The following Fedora 20 Security updates need testing: Age URL 164 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 119 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20 102 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 87 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20 83 https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20 69 https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20 54 https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20 54 https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20 47 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20 35 https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20 34 https://admin.fedoraproject.org/updates/FEDORA-2015-7302/drupal7-views-3.11-1.fc20 21 https://admin.fedoraproject.org/updates/FEDORA-2015-8159/rawstudio-2.1-0.1.20150511git983bda1.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2015-8142/cabal-install-1.16.1.0-1.fc20,haskell-platform-2013.2.0.0-39.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2015-8727/fail2ban-0.9.2-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8777/ntfs-3g-2015.3.14-2.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8782/fuse-2.9.4-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8811/postgresql-9.3.7-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9163/fossil-1.33-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9161/nss-util-3.19.1-1.0.fc20,nss-3.19.1-1.0.fc20,nss-softokn-3.19.1-1.0.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9388/libreswan-3.13-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9393/libwmf-0.2.8.4-42.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 102 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8782/fuse-2.9.4-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8777/ntfs-3g-2015.3.14-2.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-8709/libfm-1.2.3-5.D20150521git577806e29d.fc20,pcmanfm-1.2.3-2.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2015-8911/kdelibs-4.14.8-1.fc20,kdepimlibs-4.14.8-1.fc20,kde-runtime-15.04.1-1.fc20,kde-baseapps-15.04.1-1.fc20,oxygen-icon-theme-15.04.1-1.fc20 7 https://admin.fedoraproject.org/updates/FEDORA-2015-8614/gnome-documents-3.10.3-1.fc20,control-center-3.10.4-1.fc20,gnome-online-accounts-3.10.7-2.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9131/cdrkit-1.1.11-23.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9379/perl-Getopt-Long-2.46-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.fc20 The following builds have been pushed to Fedora 20 updates-testing WALinuxAgent-2.0.13-1.fc20 golang-github-emicklei-go-restful-1.1.3-0.4.gitbdfb7d4.fc20 golang-github-fsouza-go-dockerclient-0.2.1-6.gitf95d189.fc20 golang-github-onsi-ginkgo-1.1.0-2.fc20 golang-github-spf13-cobra-0-0.9.git8f5946c.fc20 golang-github-spf13-pflag-0-0.8.git5644820.fc20 golang-googlecode-goauth2-0-0.7.hgb5adcc2.fc20 libreswan-3.13-1.fc20 libwmf-0.2.8.4-42.fc20 openssl-1.0.1e-43.fc20 perl-Getopt-Long-2.46-1.fc20 php-horde-Horde-Core-2.20.4-1.fc20 python-fedmsg-meta-fedora-infrastructure-0.5.7-1.fc20 tiled-0.12.3-1.fc20 Details about builds: ================================================================================ WALinuxAgent-2.0.13-1.fc20 (FEDORA-2015-9403) The Microsoft Azure Linux Agent -------------------------------------------------------------------------------- Update Information: Update to 2.0.13 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 1 2015 Scott K Logan <logans@xxxxxxxxxxx> - 2.0.13-1 - Update to 2.0.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1226903 - WALinuxAgent-2.0.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1226903 -------------------------------------------------------------------------------- ================================================================================ golang-github-emicklei-go-restful-1.1.3-0.4.gitbdfb7d4.fc20 (FEDORA-2015-9392) Package for building REST-style Web Services using Google Go -------------------------------------------------------------------------------- Update Information: Bump to upstream bdfb7d41639a84ea7c36df648e5865cd9fbf21e2 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.1.3-0.4.gitbdfb7d4 - Bump to upstream bdfb7d41639a84ea7c36df648e5865cd9fbf21e2 related: #1215626 * Sat May 9 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.1.3-0.3.gitd487287 - Bump to upstream d4872876992d385f0e69b007f154e5633bdb40af related: #1215626 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215626 - Tracker for golang-github-emicklei-go-restful https://bugzilla.redhat.com/show_bug.cgi?id=1215626 -------------------------------------------------------------------------------- ================================================================================ golang-github-fsouza-go-dockerclient-0.2.1-6.gitf95d189.fc20 (FEDORA-2015-9406) Client for the Docker remote API -------------------------------------------------------------------------------- Update Information: Bump to upstream f95d189acbfcb8628482decdb662d30bc74913e8 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0.2.1-6.gitf95d189 - Bump to upstream f95d189acbfcb8628482decdb662d30bc74913e8 related: #1215656 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215656 - Tracker for golang-github-fsouza-go-dockerclient https://bugzilla.redhat.com/show_bug.cgi?id=1215656 -------------------------------------------------------------------------------- ================================================================================ golang-github-onsi-ginkgo-1.1.0-2.fc20 (FEDORA-2015-9387) A Golang BDD Testing Framework -------------------------------------------------------------------------------- Update Information: Bump to upstream 462326b1628e124b23f42e87a8f2750e3c4e2d24 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 1.1.0-2 - Bump to upstream 462326b1628e124b23f42e87a8f2750e3c4e2d24 related: #1214619 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1214619 - Tracker for golang-github-onsi-ginkgo https://bugzilla.redhat.com/show_bug.cgi?id=1214619 -------------------------------------------------------------------------------- ================================================================================ golang-github-spf13-cobra-0-0.9.git8f5946c.fc20 (FEDORA-2015-9370) A Commander for modern go CLI interactions -------------------------------------------------------------------------------- Update Information: Bump to upstream 8f5946caaeeff40a98d67f60c25e89c3525038a3 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.9.git8f5946c - Bump to upstream 8f5946caaeeff40a98d67f60c25e89c3525038a3 related: #1214769 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1214769 - Tracker for golang-github-spf13-cobra https://bugzilla.redhat.com/show_bug.cgi?id=1214769 -------------------------------------------------------------------------------- ================================================================================ golang-github-spf13-pflag-0-0.8.git5644820.fc20 (FEDORA-2015-9417) Replacement for Go's flag package -------------------------------------------------------------------------------- Update Information: Bump to upstream 5644820622454e71517561946e3d94b9f9db6842 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.8.git5644820 - Bump to upstream 5644820622454e71517561946e3d94b9f9db6842 related: #1214731 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1214731 - Tracker for golang-github-spf13-pflag https://bugzilla.redhat.com/show_bug.cgi?id=1214731 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goauth2-0-0.7.hgb5adcc2.fc20 (FEDORA-2015-9405) OAuth 2.0 for Go clients -------------------------------------------------------------------------------- Update Information: Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.7.hgb5adcc2 - Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9 resolves: #1227273 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2 https://bugzilla.redhat.com/show_bug.cgi?id=1227273 -------------------------------------------------------------------------------- ================================================================================ libreswan-3.13-1.fc20 (FEDORA-2015-9388) IPsec implementation with IKEv1 and IKEv2 keying protocols -------------------------------------------------------------------------------- Update Information: Updated to 3.13 for CVE-2015-3204 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 1 2015 Paul Wouters <pwouters@xxxxxxxxxx> - 3.13-1 - Updated to 3.13 for CVE-2015-3204 -------------------------------------------------------------------------------- ================================================================================ libwmf-0.2.8.4-42.fc20 (FEDORA-2015-9393) Windows MetaFile Library -------------------------------------------------------------------------------- Update Information: CVE-2015-0848 heap overflow when decoding BMP images -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.2.8.4-42 - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images * Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 0.2.8.4-41 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.8.4-40 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.8.4-39 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227243 - CVE-2015-0848 libwmf: heap overflow when decoding BMP images https://bugzilla.redhat.com/show_bug.cgi?id=1227243 -------------------------------------------------------------------------------- ================================================================================ openssl-1.0.1e-43.fc20 (FEDORA-2015-9371) Utilities from the general purpose cryptography library with TLS implementation -------------------------------------------------------------------------------- Update Information: Update mitigating the LOGJAM security vulnerability and fixing a regression in the RAND subsystem locking. -------------------------------------------------------------------------------- ChangeLog: * Fri May 29 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1e-43 - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks https://bugzilla.redhat.com/show_bug.cgi?id=1223211 -------------------------------------------------------------------------------- ================================================================================ perl-Getopt-Long-2.46-1.fc20 (FEDORA-2015-9379) Extended processing of command line options -------------------------------------------------------------------------------- Update Information: This release fixes argument processing failure when procedural and object interface to Getopt::Long is used on the same argument list. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 2.46-1 - 2.46 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227327 - perl-Getopt-Long-2.46 is available https://bugzilla.redhat.com/show_bug.cgi?id=1227327 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.20.4-1.fc20 (FEDORA-2015-9350) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.20.3** * [mjr] Fix issue causing message text from email forwarded from ActiveSync clients to be missing (Bug #14000). **Horde_Core 2.20.4** * [mjr] Work around broken ActiveSync clients that send incorrect line lengths for text/html parts (Bug: 13901). -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.20.4-1 - Update to 2.20.4 * Fri May 29 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.20.3-1 - Update to 2.20.3 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.5.7-1.fc20 (FEDORA-2015-9376) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Fixes to pagure processors. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 Ralph Bean <rbean@xxxxxxxxxx> - 0.5.7-1 - new version * Mon Jun 1 2015 Ralph Bean <rbean@xxxxxxxxxx> - 0.5.6-1 - new version -------------------------------------------------------------------------------- ================================================================================ tiled-0.12.3-1.fc20 (FEDORA-2015-8853) Tiled Map Editor -------------------------------------------------------------------------------- Update Information: Another bugfix release - Fixed updating of map view when rotating objects with Z key - Fixed updating of map view when joining, splitting or deleting polygon nodes - Fixed a crash when reading an invalid TMX file - Fixed live automapping updates when moving the mouse fast A small bugfix release fixing some small critical bugs in the 0.12.1 release. - Fixed updating of map view when moving objects with arrow keys - Fixed compatibility issue with tile objects affecting the JSON format Bugfix release 0.12.1 - Fixed updating of map view when changing objects from properties view - Fixed updating of Properties view while objects are moved/resized - Fixed terrain information getting lost when reading JSON maps New release 0.12.0 with some neat new features (mainly featuring object resizing). See the blog for more info: http://blog.mapeditor.org/2015/05/tiled-0120-released.html Bugfix release 0.12.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 2 2015 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> - 0.12.3-1 - New upstream release * Fri May 22 2015 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> - 0.12.2-1 - New upstream release * Wed May 20 2015 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> - 0.12.1-1 - New upstream release * Fri May 15 2015 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> - 0.12.0-1 - New upstream release * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 0.11.0-2 - Rebuilt for GCC 5 C++11 ABI change -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
