Fedora 21 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 21 Security updates need testing:
 Age  URL
 185  https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21
  75  https://admin.fedoraproject.org/updates/FEDORA-2015-8168/cabal-install-1.16.1.0-1.fc21,haskell-platform-2013.2.0.0-39.fc21
  65  https://admin.fedoraproject.org/updates/FEDORA-2015-9090/fossil-1.33-1.fc21
  65  https://admin.fedoraproject.org/updates/FEDORA-2015-9141/ceph-deploy-1.5.25-1.fc21
  54  https://admin.fedoraproject.org/updates/FEDORA-2015-5247/strongswan-5.3.2-1.fc21
  54  https://admin.fedoraproject.org/updates/FEDORA-2015-9744/squid-3.4.13-1.fc21
  44  https://admin.fedoraproject.org/updates/FEDORA-2015-10175/opensaml-java-openws-1.5.5-2.fc21,opensaml-java-2.5.3-9.fc21
  44  https://admin.fedoraproject.org/updates/FEDORA-2015-10301/389-ds-base-1.3.3.12-1.fc21
  21  https://admin.fedoraproject.org/updates/FEDORA-2015-11368/nx-libs-3.5.0.32-1.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-12032/uwsgi-2.0.11.1-1.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-11995/bzr-2.6.0-7.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-12028/drupal6-cck-2.10-1.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-12012/openssh-6.6.1p1-14.fc21
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-12010/mantis-1.2.19-3.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-12250/lighttpd-1.4.36-1.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-12148/wordpress-4.2.3-1.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-12406/xfsprogs-3.2.2-2.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-12570/community-mysql-5.6.26-1.fc21
   1  https://admin.fedoraproject.org/updates/FEDORA-2015-12645/lxc-1.0.7-2.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-12716/devscripts-2.15.8-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-12703/nbd-3.11-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-12714/xen-4.4.2-9.fc21


The following Fedora 21 Critical Path updates have yet to be approved:
 Age URL
   6  https://admin.fedoraproject.org/updates/FEDORA-2015-12049/selinux-policy-3.13.1-105.20.fc21
   5  https://admin.fedoraproject.org/updates/FEDORA-2015-12277/libfm-1.2.3-12.D20150713gitf47c9ae7ae.fc21
   3  https://admin.fedoraproject.org/updates/FEDORA-2015-12402/gstreamer1-plugins-good-1.4.5-3.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-12715/libidn-1.32-1.fc21
   0  https://admin.fedoraproject.org/updates/FEDORA-2015-12708/bash-4.3.39-6.fc21


The following builds have been pushed to Fedora 21 updates-testing

    antimicro-2.17-1.fc21
    armadillo-5.300.4-1.fc21
    bash-4.3.39-6.fc21
    devscripts-2.15.8-1.fc21
    globus-gass-cache-9.7-1.fc21
    globus-gram-job-manager-14.27-1.fc21
    globus-proxy-utils-6.13-1.fc21
    globus-simple-ca-4.22-1.fc21
    gnome-software-3.14.7-1.fc21
    libidn-1.32-1.fc21
    mintmenu-5.6.4-1.fc21
    nbd-3.11-1.fc21
    perl-Syntax-Highlight-Engine-Kate-0.10-1.fc21
    perl-threads-lite-0.034-2.fc21
    php-phpunit-PHP-CodeCoverage-2.2.1-1.fc21
    php-phpunit-environment-1.3.2-1.fc21
    publicsuffix-list-20150731-1.fc21
    rebase-helper-0.6.0-1.fc21
    xen-4.4.2-9.fc21

Details about builds:


================================================================================
 antimicro-2.17-1.fc21 (FEDORA-2015-12698)
 Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:

new upstream release v2.17 (#1249393)
new upstream release v2.16 (#1246074)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  2 2015 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.17-1
- new upstream release v2.17 (#1249393)
* Fri Jul 24 2015 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.16-1
- new upstream release v2.16 (#1246074)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1249393 - antimicro-2.17 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1249393
  [ 2 ] Bug #1246074 - antimicro-2.16 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1246074
--------------------------------------------------------------------------------


================================================================================
 armadillo-5.300.4-1.fc21 (FEDORA-2015-12710)
 Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:

Version 5.300.4   (Plutocracy Incorporated)

 * added generalised Schur decomposition: qz()
 * added .has_inf() and .has_nan()
 * expanded interp1() to handle out-of-domain locations
 * expanded sparse matrix class with .set_imag() and .set_real()
 * expanded imag(), real() and conj() to handle sparse matrices
 * expanded diagmat(), reshape() and resize() to handle sparse matrices
 * faster sparse sum()
 * faster row-wise sum(), mean(), min(), max()
 * updated physical constants to NIST 2014 CODATA values
 * fixes for handling sparse submatrix views
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 5.300.4-1
- update to 5.300.4
- add %license tag
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1249612 - armadillo-5.300.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1249612
--------------------------------------------------------------------------------


================================================================================
 bash-4.3.39-6.fc21 (FEDORA-2015-12708)
 The GNU Bourne Again shell
--------------------------------------------------------------------------------
Update Information:

Ancient memory leak came up again, fix taken from upstream's devel branch.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Ondrej Oprala - 4.3.39-6
- #1245233 - fixed memleak
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1245233 - bash script shows memory leak
        https://bugzilla.redhat.com/show_bug.cgi?id=1245233
--------------------------------------------------------------------------------


================================================================================
 devscripts-2.15.8-1.fc21 (FEDORA-2015-12716)
 Scripts for Debian Package maintainers
--------------------------------------------------------------------------------
Update Information:

Update to version 2.15.8, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.8_changelog for details. Fixes CVE-2015-5705.
Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.7_changelog for details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.7_changelog for details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.8-1
- Update to 2.15.8
* Sat Aug  1 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.7-1
- Update to 2.15.7
* Sat Aug  1 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.6-2
- Fix licensecheck incorrectly detecting mime strings such as text/x-c++ as a binary file (#1249227)
* Wed Jul 29 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.6-1
- Update to 2.15.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1249635 - CVE-2015-5704 devscripts: arbitrary shell command injection
        https://bugzilla.redhat.com/show_bug.cgi?id=1249635
  [ 2 ] Bug #1249645 - CVE-2015-5705 devscripts: argument injection vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=1249645
--------------------------------------------------------------------------------


================================================================================
 globus-gass-cache-9.7-1.fc21 (FEDORA-2015-12718)
 Globus Toolkit - Globus Gass Cache
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* globus-gass-cache 9.7
* globus-gram-job-manager 14.27
* globus-proxy-utils 6.13
* globus-simple-ca 4.22

Fixed issues:

* https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca
* https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash
* https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 9.7-1
- GT6 update: GT-618: GASS Cache error mishandling causes crash
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 9.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 globus-gram-job-manager-14.27-1.fc21 (FEDORA-2015-12718)
 Globus Toolkit - GRAM Jobmanager
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* globus-gass-cache 9.7
* globus-gram-job-manager 14.27
* globus-proxy-utils 6.13
* globus-simple-ca 4.22

Fixed issues:

* https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca
* https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash
* https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 14.27-1
- GT6 update: GT-619: Uninitialized data in job manager cause crash
--------------------------------------------------------------------------------


================================================================================
 globus-proxy-utils-6.13-1.fc21 (FEDORA-2015-12718)
 Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* globus-gass-cache 9.7
* globus-gram-job-manager 14.27
* globus-proxy-utils 6.13
* globus-simple-ca 4.22

Fixed issues:

* https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca
* https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash
* https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.13-1
- GT6 update: Add explicit name comparison mode selection option
--------------------------------------------------------------------------------


================================================================================
 globus-simple-ca-4.22-1.fc21 (FEDORA-2015-12718)
 Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates:

* globus-gass-cache 9.7
* globus-gram-job-manager 14.27
* globus-proxy-utils 6.13
* globus-simple-ca 4.22

Fixed issues:

* https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca
* https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash
* https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.22-1
- GT6 update: Use 4096-bit RSA key for globus-simple-ca
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 gnome-software-3.14.7-1.fc21 (FEDORA-2015-12695)
 A software center for GNOME
--------------------------------------------------------------------------------
Update Information:

gnome-software 3.14.7 release.

 * Show installation progress when installing apps
 * Make sure apps that aren't installable are properly hidden in the category view
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Kalev Lember <klember@xxxxxxxxxx> - 3.14.7-1
- Update to 3.14.7
--------------------------------------------------------------------------------


================================================================================
 libidn-1.32-1.fc21 (FEDORA-2015-12715)
 Internationalized Domain Name support library
--------------------------------------------------------------------------------
Update Information:

This update fixes a crash with malformed UTF-8.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Miroslav Lichvar <mlichvar@xxxxxxxxxx> - 1.32-1.fc21
- update to 1.32
--------------------------------------------------------------------------------


================================================================================
 mintmenu-5.6.4-1.fc21 (FEDORA-2015-12704)
 Advanced Menu for the MATE Desktop
--------------------------------------------------------------------------------
Update Information:

- update to 5.6.4 release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  2 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 5.6.4-1
- update to 5.6.4 release
- adjust mintmenu_datadir.patch
- adjust mintmenu_run-as-superuser.patch
- install %{_datadir}/linuxmint/mintMenu/search_engines
- adjust icon cache scriptlets
- adjust panel icon
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 nbd-3.11-1.fc21 (FEDORA-2015-12703)
 Network Block Device user-space tools (TCP version)
--------------------------------------------------------------------------------
Update Information:

* Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847].
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 11 2015 Christopher Meng <rpm@xxxxxxxx> - 3.11-1
- Update to 3.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1222027 - CVE-2015-0847 nbd: nbd-server denial of service due to unsafe signal handlers
        https://bugzilla.redhat.com/show_bug.cgi?id=1222027
--------------------------------------------------------------------------------


================================================================================
 perl-Syntax-Highlight-Engine-Kate-0.10-1.fc21 (FEDORA-2015-12705)
 Port to Perl of the syntax highlight engine of the Kate text editor
--------------------------------------------------------------------------------
Update Information:

This release improves documentation.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 0.10-1
- 0.10 bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1249360 - perl-Syntax-Highlight-Engine-Kate-0.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1249360
--------------------------------------------------------------------------------


================================================================================
 perl-threads-lite-0.034-2.fc21 (FEDORA-2015-12717)
 Actor model threading for Perl
--------------------------------------------------------------------------------
Update Information:

Disable tests on AArch64 platform as a workaround for relesed Fedoras.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 0.034-2
- Disable checks on aarch64 (bug #719874)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #719874 - perl-threads-lite keeps hanging during self checks
        https://bugzilla.redhat.com/show_bug.cgi?id=719874
--------------------------------------------------------------------------------


================================================================================
 php-phpunit-PHP-CodeCoverage-2.2.1-1.fc21 (FEDORA-2015-12269)
 PHP code coverage information
--------------------------------------------------------------------------------
Update Information:

**php-code-coverage 2.2.1** - 2015-08-02
* Bumped required version of sebastian/environment to 1.3.1 for #365

**php-code-coverage 2.2.0** - 2015-08-01
* Added a driver for PHPDBG (requires PHP 7)
* Added PHP_CodeCoverage::setDisableIgnoredLines() to disable the ignoring of lines using annotations such as @codeCoverageIgnore

--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  2 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.2.1-1
- update to 2.2.1 (no change)
- raise dependency on sebastian/environment ~1.3.1
--------------------------------------------------------------------------------


================================================================================
 php-phpunit-environment-1.3.2-1.fc21 (FEDORA-2015-12269)
 Handle HHVM/PHP environments
--------------------------------------------------------------------------------
Update Information:

**php-code-coverage 2.2.1** - 2015-08-02
* Bumped required version of sebastian/environment to 1.3.1 for #365

**php-code-coverage 2.2.0** - 2015-08-01
* Added a driver for PHPDBG (requires PHP 7)
* Added PHP_CodeCoverage::setDisableIgnoredLines() to disable the ignoring of lines using annotations such as @codeCoverageIgnore

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.2-1
- update to 1.3.2
* Sun Jul 26 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.0-1
- update to 1.3.0
--------------------------------------------------------------------------------


================================================================================
 publicsuffix-list-20150731-1.fc21 (FEDORA-2015-12706)
 Cross-vendor public domain suffix database
--------------------------------------------------------------------------------
Update Information:

The latest revision - 20150731
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  3 2015 Yanko Kaneti <yaneti@xxxxxxxxxxx> - 20150731-1
- The latest revision - 20150731
- Move to the new upstream filename. Install a compat symlink for now
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20150506-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 rebase-helper-0.6.0-1.fc21 (FEDORA-2015-12711)
 The tool which helps you with rebase package
--------------------------------------------------------------------------------
Update Information:

New upstream version 0.6.0 (#1249518)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 31 2015 Petr Hracek <phracek@xxxxxxxxxx> - 0.6.0-1
- New upstream version 0.6.0 (#1249518)
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1249518 - rebase-helper-0.6.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1249518
--------------------------------------------------------------------------------


================================================================================
 xen-4.4.2-9.fc21 (FEDORA-2015-12714)
 Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:

QEMU heap overflow flaw while processing certain ATAPI commands.
[XSA-138, CVE-2015-5154] (#1247142)
rebuild efi grub.cfg if it is present (#1239309),
add gcc5 build fixes, one needed for the following patch,
modify gnutls use in line with Fedora's crypto policies (#117935)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  2 2015 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.4.2-9
- QEMU heap overflow flaw while processing certain ATAPI commands.
	[XSA-138, CVE-2015-5154] (#1247142)
* Sat Jul 25 2015 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.4.2-8
- rebuild efi grub.cfg if it is present (#1239309)
- add gcc5 build fixes from F22+ package, one needed for the following patch
- modify gnutls use in line with Fedora's crypto policies (#1179352)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1243563 - CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
        https://bugzilla.redhat.com/show_bug.cgi?id=1243563
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux