The following Fedora 20 Security updates need testing: Age URL 170 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20 125 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20 108 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 93 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20 89 https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20 75 https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20 60 https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20 60 https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20 53 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20 41 https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20 40 https://admin.fedoraproject.org/updates/FEDORA-2015-7302/drupal7-views-3.11-1.fc20 27 https://admin.fedoraproject.org/updates/FEDORA-2015-8159/rawstudio-2.1-0.1.20150511git983bda1.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2015-8142/cabal-install-1.16.1.0-1.fc20,haskell-platform-2013.2.0.0-39.fc20 19 https://admin.fedoraproject.org/updates/FEDORA-2015-8727/fail2ban-0.9.2-1.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2015-8777/ntfs-3g-2015.3.14-2.fc20 15 https://admin.fedoraproject.org/updates/FEDORA-2015-8782/fuse-2.9.4-1.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-9163/fossil-1.33-1.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-9161/nss-util-3.19.1-1.0.fc20,nss-3.19.1-1.0.fc20,nss-softokn-3.19.1-1.0.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9388/libreswan-3.13-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9527/armacycles-ad-0.2.8.3.3-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9500/xen-4.3.4-5.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-9604/python-django14-1.4.20-1.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2015-9625/mbedtls-1.3.11-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-9649/libwmf-0.2.8.4-43.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-5375/strongswan-5.3.2-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9703/squid-3.3.14-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 108 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2015-8614/gnome-documents-3.10.3-1.fc20,control-center-3.10.4-1.fc20,gnome-online-accounts-3.10.7-2.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-9131/cdrkit-1.1.11-23.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9379/perl-Getopt-Long-2.46-1.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9452/gnupg2-2.0.28-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-8911/kdelibs-4.14.9-2.fc20,kdepimlibs-4.14.9-1.fc20,kde-runtime-15.04.2-1.fc20,kde-baseapps-15.04.2-1.fc20,oxygen-icon-theme-15.04.2-1.fc20 The following builds have been pushed to Fedora 20 updates-testing gecode-4.4.0-1.fc20 golang-googlecode-goauth2-0-0.8.hgb5adcc2.fc20 lziprecover-1.17-1.fc20 openvpn-2.3.7-1.fc20 python-num2words-0.5.2-6.fc20 salt-2015.5.2-3.fc20 sane-backends-1.0.24-14.fc20 squid-3.3.14-1.fc20 strongswan-5.3.2-1.fc20 whois-5.2.9-1.fc20 Details about builds: ================================================================================ gecode-4.4.0-1.fc20 (FEDORA-2015-9740) Generic constraint development environment -------------------------------------------------------------------------------- Update Information: Update to gecode 4.4.0. -------------------------------------------------------------------------------- ChangeLog: * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 4.3.3-3 - Rebuilt for GCC 5 C++11 ABI change * Mon Jan 26 2015 Petr Machata <pmachata@xxxxxxxxxx> - 4.3.3-2 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1228815 - upgrade gecode to 4.4.0 https://bugzilla.redhat.com/show_bug.cgi?id=1228815 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goauth2-0-0.8.hgb5adcc2.fc20 (FEDORA-2015-9743) OAuth 2.0 for Go clients -------------------------------------------------------------------------------- Update Information: Add missing Provides Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.8.hgb5adcc2 - Add missing Provides related: #1227273 * Tue Jun 2 2015 jchaloup <jchaloup@xxxxxxxxxx> - 0-0.7.hgb5adcc2 - Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9 resolves: #1227273 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2 https://bugzilla.redhat.com/show_bug.cgi?id=1227273 -------------------------------------------------------------------------------- ================================================================================ lziprecover-1.17-1.fc20 (FEDORA-2015-9701) Data recovery tool and decompressor for files in the lzip compressed format -------------------------------------------------------------------------------- Update Information: 2015-05-28 Antonio Diaz Diaz <antonio@xxxxxxx> * Version 1.17 released. * New block selection algorithm makes merge up to 100 times faster. * repair.cc: Repair time has been reduced by 15%. * Added new option '-y, --debug-delay'. * Added new option '-z, --debug-repair'. * Makefile.in: Added new targets 'install*-compress'. * testsuite/unzcrash.cc: Moved to top directory. * lziprecover.texi: Added chapter 'File names'. 2014-08-29 Antonio Diaz Diaz <antonio@xxxxxxx> * Version 1.16 released. * New class LZ_mtester makes repair up to 10 times faster. * main.cc (close_and_set_permissions): Behave like 'cp -p'. * lziprecover.texinfo: Renamed to lziprecover.texi. * License changed to GPL version 2 or later. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 Jon Ciesla <limburgher@xxxxxxxxx> - 1.17-1 - 1.17, BZ 1228902. * Sat May 2 2015 Kalev Lember <kalevlember@xxxxxxxxx> - 1.15-4 - Rebuilt for GCC 5 C++11 ABI change * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.15-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1228902 - lziprecover-1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1228902 -------------------------------------------------------------------------------- ================================================================================ openvpn-2.3.7-1.fc20 (FEDORA-2015-9737) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.7-1 - 2.3.7, BZ 1229504. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1229504 - openvpn-2.3.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1229504 -------------------------------------------------------------------------------- ================================================================================ python-num2words-0.5.2-6.fc20 (FEDORA-2015-9698) Python 2 modules to convert numbers to words -------------------------------------------------------------------------------- Update Information: Initial importing of #1223623 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1223623 - Review Request: python-num2words - Modules to convert numbers to words https://bugzilla.redhat.com/show_bug.cgi?id=1223623 -------------------------------------------------------------------------------- ================================================================================ salt-2015.5.2-3.fc20 (FEDORA-2015-9729) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Mark salt-ssh roster as a config file to prevent replacement Update to bugfix release 2015.5.2 Add missing dependency on which (RH #1226636) -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 4 2015 Erik Johnson <erik@xxxxxxxxxxxxx> - 2015.5.2-3 - Mark salt-ssh roster as a config file to prevent replacement * Thu Jun 4 2015 Erik Johnson <erik@xxxxxxxxxxxxx> - 2015.5.2-2 - Update skipped tests * Thu Jun 4 2015 Erik Johnson <erik@xxxxxxxxxxxxx> - 2015.5.2-1 - Update to bugfix release 2015.5.2 * Mon Jun 1 2015 Erik Johnson <erik@xxxxxxxxxxxxx> - 2015.5.1-2 - Add missing dependency on which (RH #1226636) * Wed May 27 2015 Erik Johnson <erik@xxxxxxxxxxxxx> - 2015.5.1-1 - Update to bugfix release 2015.5.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1226636 - salt-minion-2015.5.0 needs package 'which' installed https://bugzilla.redhat.com/show_bug.cgi?id=1226636 -------------------------------------------------------------------------------- ================================================================================ sane-backends-1.0.24-14.fc20 (FEDORA-2015-9747) Scanner access software -------------------------------------------------------------------------------- Update Information: This update backports fixes for devices connected via USB3. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-14 - reformat and rename snprintf-cleanroom patch - backport USB3 xhci patch from upstream master (#1228954) * Mon Jun 8 2015 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-14 - apply format-security patch, drop format-security2 patch * Tue Jan 20 2015 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.0.24-13 - Rebuild (libgphoto2) * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.24-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.24-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 29 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.0.24-10 - update lib/snprintf.c to resolve license issue (#1102520) * Mon Apr 14 2014 Jaromir Capik <jcapik@xxxxxxxxxx> - 1.0.24-9 - Fixing format-security flaws * Wed Dec 4 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-8 - use string literals as format strings (#1037316) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1228954 - SnapScan 1212u: scanning is broken with I/O error. https://bugzilla.redhat.com/show_bug.cgi?id=1228954 -------------------------------------------------------------------------------- ================================================================================ squid-3.3.14-1.fc20 (FEDORA-2015-9703) The Squid proxy caching server -------------------------------------------------------------------------------- Update Information: Updated to version 3.3.14, which fixes CVE-2015-3455 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 4 2015 Luboš Uhliarik <luhliari@xxxxxxxxxx> - 7:3.3.14-1 - Updated to upstream version 3.3.14 - Fixed: CVE-2015-3455 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1218118 - CVE-2015-3455 squid: incorrect X509 server certificate validation (SQUID-2015:1) https://bugzilla.redhat.com/show_bug.cgi?id=1218118 -------------------------------------------------------------------------------- ================================================================================ strongswan-5.3.2-1.fc20 (FEDORA-2015-5375) An OpenSource IPsec-based VPN and TNC solution -------------------------------------------------------------------------------- Update Information: New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 Pavel Šimerda <psimerda@xxxxxxxxxx> - new version 5.3.2 * Fri Jun 5 2015 Pavel Šimerda <psimerda@xxxxxxxxxx> - new version 5.3.1 * Tue Mar 31 2015 Pavel Šimerda <psimerda@xxxxxxxxxx> - new version 5.3.0 * Fri Feb 20 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.2.2-2 - Fixes strongswan swanctl service issue rhbz#1193106 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1228819 -------------------------------------------------------------------------------- ================================================================================ whois-5.2.9-1.fc20 (FEDORA-2015-9695) Improved WHOIS client -------------------------------------------------------------------------------- Update Information: This release updates client identifier. It adds records for new generic TLDs azure., bbva., bible., fyi., homedepot., jll., mba., men., montblanc., sandvik., sandvikcoromant., ski., sncf., thd., walter., xbox., and 餐厅. It updates records for cr., and bn. TLDs. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 5.2.9-1 - 5.2.9 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1229339 - whois-5.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1229339 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
