The following Fedora 20 Security updates need testing: Age URL 147 https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20 127 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 82 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20 80 https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20 65 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 50 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20 45 https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20 32 https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20 25 https://admin.fedoraproject.org/updates/FEDORA-2015-5398/thunderbird-31.6.0-1.fc20 18 https://admin.fedoraproject.org/updates/FEDORA-2015-5910/netcf-0.2.8-1.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2015-5972/yourls-1.7-3.20150410gitabc7d6c.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-6428/prosody-0.9.8-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-6417/dpkg-1.16.16-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-6505/mksh-50f-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-6517/ax25-tools-0.0.10-0.12.rc2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6621/xulrunner-37.0.2-1.fc20,firefox-37.0.2-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6583/xen-4.3.4-3.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6573/qt3-3.3.8b-63.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-6401/proftpd-1.3.4e-3.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-6815/ikiwiki-3.20150329-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6908/v8-3.14.5.10-18.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6933/testdisk-7.0-2.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6862/springframework-3.1.4-3.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6891/async-http-client-1.7.22-2.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6952/wpa_supplicant-2.0-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-7057/pdns-3.3.1-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-7079/pdns-recursor-3.7.2-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 65 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2015-6317/python-slip-0.6.1-1.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2015-6333/linux-firmware-20150410-47.gitec89525b.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-6418/lua-socket-3.0-0.7rc1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6586/crda-1.1.3_2015.04.06-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6627/mobile-broadband-provider-info-1.20150421git-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-6621/xulrunner-37.0.2-1.fc20,firefox-37.0.2-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6912/grantlee-0.5.1-1.fc20,kate-4.14.3-5.fc20,kde-baseapps-15.04.0-1.fc20,kde-runtime-15.04.0-1.fc20,kde-workspace-4.11.18-1.fc20,kdelibs-4.14.7-4.fc20,kdepim-4.14.7-2.fc20,kdepim-runtime-4.14.7-1.fc20,kdepimlibs-4.14.7-1.fc20,oxygen-icon-theme-15.04.0-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6928/pcre-8.33-10.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-6952/wpa_supplicant-2.0-13.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-7065/ibus-1.5.10-3.fc20 The following builds have been pushed to Fedora 20 updates-testing canl-c++-1.1.0-4.fc20 gitolite3-3.6.3-1.fc20 golang-github-emicklei-go-restful-1.1.3-0.2.git03f8ad5.fc20 golang-github-fsouza-go-dockerclient-0.2.1-5.git0dfe1f1.fc20 ibus-1.5.10-3.fc20 kubernetes-0.15.0-8.fc20 libtifiles2-1.1.6-4.fc20 nx-libs-3.5.0.31-1.fc20 pdns-3.3.1-3.fc20 pdns-recursor-3.7.2-1.fc20 python-virtualenvwrapper-4.5.0-1.fc20 skrooge-1.11.0-1.fc20.1 stunnel-5.15-1.fc20 supybot-fedora-0.3.2-1.fc20 x2goserver-4.0.1.19-3.fc20 xpra-0.14.21-5.fc20 yadifa-2.0.6-1.fc20 Details about builds: ================================================================================ canl-c++-1.1.0-4.fc20 (FEDORA-2015-7019) EMI Common Authentication library - bindings for C++ -------------------------------------------------------------------------------- Update Information: New License Packaging Guidelines -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.1.0-4 - Rebuilt for gcc C++ ABI change (rawhide) - Implement updated license packaging guidelines * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gitolite3-3.6.3-1.fc20 (FEDORA-2015-7049) Highly flexible server for git directory version tracker -------------------------------------------------------------------------------- Update Information: 2015-04-26 v3.6.3 allow limited use of 'git config' using the new 'config' command accept openssh 6.8's new fingerprint output format (finally!) allow limited symlinks within ~/repositories; see commit 8e36230 for details perms command now lists available roles minor backward compat breakage: 'perms -l repo' no longer works; see 'perms -h' for new usage allow gitolite-shell to be used as $SHELL (experts only; no support, no docs; see commit 9cd1e37 for details) help with 'git push --signed' using a post-receive hook to adopt push certs into 'refs/push-certs'; for details see contrib/hooks/repo-specific/save-push-signatures new 'transparent proxy' feature for git repos; see src/lib/Gitolite/Triggers/TProxy.pm for details -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 26 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 1:3.6.3-1 - Latest upstream. -------------------------------------------------------------------------------- ================================================================================ golang-github-emicklei-go-restful-1.1.3-0.2.git03f8ad5.fc20 (FEDORA-2015-7038) Package for building REST-style Web Services using Google Go -------------------------------------------------------------------------------- Update Information: Bump to upstream 03f8ad5589baf3c67a448fd9354da27419db712d -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.1.3-0.2.git03f8ad5 - Bump to upstream 03f8ad5589baf3c67a448fd9354da27419db712d resolves: #1215626 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215626 - Tracker for golang-github-emicklei-go-restful https://bugzilla.redhat.com/show_bug.cgi?id=1215626 -------------------------------------------------------------------------------- ================================================================================ golang-github-fsouza-go-dockerclient-0.2.1-5.git0dfe1f1.fc20 (FEDORA-2015-7014) Client for the Docker remote API -------------------------------------------------------------------------------- Update Information: Bump to upstream 0dfe1f16045e9e460430ee10ec1dea8d86c9bd9f -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.2.1-5.git0dfe1f1 - Bump to upstream 0dfe1f16045e9e460430ee10ec1dea8d86c9bd9f resolves: #1215656 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215656 - Tracker for golang-github-fsouza-go-dockerclient https://bugzilla.redhat.com/show_bug.cgi?id=1215656 -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.10-3.fc20 (FEDORA-2015-7065) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: Fixed to show keyboard shortcuts on ibus-setup Fixed to enable input method engines on gtk3 applications in gnome wayland. Added Swedish svdvorak. I18N engine longnames and descriptions on ibus-setup. Moved PropertyPanel at bottom right in F22 KDE5. Drew gray color on Handle PropertyPanel. Enabled ibus engine full path icon in F22 KDE5. Updated translations. -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 24 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-3 - Updated ibus-HEAD.patch from upstream Fixed to show shortcuts on ibus-setup. Bug 1214271 Fixed to enable IME with GTK3 applications in wayland. * Thu Apr 2 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-2 - Updated ibus-HEAD.patch from upstream Added Swedish svdvorak I18N engine longnames and descriptions on ibus-setup Moved PropertyPanel at bottom right in KDE5 Drew gray color on Handle PropertyPanel Enabled ibus engine full path icon in KDE5 Updated translations -------------------------------------------------------------------------------- References: [ 1 ] Bug #1213284 - ibus-setup does not show keyboard shortcuts on the selection dialog https://bugzilla.redhat.com/show_bug.cgi?id=1213284 [ 2 ] Bug #1214271 - ibus-wayland works quite wrong https://bugzilla.redhat.com/show_bug.cgi?id=1214271 -------------------------------------------------------------------------------- ================================================================================ kubernetes-0.15.0-8.fc20 (FEDORA-2015-7008) Container cluster management -------------------------------------------------------------------------------- Update Information: Bump to upstream 051dd96c542799dfab39184d2a7c8bacf9e88d85 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-8 - Bump to upstream 051dd96c542799dfab39184d2a7c8bacf9e88d85 related: #1211266 * Fri Apr 24 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-7 - Bump to upstream 9f753c2592481a226d72cea91648db8fb97f0da8 related: #1211266 * Thu Apr 23 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-6 - Bump to upstream cf824ae5e07965ba0b4b15ee88e08e2679f36978 related: #1211266 * Tue Apr 21 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-5 - Bump to upstream 21788d8e6606038a0a465c97f5240b4e66970fbb related: #1211266 * Mon Apr 20 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-4 - Bump to upstream eb1ea269954da2ce557f3305fa88d42e3ade7975 related: #1211266 * Fri Apr 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-3 - Obsolete cadvisor as it is integrated in kubelet related: #1211266 * Wed Apr 15 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-0.2.git0ea87e4 - Bump to upstream 0ea87e486407298dc1e3126c47f4076b9022fb09 related: #1211266 * Tue Apr 14 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.15.0-0.1.gitd02139d - Bump to upstream d02139d2b454ecc5730cc535d415c1963a7fb2aa related: #1211266 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1211266 - Tracking bugzilla for kubernetes updates https://bugzilla.redhat.com/show_bug.cgi?id=1211266 -------------------------------------------------------------------------------- ================================================================================ libtifiles2-1.1.6-4.fc20 (FEDORA-2015-7001) Texas Instruments calculator files library -------------------------------------------------------------------------------- Update Information: Texas Instruments calculator files library -------------------------------------------------------------------------------- References: [ 1 ] Bug #1186497 - Review Request: libtifiles2 - Texas Instruments calculator files library https://bugzilla.redhat.com/show_bug.cgi?id=1186497 -------------------------------------------------------------------------------- ================================================================================ nx-libs-3.5.0.31-1.fc20 (FEDORA-2015-7029) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information: - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - Update to nx-libs 3.5.0.31 (mostly OSX and other non-Fedora changes) - Have x2goagent own /etc/x2go to ensure proper cleanup -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.5.0.31-1 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215474 - X2Go "Published Applications" list is empty https://bugzilla.redhat.com/show_bug.cgi?id=1215474 -------------------------------------------------------------------------------- ================================================================================ pdns-3.3.1-3.fc20 (FEDORA-2015-7057) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - CVE-2015-1868 External References: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.3.1-3 - CVE-2015-1868 - Run the unit tests during check - Remove polarssl-devel as build dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #1213377 - CVE-2015-1868 pdns: Label decompression bug in PowerDNS can