Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
 150  https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20
 130  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
  85  https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
  68  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  53  https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
  48  https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20
  35  https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20
  29  https://admin.fedoraproject.org/updates/FEDORA-2015-5398/thunderbird-31.6.0-1.fc20
  21  https://admin.fedoraproject.org/updates/FEDORA-2015-5910/netcf-0.2.8-1.fc20
  20  https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20
  20  https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-6428/prosody-0.9.8-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-6621/xulrunner-37.0.2-1.fc20,firefox-37.0.2-1.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-6401/proftpd-1.3.4e-3.fc20
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-6815/ikiwiki-3.20150329-1.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6908/v8-3.14.5.10-18.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6933/testdisk-7.0-2.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6862/springframework-3.1.4-3.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6891/async-http-client-1.7.22-2.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6952/wpa_supplicant-2.0-13.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-6790/wordpress-4.2.1-1.fc20
   2  https://admin.fedoraproject.org/updates/FEDORA-2015-7159/dovecot-2.2.16-2.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-7258/perl-XML-LibXML-2.0119-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-7213/libreoffice-4.2.8.2-8.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7342/dpkg-1.16.16-5.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7302/drupal7-views-3.11-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7378/clamav-0.98.7-1.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
  68  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-6317/python-slip-0.6.1-1.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-6333/linux-firmware-20150410-47.gitec89525b.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-6418/lua-socket-3.0-0.7rc1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-6586/crda-1.1.3_2015.04.06-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-6627/mobile-broadband-provider-info-1.20150421git-1.fc20
   8  https://admin.fedoraproject.org/updates/FEDORA-2015-6621/xulrunner-37.0.2-1.fc20,firefox-37.0.2-1.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6928/pcre-8.33-10.fc20
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-6952/wpa_supplicant-2.0-13.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-7272/openjpeg-1.5.1-14.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-6912/grantlee-0.5.1-1.fc20,kate-4.14.3-5.fc20,kde-baseapps-15.04.0-1.fc20,kde-runtime-15.04.0-1.fc20,kde-workspace-4.11.18-3.fc20,kdelibs-4.14.7-4.fc20,kdepim-4.14.7-2.fc20,kdepim-runtime-4.14.7-1.fc20,kdepimlibs-4.14.7-1.fc20,oxygen-icon-theme-15.04.0-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7281/btrfs-progs-4.0-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7294/perl-Socket-2.019-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-7065/ibus-1.5.10-4.fc20


The following builds have been pushed to Fedora 20 updates-testing

    btrfs-progs-4.0-1.fc20
    clamav-0.98.7-1.fc20
    dpkg-1.16.16-5.fc20
    drumkv1-0.6.1-1.fc20
    drupal7-views-3.11-1.fc20
    ibus-1.5.10-4.fc20
    json-0-4.20150410gitd7d0509.fc20
    kde-connect-0.8-1.fc20
    opendmarc-1.3.1-13.fc20
    perl-Socket-2.019-1.fc20
    python-cmd2-0.6.8-2.fc20
    qcustomplot-1.3.1-3.fc20
    qtractor-0.6.6-1.fc20
    samplv1-0.6.1-1.fc20
    spdlog-0-4.20150410git211ce99.fc20
    synthv1-0.6.1-1.fc20
    tuned-2.4.1-5.fc20

Details about builds:


================================================================================
 btrfs-progs-4.0-1.fc20 (FEDORA-2015-7281)
 Userspace programs for btrfs
--------------------------------------------------------------------------------
Update Information:

New upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 29 2015 Eric Sandeen <sandeen@xxxxxxxxxx> 4.0-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 clamav-0.98.7-1.fc20 (FEDORA-2015-7378)
 End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:

ClamAV 0.98.7
=============

This release contains new scanning features and bug fixes.

  - Improvements to PDF processing: decryption, escape sequence handling, and file property collection.
  - Scanning/analysis of additional Microsoft Office 2003 XML format.
  - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
  - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
  - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong.
  - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior.
  - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior.
  - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668.
  - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes.
  - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305.
  - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
  - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku.
  - Improve detections within xar/pkg files.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 29 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 0.98.7-1
- Upgrade to 0.98.7 and updated daily.cvd (#1217014)
* Tue Mar 10 2015 Adam Jackson <ajax@xxxxxxxxxx> 0.98.6-2
- Drop sysvinit subpackages in F23+
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1217206 - CVE-2015-2221: clamav Infinite loop condition on crafted y0da cryptor file
        https://bugzilla.redhat.com/show_bug.cgi?id=1217206
  [ 2 ] Bug #1217207 - CVE-2015-2222 clamav: crash on crafted petite packed file
        https://bugzilla.redhat.com/show_bug.cgi?id=1217207
  [ 3 ] Bug #1217208 - CVE-2015-2668 clamav: Infinite loop condition on a crafted "xz" archive file
        https://bugzilla.redhat.com/show_bug.cgi?id=1217208
  [ 4 ] Bug #1217209 - CVE-2015-2170: clamav: Crash in upx decoder with crafted file
        https://bugzilla.redhat.com/show_bug.cgi?id=1217209
--------------------------------------------------------------------------------


================================================================================
 dpkg-1.16.16-5.fc20 (FEDORA-2015-7342)
 Package maintenance system for Debian Linux
--------------------------------------------------------------------------------
Update Information:

Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patch .
Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 26 2015 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.16-5
- Fix build for all versions, previous try wasn't correct and back with
  dpkg-perl-libexecdir.patch .
- Added dpkg-perl-libexecdir.epel6.patch just for fix epel <= 6 .
- Cleaned some trailing whitespaces.
- Use _localstatedir instead /var .
* Sat Apr 25 2015 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.16-4
- Revert location of dpkg/parsechangelog .
- Fix build for all versions, including epel-6 .
* Tue Apr 21 2015 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.16-3
- Better upstream URL .
* Tue Apr 21 2015 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.16-2
- Some fixes and added support for epel-6 .
- Removed Patch0: dpkg-perl-libexecdir.patch .
- move /usr/lib/dpkg/parsechangelog to archable package .
* Sun Apr 19 2015 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.16-1
- Security update to 1.16.16
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.16.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1210748 - CVE-2015-0840 dpkg: source package integrity verification bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1210748
  [ 2 ] Bug #1162166 - CVE-2014-8625 dpkg: format string vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=1162166
--------------------------------------------------------------------------------


================================================================================
 drumkv1-0.6.1-1.fc20 (FEDORA-2015-7379)
 An old-school drum-kit sampler
--------------------------------------------------------------------------------
Update Information:

Update of the V1 suite to 0.6.1
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 22 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.1-1
- Update to 0.6.1
* Tue Feb  3 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.0-1
- Update to 0.6.0
* Thu Oct  2 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.5.1-2
- update mime scriptlet
--------------------------------------------------------------------------------


================================================================================
 drupal7-views-3.11-1.fc20 (FEDORA-2015-7302)
 Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:

- Release 3.11 is a security fix release
- Upstream changelog is at https://www.drupal.org/node/2480259
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 30 2015 Peter Borsa <peter.borsa@xxxxxxxxx> - 3.11-1
- Release 3.11 is a security fix release
- Upstream changelog is at https://www.drupal.org/node/2480259
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1217279 - drupal7-views-3.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1217279
--------------------------------------------------------------------------------


================================================================================
 ibus-1.5.10-4.fc20 (FEDORA-2015-7065)
 Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:

Fixed to show keyboard shortcuts on ibus-setup
Fixed to enable input method engines on gtk3 applications in gnome wayland.
Added Swedish svdvorak.
I18N engine longnames and descriptions on ibus-setup.
Moved PropertyPanel at bottom right in F22 KDE5.
Drew gray color on Handle PropertyPanel.
Enabled ibus engine full path icon in F22 KDE5.
Updated translations.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 24 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-4
- Bug 1217410 Updated ibus-xinput for KDE5.
* Fri Apr 24 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-3
- Updated ibus-HEAD.patch from upstream
  Fixed to show shortcuts on ibus-setup.
  Bug 1214271 Fixed to enable IME with GTK3 applications in wayland.
* Thu Apr  2 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-2
- Updated ibus-HEAD.patch from upstream
  Added Swedish svdvorak
  I18N engine longnames and descriptions on ibus-setup
  Moved PropertyPanel at bottom right in KDE5
  Drew gray color on Handle PropertyPanel
  Enabled ibus engine full path icon in KDE5
  Updated translations
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1214271 - ibus-wayland works quite wrong
        https://bugzilla.redhat.com/show_bug.cgi?id=1214271
  [ 2 ] Bug #1213284 - ibus-setup does not show keyboard shortcuts on the selection dialog
        https://bugzilla.redhat.com/show_bug.cgi?id=1213284
  [ 3 ] Bug #1217410 - QT_IM_MODULE variable should not require ibus-qt in KDE5
        https://bugzilla.redhat.com/show_bug.cgi?id=1217410
--------------------------------------------------------------------------------


================================================================================
 json-0-4.20150410gitd7d0509.fc20 (FEDORA-2015-7353)
 JSON for Modern C++
--------------------------------------------------------------------------------
Update Information:

- don't build the base package
- remove a dot from the release tag
- corrected -devel subpackage description
Imported new package
--------------------------------------------------------------------------------


================================================================================
 kde-connect-0.8-1.fc20 (FEDORA-2015-7316)
 KDE Connect client for communication with smartphones
--------------------------------------------------------------------------------
Update Information:

New stable KDE Connect 0.8 release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 22 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.8-1
- KDE Connect 0.8 available (#1195011)
- use %{?_kde_runtime_requires} (instead of %_kde4_version macro)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1195011 - KDE Connect 0.8 available
        https://bugzilla.redhat.com/show_bug.cgi?id=1195011
--------------------------------------------------------------------------------


================================================================================
 opendmarc-1.3.1-13.fc20 (FEDORA-2015-7380)
 A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
--------------------------------------------------------------------------------
Update Information:

- Replaced various commands with rpm macros
- Included support for systemd macros (#1216881)
- Added libspf2-devel to BuildRequires
- libspf2 support now provided for all branches
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 29 2015 Steve Jenkins <steve@xxxxxxxxxxxxxxxx> - 1.3.1-13
- Replaced various commands with rpm macros
- Included support for systemd macros (#1216881)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #905304 - Review Request: OpenDMARC - Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
        https://bugzilla.redhat.com/show_bug.cgi?id=905304
--------------------------------------------------------------------------------


================================================================================
 perl-Socket-2.019-1.fc20 (FEDORA-2015-7294)
 Networking constants and support functions
--------------------------------------------------------------------------------
Update Information:

This release does not contain any code change for Linux. It is delivered only to provide latest version number.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 30 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 1:2.019-1
- 2.019 bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1217286 - perl-Socket-2.019 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1217286
--------------------------------------------------------------------------------


================================================================================
 python-cmd2-0.6.8-2.fc20 (FEDORA-2015-7369)
 Extra features for standard library's cmd module
--------------------------------------------------------------------------------
Update Information:

Fix python3 package by removing double-use of 2to3.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 29 2015 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.8-2
- Fix python3 subpackage by removing double-run of 2to3 (it's not idempotent!).
* Wed Apr 29 2015 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.8-1
- new version
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Bohuslav Kabrda <bkabrda@xxxxxxxxxx> - 0.6.7-4
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
--------------------------------------------------------------------------------


================================================================================
 qcustomplot-1.3.1-3.fc20 (FEDORA-2015-7303)
 Qt widget for plotting and data visualization
--------------------------------------------------------------------------------
Update Information:

This update fixes a typo in the qcustomplot-qt5.pc pkg-config file.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 30 2015 Sandro Mani <manisandro@xxxxxxxxx> - 1.3.1-3
- Fix qcustomplot-qt5.pc
* Wed Apr 29 2015 Sandro Mani <manisandro@xxxxxxxxx> - 1.3.1-2
- Also build a qt5 version
* Sat Apr 25 2015 Sandro Mani <manisandro@xxxxxxxxx> - 1.3.1-1
- Update to 1.3.1
--------------------------------------------------------------------------------


================================================================================
 qtractor-0.6.6-1.fc20 (FEDORA-2015-7339)
 Audio/MIDI multi-track sequencer
--------------------------------------------------------------------------------
Update Information:

Update to 0.6.6 See http://qtractor.sourceforge.net/qtractor-downloads.html for details
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  1 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.6-1
- Update to 0.6.6
--------------------------------------------------------------------------------


================================================================================
 samplv1-0.6.1-1.fc20 (FEDORA-2015-7379)
 A polyphonic sampler synthesizer with stereo fx
--------------------------------------------------------------------------------
Update Information:

Update of the V1 suite to 0.6.1
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 22 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.0-1
- Update to 0.6.1
* Tue Feb  3 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.0-1
- Update to 0.6.0
--------------------------------------------------------------------------------


================================================================================
 spdlog-0-4.20150410git211ce99.fc20 (FEDORA-2015-7312)
 Super fast C++ logging library
--------------------------------------------------------------------------------
Update Information:

- don't build the base package
- remove a dot from the release tag
- corrected -devel subpackage description
Import package
--------------------------------------------------------------------------------


================================================================================
 synthv1-0.6.1-1.fc20 (FEDORA-2015-7379)
 A 4-oscillator subtractive polyphonic synthesizer
--------------------------------------------------------------------------------
Update Information:

Update of the V1 suite to 0.6.1
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 22 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.1-1
- Update to 0.6.1
* Tue Feb  3 2015 Brendan Jones <brendan.jones.it@xxxxxxxxx> 0.6.0-1
- Update to 0.6.0
* Thu Oct  2 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.5.1-2
- update mime scriptlets
--------------------------------------------------------------------------------


================================================================================
 tuned-2.4.1-5.fc20 (FEDORA-2015-7348)
 A dynamic adaptive system tuning daemon
--------------------------------------------------------------------------------
Update Information:

This is an update fixing configobj class imports. It may fix some crashes.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 30 2015 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 2.4.1-5
- fixed configobj class imports
  resolves: rhbz#1217327
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1217327 - Service fails to start
        https://bugzilla.redhat.com/show_bug.cgi?id=1217327
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux