The following Fedora 20 Security updates need testing: Age URL 138 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc2... 91 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack... 67 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.f... 67 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1... 62 https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2.fc2... 59 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.2... 55 https://admin.fedoraproject.org/updates/FEDORA-2014-17559/mapserver-6.2.2-1.... 53 https://admin.fedoraproject.org/updates/FEDORA-2014-17641/dokuwiki-0-0.23.20... 37 https://admin.fedoraproject.org/updates/FEDORA-2015-0577/strongswan-5.2.2-1.... 35 https://admin.fedoraproject.org/updates/FEDORA-2015-0633/chicken-4.9.0.1-3.f... 32 https://admin.fedoraproject.org/updates/FEDORA-2015-0773/arc-5.21p-5.fc20 29 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.3... 28 https://admin.fedoraproject.org/updates/FEDORA-2015-1007/dump-0.4-0.24.b44.f... 16 https://admin.fedoraproject.org/updates/FEDORA-2015-1165/patch-2.7.4-1.fc20 14 https://admin.fedoraproject.org/updates/FEDORA-2015-1648/lcms-1.19-13.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2015-1790/fcgi-2.4.0-26.fc20 10 https://admin.fedoraproject.org/updates/FEDORA-2015-1871/qpid-cpp-0.30-8.fc2... 4 https://admin.fedoraproject.org/updates/FEDORA-2015-1936/drupal6-views-2.18-... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-2104/drupal7-views-3.10-... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-2090/apache-poi-3.10.1-2... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1993/unzip-6.0-17.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2134/librsvg2-2.40.7-1.f... 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2152/cups-1.7.5-12.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2216/freetype-2.5.0-9.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2223/libhtp-0.5.6-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2279/e2fsprogs-1.42.12-2... 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2247/sudo-1.8.12-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved: Age URL 29 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.3... 11 https://admin.fedoraproject.org/updates/FEDORA-2015-1822/libbluray-0.7.0-1.f... 10 https://admin.fedoraproject.org/updates/FEDORA-2015-1846/libdvdread-5.0.2-1.... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-2034/perl-5.18.4-292.fc2... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-1998/perl-Socket-2.018-1... 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2191/abrt-2.2.2-2.fc20,l... 1 https://admin.fedoraproject.org/updates/FEDORA-2015-2121/perl-Pod-Usage-1.65... 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2277/hwdata-0.275-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2247/sudo-1.8.12-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2279/e2fsprogs-1.42.12-2...
The following builds have been pushed to Fedora 20 updates-testing
ansible-1.8.3-1.fc20 barman-1.3.3-6.fc20 drupal7-workbench_moderation-1.4-0.fc20 e2fsprogs-1.42.12-2.fc20 ghc-bytestring-show-0.3.5.6-2.fc20 hedgewars-0.9.21.1-3.fc20 hwdata-0.275-1.fc20 josm-0-0.65.7995svn.fc20 kdepim-4.14.4-3.fc20 lightdm-gtk-1.8.5-12.fc20 pdns-recursor-3.7.1-1.fc20 perl-Geo-IPfree-1.1.4.3.6.3.0-1.fc20 perl-Perl-Critic-Moose-1.01-1.fc20 resiprocate-1.9.9-14.fc20 salt-2014.7.2-1.fc20 sudo-1.8.12-1.fc20 youtube-dl-2015.02.18.1-1.fc20
Details about builds:
================================================================================ ansible-1.8.3-1.fc20 (FEDORA-2015-2243) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 1.8.3. Fixes a problem with ansible-vault view. Vault users should upgrade. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Kevin Fenzi kevin@scrye.com 1.8.3-1 - Update to 1.8.3 * Sun Jan 11 2015 Toshio Kuratomi toshio@fedoraproject.org - 1.8.2-3 - Work around a bug in python2.6 by using simplejson (applies in EPEL6) * Wed Dec 17 2014 Michael Scherer misc@zarb.org 1.8.2-2 - precreate /etc/ansible/roles and /usr/share/ansible_plugins --------------------------------------------------------------------------------
================================================================================ barman-1.3.3-6.fc20 (FEDORA-2015-2253) Backup and Recovery Manager for PostgreSQL -------------------------------------------------------------------------------- Update Information:
Update to latest upstream version. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 - Zbigniew Jędrzejewski-Szmek zbyszek@in.waw.pl - 1.3.3-6 - Revert dependency on python-dateutil15 (#1183341) * Mon Feb 2 2015 - Dale Macartney dbmacartney@fedoraproject.org - 1.3.3-5 - Replacing python-dateutil with python-dateutil15 * Wed Jan 21 2015 - Dale Macartney dbmacartney@fedoraproject.org - 1.3.3-4 - Resolve RPM dependencies with older version of python-dateutil * Wed Jan 14 2015 - Dale Macartney dbmacartney@fedoraproject.org - 1.3.3-3 - Update barman to 1.3.3 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1132819 - barman-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1132819 --------------------------------------------------------------------------------
================================================================================ drupal7-workbench_moderation-1.4-0.fc20 (FEDORA-2015-2286) Adds arbitrary moderation states to Drupal -------------------------------------------------------------------------------- Update Information:
Update to 1.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Scott Dodson sdodson@sdodson.com - 1.4-0 - Update to 1.4 - Spec cleanup - Removed RPM README b/c it only explained common Drupal workflow - %license usage * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1193735 - drupal7-workbench_moderation-1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1193735 --------------------------------------------------------------------------------
================================================================================ e2fsprogs-1.42.12-2.fc20 (FEDORA-2015-2279) Utilities for managing ext2, ext3, and ext4 filesystems -------------------------------------------------------------------------------- Update Information:
Changes e2fsck.conf so that for filesystems with time-based check intervals set in the superblock, these time-based checks will work again. You may need to wait through an e2fsck on your next reboot in this case. New upstream release Security fix for CVE-2015-0247 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Eric Sandeen sandeen@redhat.com 1.42.12-2 - Fix use after free (#1192861) - Fix time-based fsck if set in superblock (e2fsck.conf, #963283) * Thu Feb 5 2015 Eric Sandeen sandeen@redhat.com 1.42.12-1 - New upstream release - Security fix for CVE-2015-0247 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1187032 - CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002) https://bugzilla.redhat.com/show_bug.cgi?id=1187032 --------------------------------------------------------------------------------
================================================================================ ghc-bytestring-show-0.3.5.6-2.fc20 (FEDORA-2015-2272) Efficient conversion of values into readable byte strings -------------------------------------------------------------------------------- Update Information:
Will be used by hedgewars-server. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1192866 - Review Request: ghc-bytestring-show - Efficient conversion of values into readable byte strings https://bugzilla.redhat.com/show_bug.cgi?id=1192866 [ 2 ] Bug #1190949 - hedgewars won't build with ghc 7.8.4 https://bugzilla.redhat.com/show_bug.cgi?id=1190949 --------------------------------------------------------------------------------
================================================================================ hedgewars-0.9.21.1-3.fc20 (FEDORA-2015-2272) Funny turn-based artillery game, featuring fighting Hedgehogs! -------------------------------------------------------------------------------- Update Information:
Will be used by hedgewars-server. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 16 2015 Bruno Wolff III bruno@wolff.to - 0.9.21.1-3 - Use ghc-bytestring-shiw * Mon Feb 9 2015 Bruno Wolff III bruno@wolff.to - 0.9.21.1-2 - Rebuild for ghc update -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1192866 - Review Request: ghc-bytestring-show - Efficient conversion of values into readable byte strings https://bugzilla.redhat.com/show_bug.cgi?id=1192866 [ 2 ] Bug #1190949 - hedgewars won't build with ghc 7.8.4 https://bugzilla.redhat.com/show_bug.cgi?id=1190949 --------------------------------------------------------------------------------
================================================================================ hwdata-0.275-1.fc20 (FEDORA-2015-2277) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information:
Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Michal Minar miminar@redhat.com 0.275-1 - Updated pci, usb and vendor ids. --------------------------------------------------------------------------------
================================================================================ josm-0-0.65.7995svn.fc20 (FEDORA-2015-2246) An editor for OpenStreetMap (OSM) -------------------------------------------------------------------------------- Update Information:
Update to 7995 svn revision -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 12 2015 Cédric OLIVIER cedric.olivier@free.fr 0-0.65.7995svn - Update to 7995 svn revision -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1188031 - josm-7995 is available https://bugzilla.redhat.com/show_bug.cgi?id=1188031 --------------------------------------------------------------------------------
================================================================================ kdepim-4.14.4-3.fc20 (FEDORA-2015-2274) KDE PIM (Personal Information Manager) applications -------------------------------------------------------------------------------- Update Information:
Fix bug #1155812 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Daniel Vrátil dvratil@redhat.com - 7:4.14-4-3 - drop "Requires: foo" from foo-libs subpackages (#1155812) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1155812 - kdepim: improve split packaging https://bugzilla.redhat.com/show_bug.cgi?id=1155812 --------------------------------------------------------------------------------
================================================================================ lightdm-gtk-1.8.5-12.fc20 (FEDORA-2015-2269) LightDM GTK3 Greeter -------------------------------------------------------------------------------- Update Information:
add badges for mate, cinnamon and windows-maker -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Wolfgang Ulbrich chat-to-me@raveit.de - 1.8.5-12 - add cinnamon badge * Sat Jan 31 2015 Wolfgang Ulbrich chat-to-me@raveit.de - 1.8.5-11 - add badges for Mate and Window Maker (#1178498) * Fri Nov 7 2014 Rex Dieter rdieter@fedoraproject.org 1.8.5-10 - revert +Requires: gnome-icon-theme, adwaita reportedly good enough now (#1128697) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1178498 - missing badges for mate and windows-maker https://bugzilla.redhat.com/show_bug.cgi?id=1178498 --------------------------------------------------------------------------------
================================================================================ pdns-recursor-3.7.1-1.fc20 (FEDORA-2015-2252) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information:
- Update to 3.7.1
This version contains a mix of speedups and improvements, the combined effect of which is vastly improved resilience against traffic spikes and malicious query overloads.
Release Notes: https://doc.powerdns.com/md/changelog/#powerdns-recursor-371 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Morten Stevens mstevens@imt-systems.com - 3.7.1-1 - Update to 3.7.1 - Disable security status polling by default --------------------------------------------------------------------------------
================================================================================ perl-Geo-IPfree-1.1.4.3.6.3.0-1.fc20 (FEDORA-2015-2276) Look up the country of an IPv4 Address -------------------------------------------------------------------------------- Update Information:
This release update IP address allocation database. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Petr Pisar ppisar@redhat.com - 1.1.4.3.6.3.0-1 - 1.143630 bump --------------------------------------------------------------------------------
================================================================================ perl-Perl-Critic-Moose-1.01-1.fc20 (FEDORA-2015-2268) Policies for Perl::Critic concerned with using Moose -------------------------------------------------------------------------------- Update Information:
This release allows "use namespace::autoclean" to satisfy the RequireCleanNamespace policy. It also allows to specify list of "cleaners" as a configuration option. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Petr Pisar ppisar@redhat.com - 1.01-1 - 1.01 bump --------------------------------------------------------------------------------
================================================================================ resiprocate-1.9.9-14.fc20 (FEDORA-2015-2270) SIP and TURN stacks, with SIP proxy and TURN server implementations -------------------------------------------------------------------------------- Update Information:
fix for compile error with legacy OpenSSL on fc20 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Daniel Pocock <daniel@pocock.pro - 1.9.8-14 - New upstream release * Mon Jan 26 2015 Petr Machata pmachata@redhat.com - 1.9.8-13 - Rebuild for boost 1.57.0 * Tue Dec 9 2014 Daniel Pocock daniel@pocock.pro - 1.9.8-12 - New upstream release * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.9.7-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.9.7-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ salt-2014.7.2-1.fc20 (FEDORA-2015-2275) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Update to bugfix release 2014.7.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 17 2015 Erik Johnson erik@saltstack.com - 2014.7.2-1 - Update to bugfix release 2014.7.2 --------------------------------------------------------------------------------
================================================================================ sudo-1.8.12-1.fc20 (FEDORA-2015-2247) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information:
- update to 1.8.12 - fixes CVE-2014-9680
Update to 1.8.11p2
Major upstream changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag
Distribution specific changes: - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i
-------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Daniel Kopecek dkopecek@redhat.com - 1.8.12 - update to 1.8.12 - fixes CVE-2014-9680 * Mon Nov 3 2014 Daniel Kopecek dkopecek@redhat.com - 1.8.11p2-1 - update to 1.8.11p2 - added patch to fix upstream bug #671 -- exiting immediately when audit is disabled * Tue Sep 30 2014 Daniel Kopecek dkopecek@redhat.com - 1.8.11-1 - update to 1.8.11 - major changes & fixes: - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited. For sudoedit, we now audit the actual editor being run, instead of just the sudoedit command. - it is now possible to match an environment variable's value as well as its name using env_keep and env_check - new files created via sudoedit as a non-root user now have the proper group id - sudoedit now works correctly in conjunction with sudo's SELinux RBAC support - it is now possible to disable network interface probing in sudo.conf by changing the value of the probe_interfaces setting - when listing a user's privileges (sudo -l), the sudoers plugin will now prompt for the user's password even if the targetpw, rootpw or runaspw options are set. - the new use_netgroups sudoers option can be used to explicitly enable or disable netgroups support - visudo can now export a sudoers file in JSON format using the new -x flag - added patch to read ldap.conf more closely to nss_ldap - require /usr/bin/vi instead of vim-minimal - include pam.d/system-auth in PAM session phase from pam.d/sudo - include pam.d/sudo in PAM session phase from pam.d/sudo-i * Tue Aug 5 2014 Tom Callaway spot@fedoraproject.org - 1.8.8-5 - fix license handling * Sat May 31 2014 Peter Robinson pbrobinson@fedoraproject.org 1.8.8-4 - Drop ChangeLog, we ship NEWS * Mon Mar 10 2014 Daniel Kopecek dkopecek@redhat.com - 1.8.8-3 - remove bundled copy of zlib before compilation - drop the requiretty Defaults setting from sudoers * Sat Jan 25 2014 Ville Skyttä ville.skytta@iki.fi - 1.8.8-2 - Own the %{_libexecdir}/sudo dir. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1191144 - CVE-2014-9680 sudo: unsafe handling of TZ environment variable https://bugzilla.redhat.com/show_bug.cgi?id=1191144 --------------------------------------------------------------------------------
================================================================================ youtube-dl-2015.02.18.1-1.fc20 (FEDORA-2015-2242) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information:
Update to latest release Show must go on! - Update to latest release - Improve error messages - fix various other bugs -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 18 2015 Matej Cepl mcepl@redhat.com - 2015.02.18.1-1 - Update to latest release * Mon Feb 16 2015 Matej Cepl mcepl@redhat.com - 2015.02.11-1 - Show must go on! * Tue Feb 10 2015 Till Maas opensource@till.name - 2015.02.10.4-1 - Update to latest release * Tue Feb 10 2015 Till Maas opensource@till.name - 2015.02.10.2-1 - Update to latest release - remove pre-built file in %setup * Sat Jan 31 2015 Till Maas opensource@till.name - 2015.01.30.1-1 - Update to new release - Use %license -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1193446 - youtube-dl-2015.02.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1193446 [ 2 ] Bug #1191520 - youtube-dl-2015.02.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1191520 [ 3 ] Bug #1135594 - [abrt] youtube-dl: httplib.py:660:_safe_read:IncompleteRead: IncompleteRead(7669 bytes read, 523 more expected) https://bugzilla.redhat.com/show_bug.cgi?id=1135594 [ 4 ] Bug #1093517 - [abrt] youtube-dl: httplib.py:953:putheader:UnicodeEncodeError: 'ascii' codec can't encode character u'\ufeff' in position 0: ordinal not in range(128) https://bugzilla.redhat.com/show_bug.cgi?id=1093517 --------------------------------------------------------------------------------