cause crashes on specific platforms https://bugzilla.redhat.com/show_bug.cgi?id=1213377 -------------------------------------------------------------------------------- ================================================================================ pdns-recursor-3.7.2-1.fc20 (FEDORA-2015-7079) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information: - Update to 3.7.2 - CVE-2015-1868 External References: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.7.2-1 - Update to 3.7.2 - CVE-2015-1868 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1213377 - CVE-2015-1868 pdns: Label decompression bug in PowerDNS can cause crashes on specific platforms https://bugzilla.redhat.com/show_bug.cgi?id=1213377 -------------------------------------------------------------------------------- ================================================================================ python-virtualenvwrapper-4.5.0-1.fc20 (FEDORA-2015-7037) Enhancements to virtualenv -------------------------------------------------------------------------------- Update Information: Latest usptream. Use virtualenvwrapper_lazy.sh by default. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Ralph Bean <rbean@xxxxxxxxxx> - 4.5.0-1 - new version * Mon Apr 27 2015 Ralph Bean <rbean@xxxxxxxxxx> - 4.3.2-2 - Use virtualenvwrapper_lazy.sh by default, fixing #1213121. * Wed Feb 18 2015 Ralph Bean <rbean@xxxxxxxxxx> - 4.3.2-1 - new version -------------------------------------------------------------------------------- ================================================================================ skrooge-1.11.0-1.fc20.1 (FEDORA-2015-7075) Personal finances manager -------------------------------------------------------------------------------- Update Information: New Package upstream stable 1.11.0 -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 26 2015 Siddharth Sharma <siddharth.kde@xxxxxxxxx> - 1.11.0-1.1 - New Package upstream stable 1.11.0 * Fri Jan 23 2015 maverick <siddharth.kde@xxxxxxxxx> - 1.10.92-1.1 - New Package Upstream unstable 10.0.92 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1196923 - skrooge-1.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1196923 -------------------------------------------------------------------------------- ================================================================================ stunnel-5.15-1.fc20 (FEDORA-2015-7035) An SSL-encrypting socket wrapper -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.15-1 - New upstream release 5.15. - 1155977: Fixed upstream too so removed the associated patch - Updates other patches too. * Mon Mar 30 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.14-1 - New upstream release 5.14. * Sun Mar 29 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.13-1 - New upstream release 5.13. * Sat Mar 28 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.12-1 - New upstream release 5.12. * Fri Mar 27 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.11-1 - New upstream release 5.11. * Wed Jan 28 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.10-1 - New upstream release 5.10. -------------------------------------------------------------------------------- ================================================================================ supybot-fedora-0.3.2-1.fc20 (FEDORA-2015-7000) Plugin for Supybot to interact with Fedora services -------------------------------------------------------------------------------- Update Information: Nag people about naked pings. Adjust karma responses in channel. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2015 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.2-1 - new version -------------------------------------------------------------------------------- ================================================================================ x2goserver-4.0.1.19-3.fc20 (FEDORA-2015-7029) X2Go Server -------------------------------------------------------------------------------- Update Information: - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - Update to nx-libs 3.5.0.31 (mostly OSX and other non-Fedora changes) - Have x2goagent own /etc/x2go to ensure proper cleanup -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 26 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.19-3 - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) * Wed Mar 18 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.19-2 - Provide x2goserver-extensions for upstream compatibility -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215474 - X2Go "Published Applications" list is empty https://bugzilla.redhat.com/show_bug.cgi?id=1215474 -------------------------------------------------------------------------------- ================================================================================ xpra-0.14.21-5.fc20 (FEDORA-2015-7025) Remote display server for applications and desktops -------------------------------------------------------------------------------- Update Information: Add patch to remove reference to the xorg void driver in xorg.conf (BZ #1215527) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215527 - Drop usage of xorg-x11-drv-void in xpra's xorg.conf https://bugzilla.redhat.com/show_bug.cgi?id=1215527 -------------------------------------------------------------------------------- ================================================================================ yadifa-2.0.6-1.fc20 (FEDORA-2015-7040) Lightweight authoritative Name Server with DNSSEC capabilities -------------------------------------------------------------------------------- Update Information: Update to 2.0.6 release -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 26 2015 Denis Fateyev <denis@xxxxxxxxxxx> - 2.0.6-1 - Update to 2.0.6 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215611 - yadifa: 2.0.6 release available https://bugzilla.redhat.com/show_bug.cgi?id=1215611 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
