
- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack
  (CVE-2015-1799)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1199435 - CVE-2015-1799 ntp: authentication doesn't protect symmetric associations against DoS attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1199435
  [ 2 ] Bug #1199430 - CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key crypto
        https://bugzilla.redhat.com/show_bug.cgi?id=1199430
--------------------------------------------------------------------------------


================================================================================
 osbs-0.2-2.c1216ba.fc20 (FEDORA-2015-5810)
 Python module and command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:

Update to latest git version.
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
new upstream release: 0.2
New package: Python module and command line client for OpenShift Build Service.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205201 - [abrt] osbs: __init__.py:2320:resolve:ImportError: 'module' object has no attribute 'run'
        https://bugzilla.redhat.com/show_bug.cgi?id=1205201
  [ 2 ] Bug #1203801 - Review Request: osbs -  Python module and command line client for OpenShift Build Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1203801
--------------------------------------------------------------------------------


================================================================================
 perl-MCE-1.605-1.fc20 (FEDORA-2015-5865)
 Many-core Engine for Perl providing parallel processing capabilities
--------------------------------------------------------------------------------
Update Information:

A new version of MCE is available. See http://cpansearch.perl.org/src/MARIOROY/MCE-1.605/CHANGES for details on changes in this release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Petr Šabata <contyk@xxxxxxxxxx> - 1.605-1
- 1.605 bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209148 - perl-MCE-1.605 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1209148
--------------------------------------------------------------------------------


================================================================================
 perl-Module-Signature-0.77-1.fc20 (FEDORA-2015-5840)
 CPAN signature management utilities and modules
--------------------------------------------------------------------------------
Update Information:

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update.

Security issues:

 * Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries.

 * When verifying the contents of a CPAN module, Module::Signature before version 0.75 ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute
automatically during "make test".

 * Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums from the signed manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process.

 * Module::Signature before version 0.75 has been loading several modules at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious
module so that they would load from the '.' path in @INC.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 0.77-1
- Update to 0.77
  - Include the latest public keys of PAUSE, ANDK and AUDREYT
  - Clarify scripts/cpansign copyright to CC0 (#965126, CPAN RT#85466)
* Wed Apr  8 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 0.76-1
- Update to 0.76
  - Fix signature tests by defaulting to verify(skip=>1) when
    $ENV{TEST_SIGNATURE} is true
* Tue Apr  7 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 0.75-1
- Update to 0.75
  - Fix GPG signature parsing logic
  - MANIFEST.SKIP is no longer consulted unless --skip is given
  - Properly use open() modes to avoid injection attacks
  - More protection of @INC from relative paths
- Don't try to run the signature test, which needs the network
* Wed Aug 27 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.73-5
- Perl 5.20 rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.73-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209911 - perl-Module-Signature: unsigned files interpreted as signed in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1209911
  [ 2 ] Bug #1209915 - perl-Module-Signature: arbitrary code execution during test phase
        https://bugzilla.redhat.com/show_bug.cgi?id=1209915
  [ 3 ] Bug #1209917 - perl-Module-Signature: arbitrary code execution when verifying module signatures
        https://bugzilla.redhat.com/show_bug.cgi?id=1209917
  [ 4 ] Bug #1209918 - perl-Module-Signature: arbitrary modules loading in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1209918
--------------------------------------------------------------------------------


================================================================================
 perl-Test-Signature-1.11-1.fc20 (FEDORA-2015-5840)
 Automated SIGNATURE testing
--------------------------------------------------------------------------------
Update Information:

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update.

Security issues:

 * Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries.

 * When verifying the contents of a CPAN module, Module::Signature before version 0.75 ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute
automatically during "make test".

 * Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums from the signed manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process.

 * Module::Signature before version 0.75 has been loading several modules at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious
module so that they would load from the '.' path in @INC.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 1.11-1
- Update to 1.11
  - Compatibility with Module::Signature 0.75+
- Classify buildreqs by usage
- Don't use macros for commands
- Avoid clobbering ~/.gnupg for local builds
- Make %files list more explicit
- Drop %defattr, redundant since rpm 4.4
- Import upstream's GPG key in %prep so we don't need to fetch it from a
  keyserver when running the signature test
* Tue Aug 26 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.10-18
- Perl 5.20 rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209911 - perl-Module-Signature: unsigned files interpreted as signed in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1209911
  [ 2 ] Bug #1209915 - perl-Module-Signature: arbitrary code execution during test phase
        https://bugzilla.redhat.com/show_bug.cgi?id=1209915
  [ 3 ] Bug #1209917 - perl-Module-Signature: arbitrary code execution when verifying module signatures
        https://bugzilla.redhat.com/show_bug.cgi?id=1209917
  [ 4 ] Bug #1209918 - perl-Module-Signature: arbitrary modules loading in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1209918
--------------------------------------------------------------------------------


================================================================================
 php-pear-DB-DataObject-1.11.4-1.fc20 (FEDORA-2015-5829)
 An SQL Builder, Object Interface to Database Tables
--------------------------------------------------------------------------------
Update Information:

Minor feature and fix release. (Basically a yearly release now..)

* #20291 Ignored in update $dao->field = 0 (fix bad check for null)
* #20149 - correct free for linked objects / more detailed error reporting on update error
* #19962 - Cannot insert or update when part of a reference in multi-key case is NULL by vtamma
* #19973 - accept START TRANSACTION as an alias for BEGIN
* suuport for useindex (mysql only) and
* #19922 - pear error not being set in static property.
* fix static infront of depricated staticget() method and fix call to PEAR:: static calls.
* Fix some static errors that are now fatal unfortunatly...
* fix building of autojoin when using distinct columns

--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.11.4
- update to 1.11.3
--------------------------------------------------------------------------------


================================================================================
 recoll-1.20.5-1.fc20 (FEDORA-2015-5841)
 Desktop full text search tool with Qt GUI
--------------------------------------------------------------------------------
Update Information:

Add kio support and update to latest upstream release recoll 1.20.5.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Terje Rosten <terje.rosten@xxxxxxx> - 1.20.5-1
- 1.20.5
- Include kio support (bz#1203257)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203257 - build recoll kio slave for kde?
        https://bugzilla.redhat.com/show_bug.cgi?id=1203257
--------------------------------------------------------------------------------


================================================================================
 testdisk-6.14-4.fc20 (FEDORA-2015-5859)
 Tool to check and undelete partition, PhotoRec recovers lost files
--------------------------------------------------------------------------------
Update Information:

Update ntfs-3g to 2015.3.14. Rebuild testdisk against it.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 6.14-4
- rebuild for new ntfs-3g
--------------------------------------------------------------------------------


================================================================================
 xforms-1.2.4-2.fc20 (FEDORA-2015-5839)
 XForms toolkit library
--------------------------------------------------------------------------------
Update Information:

XForms 1.2.4
============

  * lib/forms.c: an object that isn't visible could become the focus object, which was an insidious bug :-(
  * Lots of minor corrections
  * lib/input.c: some more corrections.
  * lib/input.c: Attempt to fix bugs and inconsistencies reported by Lucas Sköldqvist.
  * lib.bitmaps/colorwheel.xpm: number of colors reduced since this bitmap alone was resposible for over a third of the size of the tar ball.
  * lib/goodie_colchooser.c: new goodie for picking arbitrary colors interactively added.
  * lib/positioner.c: major changes: range of values can now be controlled via a validation function. New functions for setting both alues at once and getting the current boundary settings. Drawing now is done differently (instead of XOR current background is stored and redrawn). Mouse is hidden while over positioner and active.
  * lib/positioner.c: step values are now also factored in when a new x- or y-value gets set by the user.
  * lib/spinner.c: Bug in handling of FL_FLOAT_SPINNER fixed.
  * lib/xyplot.c: fl_set_xyplot_mouse_buttons() and fl_get_xyplot_mouse_buttons() added and clean-up of code to fix memory leaks.
  * lib/slider.c: Function for selecting mouse buttons added.
  * lib/input.c: Validator for dates improved+
  * lib/input.c: Further bug fixes and code simplifications
  * lib/input.c: Bugs found by Lucas Sköldqvist in input objects (hopefully) fixed.
  * lib/fonts.c: Bug in font caching code, found by "Sunny", that could result in crashes fixed.
  * Some minor fixes for object label alignment
  * */Makefile.am: Removed '-Wl,--no-undefined' since this linker flag is not available everywhere
  * lib/flinternal.h: Removed stupid definition of variables - thanks go to André Ludwig for noticing the problem.
  * lib/objects.c: Another attempt at speeding-up redraws
  * lib/objects.c: Speed-up for redraws
  * lib/menu.c: Fix by Lothar Esser added for bug in menu handling.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 1.2.4-2
- Some minor spec file tweaks
* Wed Apr  8 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 1.2.4-1
- Upgrade to 1.2.4
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 zarafa-7.1.12-1.fc20 (FEDORA-2015-5864)
 Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:

Zarafa Collaboration Platform 7.1.12 final [48726]
==================================================

  * ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option
  * ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions
  * ZCP-10578: missing prerequisites for the reverse proxy in the administrator manual
  * ZCP-10639: Incorrect message when trying to add an archive
  * ZCP-10919: a remote admin in multi tenant mode cannot resolve users
  * ZCP-11061: Bandwidth requirement documentation
  * ZCP-11413: Monitor complains on unused config options.
  * ZCP-11418: Compat features do not work with outlook 2010 and windows 8
  * ZCP-11468: Document for a user who wants to use webapp, but is experiencing problems by using an unsupported browser, an easier area to locate the list of supported browsers 
  * ZCP-11664: Remove "you" wording from the WebApp User Manual
  * ZCP-11713: Japanese e-mail breaks the body text
  * ZCP-11744: zarafa-restore error in documentation
  * ZCP-11786: zarafa-ws is trying to put files in /usr/share/doc/zarafa
  * ZCP-11869: Documentation is not clear about Multitenant Public Folder attribute
  * ZCP-11929: differences between "Managing tenant (company) spaces" and zarafa-admin
  * ZCP-11931: Outlook Client: synchronisation of an offline profile makes zarafa-server unresponsive
  * ZCP-11937: Setting out of office for the first time sets language to Catalan
  * ZCP-11949: Update documentation to stress that one server must have one database.
  * ZCP-12081: AB Provider UID is defined multiple times and may cause the server to read invalid memory
  * ZCP-12110: Segfault zarafa-server 7.1.8 R1
  * ZCP-12257: include location of the ads plugin in the manual
  * ZCP-12371: Add additional LDAP logging when using extended log level
  * ZCP-12409: zarafa-search crashes with ssl
  * ZCP-12424: Dagent in LMTP mode violates RFC5321
  * ZCP-12461: ECDatabaseMySQL defined twice
  * ZCP-12488: storing attachments in files on disk is not optimal implemented
  * ZCP-12491: Last date of a serial MR is ignored
  * ZCP-12492: Private mails sent from Exchange are not marked private. 
  * ZCP-12501: Component documentation
  * ZCP-12534: Sending a mail to a group: The receivers do not see the group correctly. 
  * ZCP-12549: remove mail subject from spooler.log
  * ZCP-12550: Zarafa-hidden does not work for cached outlook in ZCP 7.1.10
  * ZCP-12566: gsoap code gets our license attached in community distribution of zcp
  * ZCP-12568: ldap_uri slows down webapp and server after switching the LDAP-Server
  * ZCP-12574: meeting request copy to delegate - german umlauts broken
  * ZCP-12592: Update unsecure swfupload.swf
  * ZCP-12596: senddocument.php allows unauthorized upload of files
  * ZCP-12597: OL2013 15.0.4641.1001 shows private appointments
  * ZCP-12600: Sync seems to fail for larger objects
  * ZCP-12608: Compatibility package does not install correctly with OEM version of Outlook 2013 in every case
  * ZCP-12611: Cannot move appointment to different calendar
  * ZCP-12618: Move temporary patch definitions file to systemwide central location
  * ZCP-12629: zarafa-server binary does not check for existence of sockets and pids when started manually
  * ZCP-12657: Optimization of dagent incoming e-mail processing
  * ZCP-12660: Change runlevel of zarafa-licensed to start before zarafa-server
  * ZCP-12671: Add new OL2013 version 15.0.4659.1000 client to compatibility component
  * ZCP-12676: IMAP Failed to read line: Interrupted system call
  * ZCP-12692: Stores should not be orphaned when user_safe_mode is active, even if they are back when correcting backend
  * ZCP-12696: SMTP RFC store violation
  * ZCP-12698: compile fail with recent g++ (4.9)
  * ZCP-12716: mails send with x-mailer "CDO for windows 2000" loses attachments.
  * ZCP-12720: SMTP RFC store violation
  * ZCP-12754: Document that its a bad idea to switch the connection type inside a profile
  * ZCP-12755: Add new OL2013 version 15.0.4667.1000 client to compatibility component
  * ZCP-12762: remove userquota_soft_template & userquota_hard_template from documentation
  * ZCP-12766: zarafa-mailbox-permissions doesn't remove rules for --remove-all-permissions
  * ZCP-12788: Updating the name of a non-active user will change it to a active user
  * ZCP-12790: Message with attachments converted from uuencoded to attachments with uudecode.py
  * ZCP-12791: zarafa-server crashing due to ldap.cfg error
  * ZCP-12801: Attachments aren't written into the database
  * ZCP-12824: zarafa server still logs indexer instead of search.
  * ZCP-12845: storing attachments in files on disk is not optimal implemented
  * ZCP-12847: Change changelog author for debian/rhel packages
  * ZCP-12850: ECDatabaseMySQL defined twice
  * ZCP-12851: zarafa-gateway: NOOP returns with wrong return code 
  * ZCP-12852: Reading an encypted or signed email will change the receive date of the email to server time
  * ZCP-12865: zarafa-gateway.cfg man page missing description of imap_max_fail_commands.
  * ZCP-12877: meeting request copy to delegate - german umlauts broken
  * ZCP-12889: Segfault zarafa-server 7.1.8 R1
  * ZCP-12892: Last date of a serial MR is ignored
  * ZCP-12898: zarafa-webaccess no login after update to 7.1.10 on Ubuntu 10.04
  * ZCP-12901: mails send with x-mailer "CDO for windows 2000" loses attachments.
  * ZCP-12908: zarafa-server crashing due to ldap.cfg error
  * ZCP-12910: Monitor complains on unused config options.
  * ZCP-12914: Add comment in monitor.cfg for companyquota_warning_template
  * ZCP-12918: zarafa spooler queues mails forever if smtpd rejects the mail
  * ZCP-12920: As a user I want to be able to sort the global addresses book by Chinese character
  * ZCP-12921: Chinese character broken once received
  * ZCP-12922: remove userquota_soft_template & userquota_hard_template from documentation
  * ZCP-12923: Building from source fails when xmlto / libical / bison is missing
  * ZCP-12926: ECChannel::HrSelect doesn't handle EINTR as it should
  * ZCP-12930: zarafa-dagent segfault when deliver special mail 
  * ZCP-12934: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version.
  * ZCP-12944: another chinese decode issue 
  * ZCP-12945: Add new OL2013 version 15.0.4675.1003 client to compatibility component
  * ZCP-12949: Update documentation for unsupported Oracle Packages
  * ZCP-12950: zarafa-dagent segfault when deliver special mail 
  * ZCP-12968: ECChannel::HrSelect doesn't handle EINTR as it should
  * ZCP-12994: Disabling imap on a pop3 users breaks certain mail. 
  * ZCP-12995: Example command given in "Out of office management" is incomplete
  * ZCP-13015: add SSL settings for zcp 7.1
  * ZCP-13019: Update documentation for Debian language pack installation
  * ZCP-13020: zarafa-admin tool mismatch password gives wrong notification
  * ZCP-13024: allowed to create SYSTEM user
  * ZCP-13026: Add new OL2013 version 15.0.4693.1000 client to compatibility component
  * ZCP-13030: Add new OL2010 version 14.0.7143.5000 client to compatibility component
  * ZCP-13035: Rather use SSLCERT_FILE & SSLCERT_PASS when setting up SSO for WebApp/WebAccess
  * ZCP-13039: Add comment in monitor.cfg for companyquota_warning_template
  * ZCP-13046: Improve z-push documentation in admin manual
  * ZCP-13047: man page zarafa-admin --hook-store --copyto-public could use some extra information
  * ZCP-13055: Zarafa outlook client 7.1.11-48011 does not work well with zarafa auto updater
  * ZCP-13060: zarafa server still logs indexer instead of search.
  * ZCP-13061: Sync seems to fail for larger objects
  * ZCP-13062: Merge the compatibility package installation into the MSI typical install mode
  * ZCP-13082: patch: wrong charset in HTML
  * ZCP-13120: Add new OL2013 version 15.0.4701.1000 client to compatibility component
  * ZCP-13123: Simplification of installation targets of compat package for manifest and c2r installations
  * ZCP-13143: Spooler.log gives wrong messages notifications 
  * ZCP-13153: Outlook: answering on a message in 'send items' results in a message with empty Reply-To: header.
  * ZCP-13154: it would be helpful if phpmapi would produce a logfile
  * ZCP-13155: WebAccess /etc/zarafa/webaccess/config.php is not a symlink
  * ZCP-13158: Upgrade OpenSSL to 1.0.1m on Win32
  * ZCP-13176: zarafa-server binary does not check for existence of sockets and pids when started manually
  * ZCP-13177: patch: wrong charset in HTML
  * ZCP-13179: it would be helpful if phpmapi would produce a logfile
  * ZCP-13180: Spooler.log gives wrong messages notifications 
  * ZCP-13187: Message with attachments converted from uuencoded to attachments with uudecode.py
  * ZCP-13190: Setting out of office for the first time sets language to Catalan
  * ZCP-13191: When reporting this traceback, please include Linux distribution name, system architecture and Zarafa version.
  * ZCP-13192: Incorrect message when trying to add an archive
  * ZCP-13194: remove mail subject from spooler.log
  * ZCP-6294: allowed to create SYSTEM user
  * ZCP-6443: zarafa-admin tool mismatch password gives wrong notification
  * ZCP-7085: Updating the name of a non-active user will change it to an active user
  * ZCP-7296: Extension on the administrator manual
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1.12-1
- Upgrade to 7.1.12
- Added multiple minor enhancement and bugfix patches
- Added patch to fix CVE-2014-0103 for PHP < 5.3 (#1073618)
- Handle "su" option in logrotate >= 3.8.0 to avoid errors
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1139442 - CVE-2014-9465 zarafa: unauthenticated denial of service flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1139442
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux