The following Fedora 21 Security updates need testing: Age URL 132 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21 108 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21 53 https://admin.fedoraproject.org/updates/FEDORA-2015-4689/quassel-0.11.0-2.fc21 39 https://admin.fedoraproject.org/updates/FEDORA-2015-5929/qpid-cpp-0.32-1.fc21.1 38 https://admin.fedoraproject.org/updates/FEDORA-2015-6005/asterisk-11.17.1-1.fc21 19 https://admin.fedoraproject.org/updates/FEDORA-2015-7216/libarchive-3.1.2-11.fc21 19 https://admin.fedoraproject.org/updates/FEDORA-2015-7242/389-ds-base-1.3.3.10-1.fc21 17 https://admin.fedoraproject.org/updates/FEDORA-2015-7326/drupal7-views-3.11-1.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7878/krb5-1.12.2-17.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7886/suricata-2.0.8-1.fc21 5 https://admin.fedoraproject.org/updates/FEDORA-2015-8170/rawstudio-2.1-0.1.20150511git983bda1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8270/xen-4.4.2-4.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8396/libinfinity-0.6.6-1.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8336/hostapd-2.4-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8487/zarafa-7.1.12-2.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8482/LibRaw-0.16.2-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8498/mingw-LibRaw-0.16.2-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7878/krb5-1.12.2-17.fc21 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7864/pyparted-3.10.4-1.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2015-8045/libnl3-3.2.25-6.fc21 6 https://admin.fedoraproject.org/updates/FEDORA-2015-8055/lua-socket-3.0-0.10.rc1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8262/createrepo_c-0.8.2-1.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8272/libcap-ng-0.7.5-2.fc21 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8256/libseccomp-2.2.1-0.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8374/evolution-data-server-3.12.11-3.fc21 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8380/createrepo_c-0.8.3-1.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8504/dracut-038-39.git20150518.fc21 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8481/pango-1.36.8-5.fc21 The following builds have been pushed to Fedora 21 updates-testing GeographicLib-1.42-1.fc21 LibRaw-0.16.2-1.fc21 OpenSceneGraph-3.2.1-4.fc21 ceph-deploy-1.5.24-1.fc21 certmonger-0.77.4-1.fc21 dovecot-2.2.18-2.fc21 dracut-038-39.git20150518.fc21 e16-1.0.16-1.fc21 firefox-38.0.1-1.fc21 golang-github-russross-blackfriday-1.2-6.fc21 golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.fc21 grfcodec-6.0.5-1.fc21 i3-4.10.2-1.fc21 libburn-1.4.0-1.fc21 libisoburn-1.4.0-1.fc21 libisofs-1.4.0-1.fc21 libodfgen-0.1.4-1.fc21 mingw-LibRaw-0.16.2-1.fc21 mingw-gstreamer1-1.4.5-1.fc21 mingw-gstreamer1-plugins-base-1.4.5-1.fc21 nml-0.4.1-2.fc21 nodejs-npm-registry-client-0.2.28-3.fc21 openms-2.0.0-12.fc21 openttd-1.5.0-2.fc21 openttd-opengfx-0.5.2-1.fc21 pango-1.36.8-5.fc21 pcl-1.7.1-6.fc21 perl-Finance-YahooQuote-0.25-1.fc21 php-horde-Horde-Imap-Client-2.28.1-1.fc21 php-mtdowling-jmespath-php-2.1.0-1.fc21 php-mtdowling-transducers-0.3.0-1.fc21 php-pecl-mongo-1.6.8-1.fc21 php-theseer-autoload-1.17.0-1.fc21 php-true-punycode-1.1.0-1.fc21 php-whitehat101-apr1-md5-1.0.0-1.fc21 python-docker-scripts-0.3.8-1.fc21 python-requests-file-1.3.1-1.fc21 rubygem-occi-cli-4.3.1-1.fc21 stage-4.1.1-10.fc21 strace-4.10-2.fc21 yelp-3.14.2-1.fc21 yoshimi-1.3.4-1.fc21.1 zarafa-7.1.12-2.fc21 zynaddsubfx-2.4.4-4.fc21 Details about builds: ================================================================================ GeographicLib-1.42-1.fc21 (FEDORA-2015-8512) Library for geographic coordinate transformations -------------------------------------------------------------------------------- Update Information: Update to release 1.42 -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2015 Rich Mattes <richmattes@xxxxxxxxx> - 1.42-1 - Update to release 1.42 - Add octave subpackage * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.40-2 - Rebuilt for GCC 5 C++11 ABI change -------------------------------------------------------------------------------- ================================================================================ LibRaw-0.16.2-1.fc21 (FEDORA-2015-8482) Library for reading RAW files obtained from digital photo cameras -------------------------------------------------------------------------------- Update Information: Latest upstream bugfix. Fixed dcraw vulnerability in ljpeg_start() -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 0.16.2-1 - 0.16.2, BZ 1222258. * Thu May 14 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 0.16.1-7 - Add provides for bundled dcraw, https://fedorahosted.org/fpc/ticket/530 - Fix EVR in changelog. * Mon May 11 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 0.16.1-6 - 0.16.1, BZ 1220382. * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 0.16.0-5 - Rebuilt for GCC 5 C++11 ABI change -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222258 - LibRaw-0.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222258 [ 2 ] Bug #1220382 - LibRaw-0.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1220382 [ 3 ] Bug #1221250 - CVE-2015-3885 LibRaw: dcraw: input sanitization flaw leading to buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1221250 -------------------------------------------------------------------------------- ================================================================================ OpenSceneGraph-3.2.1-4.fc21 (FEDORA-2015-8515) High performance real-time graphics toolkit -------------------------------------------------------------------------------- Update Information: Rebuild for newer fltk -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 18 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 3.2.1-4 - rebuild (fltk,gcc5) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210694 - Please update to 1.3.3 so TigerVNC can be updated to newer version https://bugzilla.redhat.com/show_bug.cgi?id=1210694 -------------------------------------------------------------------------------- ================================================================================ ceph-deploy-1.5.24-1.fc21 (FEDORA-2015-8473) Admin and deploy tool for Ceph -------------------------------------------------------------------------------- Update Information: Update to ceph-deploy 1.5.24. See [upstream changelog](http://ceph.com/ceph-deploy/docs/changelog.html) for detailed changes. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Ken Dreyer <ktdreyer@xxxxxxxxxxxx> - 1.5.24-1 - update to ceph-deploy 1.5.24 -------------------------------------------------------------------------------- ================================================================================ certmonger-0.77.4-1.fc21 (FEDORA-2015-5449) Certificate status monitor and PKI enrollment client -------------------------------------------------------------------------------- Update Information: This update adds a few new features: * It adds initial support for using SCEP to communicate with CAs. The service will need to be told about such CAs using either getcert's "add-scep-ca" or "add-ca" commands. * getcert's "request" command can now be passed a ChallengePassword value to include in signing requests using the new -L and -l flags. * getcert's "list" command now displays the contents of an issued certificate's enrollment certificate type extension. Additionally, it fixes some bugs: * ipa-submit no longer crashes when it's unable to reach a server and attempts to select an alternate server using DNS service discovery. * getcert's "list" command correctly displays the pre- and post-save commands associated with a certificate again. -------------------------------------------------------------------------------- ChangeLog: * Fri May 15 2015 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.77.4-1 - don't display PINs in "getcert list" output (#42) - clean up launching of a private instance in "getcert" - expand on the don't-delete-private-key fix from 0.77.3 by letting NSS's own safety checks have an effect - backport record-keeping of key generation dates and counts of how many times we've gotten certificates using a given key pair * Thu May 7 2015 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.77.3-1 - fix a data loss bug when saving renewed certificates to NSS databases - the private key could be removed in error since 0.77 - fixes for bugs found by static analysis - fix self-tests when built with OpenSSL 1.0.2 * Tue Apr 14 2015 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.77.2-1 - expose the certificate's not-valid-before and not-valid-after dates as a property over D-Bus (ticket #41) - give the local signer its own configuration option to set the lifetime of its signing certificate, falling back to the lifetime configured for the self-signer as a default to match the previous behavior - fix a potential read segfault parsing the output of an enrollment helper, introduced in 0.77 (thanks to Steve Neuharth) - read the ns-certtype extension value in certificates - request an enrollment certtype extension to CSRs if we have a profile name that we want to use (ticket #17, possibly part of IPA ticket #57) * Fri Feb 27 2015 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.77.1-1 - update to 0.77 - add initial, still rough, SCEP support (#1140241,#1161768) - add an scep-submit helper to handle part of it - getcert: add add-ca/add-scep-ca/modify-ca/remove-ca commands - getcert: add -l, -L flags to request/resubmit/start-tracking commands to provide a way to set a ChallengePassword in signing requests - lay some groundwork for rekeying support - bundled dogtag enrollment helpers now output debugging info to stderr (#) - ipa-getcert: fix a crash when using DNS discovery to locate servers (#39) - getcert: fix displaying of pre-request pre-/post-save commands (#1178190, - use Zanata for translations - getcert list: list the certificate's profile name, if it contains one -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.18-2.fc21 (FEDORA-2015-8485) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - pigeonhole updated to 0.4.8 - Fixed problem in address test: erroneously decoded mime-encoded words in address headers. - extprograms plugin: Fixed failure occurring when connecting to script service without the need to read back the output from the external program. - Fixed bug in script storage path normalization occurring with relative symbolic links below root. - dovecot updated to 2.2.18 - director: Login UNIX sockets were normally detected as doveadm or director ring sockets, causing it to break in existing installations. - sdbox: When copying a mail in alt storage, place the destination to alt storage as well. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.18-2 - update pigeonhole to 0.4.8 - Fixed problem in address test: erroneously decoded mime-encoded words in address headers. - extprograms plugin: Fixed failure occurring when connecting to script service without the need to read back the output from the external program. - Fixed bug in script storage path normalization occurring with relative symbolic links below root. * Fri May 15 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.18-1 - director: Login UNIX sockets were normally detected as doveadm or director ring sockets, causing it to break in existing installations. - sdbox: When copying a mail in alt storage, place the destination to alt storage as well. * Thu May 14 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.17-1 - dovecot updated to 2.2.17 - pigeonhole updated to 0.4.7 - auth: If auth_master_user_separator was set, auth process could be crashed by trying to log in with empty master username. - imap-login, pop3-login: Fixed crash on handshake failures with new OpenSSL versions (v1.0.2) when SSLv3 was disabled. - auth: If one passdb fails allow_nets check, it shouldn't have failed all the other passdb checks later on. - imap: Server METADATA couldn't be accessed - imapc: Fixed \Muted label handling in gmail-migration. - imapc: Various bugfixes and improvements. - Trash plugin fixes by Alexei Gradinari - mbox: Fixed crash/corruption in some situations -------------------------------------------------------------------------------- ================================================================================ dracut-038-39.git20150518.fc21 (FEDORA-2015-8504) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information: - add more input drivers - lvm: add cache tools for dm-cache usage - add hyperv framebuffer module - add amdkfd kernel module - add sdhci-pci kernel module -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Harald Hoyer <harald@xxxxxxxxxx> 038-39.git20150518 - add more input drivers Resolves: rhbz#1135734 rhbz#1204392 - lvm: add cache tools for dm-cache usage Resolves: rhbz#1184519 - add hyperv framebuffer module Resolves: rhbz#1192035 - add amdkfd kernel module Resolves: rhbz#1205222 - add sdhci-pci kernel module Resolves: rhbz#1211480 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1135734 - Wireless keyboard/trackball device is not recognized in the Fedora installer https://bugzilla.redhat.com/show_bug.cgi?id=1135734 [ 2 ] Bug #1204392 - Wireless keybord K330 Logitech not working for dm-crypt passphrase https://bugzilla.redhat.com/show_bug.cgi?id=1204392 [ 3 ] Bug #1184519 - Boot failure with dm-cache enabled on root filesystem, cache_check missing in initrd https://bugzilla.redhat.com/show_bug.cgi?id=1184519 [ 4 ] Bug #1192035 - Hyper-V framebuffer module missing from initramfs https://bugzilla.redhat.com/show_bug.cgi?id=1192035 [ 5 ] Bug #1205222 - Add "amdkfd" and "amd_iommu_v2" to default initramfs when using kernel 3.19 and above https://bugzilla.redhat.com/show_bug.cgi?id=1205222 [ 6 ] Bug #1211480 - sdhci_pci not included in initramfs when system storage is on it https://bugzilla.redhat.com/show_bug.cgi?id=1211480 -------------------------------------------------------------------------------- ================================================================================ e16-1.0.16-1.fc21 (FEDORA-2015-8495) The Enlightenment window manager, DR16 -------------------------------------------------------------------------------- Update Information: Update to latest upstream release e16 1.0.16. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 12 2015 Terje Rosten <terje.rosten@xxxxxxx> - 1.0.16-1 - 1.0.16 -------------------------------------------------------------------------------- ================================================================================ firefox-38.0.1-1.fc21 (FEDORA-2015-8480) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: New upstream version - 38.0.1 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Martin Stransky <stransky@xxxxxxxxxx> - 38.0.1-1 - Update to 38.0.1 * Wed May 13 2015 Martin Stransky <stransky@xxxxxxxxxx> - 38.0-5 - Added patch for mozilla#1144745 - HiDPI Gtk3 fixes -------------------------------------------------------------------------------- ================================================================================ golang-github-russross-blackfriday-1.2-6.fc21 (FEDORA-2015-8523) Markdown processor implemented in Go -------------------------------------------------------------------------------- Update Information: Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.2-6 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222338 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday https://bugzilla.redhat.com/show_bug.cgi?id=1222338 -------------------------------------------------------------------------------- ================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.fc21 (FEDORA-2015-8471) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information: Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.git8e87604 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222336 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name https://bugzilla.redhat.com/show_bug.cgi?id=1222336 -------------------------------------------------------------------------------- ================================================================================ grfcodec-6.0.5-1.fc21 (FEDORA-2015-8524) A suite of programs to modify Transport Tycoon Deluxe's GRF files -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 6.0.5-1 - update to 6.0.5 * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 6.0.4-6 - Rebuilt for GCC 5 C++11 ABI change * Tue Jan 27 2015 Petr Machata <pmachata@xxxxxxxxxx> - 6.0.4-5 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- ================================================================================ i3-4.10.2-1.fc21 (FEDORA-2015-8516) Improved tiling window manager -------------------------------------------------------------------------------- Update Information: Update to 4.10.2 (#1206967) -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 Björn Esser <bjoern.esser@xxxxxxxxx> - 4.10.2-1 - Update to 4.10.2 (#1206967) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1206967 - i3-4.10.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1206967 -------------------------------------------------------------------------------- ================================================================================ libburn-1.4.0-1.fc21 (FEDORA-2015-8472) Library for reading, mastering and writing optical discs -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Update to upstream 1.4.0 (#1222524) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 [ 3 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 -------------------------------------------------------------------------------- ================================================================================ libisoburn-1.4.0-1.fc21 (FEDORA-2015-8472) Library to enable creation and expansion of ISO-9660 filesystems -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Upgrade to 1.4.0 (#1222525) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 [ 3 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 -------------------------------------------------------------------------------- ================================================================================ libisofs-1.4.0-1.fc21 (FEDORA-2015-8472) Library to create ISO 9660 disk images -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Upgrade to 1.4.0 (#1222526) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 [ 3 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 -------------------------------------------------------------------------------- ================================================================================ libodfgen-0.1.4-1.fc21 (FEDORA-2015-8514) An ODF generator library -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 David Tardon <dtardon@xxxxxxxxxx> - 0.1.4-1 - new upstream release * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 0.1.3-3 - Rebuilt for GCC 5 C++11 ABI change * Tue Jan 27 2015 Petr Machata <pmachata@xxxxxxxxxx> - 0.1.3-2 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- ================================================================================ mingw-LibRaw-0.16.2-1.fc21 (FEDORA-2015-8498) Library for reading RAW files obtained from digital photo cameras -------------------------------------------------------------------------------- Update Information: Update to version 0.16.2, see http://www.libraw.org/download#changelog for details. Update to version 0.16.1, see http://www.libraw.org/download#changelog for details. Security fix for CVE-2015-3885. -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 Sandro Mani <manisandro@xxxxxxxxx> - 0.16.2-1 - Update to 0.16.2 * Mon May 11 2015 Sandro Mani <manisandro@xxxxxxxxx> - 0.16.1-1 - Update to 0.16.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1221249 - CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1221249 -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-1.4.5-1.fc21 (FEDORA-2015-8489) MinGW Windows Streaming-Media Framework Runtime -------------------------------------------------------------------------------- Update Information: Update to 1.4.5 -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 Paweł Forysiuk <tuxator@xxxxx> - 1.4.5-1 - Update to 1.4.5 -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-base-1.4.5-1.fc21 (FEDORA-2015-8489) Cross compiled GStreamer1 media framework base plug-ins -------------------------------------------------------------------------------- Update Information: Update to 1.4.5 -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 Paweł Forysiuk <tuxator@xxxxx> - 1.4.5-1 - Update to 1.4.5 -------------------------------------------------------------------------------- ================================================================================ nml-0.4.1-2.fc21 (FEDORA-2015-8524) NewGRF Meta Language compiler -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.1-2 - add missing BuildRequires * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.1-1 - update to 0.4.1 - remove version_foo variable (YAY!) * Wed Feb 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.0-1 - update to 0.4.0 - now uses Python 3 - is no longer noarch -------------------------------------------------------------------------------- ================================================================================ nodejs-npm-registry-client-0.2.28-3.fc21 (FEDORA-2015-8517) Client for the npm registry -------------------------------------------------------------------------------- Update Information: This update resolves issues that prevented the `npm adduser` and `npm publish` commands from working properly. -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.2.28-3 - backport fixes to publish and adduser functions (RHBZ#1220472) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1220472 - npm fails to login https://bugzilla.redhat.com/show_bug.cgi?id=1220472 -------------------------------------------------------------------------------- ================================================================================ openms-2.0.0-12.fc21 (FEDORA-2015-8511) LC/MS data management and analyses -------------------------------------------------------------------------------- Update Information: - **Update to 2.0.0** - **Bug fix in upstream desktop files** - **Fix PeakPickerWavelet test** - **Set environment variables in desktop files** - **Update to the release 2.0** -------------------------------------------------------------------------------- ChangeLog: * Fri May 15 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-12 - Bug fix in upstream desktop files * Fri May 15 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-11 - Fix PeakPickerWavelet test - Set environment variables in desktop files * Fri May 8 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-10 - Excluded TOPP_XTandemAdapter_ test * Fri May 8 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-9 - Rebuild after XTandem update - Try to execute XTandem test * Sat May 2 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-8 - memleaks test excluded * Sat May 2 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-7 - mzML unittests patched - PyOpenMS compiled without parallel make - PyOpenMS tests disabled * Fri May 1 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-6 - Source archive re-compressed by upstream - Sym-linked the library pyopenms/libSuperHirn.so * Fri May 1 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-5 - SPEC cleanups * Thu Apr 30 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-4 - Patched pyOpenMS version definition - Removed 'pyopenms_bdist_egg' make target * Thu Apr 30 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-3 - PyOpenMS is still compiled against Python2 on Linux * Mon Apr 13 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-2 - Fix make test * Sat Apr 11 2015 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.0.0-1 - Update to the release 2.0 * Mon Jan 26 2015 Petr Machata <pmachata@xxxxxxxxxx> - 1.11.1-12 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- ================================================================================ openttd-1.5.0-2.fc21 (FEDORA-2015-8524) Transport system simulation game -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.5.0-2 - Rebuilt for GCC 5 C++11 ABI change * Sun Apr 5 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 1.5.0-1 - update to 1.5.0 - remove compile patch, fixed upstream * Thu Mar 26 2015 Richard Hughes <rhughes@xxxxxxxxxx> - 1.4.4-3 - Add an AppData file for the software center * Mon Jan 26 2015 David Tardon <dtardon@xxxxxxxxxx> - 1.4.4-2 - rebuild for ICU 54.1 -------------------------------------------------------------------------------- ================================================================================ openttd-opengfx-0.5.2-1.fc21 (FEDORA-2015-8524) OpenGFX replacement graphics for OpenTTD -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.5.2-1 - update to 0.5.2 - Makefile.local is replaced by command line variables -------------------------------------------------------------------------------- ================================================================================ pango-1.36.8-5.fc21 (FEDORA-2015-8481) System for layout and rendering of internationalized text -------------------------------------------------------------------------------- Update Information: Fix pango-view(1) man page -------------------------------------------------------------------------------- ChangeLog: * Thu May 14 2015 Matthias Clasen <mclasen@xxxxxxxxxx> - 1.36.8-5 - Regenerate man page for pango-view * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.36.8-4 - Rebuilt for GCC 5 C++11 ABI change * Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1.36.8-3 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Mon Jan 26 2015 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.36.8-2 - Add Requires(post): libXft deps. (#1155261) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222289 - man page of pango-view is broken https://bugzilla.redhat.com/show_bug.cgi?id=1222289 -------------------------------------------------------------------------------- ================================================================================ pcl-1.7.1-6.fc21 (FEDORA-2015-8496) Library for point cloud processing -------------------------------------------------------------------------------- Update Information: This update fixes a bug in PCLConfig.cmake where the necessary VTK libraries to compile against PCL weren't all being specified. It only affects developers using PCL, and shouldn't affect any runtime performance. -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 Rich Mattes <richmattes@xxxxxxxxx> - 1.7.1-6 - Fix PCLConfig.cmake VTK_LIBRARIES definition -------------------------------------------------------------------------------- ================================================================================ perl-Finance-YahooQuote-0.25-1.fc21 (FEDORA-2015-8493) Perl interface to get stock quotes from Yahoo! Finance -------------------------------------------------------------------------------- Update Information: Yahoo has recently changed the URL for requesting a quote. This affects this perl module, which needs to reflect the new URL in order to successfully scrape the data. Version 0.25 uses the new URL. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 0.25-1 - Update to 0.25 (#1219989) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1219989 - perl-Finance-YahooQuote 0.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=1219989 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.28.1-1.fc21 (FEDORA-2015-8484) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: **Horde_Imap_Client 2.28.1** * [mms] Directly store literal data in a separate stream when parsing IMAP tokens, so we don't have to duplicate the stream later when processing it. * [mms] Don't load literal IMAP data into a string variable when tokenizing IMAP input. * [mms] Fix search queries where ID list given is explicitly empty, indicating that a match can never be successful (Bug #13971). * [mms] Fix expunging in certain cases when UIDPLUS is not available (Bug #13970; Robin McCorkell). -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.28.1-1 - Update to 2.28.1 -------------------------------------------------------------------------------- ================================================================================ php-mtdowling-jmespath-php-2.1.0-1.fc21 (FEDORA-2015-8521) Declaratively specify how to extract elements from a JSON document -------------------------------------------------------------------------------- Update Information: JMESPath (pronounced "jaymz path") allows you to declaratively specify how to extract elements from a JSON document. jmespath.php allows you to use JMESPath in PHP applications with PHP data structures. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222266 - Review Request: php-mtdowling-jmespath-php - Declaratively specify how to extract elements from a JSON document https://bugzilla.redhat.com/show_bug.cgi?id=1222266 -------------------------------------------------------------------------------- ================================================================================ php-mtdowling-transducers-0.3.0-1.fc21 (FEDORA-2015-8507) Composable algorithmic transformations -------------------------------------------------------------------------------- Update Information: Transducers [1] are composable algorithmic transformations. They are independent from the context of their input and output sources and specify only the essence of the transformation in terms of an individual element. Because transducers are decoupled from input or output sources, they can be used in many different processes - collections, streams, channels, observables, etc. Transducers compose directly, without awareness of input or creation of intermediate aggregates. [1] http://clojure.org/transducers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222267 - Review Request: php-mtdowling-transducers - Composable algorithmic transformations https://bugzilla.redhat.com/show_bug.cgi?id=1222267 -------------------------------------------------------------------------------- ================================================================================ php-pecl-mongo-1.6.8-1.fc21 (FEDORA-2015-8488) PHP MongoDB database driver -------------------------------------------------------------------------------- Update Information: Bug * [PHP-1442] - php_mongo_stream_notify_io() segfault with stream context options * [PHP-1445] - MongoClient does not accept boolean false as "ssl" option Improvement * [PHP-1446] - Log original string values for parsed boolean options -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.6.8-1 - update to 1.6.8 (stable) -------------------------------------------------------------------------------- ================================================================================ php-theseer-autoload-1.17.0-1.fc21 (FEDORA-2015-8509) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information: * Added support for parameter 'prepend' of spl_autoload_register to allow for prepending without changing templates * Added support for parameter 'exception' of spl_autoload_register to optionally disable exceptions on errors -------------------------------------------------------------------------------- ChangeLog: * Fri May 15 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.17.0-1 - Update to 1.17.0 -------------------------------------------------------------------------------- ================================================================================ php-true-punycode-1.1.0-1.fc21 (FEDORA-2015-8510) A Bootstring encoding of Unicode for IDNA -------------------------------------------------------------------------------- Update Information: New upstream version **1.1.0** * [Enhancement] Character encoding is now passed to the constructor, defaulting to UTF-8, as opposite to relying on mb_internal_encoding function call (#9). -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - update to version 1.1.0 -------------------------------------------------------------------------------- ================================================================================ php-whitehat101-apr1-md5-1.0.0-1.fc21 (FEDORA-2015-8475) Apache's APR1-MD5 algorithm in pure PHP -------------------------------------------------------------------------------- Update Information: A tested, referenced, documented, and packaged implementation of Apache's APR1 MD5 Hashing Algorithm in pure PHP. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222265 - Review Request: php-whitehat101-apr1-md5 - Apache's APR1-MD5 algorithm in pure PHP https://bugzilla.redhat.com/show_bug.cgi?id=1222265 -------------------------------------------------------------------------------- ================================================================================ python-docker-scripts-0.3.8-1.fc21 (FEDORA-2015-8476) Collection of scripts to help manage Docker -------------------------------------------------------------------------------- Update Information: New package import -------------------------------------------------------------------------------- ================================================================================ python-requests-file-1.3.1-1.fc21 (FEDORA-2015-8505) Transport adapter for using file:// URLs with python-requests -------------------------------------------------------------------------------- Update Information: Fix a crash when closing a file response. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 David Shea <dshea@xxxxxxxxxx> - 1.3.1-1 - Add python version classifiers to the package info * Mon May 18 2015 David Shea <dshea@xxxxxxxxxx> - 1.3-1 - Fix a crash when closing a file response. - Use named aliases instead of integers for status codes. -------------------------------------------------------------------------------- ================================================================================ rubygem-occi-cli-4.3.1-1.fc21 (FEDORA-2015-8497) Executable OCCI client -------------------------------------------------------------------------------- Update Information: This gem is a client implementation of the Open Cloud Computing Interface in Ruby. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1206946 - Review Request: rubygem-occi-cli - Executable OCCI client https://bugzilla.redhat.com/show_bug.cgi?id=1206946 -------------------------------------------------------------------------------- ================================================================================ stage-4.1.1-10.fc21 (FEDORA-2015-8494) A 2.5D multi-robot simulator -------------------------------------------------------------------------------- Update Information: Rebuild for newer fltk -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 19 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.1.1-10 - rebuild (fltk) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210694 - Please update to 1.3.3 so TigerVNC can be updated to newer version https://bugzilla.redhat.com/show_bug.cgi?id=1210694 -------------------------------------------------------------------------------- ================================================================================ strace-4.10-2.fc21 (FEDORA-2015-8499) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information: Backport set of upstream patches to get it buildable on AArch64 -------------------------------------------------------------------------------- ChangeLog: * Mon May 11 2015 Marcin Juszkiewicz <mjuszkiewicz@xxxxxxxxxx> - 4.10-2 - Backport set of upstream patches to get it buildable on AArch64 -------------------------------------------------------------------------------- ================================================================================ yelp-3.14.2-1.fc21 (FEDORA-2015-8501) Help browser for the GNOME desktop -------------------------------------------------------------------------------- Update Information: Update to 3.14.2 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 David King <amigadave@xxxxxxxxxxxxx> - 1:3.14.2-1 - Update to 3.14.2 -------------------------------------------------------------------------------- ================================================================================ yoshimi-1.3.4-1.fc21.1 (FEDORA-2015-8491) Rewrite of ZynAddSubFx aiming for better JACK support -------------------------------------------------------------------------------- Update Information: Rebuild for newer fltk Update to upstream release 1.3.4 Update to 1.3.3 and include new SVG icon -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.4-1.1 - Rebuild for newer fltk * Sun Apr 5 2015 Adam Huffman <bloch@xxxxxxxxxxxx> - 1.3.4-1 - Update to upstream release 1.3.4 * Sat Mar 7 2015 Adam Huffman <bloch@xxxxxxxxxxxx> - 1.3.3-2 - Include new SVG icon * Fri Mar 6 2015 Adam Huffman <bloch@xxxxxxxxxxxx> - 1.3.3-1 - Update to upstream release 1.3.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210694 - Please update to 1.3.3 so TigerVNC can be updated to newer version https://bugzilla.redhat.com/show_bug.cgi?id=1210694 -------------------------------------------------------------------------------- ================================================================================ zarafa-7.1.12-2.fc21 (FEDORA-2015-8487) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1.12-2 - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1222151 -------------------------------------------------------------------------------- ================================================================================ zynaddsubfx-2.4.4-4.fc21 (FEDORA-2015-8477) Real-time software synthesizer -------------------------------------------------------------------------------- Update Information: Rebuild for newer fltk -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 26 2015 Richard Hughes <rhughes@xxxxxxxxxx> - 2.4.4-4 - Add an AppData file for the software center * Thu Feb 19 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.4.4-3 - rebuild (fltk) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210694 - Please update to 1.3.3 so TigerVNC can be updated to newer version https://bugzilla.redhat.com/show_bug.cgi?id=1210694 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
