The following Fedora 21 Security updates need testing: Age URL 270 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1467 openstack-glance-2014.1.3-4.fc21 151 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9141 ceph-deploy-1.5.25-1.fc21 139 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9744 squid-3.4.13-1.fc21 83 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12773 python-kdcproxy-0.3.2-1.fc21 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1fed73bab8 conntrack-tools-1.4.2-9.fc21 63 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14179 libreswan-3.15-1.fc21 63 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14200 sblim-sfcb-1.4.8-5.fc21 54 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14852 libwmf-0.2.8.4-46.fc21 38 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16238 nagios-4.0.8-1.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-af1b712fce python-pymongo-3.0.3-1.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d292a98f01 cyrus-imapd-2.4.18-1.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-048e95ac1d thunderbird-38.3.0-1.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-111f449417 community-mysql-5.6.27-1.fc21 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d683ebb786 postgresql-9.3.10-1.fc21 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3ca3f2138b libvdpau-1.1.1-2.fc21 17 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1f9e79df21 audiofile-0.3.6-9.fc21 13 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15290 ipsilon-1.1.1-2.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b8534a1aec firefox-41.0.2-2.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6542ab6d3a libreport-2.3.0-10.fc21 abrt-2.3.0-12.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a381facfd9 php-horde-passwd-5.0.4-1.fc21 php-horde-imp-6.2.11-1.fc21 php-horde-ingo-3.2.7-1.fc21 php-horde-horde-5.2.8-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-97fe05f788 mediawiki-1.24.4-1.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9e842ac36e seqan-1.4.2-21.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-77bfbc1bcd ntp-4.2.6p5-34.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-adfd729dbc xscreensaver-5.34-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ebfe46536f lxc-1.0.7-4.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f1e18131bc php-ZendFramework-1.12.16-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5c06260c4b php-udan11-sql-parser-3.0.4-1.fc21 phpMyAdmin-4.5.1-1.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 89 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12402 gstreamer1-plugins-good-1.4.5-3.fc21 77 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13239 yum-3.4.3-154.fc21 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13877 libteam-1.18-1.fc21 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13805 tigervnc-1.5.0-2.fc21 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-90d3a9ce48 dracut-038-40.git20150819.fc21 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-37e78bb9af btrfs-progs-4.1.2-1.fc21 31 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5d4e159c10 python-2.7.8-15.fc21 python3-3.4.1-18.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-048e95ac1d thunderbird-38.3.0-1.fc21 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ff9eaa3e01 device-mapper-multipath-0.4.9-68.fc21.6 21 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9e6a99b895 gnome-terminal-3.14.3-2.fc21 15 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1eb4524928 linux-firmware-20151012-57.gitd82d3c1e.fc21 15 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fda676f6c9 perl-generators-1.06-1.fc21 15 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d5ebbad574 nss-3.20.0-1.1.1.fc21 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f01da0e4b8 spatialite-tools-4.2.0-15.fc21 sqlite-3.9.0-1.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6542ab6d3a libreport-2.3.0-10.fc21 abrt-2.3.0-12.fc21 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b8534a1aec firefox-41.0.2-2.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-311e897518 dnsmasq-2.75-2.fc21 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-830a68baaa createrepo_c-0.9.1-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-272674923f perl-Thread-Queue-3.07-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06f119f03c hwdata-0.283-1.fc21 The following builds have been pushed to Fedora 21 updates-testing Lmod-6.0.15-1.fc21 R-3.2.2-2.fc21 batctl-2015.1-1.fc21 engauge-digitizer-6.0-1.fc21 gajim-0.16.4-2.fc21 gdouros-aegyptus-fonts-5.03-0.7.20151024.fc21 gdouros-akkadian-fonts-7.13-0.5.20151024.fc21 globus-ftp-client-8.23-2.fc21 globus-gridftp-server-8.9-1.fc21 globus-xio-udt-driver-1.19-1.fc21 gramps-4.1.3-2.fc21 hwdata-0.283-1.fc21 libebml-1.3.3-1.fc21 libmatroska-1.4.4-1.fc21 lxc-1.0.7-4.fc21 marco-1.10.2-2.fc21 marco-1.10.3-1.fc21 mcabber-1.0.0-0.20151025hgea90906cb691.fc21 perl-Thread-Queue-3.07-1.fc21 php-ZendFramework-1.12.16-1.fc21 php-guzzlehttp-promises-1.0.3-1.fc21 php-symfony-2.7.5-1.fc21 php-symfony-psr-http-message-bridge-0.2-2.fc21 php-udan11-sql-parser-3.0.4-1.fc21 php-zendframework-zend-diactoros-1.1.4-1.fc21 phpMyAdmin-4.5.1-1.fc21 pidgin-sipe-1.20.1-1.fc21 python-arrow-0.7.0-1.fc21 python-fedora-0.6.2-3.fc21 python-nbxmpp-0.5.3-1.fc21 python-wikitcms-1.13.1-1.fc21 qbittorrent-3.2.4-2.fc21 w_scan-20141122-1.fc21 xca-1.3.2-1.fc21 xscreensaver-5.34-1.fc21 Details about builds: ================================================================================ Lmod-6.0.15-1.fc21 (FEDORA-2015-89a2aef89d) Environmental Modules System in Lua -------------------------------------------------------------------------------- Update Information: Update to 6.0.15 ---- Update to 6.0.12: - Support generic and non-bash shells - See https://github.com/TACC/Lmod/blob/master/README -------------------------------------------------------------------------------- ================================================================================ R-3.2.2-2.fc21 (FEDORA-2015-f1d0623dd0) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: R-3.2.2-2.fc21 - apply patches from upstream bug 16497 to fix X11 hangs R-3.2.2-2.fc22 - apply patches from upstream bug 16497 to fix X11 hangs R-3.2.2-2.el5 - apply patches from upstream bug 16497 to fix X11 hangs R-3.2.2-2.el6 - apply patches from upstream bug 16497 to fix X11 hangs R-3.2.2-2.el7 - apply patches from upstream bug 16497 to fix X11 hangs R-3.2.2-2.fc23 - apply patches from upstream bug 16497 to fix X11 hangs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272271 - [abrt] R-core: xfree(): R killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1272271 -------------------------------------------------------------------------------- ================================================================================ batctl-2015.1-1.fc21 (FEDORA-2015-3012296829) B.A.T.M.A.N. advanced control and management tool -------------------------------------------------------------------------------- Update Information: update to 2015.1 -------------------------------------------------------------------------------- ================================================================================ engauge-digitizer-6.0-1.fc21 (FEDORA-2015-e8de9408eb) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information: engauge-digitizer-6.0-1.fc21 - First release - Build release version - Activated jpeg200 support engauge-digitizer-6.0-1.fc22 - First release - Build release version - Activated jpeg200 support engauge-digitizer-6.0-1.fc23 - First release - Build release version - Activated jpeg200 support -------------------------------------------------------------------------------- ================================================================================ gajim-0.16.4-2.fc21 (FEDORA-2015-699b50f601) Jabber client written in PyGTK -------------------------------------------------------------------------------- Update Information: Gajim 0.16.4 is an upstream bugfix release. To see the changelog and the list of fixed bugs, visit http://gajim.org/. -------------------------------------------------------------------------------- ================================================================================ gdouros-aegyptus-fonts-5.03-0.7.20151024.fc21 (FEDORA-2015-d6ee07678c) A font for Egyptian hieroglyphs -------------------------------------------------------------------------------- Update Information: Updated documentation -------------------------------------------------------------------------------- ================================================================================ gdouros-akkadian-fonts-7.13-0.5.20151024.fc21 (FEDORA-2015-63355fd323) A font for Sumero-Akkadian cuneiform -------------------------------------------------------------------------------- Update Information: Updated documentation -------------------------------------------------------------------------------- ================================================================================ globus-ftp-client-8.23-2.fc21 (FEDORA-2015-bd42d3d808) Globus Toolkit - GridFTP Client Library -------------------------------------------------------------------------------- Update Information: - Fix for GT-604: fix ipv6 negotiation when source does not pre-connect (backported from upstream git) -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-8.9-1.fc21 (FEDORA-2015-9aee7b0a68) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: globus-gridftp-server-8.9-1 - GT6 update (Home directory fixes) globus-xio- udt-driver-1.19-1 - GT6 update (Ignore other end's attempts at ipv6 negotiation) -------------------------------------------------------------------------------- ================================================================================ globus-xio-udt-driver-1.19-1.fc21 (FEDORA-2015-9aee7b0a68) Globus Toolkit - Globus XIO UDT Driver -------------------------------------------------------------------------------- Update Information: globus-gridftp-server-8.9-1 - GT6 update (Home directory fixes) globus-xio- udt-driver-1.19-1 - GT6 update (Ignore other end's attempts at ipv6 negotiation) -------------------------------------------------------------------------------- ================================================================================ gramps-4.1.3-2.fc21 (FEDORA-2015-fa6e50a9c9) Genealogical Research and Analysis Management Programming System -------------------------------------------------------------------------------- Update Information: gramps-4.2.1-1.fc23 - 4.2.1 gramps-4.1.3-2.fc22 - Own gramps Python module directory, BZ 1275033. gramps-4.1.3-2.fc21 - Own gramps Python module directory, BZ 1275033. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275033 - Unowned directory /usr/lib/python3.4/site-packages/gramps https://bugzilla.redhat.com/show_bug.cgi?id=1275033 -------------------------------------------------------------------------------- ================================================================================ hwdata-0.283-1.fc21 (FEDORA-2015-06f119f03c) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information: Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ================================================================================ libebml-1.3.3-1.fc21 (FEDORA-2015-3b6f22ab4b) Extensible Binary Meta Language library -------------------------------------------------------------------------------- Update Information: API- and ABI-compatible updates to the latest upstream releases, fixing invalid memory access bugs in previous releases. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1274269 - libebml-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1274269 [ 2 ] Bug #1272716 - libmatroska-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1272716 -------------------------------------------------------------------------------- ================================================================================ libmatroska-1.4.4-1.fc21 (FEDORA-2015-3b6f22ab4b) Open audio/video container format library -------------------------------------------------------------------------------- Update Information: API- and ABI-compatible updates to the latest upstream releases, fixing invalid memory access bugs in previous releases. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1274269 - libebml-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1274269 [ 2 ] Bug #1272716 - libmatroska-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1272716 -------------------------------------------------------------------------------- ================================================================================ lxc-1.0.7-4.fc21 (FEDORA-2015-ebfe46536f) Linux Resource Containers -------------------------------------------------------------------------------- Update Information: lxc-1.0.7-4.fc21 - Add some patches: - Allow building on EPEL6. - Fix boot-order (similar to rhbz#1263612). - Prevent lxc-top crash ( rhbz#1152384 ). - Set lxc.kmsg = 0 in the config ( rhbz#1204389 ). - Use 'overlay' as fs name when needed ( rhbz#1217516 ). - Add dependency on rsync ( rhbz#1177981 ). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1267844 - CVE-2015-1335 lxc: Directory traversal flaw when lxc-start is initially setting up the mounts for a container https://bugzilla.redhat.com/show_bug.cgi?id=1267844 -------------------------------------------------------------------------------- ================================================================================ marco-1.10.2-2.fc21 (FEDORA-2015-b6d3911e05) MATE Desktop window manager -------------------------------------------------------------------------------- Update Information: marco-1.10.2-2.fc21 - fix rhbz (#1258638) - fix rhbz (#1258131), revert support for GTK_FRAME_EXTENTS for the moment -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258638 - [abrt] marco: meta_workspace_list_windows(): marco killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1258638 [ 2 ] Bug #1258131 - [abrt] marco: split_edge(): marco killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1258131 -------------------------------------------------------------------------------- ================================================================================ marco-1.10.3-1.fc21 (FEDORA-2015-a3e86a546f) MATE Desktop window manager -------------------------------------------------------------------------------- Update Information: marco-1.10.3-1.fc21 - update to 1.10.3 release - remove upstreamed patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258638 - [abrt] marco: meta_workspace_list_windows(): marco killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1258638 [ 2 ] Bug #1258131 - [abrt] marco: split_edge(): marco killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1258131 -------------------------------------------------------------------------------- ================================================================================ mcabber-1.0.0-0.20151025hgea90906cb691.fc21 (FEDORA-2015-2fd3b59354) Console Jabber instant messaging client -------------------------------------------------------------------------------- Update Information: mcabber-1.0.0-0.20151025hgea90906cb691.fc21 - New upstream release and get closer to dev since big fixes are being committed mcabber-1.0.0-0.20151025hgea90906cb691.fc23 - New upstream release and get closer to dev since big fixes are being committed mcabber-1.0.0-0.20151025hgea90906cb691.fc22 - New upstream release and get closer to dev since big fixes are being committed -------------------------------------------------------------------------------- References: [ 1 ] Bug #1237264 - [abrt] mcabber: lm_socket_ref(): mcabber killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1237264 [ 2 ] Bug #1219692 - [abrt] mcabber: socket_connect_cb(): mcabber killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1219692 [ 3 ] Bug #1195051 - [abrt] mcabber: lm_socket_ref(): mcabber killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1195051 [ 4 ] Bug #870500 - [abrt] mcabber-0.10.1-3.fc17: lm_socket_ref: Process /usr/bin/mcabber was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=870500 [ 5 ] Bug #1236435 - mcabber-1.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1236435 -------------------------------------------------------------------------------- ================================================================================ perl-Thread-Queue-3.07-1.fc21 (FEDORA-2015-272674923f) Thread-safe queues -------------------------------------------------------------------------------- Update Information: This release fixes a corner case when a queue limit is reached and dequeue() should unblock it. -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework-1.12.16-1.fc21 (FEDORA-2015-f1e18131bc) Leading open-source PHP framework -------------------------------------------------------------------------------- Update Information: Update to 1.12.16 - fixes CVE-2015-5161: http://framework.zend.com/security/advisory/ZF2015-06 - fixes CVE-2015-5723: http://framework.zend.com/security/advisory/ZF2015-07 - removed services: DeveloperGarden, Technorati -------------------------------------------------------------------------------- References: [ 1 ] Bug #1269080 - CVE-2015-5723 php-ZendFramework: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1269080 [ 2 ] Bug #1253255 - CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1253255 [ 3 ] Bug #1253253 - CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1253253 [ 4 ] Bug #1269081 - CVE-2015-5723 php-ZendFramework: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1269081 [ 5 ] Bug #1253251 - CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1253251 -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-promises-1.0.3-1.fc21 (FEDORA-2015-78f4f5566a) Guzzle promises library -------------------------------------------------------------------------------- Update Information: ### 1.0.3 - 2015-10-15 * Update EachPromise to immediately resolve when the underlying promise iterator is empty. Previously, such a promise would throw an exception when its `wait` function was called. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272280 - php-guzzlehttp-promises-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1272280 -------------------------------------------------------------------------------- ================================================================================ php-symfony-2.7.5-1.fc21 (FEDORA-2015-05d3e1f3e9) PHP framework for web projects -------------------------------------------------------------------------------- Update Information: ### 2.7.5 (2015-09-25) * bug #15866 [VarDumper] Fix dump comparison on large arrays (romainneutron) * bug #15878 [OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies (lemoinem) * bug #15795 [Console] Default to stderr for the console helpers (2.7+) (alcohol) * bug #15821 [EventDispatcher] fix memory leak in getListeners (Tobion) * bug #15859 [Config] Fix enum default value in Yaml dumper (romainneutron) * bug #15826 [Finder] Optimize the hot-path (nicolas-grekas) * bug #15804 [VarDumper] Fix HtmlDumper constructor calling CliDumper's (nicolas-grekas) * bug #15802 [Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories (nicolas-grekas) * bug #15803 [Finder] Exclude files based on path before applying the sorting (stof) * feature #13761 Automatically process extensions when they implement CompilerPassInterface (WouterJ) * bug #13794 [DomCrawler] Invalid uri created from forms if base tag present (danez) * bug #15728 Use stderr by default when a specific output is not injected (Seldaek) * bug #15637 Use ObjectManager interface instead of EntityManager (gnat42) * bug #15783 [Debug] Fix case mismatch detection (nicolas-grekas) * bug #14802 [HttpKernel] fix broken multiline <esi:remove> (sstok) * bug #14841 [DoctrineBridge] Fixed #14840 (saksmt) * bug #15770 [Yaml] Fix the parsing of float keys (jmgq) * bug #15771 [Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors (Seldaek) * bug #15750 Add tests to the recently added exceptions thrown from YamlFileLoaders (jakzal) * bug #15763 [HttpKernel] fix DumpDataCollector compat with Twig 2.0 (nicolas-grekas) * bug #15718 Fix that two DirectoryResources with different patterns would be deduplicated (mpdude) * bug #15516 [Translator][warmup][fallback locales] fixed missing cache file generation. (aitboudad) * bug #14916 [WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX (drAlberT) * bug #15725 Dispatch console.terminate *after* console.exception (Seldaek) * bug #15731 improve exceptions when parsing malformed files (xabbuh) * bug #15737 Fix the injection of the container in invokable controllers (stof) * bug #15729 [Kernel] Integer version constants (Tobion) -------------------------------------------------------------------------------- ================================================================================ php-symfony-psr-http-message-bridge-0.2-2.fc21 (FEDORA-2015-28e4608cb7) Symfony PSR HTTP message bridge -------------------------------------------------------------------------------- Update Information: Provides integration for PSR7. -------------------------------------------------------------------------------- ================================================================================ php-udan11-sql-parser-3.0.4-1.fc21 (FEDORA-2015-5c06260c4b) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename - Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables - Change minimum PHP version for Composer - Import parser and backslash - "Visualize GIS data" seems to be broken - Confirm box on "Reset slave" option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third party auth plugins -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-diactoros-1.1.4-1.fc21 (FEDORA-2015-8fb82cbea3) PSR HTTP Message implementations -------------------------------------------------------------------------------- Update Information: ## 1.1.4 - 2015-10-16 ### Added - [#98](https://github.com/zendframework/zend- diactoros/pull/98) adds `JSON_UNESCAPED_SLASHES` to the default `json_encode` flags used by `Zend\Diactoros\Response\JsonResponse`. ### Deprecated - Nothing. ### Removed - Nothing. ### Fixed - [#96](https://github.com/zendframework/zend-diactoros/pull/96) updates `withPort()` to allow `null` port values (indicating usage of default for the given scheme). - [#91](https://github.com/zendframework/zend-diactoros/pull/91) fixes the logic of `withUri()` to do a case-insensitive check for an existing `Host` header, replacing it with the new one. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272627 - php-zendframework-zend-diactoros-1.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1272627 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.5.1-1.fc21 (FEDORA-2015-5c06260c4b) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename - Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables - Change minimum PHP version for Composer - Import parser and backslash - "Visualize GIS data" seems to be broken - Confirm box on "Reset slave" option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third party auth plugins -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108 -------------------------------------------------------------------------------- ================================================================================ pidgin-sipe-1.20.1-1.fc21 (FEDORA-2015-ee3466e63f) Pidgin protocol plugin to connect to MS Office Communicator -------------------------------------------------------------------------------- Update Information: New upstream release: * add support for another type of ADFS response * improve configure check for back-ported features -------------------------------------------------------------------------------- ================================================================================ python-arrow-0.7.0-1.fc21 (FEDORA-2015-6d0a083f1a) Better dates and times for Python -------------------------------------------------------------------------------- Update Information: Latest upstream. https://github.com/crsmithdev/arrow/blob/master/HISTORY.md#070 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270548 - python-arrow-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1270548 -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.6.2-3.fc21 (FEDORA-2015-19d4ad8e90) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: Require a more modern python-requests since we dropped support for the older `.json` property. -------------------------------------------------------------------------------- ================================================================================ python-nbxmpp-0.5.3-1.fc21 (FEDORA-2015-699b50f601) Python library for non-blocking use of Jabber/XMPP -------------------------------------------------------------------------------- Update Information: Gajim 0.16.4 is an upstream bugfix release. To see the changelog and the list of fixed bugs, visit http://gajim.org/. -------------------------------------------------------------------------------- ================================================================================ python-wikitcms-1.13.1-1.fc21 (FEDORA-2015-0474c5b894) Fedora QA wiki test management Python library -------------------------------------------------------------------------------- Update Information: This update provides the latest python-wikitcms release, 1.13.1. The visible improvements here all relate to event/page sorting; the behaviour of both the string and tuple sorter functions has been improved. Note the string *unsort* function has been removed (as it could never work reliably), constituting an API change - in practice, I doubt anyone was using it. -------------------------------------------------------------------------------- ================================================================================ qbittorrent-3.2.4-2.fc21 (FEDORA-2015-ba5eced9aa) A Bittorrent Client -------------------------------------------------------------------------------- Update Information: qbittorrent-3.2.4-2.fc21 - New upstream qbittorrent-3.2.4-2.fc22 - New upstream qbittorrent-3.2.4-2.el7 - New upstream qbittorrent-3.2.4-2.fc23 - New upstream -------------------------------------------------------------------------------- ================================================================================ w_scan-20141122-1.fc21 (FEDORA-2015-b013f811d0) Tool for scanning DVB transponders -------------------------------------------------------------------------------- Update Information: update to 20141122 -------------------------------------------------------------------------------- ================================================================================ xca-1.3.2-1.fc21 (FEDORA-2015-6047f368f5) Graphical X.509 certificate management tool -------------------------------------------------------------------------------- Update Information: xca-1.3.2-1 - New upstream release. - Patch "oidfieldcursor" to restore normal cursor behavior on OID resolver input field. - Drop README.update. -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.34-1.fc21 (FEDORA-2015-adfd729dbc) X screen saver and locker -------------------------------------------------------------------------------- Update Information: A security flaw was found that xscreensaver aborts in some case with dual screen and unplugging one of them. This new rpm should fix the issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1274452 - Xscreensaver lock bypass https://bugzilla.redhat.com/show_bug.cgi?id=1274452 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
