The following Fedora 20 Security updates need testing: Age URL 168 https://admin.fedoraproject.org/updates/FEDORA-2014-15988/fail2ban-0.9.1-1.fc20 148 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 103 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20 86 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 71 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20 66 https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20 53 https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20 38 https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20 38 https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20 31 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20 17 https://admin.fedoraproject.org/updates/FEDORA-2015-7302/drupal7-views-3.11-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7714/ca-certificates-2015.2.4-1.0.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-7561/openslp-1.2.1-22.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-8159/rawstudio-2.1-0.1.20150511git983bda1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-8142/cabal-install-1.16.1.0-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8252/xen-4.3.4-4.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8251/java-1.8.0-openjdk-1.8.0.45-38.b14.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8247/LibRaw-0.15.4-2.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8248/qemu-1.6.2-14.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8266/mingw-LibRaw-0.15.4-5.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8345/libinfinity-0.6.6-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2015-8386/hostapd-2.4-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8518/kernel-3.19.8-100.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8479/zarafa-7.1.12-2.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 86 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7719/qt-4.8.6-30.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-7714/ca-certificates-2015.2.4-1.0.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2015-8007/lua-socket-3.0-0.10.rc1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8257/coreutils-8.21-22.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-8261/pcre-8.33-11.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8500/poppler-0.24.3-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8486/firefox-38.0.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8502/dracut-037-13.git20150518.fc20 The following builds have been pushed to Fedora 20 updates-testing GeographicLib-1.42-1.fc20 dovecot-2.2.18-2.fc20 dracut-037-13.git20150518.fc20 e16-1.0.16-1.fc20 firefox-38.0.1-1.fc20 golang-github-russross-blackfriday-1.2-6.fc20 golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.fc20 grfcodec-6.0.5-1.fc20 kernel-3.19.8-100.fc20 libburn-1.4.0-1.fc20 libisoburn-1.4.0-1.fc20 libisofs-1.4.0-1.fc20 nml-0.4.1-2.fc20 nodejs-npm-registry-client-0.2.28-3.fc20 openttd-1.5.0-2.fc20 openttd-opengfx-0.5.2-1.fc20 perl-Finance-YahooQuote-0.25-1.fc20 php-horde-Horde-Imap-Client-2.28.1-1.fc20 php-theseer-autoload-1.17.0-1.fc20 php-true-punycode-1.1.0-1.fc20 poppler-0.24.3-7.fc20 zarafa-7.1.12-2.fc20 Details about builds: ================================================================================ GeographicLib-1.42-1.fc20 (FEDORA-2015-8508) Library for geographic coordinate transformations -------------------------------------------------------------------------------- Update Information: Update to release 1.42 -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2015 Rich Mattes <richmattes@xxxxxxxxx> - 1.42-1 - Update to release 1.42 - Add octave subpackage * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.40-2 - Rebuilt for GCC 5 C++11 ABI change -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.18-2.fc20 (FEDORA-2015-8492) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - pigeonhole updated to 0.4.8 - Fixed problem in address test: erroneously decoded mime-encoded words in address headers. - extprograms plugin: Fixed failure occurring when connecting to script service without the need to read back the output from the external program. - Fixed bug in script storage path normalization occurring with relative symbolic links below root. - dovecot updated to 2.2.18 - director: Login UNIX sockets were normally detected as doveadm or director ring sockets, causing it to break in existing installations. - sdbox: When copying a mail in alt storage, place the destination to alt storage as well. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.18-2 - update pigeonhole to 0.4.8 - Fixed problem in address test: erroneously decoded mime-encoded words in address headers. - extprograms plugin: Fixed failure occurring when connecting to script service without the need to read back the output from the external program. - Fixed bug in script storage path normalization occurring with relative symbolic links below root. * Mon May 18 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.18-1 - director: Login UNIX sockets were normally detected as doveadm or director ring sockets, causing it to break in existing installations. - sdbox: When copying a mail in alt storage, place the destination to alt storage as well. - dovecot updated to 2.2.18 - pigeonhole updated to 0.4.7 - auth: If auth_master_user_separator was set, auth process could be crashed by trying to log in with empty master username. - imap-login, pop3-login: Fixed crash on handshake failures with new OpenSSL versions (v1.0.2) when SSLv3 was disabled. - auth: If one passdb fails allow_nets check, it shouldn't have failed all the other passdb checks later on. - imap: Server METADATA couldn't be accessed - imapc: Fixed \Muted label handling in gmail-migration. - imapc: Various bugfixes and improvements. - Trash plugin fixes by Alexei Gradinari - mbox: Fixed crash/corruption in some situations -------------------------------------------------------------------------------- ================================================================================ dracut-037-13.git20150518.fc20 (FEDORA-2015-8502) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information: - do not hard require vim-minimal -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Harald Hoyer <harald@xxxxxxxxxx> 037-13.git20150518 - do not hard require vim-minimal Resolves: rhbz#1118988 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1118988 - Error when updating kernel 3.14.x https://bugzilla.redhat.com/show_bug.cgi?id=1118988 -------------------------------------------------------------------------------- ================================================================================ e16-1.0.16-1.fc20 (FEDORA-2015-8506) The Enlightenment window manager, DR16 -------------------------------------------------------------------------------- Update Information: Update to latest upstream release e16 1.0.16. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 12 2015 Terje Rosten <terje.rosten@xxxxxxx> - 1.0.16-1 - 1.0.16 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.13-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ firefox-38.0.1-1.fc20 (FEDORA-2015-8486) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: New upstream version - 38.0.1 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Martin Stransky <stransky@xxxxxxxxxx> - 38.0.1-1 - Update to 38.0.1 * Wed May 13 2015 Martin Stransky <stransky@xxxxxxxxxx> - 38.0-5 - Added patch for mozilla#1144745 - HiDPI Gtk3 fixes -------------------------------------------------------------------------------- ================================================================================ golang-github-russross-blackfriday-1.2-6.fc20 (FEDORA-2015-8519) Markdown processor implemented in Go -------------------------------------------------------------------------------- Update Information: Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.2-6 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222338 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday https://bugzilla.redhat.com/show_bug.cgi?id=1222338 -------------------------------------------------------------------------------- ================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.fc20 (FEDORA-2015-8478) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information: Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.2.git8e87604 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222336 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name https://bugzilla.redhat.com/show_bug.cgi?id=1222336 -------------------------------------------------------------------------------- ================================================================================ grfcodec-6.0.5-1.fc20 (FEDORA-2015-8520) A suite of programs to modify Transport Tycoon Deluxe's GRF files -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 6.0.5-1 - update to 6.0.5 * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 6.0.4-6 - Rebuilt for GCC 5 C++11 ABI change * Tue Jan 27 2015 Petr Machata <pmachata@xxxxxxxxxx> - 6.0.4-5 - Rebuild for boost 1.57.0 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 6.0.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 6.0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 6.0.4-2 - Rebuild for boost 1.55.0 -------------------------------------------------------------------------------- ================================================================================ kernel-3.19.8-100.fc20 (FEDORA-2015-8518) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.19.8 update contains a number of important fixes across the tree The 3.19.7 update contains a number of important updates across the tree The 3.19.6 stable updates contains a number of important fixes across the tree -------------------------------------------------------------------------------- ChangeLog: * Mon May 11 2015 Laura Abbott <labbott@xxxxxxxxxxxxxxxxx> - 3.19.8-100 - Linux v3.19.8 * Thu May 7 2015 Laura Abbott <labbott@xxxxxxxxxxxxxxxxx> - 3.19.7-100 - Linux v3.19.7 * Tue May 5 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) * Thu Apr 30 2015 Laura Abbott <labbott@xxxxxxxxxxxxxxxxx> - 3.19.6-100 - Linux v3.19.6 * Thu Apr 30 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Fix backlight on various Toshiba machines (rhbz 1206036 1215989) * Tue Apr 28 2015 Laura Abbott <labbott@xxxxxxxxxxxxxxxxx> - Fix more missing v4l2 caps * Fri Apr 24 2015 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2015-3339 race condition between chown and execve (rhbz 1214030) - Fix iscsi with QNAP devices (rhbz 1208999) * Thu Apr 23 2015 Laura Abbott <labbott@xxxxxxxxxxxxxxxxx> - Fix noisy iwlwifi warning (rhbz 1205083) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1218074 - CVE-2015-3636 kernel: ping sockets: use-after-free leading to local privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1218074 [ 2 ] Bug #1214030 - CVE-2015-3339 kernel: race condition between chown() and execve() https://bugzilla.redhat.com/show_bug.cgi?id=1214030 -------------------------------------------------------------------------------- ================================================================================ libburn-1.4.0-1.fc20 (FEDORA-2015-8503) Library for reading, mastering and writing optical discs -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Update to upstream 1.4.0 (#1222524) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 [ 3 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 -------------------------------------------------------------------------------- ================================================================================ libisoburn-1.4.0-1.fc20 (FEDORA-2015-8503) Library to enable creation and expansion of ISO-9660 filesystems -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Upgrade to 1.4.0 (#1222525) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 [ 3 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 -------------------------------------------------------------------------------- ================================================================================ libisofs-1.4.0-1.fc20 (FEDORA-2015-8503) Library to create ISO 9660 disk images -------------------------------------------------------------------------------- Update Information: libisofs 1.4.0 ============== * Bug fix: iso_image_report_system_area() caused SIGSEGV by NULL if no valid ISO 9660 image was loeaded. Thanks to OmegaPhil. * Bug fix: A SIGSEGV could happen when loading a faulty ISO filesystem. Debian bug 774152. Thanks to Jakub Wilk. * Bug fix: Rock Ridge Continuation Area could be produced crossing a block boundary. This is heavily disliked by the Linux kernel and spoils the representation of directories which contain many symbolic links. * Bug fix: If iso_write_opts_set_hardlinks() enabled automatic inode numbers, then they did not get into effect with nodes were zisofs decoder filters got attached during the image load process. * Bug fix: The header indicator of the last El Torito catalog section header was set to 0x90 rather than 0x91 if more than one boot image is in that section. * Bug fix: Only 128 bytes of an emerging GPT header block were zeroized. * Bug fix: iso_image_report_system_area() did not show GPT partitions of size 0. * Bug fix: A zero sized GPT partition was marked after the last appended GPT partition. * Bug fix: GPT production did not yield proper results with appended sessions resp. with TOC emulation enabled. * Increased default weight of El Torito boot catalog to 1 billion. * Improved handling of cylinder alignment if the resulting image size is not divisible by 2048. Old behavior was to not align. New is to pad up by a few blocks of 512 bytes. * New API call iso_write_opts_set_appended_as_gpt() and marking of appended partitions in GPT if GPT emerges for other reasons. * New system area type 6 = DEC Alpha SRM boot sector. New API calls iso_image_set_alpha_boot(), iso_image_get_alpha_boot(). Thanks to Helge Deller. * New API object iso_interval_reader. Enabling flag bits for older API calls iso_write_opts_set_prep_img(), iso_write_opts_set_efi_bootp(), and iso_write_opts_set_partition_img(). libburn 1.4.0 ============= * Bug fix: Double free with cdrskin -vvv. Introduced with rev 5065, version 1.3.1 * Bug fix: Wrong read access to memory. Reported by valgrind of lian jianfei. libisoburn 1.4.0 ================ * Bug fix: -dev or -indev of medium with non-ISO data caused SIGSEGV by NULL * New API calls isoburn_igopt_set_appended_as_gpt(), isoburn_igopt_get_appended_as_gpt() * New API call isoburn_igopt_set_part_flag() and libisofs interval reader flags * New -find action "show_stream_id" * Optional libisofs interval reader with -append_partition and System Area * New -boot_image bootspec "appended_part_as=", new -as mkisofs option -appended_part_as_gpt * New -report_system_area formats "cmd" and "as_mkisofs" -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.4.0-1 - Upgrade to 1.4.0 (#1222526) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222526 - libisofs-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222526 [ 2 ] Bug #1222524 - libburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222524 [ 3 ] Bug #1222525 - libisoburn-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222525 -------------------------------------------------------------------------------- ================================================================================ nml-0.4.1-2.fc20 (FEDORA-2015-8520) NewGRF Meta Language compiler -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.1-2 - add missing BuildRequires * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.1-1 - update to 0.4.1 - remove version_foo variable (YAY!) * Wed Feb 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.0-1 - update to 0.4.0 - now uses Python 3 - is no longer noarch * Mon Jun 30 2014 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.1-2 - Replace python-setuptools-devel BR with python-setuptools -------------------------------------------------------------------------------- ================================================================================ nodejs-npm-registry-client-0.2.28-3.fc20 (FEDORA-2015-8513) Client for the npm registry -------------------------------------------------------------------------------- Update Information: This update resolves issues that prevented the `npm adduser` and `npm publish` commands from working properly. -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2015 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.2.28-3 - backport fixes to publish and adduser functions (RHBZ#1220472) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1220472 - npm fails to login https://bugzilla.redhat.com/show_bug.cgi?id=1220472 -------------------------------------------------------------------------------- ================================================================================ openttd-1.5.0-2.fc20 (FEDORA-2015-8520) Transport system simulation game -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.5.0-2 - Rebuilt for GCC 5 C++11 ABI change * Sun Apr 5 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 1.5.0-1 - update to 1.5.0 - remove compile patch, fixed upstream * Thu Mar 26 2015 Richard Hughes <rhughes@xxxxxxxxxx> - 1.4.4-3 - Add an AppData file for the software center * Mon Jan 26 2015 David Tardon <dtardon@xxxxxxxxxx> - 1.4.4-2 - rebuild for ICU 54.1 -------------------------------------------------------------------------------- ================================================================================ openttd-opengfx-0.5.2-1.fc20 (FEDORA-2015-8520) OpenGFX replacement graphics for OpenTTD -------------------------------------------------------------------------------- Update Information: Update the whole OpenTTD stack -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.5.2-1 - update to 0.5.2 - Makefile.local is replaced by command line variables -------------------------------------------------------------------------------- ================================================================================ perl-Finance-YahooQuote-0.25-1.fc20 (FEDORA-2015-8522) Perl interface to get stock quotes from Yahoo! Finance -------------------------------------------------------------------------------- Update Information: Yahoo has recently changed the URL for requesting a quote. This affects this perl module, which needs to reflect the new URL in order to successfully scrape the data. Version 0.25 uses the new URL. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 0.25-1 - Update to 0.25 (#1219989) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1219989 - perl-Finance-YahooQuote 0.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=1219989 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.28.1-1.fc20 (FEDORA-2015-8474) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: **Horde_Imap_Client 2.28.1** * [mms] Directly store literal data in a separate stream when parsing IMAP tokens, so we don't have to duplicate the stream later when processing it. * [mms] Don't load literal IMAP data into a string variable when tokenizing IMAP input. * [mms] Fix search queries where ID list given is explicitly empty, indicating that a match can never be successful (Bug #13971). * [mms] Fix expunging in certain cases when UIDPLUS is not available (Bug #13970; Robin McCorkell). -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.28.1-1 - Update to 2.28.1 -------------------------------------------------------------------------------- ================================================================================ php-theseer-autoload-1.17.0-1.fc20 (FEDORA-2015-8490) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information: * Added support for parameter 'prepend' of spl_autoload_register to allow for prepending without changing templates * Added support for parameter 'exception' of spl_autoload_register to optionally disable exceptions on errors -------------------------------------------------------------------------------- ChangeLog: * Fri May 15 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.17.0-1 - Update to 1.17.0 -------------------------------------------------------------------------------- ================================================================================ php-true-punycode-1.1.0-1.fc20 (FEDORA-2015-8483) A Bootstring encoding of Unicode for IDNA -------------------------------------------------------------------------------- Update Information: New upstream version **1.1.0** * [Enhancement] Character encoding is now passed to the constructor, defaulting to UTF-8, as opposite to relying on mb_internal_encoding function call (#9). -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - update to version 1.1.0 -------------------------------------------------------------------------------- ================================================================================ poppler-0.24.3-7.fc20 (FEDORA-2015-8500) PDF rendering library -------------------------------------------------------------------------------- Update Information: This update fixes duplex printing on Postscript printers. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Marek Kasik <mkasik@xxxxxxxxxx> - 0.24.3-7 - Ensure paper size takes into account rotation - Only change paper size when different to previous size - Resolves: #1071267 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1071267 - CUPS pdftops: duplex to duplex-capable Postscript printer prints single-sided https://bugzilla.redhat.com/show_bug.cgi?id=1071267 -------------------------------------------------------------------------------- ================================================================================ zarafa-7.1.12-2.fc20 (FEDORA-2015-8479) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2015 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1.12-2 - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1222151 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
