The following Fedora 21 Security updates need testing: Age URL 209 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1467 openstack-glance-2014.1.3-4.fc21 90 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9090 fossil-1.33-1.fc21 90 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9141 ceph-deploy-1.5.25-1.fc21 78 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9744 squid-3.4.13-1.fc21 68 https://bodhi.fedoraproject.org/updates/FEDORA-2015-10301 389-ds-base-1.3.3.12-1.fc21 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12773 python-kdcproxy-0.3.2-1.fc21 15 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13404 qemu-2.1.3-9.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13700 drupal6-views_bulk_operations-1.17-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13423 php-twig-1.20.0-1.fc21 6 https://bodhi.fedoraproject.org/updates/conntrack-tools-1.4.2-9.fc21 conntrack-tools-1.4.2-9.fc21 6 https://bodhi.fedoraproject.org/updates/mediawiki-1.24.3-1.fc21 mediawiki-1.24.3-1.fc21 6 https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21 ca-certificates-2015.2.5-1.0.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13917 drupal7-7.39-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13926 gdk-pixbuf2-2.31.6-1.fc21 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14010 mingw-gdk-pixbuf-2.31.6-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14179 libreswan-3.15-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14200 sblim-sfcb-1.4.8-5.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14211 ntp-4.2.6p5-33.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14242 pcre-8.35-14.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14330 drupal6-ctools-1.14-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14363 xen-4.4.3-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14442 drupal6-6.37-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 154 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4638 lcms2-2.7-1.fc21 41 https://bodhi.fedoraproject.org/updates/FEDORA-2015-11787 redhat-rpm-config-29-1.fc21 29 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12212 perl-Filter-1.55-1.fc21 28 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12402 gstreamer1-plugins-good-1.4.5-3.fc21 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12575 perl-Encode-2.76-1.fc21 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12790 libsolv-0.6.11-2.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13233 yum-utils-1.1.31-28.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13239 yum-3.4.3-154.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13654 bash-4.3.42-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13747 hwdata-0.281-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13745 kernel-4.1.6-100.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13673 python-slip-0.6.3-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13926 gdk-pixbuf2-2.31.6-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13908 librsvg2-2.40.10-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13885 thunderbird-38.2.0-2.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13877 libteam-1.18-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13805 tigervnc-1.5.0-2.fc21 6 https://bodhi.fedoraproject.org/updates/dracut-038-40.git20150819.fc21 dracut-038-40.git20150819.fc21 6 https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21 ca-certificates-2015.2.5-1.0.fc21 6 https://bodhi.fedoraproject.org/updates/btrfs-progs-4.1.2-1.fc21 btrfs-progs-4.1.2-1.fc21 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14019 nss-3.20.0-1.0.fc21 nss-softokn-3.20.0-1.0.fc21 nss-util-3.20.0-1.0.fc21 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14135 libpwquality-1.2.4-3.fc21 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14070 selinux-policy-3.13.1-105.21.fc21 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14065 perl-generators-1.04-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14242 pcre-8.35-14.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14209 vim-7.4.827-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14405 abrt-2.3.0-10.fc21 libreport-2.3.0-9.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14380 firefox-40.0-10.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14323 dnf-0.6.4-6.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14307 perl-Thread-Queue-3.06-1.fc21 The following builds have been pushed to Fedora 21 updates-testing abrt-2.3.0-10.fc21 anka-coder-fonts-1.100-0.3.20130409hg4348cf4ec395.fc21 antimicro-2.18.2-1.fc21 dnf-0.6.4-6.fc21 docker-io-1.7.1-3.git33de319.fc21 docker-io-1.8.1-2.git32b8b25.fc21 drupal6-6.37-1.fc21 drupal6-ctools-1.14-1.fc21 eigen3-3.2.5-2.fc21 firefox-40.0-10.fc21 globus-gridftp-server-8.7-1.fc21 gmusicbrowser-1.1.15-1.fc21 golang-github-julienschmidt-httprouter-1.1-1.fc21 golang-github-vishvananda-netns-0-0.5.git604eaf1.fc21 ibus-typing-booster-1.2.12-1.fc21 inxi-2.2.28-1.fc21 java-1.8.0-openjdk-1.8.0.60-14.b27.fc21 java-mersenne-twister-20-4.fc21 libreoffice-4.3.7.2-10.fc21 libreport-2.3.0-9.fc21 nx-libs-3.5.0.32-2.fc21 open-vm-tools-9.10.2-2.fc21 openvswitch-2.4.0-1.fc21 perl-Geo-IPfree-1.1.5.1.9.4.0-1.fc21 perl-IO-Prompt-0.997.003-1.fc21 perl-Object-InsideOut-3.99-1.fc21 perl-Object-InsideOut-4.02-1.fc21 perl-Server-Starter-0.32-1.fc21 perl-Text-Unidecode-1.24-1.fc21 perl-Thread-Queue-3.06-1.fc21 php-Raven-0.12.1-1.fc21 php-horde-Horde-Crypt-2.6.1-1.fc21 php-pecl-mongo-1.6.11-1.fc21 prosody-0.9.8-5.fc21 python-dockerfile-parse-0.0.4-1.fc21 python-fedora-0.5.5-2.fc21 python-jenkins-0.4.8-1.fc21 smuxi-1.0-2.fc21 spacefm-1.0.3-1.fc21 vym-2.4.8-1.fc21 wordpress-4.3-1.fc21 xen-4.4.3-1.fc21 Details about builds: ================================================================================ abrt-2.3.0-10.fc21 (FEDORA-2015-14405) Automatic bug detection and reporting tool -------------------------------------------------------------------------------- Update Information: libreport-2.3.0-9.fc21 - add a helper for HTTP GET abrt-2.3.0-10.fc21 - bodhi: add parsing of error responses - bodhi: add ignoring of Rawhide - do not break the reporting if a-bodhi fails - spec: add hawkey to BRs of abrt-bodhi - introduce bodhi2 to abrt-bodhi - add bash on the package blacklist -------------------------------------------------------------------------------- ================================================================================ anka-coder-fonts-1.100-0.3.20130409hg4348cf4ec395.fc21 (FEDORA-2015-14352) A mono spaced, courier-width font -------------------------------------------------------------------------------- Update Information: New font! Anka-coder - A mono spaced, courier-width font. -------------------------------------------------------------------------------- References: [ 1 ] Bug #949954 - Review Request: anka-coder-fonts - A mono spaced, courier-width font https://bugzilla.redhat.com/show_bug.cgi?id=949954 -------------------------------------------------------------------------------- ================================================================================ antimicro-2.18.2-1.fc21 (FEDORA-2015-14503) Graphical program used to map keyboard buttons and mouse controls to a gamepad -------------------------------------------------------------------------------- Update Information: Additional thread-related bug fixes. ---- New upstream release to address thread-related issues. new upstream release v2.18 (#1253911) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1253911 - antimicro-2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1253911 -------------------------------------------------------------------------------- ================================================================================ dnf-0.6.4-6.fc21 (FEDORA-2015-14323) Package manager forked from Yum, using libsolv as a dependency resolver -------------------------------------------------------------------------------- Update Information: dnf-0.6.4-6.fc21 - cleanup old cache in posttrans (Michael Mraka) - include /var/cache/dnf into rpm (Michael Mraka) - do not use releasever in cache path (related to RhBug:1173107) (Michael Mraka) The DNF version 0.6.2 contains mostly bug fixes, improves database locking mechanism and does not request fresh metadata for every command. -------------------------------------------------------------------------------- References: [ 1 ] Bug #909856 - [rfe] lazy mode for metadata syncing https://bugzilla.redhat.com/show_bug.cgi?id=909856 [ 2 ] Bug #1136584 - [abrt] dnf: rpmsack.py:255:_read:AttributeError: <dnf.yum.rpmsack.RPMDBAdditionalDataPackage object at 0x7f10fed01b50> has no attribute reason https://bugzilla.redhat.com/show_bug.cgi?id=1136584 [ 3 ] Bug #1138700 - dnf doesn't install all packages on command line https://bugzilla.redhat.com/show_bug.cgi?id=1138700 [ 4 ] Bug #1135861 - group erase libreoffice fails, package requires but none of the providers can be installed https://bugzilla.redhat.com/show_bug.cgi?id=1135861 [ 5 ] Bug #1173107 - mock: use of "dnf --installroot ..." yields "releasever not given" error https://bugzilla.redhat.com/show_bug.cgi?id=1173107 [ 6 ] Bug #1136223 - [abrt] dnf: packages.py:76:parsePackages:TypeError: unsupported operand type(s) for |=: 'set' and 'list' https://bugzilla.redhat.com/show_bug.cgi?id=1136223 [ 7 ] Bug #1070902 - dnf autocomplete for install ./* + <TAB> takes ages https://bugzilla.redhat.com/show_bug.cgi?id=1070902 [ 8 ] Bug #1122617 - reinstall of local rpms gives traceback https://bugzilla.redhat.com/show_bug.cgi?id=1122617 [ 9 ] Bug #1134893 - "dnf update" works as "dnf install" on local package files https://bugzilla.redhat.com/show_bug.cgi?id=1134893 [ 10 ] Bug #1133830 - Does not import gpg keys https://bugzilla.redhat.com/show_bug.cgi?id=1133830 [ 11 ] Bug #1124316 - [locking] per-installroot metadata lock https://bugzilla.redhat.com/show_bug.cgi?id=1124316 [ 12 ] Bug #1121184 - dnf: shows fake download speed when not downloading anything https://bugzilla.redhat.com/show_bug.cgi?id=1121184 -------------------------------------------------------------------------------- ================================================================================ docker-io-1.7.1-3.git33de319.fc21 (FEDORA-2015-14351) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: built d-s-s master commit#d3b9ba7 built docker @rhatdan/fedora-1.7 commit#33de319 adjust min VR of selinux-policy to what's actually available in f21 -------------------------------------------------------------------------------- ================================================================================ docker-io-1.8.1-2.git32b8b25.fc21 (FEDORA-2015-14514) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: built docker @rhatdan/fedora-1.8 commit#32b8b25 -------------------------------------------------------------------------------- ================================================================================ drupal6-6.37-1.fc21 (FEDORA-2015-14442) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately](https://www.drupal.org/node/1494290) after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003) No other fixes are included. No changes have been made to the .htaccess, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. #### Known issues: None. #### Major changes since 6.36: * For security reasons, the autocomplete system now makes Ajax requests to non-clean URLs only, although protection is also in place for custom code that does so using clean URLs. There is a new form API #process function on autocomplete-enabled text fields that is required for the autocomplete functionality to work; custom and contributed modules should ensure that they are not overriding this #process function accidentally when altering text fields on forms. Part of the security fix also includes changes to theme_textfield(); it is recommended that sites which override this theme function make those changes as well (see the theme_textfield section of this diff for details). * When form API token validation fails (for example, when a cross-site request forgery attempt is detected, or a user tries to submit a form after having logged out and back in again in the meantime), the form API now skips calling form element value callbacks, except for a select list of callbacks provided by Drupal core that are known to be safe. In rare cases, this could lead to data loss when a user submits a form and receives a token validation error, but the overall effect is expected to be minor. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1255662 - CVE-2015-6658 CVE-2015-6659 CVE-2015-6660 CVE-2015-6661 CVE-2015-6665 drupal: Several issues in 6.x and 7.x (SA-CORE-2015-003) https://bugzilla.redhat.com/show_bug.cgi?id=1255662 -------------------------------------------------------------------------------- ================================================================================ drupal6-ctools-1.14-1.fc21 (FEDORA-2015-14330) Primarily a set of APIs and tools to improve the developer experience -------------------------------------------------------------------------------- Update Information: **See [Ctools - Critical - Multiple Vulnerabilities - SA- CONTRIB-2015-141.](https://www.drupal.org/node/2554145)** **This is an incremental security and bugfix release for ctools.** Looking to fix future D6 CTools issues? Find japerry or merlinofchaos in #drupal-scotch, #drupal- contribute, or #drupal-panels -- and become a maintainer for D6 CTools. Changes since 6.x-1.13: * Harden AJAX link handling * Content type plugins do not properly inherit "edit" permission * Various lint fixes * Fix typo * Issue \#2512850 by DamienMcKenna, mw4ll4c3: PHP 5.4+ compatibility * Issue \#2010124 by davidwhthomas: ctools_access_get_loggedin_context doesn't fully load current user in context -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256131 - drupal6-ctools-1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256131 -------------------------------------------------------------------------------- ================================================================================ eigen3-3.2.5-2.fc21 (FEDORA-2015-14473) A lightweight C++ template library for vector and matrix math -------------------------------------------------------------------------------- Update Information: eigen3-3.2.5-2.fc21 - Apply patch to install FindEigen3.cmake eigen3-3.2.5-2.fc22 - Apply patch to install FindEigen3.cmake eigen3-3.2.5-2.fc23 - Apply patch to install FindEigen3.cmake -------------------------------------------------------------------------------- References: [ 1 ] Bug #1255612 - Ship eigen3 with FindEigen3.cmake https://bugzilla.redhat.com/show_bug.cgi?id=1255612 -------------------------------------------------------------------------------- ================================================================================ firefox-40.0-10.fc21 (FEDORA-2015-14380) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: firefox-40.0-10.fc21 - Added a fix for mozbz#1127752 (rhbz#1256875) - Gtk3&OMTC crashes firefox-40.0-10.fc22 - Added a fix for mozbz#1127752 (rhbz#1256875) - Gtk3&OMTC crashes firefox-40.0-10.fc23 - Added a fix for mozbz#1127752 (rhbz#1256875) - Gtk3&OMTC crashes firefox-40.0-7.fc21 - Fix crash reporter layout under GTK3 - mozbz#1192243 firefox-40.0-7.fc22 - Fix crash reporter layout under GTK3 - mozbz#1192243 firefox-40.0-7.fc23 - Fix crash reporter layout under GTK3 - mozbz#1192243 -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-8.7-1.fc21 (FEDORA-2015-14512) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: - GT6 update (Improvements to globus-gridftp-server-setup-chroot) - Man page for globus-gridftp-server-setup-chroot now provided by upstream, remove the one from the source rpm - Add build requires on openssl and fakeroot needed for new tests -------------------------------------------------------------------------------- ================================================================================ gmusicbrowser-1.1.15-1.fc21 (FEDORA-2015-14350) Jukebox for large collections of music files -------------------------------------------------------------------------------- Update Information: Main changes since v1.1.14 : * replace gmb icon with the svg icon made by zeltak * add mpv output * add "high priority" keyboard shortcuts * add embedded pictures tab to song property dialog * when adding a song, check if it is already in the library with an old filename * PictureBrowser: improve navigation of the folder pane * PictureBrowser: add folder icons to folder pane * PictureBrowser: keep scaled size constant when changing picture * PictureBrowser: add "paste link" to context menu * activate "accent-insensitive" search on file, folder and comment fields * optimize function that remove "accents" (diacritic) * add star pictures option for rating fields * add option for label-like and rating fields to have a submenu in song context menu * add option to show/hide extension to title_or_file field (defaults to hide) * update google image parser * various equalizer improvements * use internal equalizer presets rather than gstreamer's (with option to sync with gstreamer's) * mplayer: use slave mode to improve the transition between songs * picture finder plugin: add DuckDuckGo search engine * add Shuffle command * use title_or_file instead of title for choose-songs menus * make middle-click on stop and quit button set the after queue action * make middle-click on Artist and Album Lock enqueue the artist or album * make filename sorting in PictureBrowser number- aware * add "Row number" column for SongList * add "Append to playlist" to song context menu when in list mode * show artist in addition to title in recent songs menu * fix setting master filter not working properly * mplayer: fix "Failed to open ~/.mplayer/input.conf" error * fix setting replaygain value with decimals not working with perl <5.20 when using locales that don't use dot as decimal separator * fix songs with no label/genre not matching negative label/genre filters * fix "0" appearing in "artists" tab for unknown artists * lastfm plugin: give up sending now-playing when the song is no longer playing * translations updates: Finnish, French, German, Korean, Malay (Malaysia) -------------------------------------------------------------------------------- ================================================================================ golang-github-julienschmidt-httprouter-1.1-1.fc21 (FEDORA-2015-14439) A high performance HTTP request router that scales well -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257619 - Review Request: golang-github-julienschmidt-httprouter - A high performance HTTP request router that scales well https://bugzilla.redhat.com/show_bug.cgi?id=1257619 -------------------------------------------------------------------------------- ================================================================================ golang-github-vishvananda-netns-0-0.5.git604eaf1.fc21 (FEDORA-2015-14395) Simple network namespace handling for go -------------------------------------------------------------------------------- Update Information: Bump to upstream 604eaf189ee867d8c147fafc28def2394e878d25 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248150 - Tracker for golang-github-vishvananda-netns https://bugzilla.redhat.com/show_bug.cgi?id=1248150 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.2.12-1.fc21 (FEDORA-2015-14394) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: Use open() instead of codecs.open() to fix dictionary loading problem on F23 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257465 - Loading hunspell dictionaries fails in ibus-typing-booster https://bugzilla.redhat.com/show_bug.cgi?id=1257465 -------------------------------------------------------------------------------- ================================================================================ inxi-2.2.28-1.fc21 (FEDORA-2015-14459) A full featured system information script -------------------------------------------------------------------------------- Update Information: inxi-2.2.28-1.fc21 - Update to 2.2.28 inxi-2.2.28-1.fc22 - Update to 2.2.28 inxi-2.2.28-1.el6 - Update to 2.2.28 inxi-2.2.28-1.el7 - Update to 2.2.28 -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.60-14.b27.fc21 (FEDORA-2015-14462) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: sync with f23, updated to u60 -------------------------------------------------------------------------------- ================================================================================ java-mersenne-twister-20-4.fc21 (FEDORA-2015-14491) Mersenne Twister random number generator in Java -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256377 - Review Request:java-mersenne-twister - Mersenne Twister random number generator in Java https://bugzilla.redhat.com/show_bug.cgi?id=1256377 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.3.7.2-10.fc21 (FEDORA-2015-14425) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Resolves: tdf#92767 use ISO 8601 for internal date string representation Check annotation caption pointers, blind fix for rhbz#1242099. Resolves: tdf#86024 do not attempt to shorten numeric value output. Handle en-GB-oxendict vs en-GB-oed language tag for newer liblangtag data. Resolves: rhbz#1255811 implement Edit modify handler. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1242099 - [abrt] libreoffice-core: ScXMLExport::WriteAnnotation(): soffice.bin killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1242099 -------------------------------------------------------------------------------- ================================================================================ libreport-2.3.0-9.fc21 (FEDORA-2015-14405) Generic library for reporting various problems -------------------------------------------------------------------------------- Update Information: libreport-2.3.0-9.fc21 - add a helper for HTTP GET abrt-2.3.0-10.fc21 - bodhi: add parsing of error responses - bodhi: add ignoring of Rawhide - do not break the reporting if a-bodhi fails - spec: add hawkey to BRs of abrt-bodhi - introduce bodhi2 to abrt-bodhi - add bash on the package blacklist -------------------------------------------------------------------------------- ================================================================================ nx-libs-3.5.0.32-2.fc21 (FEDORA-2015-14281) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information: nx-libs-3.5.0.32-2.fc21 - Make libXinerama symlink (bug #1256724) nx- libs-3.5.0.32-2.fc22 - Make libXinerama symlink (bug #1256724) nx- libs-3.5.0.32-2.el6 - Make libXinerama symlink (bug #1256724) nx- libs-3.5.0.32-2.el7 - Make libXinerama symlink (bug #1256724) nx- libs-3.5.0.32-2.fc23 - Make libXinerama symlink (bug #1256724) Update to nx- libs 3.5.0.32: - Proper integration of all patches in the source tarballs. Bugs in the tarball generation script and patch file names prohibited inclusion of many patches previously, including security fixes. - Better support for debug (DEBUG, TEST, TRACE and other directives) builds, in part thanks to Nito Martinez. - Build fixes due to underlinking of libdl thanks to Bernard Cafarelli. - Retroactively document correct GPLv2 licensing of previously potentially offending DXPC code. - Help text fixups. - Restart reading if interrupted, gets rid of "Negotiation in stage 10" errors thanks to Vadim Troshchinskiy. - A dozen X.Org Server fixes backported by Ulrich Sibiller. The X2Go Project thanks Bernard Cafarelli, Nito Martinez (Qindel Group), Vadim Troshchinskiy (Qindel Group) and Ulrich Sibiller for their contributions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256724 - xclients must load the patched libXinerama https://bugzilla.redhat.com/show_bug.cgi?id=1256724 -------------------------------------------------------------------------------- ================================================================================ open-vm-tools-9.10.2-2.fc21 (FEDORA-2015-14336) Open Virtual Machine Tools for virtual machines hosted on VMware -------------------------------------------------------------------------------- Update Information: - Add license macro. - Remove initscripts requirement (#1226369). - Delete mount.vmhgfs instead of excluding from packaging, so the debug information is not included in the package (#1190540). - Be more explicit with configuration files, newer mock complains of files being listed twice. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190540 - open-vm-tools-debuginfo cannot be installed because it conflicts with itself. https://bugzilla.redhat.com/show_bug.cgi?id=1190540 [ 2 ] Bug #1226369 - Unneeded dependency on initscripts https://bugzilla.redhat.com/show_bug.cgi?id=1226369 -------------------------------------------------------------------------------- ================================================================================ openvswitch-2.4.0-1.fc21 (FEDORA-2015-14364) Open vSwitch daemon/database/utilities -------------------------------------------------------------------------------- Update Information: updated to 2.4.0 (#1256922) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256922 - openvswitch-2.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256922 -------------------------------------------------------------------------------- ================================================================================ perl-Geo-IPfree-1.1.5.1.9.4.0-1.fc21 (FEDORA-2015-14322) Look up the country of an IPv4 Address -------------------------------------------------------------------------------- Update Information: This release provides IP database snapshot from 2015-07-13. It increases cache size to 5000 entries and it keeps the cache populated as much as possible. Especially, it remove only one entry instead of flushing all the entries when the cache is full. -------------------------------------------------------------------------------- ================================================================================ perl-IO-Prompt-0.997.003-1.fc21 (FEDORA-2015-14293) Interactively prompt for user input -------------------------------------------------------------------------------- Update Information: This release corrects tests to pass without terminal. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256152 - perl-IO-Prompt-0.997003 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256152 -------------------------------------------------------------------------------- ================================================================================ perl-Object-InsideOut-3.99-1.fc21 (FEDORA-2015-14299) Comprehensive inside-out object support module -------------------------------------------------------------------------------- Update Information: This release fixes array_ref subtype checking on assignement. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256187 - perl-Object-InsideOut-3.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256187 -------------------------------------------------------------------------------- ================================================================================ perl-Object-InsideOut-4.02-1.fc21 (FEDORA-2015-14391) Comprehensive inside-out object support module -------------------------------------------------------------------------------- Update Information: This release merges Fedora's patch. We provide it in order to deliver latest version number. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257174 - perl-Object-InsideOut-4.01 is available https://bugzilla.redhat.com/show_bug.cgi?id=1257174 -------------------------------------------------------------------------------- ================================================================================ perl-Server-Starter-0.32-1.fc21 (FEDORA-2015-14456) Superdaemon for hot-deploying server programs -------------------------------------------------------------------------------- Update Information: perl-Server-Starter-0.32-1.fc22 - Upstream update. perl-Server- Starter-0.32-1.fc21 - Upstream update. -------------------------------------------------------------------------------- ================================================================================ perl-Text-Unidecode-1.24-1.fc21 (FEDORA-2015-14485) US-ASCII transliterations of Unicode text -------------------------------------------------------------------------------- Update Information: A new version of Text::Unicode is available. See http://cpansearch.perl.org/src/SBURKE/Text-Unidecode-1.24/ChangeLog for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257934 - perl-Text-Unidecode-1.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1257934 -------------------------------------------------------------------------------- ================================================================================ perl-Thread-Queue-3.06-1.fc21 (FEDORA-2015-14307) Thread-safe queues -------------------------------------------------------------------------------- Update Information: This release allows to limit queue length. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256194 - perl-Thread-Queue-3.06 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256194 -------------------------------------------------------------------------------- ================================================================================ php-Raven-0.12.1-1.fc21 (FEDORA-2015-14518) A PHP client for Sentry -------------------------------------------------------------------------------- Update Information: #### 0.12.1 - Dont send empty values for various context. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256982 - php-Raven-0.12.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256982 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Crypt-2.6.1-1.fc21 (FEDORA-2015-14289) Horde Cryptography API -------------------------------------------------------------------------------- Update Information: **Horde_Crypt 2.6.1** * [mjr] Fix PHP 5.3 incompatibility (Bug #14090) -------------------------------------------------------------------------------- ================================================================================ php-pecl-mongo-1.6.11-1.fc21 (FEDORA-2015-14386) PHP MongoDB database driver -------------------------------------------------------------------------------- Update Information: **Version 1.6.11** * [PHP-1467] - PHP driver on big endian platform not connecting to MongoDB -------------------------------------------------------------------------------- ================================================================================ prosody-0.9.8-5.fc21 (FEDORA-2015-14494) Flexible communications server for Jabber/XMPP -------------------------------------------------------------------------------- Update Information: Start prosody after network-online.target not after network.target (#1256062) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256062 - Prosody service starts when network is not yet ready https://bugzilla.redhat.com/show_bug.cgi?id=1256062 -------------------------------------------------------------------------------- ================================================================================ python-dockerfile-parse-0.0.4-1.fc21 (FEDORA-2015-14429) Python library for Dockerfile manipulation -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.5.5-2.fc21 (FEDORA-2015-14414) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: Specbump to get in F21 updates-testing again. Consistent error handling from the Bodhi2Client. More adjustments to bodhi server version detection. Better compat with 'fedpkg update'. Better version checking of the bodhi server. Typofix in the BodhiClient. Bodhi2 compatibility(!). munch objects are now returned by the OpenIdBaseClient for a more symmetric API. There is also a minor python3 compat fix. Better detection of bodhi server version. Be more careful with python-six API usage for EPEL. -------------------------------------------------------------------------------- ================================================================================ python-jenkins-0.4.8-1.fc21 (FEDORA-2015-14285) Python bindings for the remote Jenkins API -------------------------------------------------------------------------------- Update Information: Update to 0.4.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1242689 - python-jenkins-0.4.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1242689 -------------------------------------------------------------------------------- ================================================================================ smuxi-1.0-2.fc21 (FEDORA-2015-14479) Powerful, flexible, user-friendly chat client -------------------------------------------------------------------------------- Update Information: smuxi-1.0-2.fc21 - Added patch to not expose the user's realname automatically (bz#1257597) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257597 - smuxi: User information leak at first start https://bugzilla.redhat.com/show_bug.cgi?id=1257597 [ 2 ] Bug #1257598 - smuxi: User information leak at first start [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1257598 -------------------------------------------------------------------------------- ================================================================================ spacefm-1.0.3-1.fc21 (FEDORA-2015-14515) Multi-panel tabbed file and desktop manager -------------------------------------------------------------------------------- Update Information: New version 1.0.3 is released. -------------------------------------------------------------------------------- ================================================================================ vym-2.4.8-1.fc21 (FEDORA-2015-14428) View your mind -------------------------------------------------------------------------------- Update Information: vym-2.4.8-1.fc21 - Latest upstream, BZ 1256983. vym-2.4.7-1.fc21 - Latest upstream, BZ 1256210. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256983 - vym-2.4.8-1.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256983 [ 2 ] Bug #1256210 - vym-2.4.6-4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256210 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.3-1.fc21 (FEDORA-2015-14302) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Upstream Annoucement: [WordPress 4.3 â??Billieâ??](https://wordpress.org/news/2015/08/billie/) Release Notes: [Version 4.3](https://codex.wordpress.org/Version_4.3) -------------------------------------------------------------------------------- ================================================================================ xen-4.4.3-1.fc21 (FEDORA-2015-14363) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: update to xen-4.4.3, including Use after free in QEMU/Xen block unplug protocol [XSA-139, CVE-2015-5166], QEMU leak of uninitialized heap memory in rtl8139 device model [XSA-140, CVE-2015-5165] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248997 - CVE-2015-5166 Qemu: BlockBackend object use after free issue (XSA-139) https://bugzilla.redhat.com/show_bug.cgi?id=1248997 [ 2 ] Bug #1248760 - CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140) https://bugzilla.redhat.com/show_bug.cgi?id=1248760 --------------------------------------------------------------------------------
-- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
