The following Fedora 21 Security updates need testing: Age URL 226 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1467 openstack-glance-2014.1.3-4.fc21 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9090 fossil-1.33-1.fc21 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9141 ceph-deploy-1.5.25-1.fc21 95 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9744 squid-3.4.13-1.fc21 39 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12773 python-kdcproxy-0.3.2-1.fc21 22 https://bodhi.fedoraproject.org/updates/conntrack-tools-1.4.2-9.fc21 conntrack-tools-1.4.2-9.fc21 22 https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21 ca-certificates-2015.2.5-1.0.fc21 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14179 libreswan-3.15-1.fc21 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14200 sblim-sfcb-1.4.8-5.fc21 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14211 ntp-4.2.6p5-33.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14363 xen-4.4.3-1.fc21 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14785 qemu-2.1.3-10.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14849 libvdpau-1.1.1-1.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14852 libwmf-0.2.8.4-46.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14901 ipython-2.4.1-8.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14953 pdns-3.4.6-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14976 php-5.6.13-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14996 moodle-2.7.9-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15061 bind-9.9.6-11.P1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15065 pcs-0.9.137-5.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15128 389-ds-base-1.3.3.13-1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15274 php-pecl-zip-1.12.5-1.fc21 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15290 ipsilon-1.1.0-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15588 jakarta-commons-httpclient-3.1-20.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15618 golang-1.5.1-0.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15677 icedtea-web-1.6.1-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 171 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4638 lcms2-2.7-1.fc21 58 https://bodhi.fedoraproject.org/updates/FEDORA-2015-11787 redhat-rpm-config-29-1.fc21 44 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12402 gstreamer1-plugins-good-1.4.5-3.fc21 32 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13233 yum-utils-1.1.31-28.fc21 32 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13239 yum-3.4.3-154.fc21 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13747 hwdata-0.281-1.fc21 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13885 thunderbird-38.2.0-2.fc21 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13877 libteam-1.18-1.fc21 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13805 tigervnc-1.5.0-2.fc21 22 https://bodhi.fedoraproject.org/updates/dracut-038-40.git20150819.fc21 dracut-038-40.git20150819.fc21 22 https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21 ca-certificates-2015.2.5-1.0.fc21 22 https://bodhi.fedoraproject.org/updates/btrfs-progs-4.1.2-1.fc21 btrfs-progs-4.1.2-1.fc21 21 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14019 nss-3.20.0-1.0.fc21 nss-softokn-3.20.0-1.0.fc21 nss-util-3.20.0-1.0.fc21 20 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14070 selinux-policy-3.13.1-105.21.fc21 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14209 vim-7.4.827-1.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14405 abrt-2.3.0-10.fc21 libreport-2.3.0-9.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14323 dnf-0.6.4-6.fc21 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14307 perl-Thread-Queue-3.06-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15104 device-mapper-multipath-0.4.9-68.fc21.4 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15061 bind-9.9.6-11.P1.fc21 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15261 python-pycurl-7.19.3.1-6.fc21 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15357 cryptsetup-1.6.8-2.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15440 PackageKit-1.0.6-2.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15404 gnupg2-2.0.29-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15565 enca-1.16-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15683 fedora-repos-21-3 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15614 mesa-10.4.7-2.20150323.fc21 The following builds have been pushed to Fedora 21 updates-testing fail2ban-0.9.3-1.fc21 golang-github-boltdb-bolt-1.0-0.3.git90fef38.fc21 golang-github-golang-sys-0-0.1.git9c60d1c.fc21 golang-github-rakyll-pb-0-0.1.gitdc507ad.fc21 golang-github-xiang90-probing-0-0.1.git6a0cc1a.fc21 help2man-1.47.2-1.fc21 libhtp-0.5.17-1.fc21 monit-5.14-1.fc21 progress-0.9-2.fc21 rubygem-byebug-6.0.2-1.fc21 rubygem-cairo-1.14.3-1.fc21 rubygem-hoe-3.14.0-1.fc21 rubygem-rabbit-2.1.8-1.fc21 sugar-abacus-58-1.fc21 sugar-measure-52-1.fc21 sugar-portfolio-47-1.fc21 Details about builds: ================================================================================ fail2ban-0.9.3-1.fc21 (FEDORA-2015-15715) Daemon to ban hosts that cause multiple authentication errors -------------------------------------------------------------------------------- Update Information: Update to 0.9.3 ============ IMPORTANT incompatible changes ---------------------------------------------- * filter.d/roundcube-auth.conf - Changed logpath to 'errors' log (was 'userlogins') * action.d/iptables- common.conf - All calls to iptables command now use -w switch introduced in iptables 1.4.20 (some distribution could have patched their earlier base version as well) to provide this locking mechanism useful under heavy load to avoid contesting on iptables calls. If you need to disable, define 'action.d/iptables-common.local' with empty value for 'lockingopt' in `[Init]` section. * mail-whois-lines, sendmail-geoip-lines and sendmail- whois-lines actions now include by default only the first 1000 log lines in the emails. Adjust <grepopts> to augment the behavior. Fixes ------ * reload in interactive mode appends all the jails twice (gh-825) * reload server/jail failed if database used (but was not changed) and some jail active (gh-1072) * filter.d/dovecot.conf - also match unknown user in passwd- file. Thanks Anton Shestakov * Fix fail2ban-regex not parsing journalmatch correctly from filter config * filter.d/asterisk.conf - fix security log support for Asterisk 12+ * filter.d/roundcube-auth.conf - Updated regex to work with 'errors' log (1.0.5 and 1.1.1) - Added regex to work with 'userlogins' log * action.d/sendmail*.conf - use LC_ALL (superseeding LC_TIME) to override locale on systems with customized LC_ALL * performance fix: minimizes connection overhead, close socket only at communication end (gh-1099) * unbanip always deletes ip from database (independent of bantime, also if currently not banned or persistent) * guarantee order of dbfile to be before dbpurgeage (gh-1048) * always set 'dbfile' before other database options (gh-1050) * kill the entire process group of the child process upon timeout (gh-1129). Otherwise could lead to resource exhaustion due to hanging whois processes. * resolve /var/run/fail2ban path in setup.py to help installation on platforms with /var/run -> /run symlink (gh-1142) New Features ------------------ * RETURN iptables target is now a variable: <returntype> * New type of operation: pass2allow, use fail2ban for "knocking", opening a closed port by swapping blocktype and returntype * New filters: - froxlor-auth - Thanks Joern Muehlencord - apache-pass - filter Apache access log for successful authentication * New actions: - shorewall-ipset-proto6 - using proto feature of the Shorewall. Still requires manual pre-configuration of the shorewall. See the action file for detail. * New jails: - pass2allow-ftp - allows FTP traffic after successful HTTP authentication Enhancements ------------------- * action.d/cloudflare.conf - improved documentation on how to allow multiple CF accounts, and jail.conf got new compound action definition action_cf_mwl to submit cloudflare report. * Check access to socket for more detailed logging on error (gh-595) * fail2ban-testcases man page * filter.d/apache-badbots.conf, filter.d/nginx-botsearch.conf - add HEAD method verb * Revamp of Travis and coverage automated testing * Added a space between IP address and the following colon in notification emails for easier text selection * Character detection heuristics for whois output via optional setting in mail-whois*.conf. Thanks Thomas Mayer. Not enabled by default, if _whois_command is set to be %(_whois_convert_charset)s (e.g. in action.d/mail-whois-common.local), it - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command - converts whois data to UTF-8 character set with iconv - sends the whois output in UTF-8 character set to mail program - avoids that heirloom mailx creates binary attachment for input with unknown character set -------------------------------------------------------------------------------- ================================================================================ golang-github-boltdb-bolt-1.0-0.3.git90fef38.fc21 (FEDORA-2015-15751) A low-level key/value database for Go -------------------------------------------------------------------------------- Update Information: Bump to upstream 90fef389f98027ca55594edd7dbd6e7f3926fdad ---- Update of spec file to spec-2.0 Bump to upstream 980670afcebfd86727505b3061d8667195234816 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246207 - Tracker for golang-github-boltdb-bolt https://bugzilla.redhat.com/show_bug.cgi?id=1246207 -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-sys-0-0.1.git9c60d1c.fc21 (FEDORA-2015-15731) Go packages for low-level interaction with the operating system -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246277 - Review Request: golang-github-golang-sys - Go packages for low-level interaction with the operating system https://bugzilla.redhat.com/show_bug.cgi?id=1246277 -------------------------------------------------------------------------------- ================================================================================ golang-github-rakyll-pb-0-0.1.gitdc507ad.fc21 (FEDORA-2015-15732) Console progress bar for Golang -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262350 - Review Request: golang-github-rakyll-pb - Console progress bar for Golang https://bugzilla.redhat.com/show_bug.cgi?id=1262350 -------------------------------------------------------------------------------- ================================================================================ golang-github-xiang90-probing-0-0.1.git6a0cc1a.fc21 (FEDORA-2015-15728) Golang project for probing -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262351 - Review Request: golang-github-xiang90-probing - Golang project for probing https://bugzilla.redhat.com/show_bug.cgi?id=1262351 -------------------------------------------------------------------------------- ================================================================================ help2man-1.47.2-1.fc21 (FEDORA-2015-15742) Create simple man pages from --help output -------------------------------------------------------------------------------- Update Information: help2man-1.47.2-1.fc21 - Upstream update. help2man-1.47.2-1.fc22 - Upstream update. help2man-1.47.2-1.fc23 - Upstream update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262318 - help2man-1.47.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1262318 -------------------------------------------------------------------------------- ================================================================================ libhtp-0.5.17-1.fc21 (FEDORA-2015-15709) Security-aware parser for the HTTP protocol and the related bits and pieces -------------------------------------------------------------------------------- Update Information: This is a minor bug-fix release: * Fix URI parsing for non-std 'space' chars * Fixing buffer overrun that was failing clang `-fsanitize=address` checks * Replace `strcat/sprintf` by `strlcat/snprintf` * Fix `autogen` on CentOS 5.11 * Fix dereferencing type-punned pointer on CentOS 5.11 * Fix warning on OpenBSD -------------------------------------------------------------------------------- ================================================================================ monit-5.14-1.fc21 (FEDORA-2015-15705) Manages and monitors processes, files, directories and devices -------------------------------------------------------------------------------- Update Information: monit-5.14-1.fc21 - Upgrading to new upstream release 5.14.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195460 - RFE; Please update monit to latest stable version (5.6 -> 5.11) https://bugzilla.redhat.com/show_bug.cgi?id=1195460 -------------------------------------------------------------------------------- ================================================================================ progress-0.9-2.fc21 (FEDORA-2015-15738) Coreutils Viewer -------------------------------------------------------------------------------- Update Information: Update to new Version -------------------------------------------------------------------------------- ================================================================================ rubygem-byebug-6.0.2-1.fc21 (FEDORA-2015-15735) Ruby 2.0 fast debugger - base + CLI -------------------------------------------------------------------------------- Update Information: New version 6.0.2 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.14.3-1.fc21 (FEDORA-2015-15717) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: New version 1.14.3 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-hoe-3.14.0-1.fc21 (FEDORA-2015-15723) Hoe is a simple rake/rubygems helper for project Rakefiles -------------------------------------------------------------------------------- Update Information: New version 2.14.0 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-rabbit-2.1.8-1.fc21 (FEDORA-2015-15721) RD-document-based presentation application -------------------------------------------------------------------------------- Update Information: New version 2.1.8 is released. -------------------------------------------------------------------------------- ================================================================================ sugar-abacus-58-1.fc21 (FEDORA-2015-15748) A simple abacus activity for Sugar -------------------------------------------------------------------------------- Update Information: Version 48 -------------------------------------------------------------------------------- ================================================================================ sugar-measure-52-1.fc21 (FEDORA-2015-15757) Measure for Sugar -------------------------------------------------------------------------------- Update Information: Release 52 -------------------------------------------------------------------------------- ================================================================================ sugar-portfolio-47-1.fc21 (FEDORA-2015-15758) A simple tool for generating slide show from starred Journal entries -------------------------------------------------------------------------------- Update Information: Release 47 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
