Fedora 20 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 20 Security updates need testing:
 Age  URL
 184  https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
 139  https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.fc20
 122  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
 107  https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.27-1.fc20
 102  https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3-6.fc20
  89  https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc20
  74  https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.fc20
  74  https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20
  67  https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc20
  55  https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.fc20
  41  https://admin.fedoraproject.org/updates/FEDORA-2015-8159/rawstudio-2.1-0.1.20150511git983bda1.fc20
  32  https://admin.fedoraproject.org/updates/FEDORA-2015-8142/cabal-install-1.16.1.0-1.fc20,haskell-platform-2013.2.0.0-39.fc20
  32  https://admin.fedoraproject.org/updates/FEDORA-2015-8727/fail2ban-0.9.2-1.fc20
  25  https://admin.fedoraproject.org/updates/FEDORA-2015-9163/fossil-1.33-1.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-5375/strongswan-5.3.2-1.fc20
  13  https://admin.fedoraproject.org/updates/FEDORA-2015-9703/squid-3.3.14-1.fc20
   9  https://admin.fedoraproject.org/updates/FEDORA-2015-9985/postgresql-9.3.9-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-45.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-10610/ecryptfs-utils-106-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-10659/libwmf-0.2.8.4-45.fc20


The following Fedora 20 Critical Path updates have yet to be approved:
 Age URL
 122  https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.38.rc3.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-10393/nss-3.19.2-1.0.fc20,nss-softokn-3.19.2-1.0.fc20,nss-util-3.19.2-1.0.fc20
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-10218/perl-Getopt-Long-2.47-1.fc20
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-10544/thunderbird-38.0.1-2.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-10564/btrfs-progs-4.1-1.fc20
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-45.fc20


The following builds have been pushed to Fedora 20 updates-testing

    btrfs-progs-4.1-1.fc20
    cdsclient-3.80-1.fc20
    cobbler-2.6.9-1.fc20
    ecryptfs-utils-106-1.fc20
    ikiwiki-3.20150614-1.fc20
    libwmf-0.2.8.4-45.fc20
    openssl-1.0.1e-45.fc20
    owncloud-8.0.4-1.fc20
    perl-Gnome2-1.046-1.fc20
    sssd-1.11.7-6.fc20
    stunnel-5.17-1.fc20
    xpra-0.15.1-1.fc20

Details about builds:


================================================================================
 btrfs-progs-4.1-1.fc20 (FEDORA-2015-10564)
 Userspace programs for btrfs
--------------------------------------------------------------------------------
Update Information:

New upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 22 2015 Eric Sandeen <sandeen@xxxxxxxxxx> 4.1-1
- New upstream release
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Wed May 20 2015 Eric Sandeen <sandeen@xxxxxxxxxx> 4.0.1-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 cdsclient-3.80-1.fc20 (FEDORA-2015-10616)
 Tools to query databases at CDS
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 22 2015 Christian Dersch <lupinix@xxxxxxxxxxxxxxxxx> - 3.80-1
- new upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1234354 - cdsclient-3.80 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1234354
--------------------------------------------------------------------------------


================================================================================
 cobbler-2.6.9-1.fc20 (FEDORA-2015-7835)
 Boot server configurator
--------------------------------------------------------------------------------
Update Information:

Update to 2.6.9:

- Feature improvements
 - Add support for infiniband network interface type
- Bufixes
 - Fix problem in networking snippets related to per interface gateways
 - Fix some issues in signaturs (duplicates, and re-add Fedora 21)

Update to 2.6.8:

- Feature improvements
  - Add distro signature for SLES11sp4 (#1402)
  - Add distro signature for Debian 8.0.0
  - Add distro signature for Ubuntu 15.04
  - Add distro signature for FreeBSD 10.0
  - Add distro signature for Fedora 21
  - Several improvements to the Makefile
  - Handle per interface gateway in pre_install_network_config
  - Add gPXE template support for the windows breed

- Bugfixes

  - Fix cobbler check on EL7 (#1396)
  - Remove installer_templates from RPM specfile
  - Remove duplicate entries from RPM specfile
  - Fix make webtest on Ubuntu 14.04.2 (#1417)
  - Remove __sorter() from XMLRPC API
  - Fixes to Debian/Ubuntu packaging of /var/lib/cobbler/ content
  - Fix version comparison for python-virt double digits
  - The virt_disk_driver field is now a list
  - Fields in item_system now properly inherit from item_profile when present
  - Handle chowning repos for debians default apache group elilo-ia64.efi is added to the loaders (#1385)
  - Fix Ubuntu/Debian permission errors in cobbler-web
  - Don't write hwaddress when the macaddress is empty (#1322)
  - Fix createrepo version comparison (#1453)

- Backport upstream patch to fix centos version detection (bug #1201879)

Update to 2.6.7:

Feature improvements

* Use curl by default on RPM based systems instead of wget
* Add support for inst.stage2 install tree location to Koan

Bugfixes

* Add missing self.logger to util.die() calls (#1326)
* Add default values for proxy_url_ext and proxy_url_int to settings.py (unbreak upgrades)
* With mirror_locally false yum_sync now writes the .repo file again
* Don't write exclude= twice to .repo files
* Map exclude/include properly to repo lines

Update to 2.6.6:

Feature improvements

- Add proxy support for get-loaders, signature update and reposync (#1286)
- Support virtio26 for generic qemu fallback (Koan)

Bugfixes

- Post install report mails are not mailed when ignorelist is empty (#1248)
- Regression: kickstart edit in cobbler-web fixed
- Regression: kickstart filepath validation
- Blacklist gpgkey as an invalid option to the repo statement
- gpgcheck / enabled are not valid in kickstart, only in config.repo
- Updated man page to reflect the removal of URL support for kickstarts
- Regression: inherit was not available as kickstart value
- Return right value from TftpdPyManager.what method
- Fixed a typo in the power management API
- Ensure all variables are available in PXE generation (#505)
- Dont reset CONFIG_ARGS as it might have been sourced from sysconfig/defaults (#1141)

Feature improvements

* Make kickstart selectable from a pulldown list in cobbler-web (#991)
* Minor adjustment to the error_page template (cobbler-web)
* Minor improvements to edit snippets/kickstarts template (cobbler-web)
* Allow for empty system status

Bugfixes

* Exit with an error if cobblerd executable can't be found (#1108 #1135)
* Fix cobbler sync bug through xmlrpc api (NoneType object has no attribute info)
* Changes (edit/add) to multiple interfaces in cobbler-web now actually work (#687)
* Don't send the Puppet environment when system status is empty (#560)
* Add strict kickstart check in the API (again for #939)
* Do not allow kickstarts in /etc/cobbler
* Fix broken gitdate, gitstamp values in version file (cobbler version)
* Prevent disappearing profiles after cobblerd restart (#1030)

Upgrade notes

This release makes the use of --parent and --distro mutually exclusive. The consequence is that subprofiles always have the same distro as the parent profile. This has been the intended behaviour ever since subprofiles got introduced.

Please check if you have subprofiles with different distros than the parent profile and reconsider and adjust your configuration. 
Bugfixes

* Add missing _validate_ks_template_path function so that kickstarts for systems can now be changed again (#1156)
* Remove root= argument from boot when using grubby and replace-self to avoid booting the currently running OS (#638)

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 22 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.9-1
- Update to 2.6.9
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.6.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue May 12 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.8-2
- Support django 1.8 in Fedora 22+
* Fri May  8 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.8-1
- Update to 2.6.8
- Backport upstream patch to fix centos version detection (bug #1201879)
* Tue Apr 28 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.7-3
- Add patch to fix virt-install support for F21+/EL7 (bug #1188424)
* Mon Apr 27 2015 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.7-2
- Create and own directories in tftp_dir
* Wed Dec 31 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.7-1
- Update to 2.6.7
* Sun Oct 19 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.6-1
- Update to 2.6.6
* Fri Aug 15 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.5-1
- Update to 2.6.5
* Wed Aug 13 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.4-2
- Require Django >= 1.4
* Mon Aug 11 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.4-1
- Update to 2.6.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1162888 - Typo in remote.py breaks poweron command
        https://bugzilla.redhat.com/show_bug.cgi?id=1162888
  [ 2 ] Bug #1188424 - Koan is incompatible with F21 virt-install
        https://bugzilla.redhat.com/show_bug.cgi?id=1188424
  [ 3 ] Bug #1214514 - Importing from Server DVD iso creates bogus kernel_options for distro
        https://bugzilla.redhat.com/show_bug.cgi?id=1214514
--------------------------------------------------------------------------------


================================================================================
 ecryptfs-utils-106-1.fc20 (FEDORA-2015-10610)
 The eCryptfs mount helper and support libraries
--------------------------------------------------------------------------------
Update Information:

Fixes salt usage for password wrapping
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 30 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 106-1
- ecryptfs-utils updated to 106
* Mon Jan 26 2015 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 104-3
- fix pam sigsegv (#1184645)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 104-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jul 23 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 104-1
- ecryptfs-utils updated to 104
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 103-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1193092 - ecryptfs-utils: default salt is used for wrapping passphrase [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1193092
  [ 2 ] Bug #1234204 - 20+: Bug in ecryptfs found in 2015.(security)
        https://bugzilla.redhat.com/show_bug.cgi?id=1234204
--------------------------------------------------------------------------------


================================================================================
 ikiwiki-3.20150614-1.fc20 (FEDORA-2015-10646)
 A wiki compiler
--------------------------------------------------------------------------------
Update Information:

Update ikiwiki to the latest stable release.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 23 2015 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20150614-1
- Update to 3.20150614.
- Mark license.
- Add BR on perl(open).
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.20150329-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sun Jun  7 2015 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 3.20150329-2
- Perl 5.22 rebuild
--------------------------------------------------------------------------------


================================================================================
 libwmf-0.2.8.4-45.fc20 (FEDORA-2015-10659)
 Windows MetaFile Library
--------------------------------------------------------------------------------
Update Information:

CVE-2015-0848 Heap overflow
CVE-2015-4588 RLE decoding doesn't check that the "count" fits into the image
CVE-2015-4695 meta_pen_create heap buffer overflow
CVE-2015-4696 wmf2gd/wmf2eps use after free

CVE-2015-0848 heap overflow when decoding BMP images
CVE-2015-0848 heap overflow when decoding BMP images
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 23 2015 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.2.8.4-45
- Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow
- Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.8.4-44
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue Jun  9 2015 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.2.8.4-43
- Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images
* Tue Jun  2 2015 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.2.8.4-42
- Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images
* Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 0.2.8.4-41
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.8.4-40
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.8.4-39
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1227243 - CVE-2015-0848, CVE-2015-4588 libwmf: heap overflow when decoding BMP images
        https://bugzilla.redhat.com/show_bug.cgi?id=1227243
--------------------------------------------------------------------------------


================================================================================
 openssl-1.0.1e-45.fc20 (FEDORA-2015-9371)
 Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

Update mitigating the LOGJAM security vulnerability and other moderate or low impact vulnerabilities.


--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 23 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1e-45
- fix the CVE-2015-1791 fix (partially broken renegotiation)
* Mon Jun 15 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1e-44
- fix CVE-2014-8176 - invalid free in DTLS buffering code
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-1791 - race condition handling NewSessionTicket
- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function
- add missing parts of CVE-2015-0209 fix for corectness although unexploitable
* Fri May 29 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.0.1e-43
- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
  the DH key size to at least 768 bits (limit will be increased in future)
- drop the AES-GCM restriction of 2^32 operations because the IV is
  always 96 bits (32 bit fixed field + 64 bit invocation field)
- fix regression in RAND locking (#1225994)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1223211
  [ 2 ] Bug #1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression
        https://bugzilla.redhat.com/show_bug.cgi?id=1227574
--------------------------------------------------------------------------------


================================================================================
 owncloud-8.0.4-1.fc20 (FEDORA-2015-10614)
 Private file sync and share server
--------------------------------------------------------------------------------
Update Information:

This update provides the latest ownCloud 8.x release, 8.0.4. This is a minor update providing bug fixes from upstream and should apply smoothly, but as usual we recommend you back up data and configuration before applying the update.

See the upstream changelog page - https://owncloud.org/changelog/ - for details on what has changed from earlier releases.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  9 2015 Adam Williamson <awilliam@xxxxxxxxxx> - 8.0.4-1
- new release 8.0.4
--------------------------------------------------------------------------------


================================================================================
 perl-Gnome2-1.046-1.fc20 (FEDORA-2015-10580)
 Perl interface to the 2.x series of the GNOME libraries
--------------------------------------------------------------------------------
Update Information:

This release corrects build script and removes a time stamp from documentation.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 23 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 1.046-1
- 1.046 bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1234662 - perl-Gnome2-1.046 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1234662
--------------------------------------------------------------------------------


================================================================================
 sssd-1.11.7-6.fc20 (FEDORA-2015-10566)
 System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:

backport fixes from upstream
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 22 2015 Lukas Slebodnik <lslebodn@xxxxxxxxxx> - 1.11.1-6
- backport fixes from upstream
--------------------------------------------------------------------------------


================================================================================
 stunnel-5.17-1.fc20 (FEDORA-2015-10630)
 An SSL-encrypting socket wrapper
--------------------------------------------------------------------------------
Update Information:

New upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  8 2015 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 5.17-1
- New upstream release 5.17.
--------------------------------------------------------------------------------


================================================================================
 xpra-0.15.1-1.fc20 (FEDORA-2015-10625)
 Remote display server for applications and desktops
--------------------------------------------------------------------------------
Update Information:

Update to 0.15.1, minor bugfix release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 22 2015 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 0.15.1-1
- Update to 0.15.1
- Add Requires shared-mime-info for (/usr/share/mime/packages ownership)
- Add /usr/share/mime/packages/application-x-xpraconfig.xml file
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.15.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux