The following Fedora 20 Security updates need testing: Age URL 78 https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1.fc... 38 https://admin.fedoraproject.org/updates/FEDORA-2013-22130/chicken-4.8.0.5-1.... 29 https://admin.fedoraproject.org/updates/FEDORA-2013-22809/net-snmp-5.7.2-16.... 24 https://admin.fedoraproject.org/updates/FEDORA-2013-23116/python-swiftclient... 15 https://admin.fedoraproject.org/updates/FEDORA-2013-23524/openstack-nova-201... 14 https://admin.fedoraproject.org/updates/FEDORA-2013-23636/rubygem-actionpack... 14 https://admin.fedoraproject.org/updates/FEDORA-2013-23659/ibus-chewing-1.4.4... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-24018/varnish-3.0.5-1.fc... 5 https://admin.fedoraproject.org/updates/FEDORA-2013-24059/mingw-openjpeg-1.5... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-24108/asterisk-11.7.0-1.... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-24153/libsrtp-1.4.4-9.20... 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0033/goffice-0.10.9-1.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0156/poppler-0.24.3-3.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0129/python-libcloud-0.1... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0066/rubygem-will_pagina...
The following Fedora 20 Critical Path updates have yet to be approved: Age URL 51 https://admin.fedoraproject.org/updates/FEDORA-2013-21163/libproxy-0.4.11-8.... 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23721/krb5-1.11.3-38.fc2... 11 https://admin.fedoraproject.org/updates/FEDORA-2013-23850/libbluray-0.5.0-2.... 10 https://admin.fedoraproject.org/updates/FEDORA-2013-23915/rygel-0.20.3-1.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0156/poppler-0.24.3-3.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0157/librepo-1.5.1-1.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0151/cups-1.7.0-9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0150/perl-Encode-2.54-2.... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0120/libevdev-0.6-3.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0088/policycoreutils-2.2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0099/libldb-1.1.16-4.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0044/gnutls-3.1.18-3.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0096/hwdata-0.259-1.fc20
The following builds have been pushed to Fedora 20 updates-testing
cups-1.7.0-9.fc20 darktable-1.4-1.fc20 dovecot-2.2.10-1.fc20 drupal7-7.25-1.fc20 epiphany-3.10.3-1.fc20 freeipa-3.3.3-4.fc20 freeipmi-1.3.4-1.fc20 gimp-elsamuko-24-2.fc20 glances-1.7.2-1.fc20 glusterfs-3.4.2-1.fc20 kde-plasma-nm-0.9.3.2-3.fc20 librepo-1.5.1-1.fc20 linpsk-1.2-1.fc20 lohit-gujarati-fonts-2.92.2-1.fc20 mailman-2.1.15-17.fc20 nx-libs-3.5.0.21-5.fc20 parcellite-1.1.7-2.fc20 perl-Encode-2.54-2.fc20 perl-Perl-Critic-Tics-0.008-1.fc20 php-sabre-dav-1.8.7-1.fc20 php-sabre-vobject-2.1.3-1.fc20 poppler-0.24.3-3.fc20 python-libcloud-0.13.3-1.fc20 pywbem-0.7.0-23.20131121svn626.fc20 quiterss-0.14.2-1.fc20 xfig-3.2.5-38.b.fc20
Details about builds:
================================================================================ cups-1.7.0-9.fc20 (FEDORA-2014-0151) CUPS printing system -------------------------------------------------------------------------------- Update Information:
This update fixes the long delay when shutting down the cups service. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 2 2014 Tim Waugh twaugh@redhat.com - 1:1.7.0-9 - dbus notifier: call _exit when handling SIGTERM (STR #4314). - Use '-f' when using rm in %setup section. - Fixed avahi-no-threaded patch so it removes a call to avahi_threaded_poll_stop() (bug #1044602). * Fri Dec 13 2013 Tim Waugh twaugh@redhat.com - 1:1.7.0-8 - Use string literal for format string in sd_journal_print call. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1044602 - Long wait at shutdown/reboot https://bugzilla.redhat.com/show_bug.cgi?id=1044602 --------------------------------------------------------------------------------
================================================================================ darktable-1.4-1.fc20 (FEDORA-2014-0147) Utility to organize and develop raw images -------------------------------------------------------------------------------- Update Information:
New darktable stable release 1.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 1 2014 Edouard Bourguignon madko@linuxed.net - 1.4-1 - Upgrade to 1.4 * Mon Dec 2 2013 Edouard Bourguignon madko@linuxed.net - 1.4-0.1.rc1 - Upgrade to 1.4~rc1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1025748 - Darktable's background process is not closed after UI is closed https://bugzilla.redhat.com/show_bug.cgi?id=1025748 --------------------------------------------------------------------------------
================================================================================ dovecot-2.2.10-1.fc20 (FEDORA-2014-0137) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information:
* auth: passdb/userdb dict rewrite to support much more complex setups. See doc/example-config/dovecot-dict-auth.conf.ext. The old settings will continue to work. * auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's. See http://wiki2.dovecot.org/UserDatabase * imap: Implemented SETQUOTA command for admin user when quota_set is configured. See http://master.wiki2.dovecot.org/Quota/Configuration * quota: Support "*" and "?" wildcards in mailbox names in quota_rules * mysql: Added ssl_verify_server_cert=no|yes parameter. This currently defaults to "no" to make sure nothing breaks, but likely will become "yes" in Dovecot v2.3. * ldap: Added blocking=yes setting to use auth worker processes for ldap lookups. This is a workaround for now to be able to use multiple simultaneous LDAP connections. * pop3c+dsync performance improvements * quota-status: quota_grace was ignored * ldap: Fixed memory leak with auth_bind=yes and without auth_bind_userdn. * imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when CONDSTORE/QRESYNC has never before been enabled for the mailbox. * imap: Fixes to handling mailboxes without permanent modseqs. (When [NOMODSEQ] is returned by SELECT, mainly with in-memory indexes.) * imap: Various fixes to METADATA support. * stats plugin: Processes that only temporarily dropped privileges (e.g. indexer-worker) may have been logging errors about not being able to open /proc/self/io. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 2 2014 Michal Hlavinka mhlavink@redhat.com - 1:2.2.10-1 - dovecot updated to 2.2.10 - quota-status: quota_grace was ignored - ldap: Fixed memory leak with auth_bind=yes and without auth_bind_userdn. - imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when CONDSTORE/QRESYNC has never before been enabled for the mailbox. - imap: Fixes to handling mailboxes without permanent modseqs. (When [NOMODSEQ] is returned by SELECT, mainly with in-memory indexes.) - imap: Various fixes to METADATA support. - stats plugin: Processes that only temporarily dropped privileges (e.g. indexer-worker) may have been logging errors about not being able to open /proc/self/io. --------------------------------------------------------------------------------
================================================================================ drupal7-7.25-1.fc20 (FEDORA-2014-0124) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
Latest upstream.
https://drupal.org/drupal-7.25-release-notes -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Jon Ciesla limburgher@gmail.com - 7.25-1 - 7.25, BZ 1048114. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1048114 - drupal7-7.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=1048114 --------------------------------------------------------------------------------
================================================================================ epiphany-3.10.3-1.fc20 (FEDORA-2014-0143) Web browser for GNOME -------------------------------------------------------------------------------- Update Information:
- Do not lock when resizing columns in history window (#696653) - Fix critical warnings (#719405) - Fix text encoding dialog #703825) - Change default charset to iso-8859-1 for greater web compatibility (720247) - A few performance fixes. - Updated translations. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Debarshi Ray rishi@fedoraproject.org - 1:3.10.3-1 - Update to 3.10.3 --------------------------------------------------------------------------------
================================================================================ freeipa-3.3.3-4.fc20 (FEDORA-2013-23354) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information:
Fixes #1040576. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Martin Kosek mkosek@redhat.com - 3.3.3-4 - Build crashed with rhino exception on s390 architectures (#1040576) * Thu Dec 12 2013 Martin Kosek mkosek@redhat.com - 3.3.3-3 - Build crashed rhino exception on some architectures (#1040576) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1040576 - FTBFS: Exception in thread "process reaper" java.lang.StackOverflowError https://bugzilla.redhat.com/show_bug.cgi?id=1040576 --------------------------------------------------------------------------------
================================================================================ freeipmi-1.3.4-1.fc20 (FEDORA-2014-0149) IPMI remote console and system management software -------------------------------------------------------------------------------- Update Information:
Update to 1.3.4.
Changelog:
* ipmi-sensors-config/ipmi-sensors-config-threshold-section.c, ipmi-sensors-config/ipmi-sensors-config-utils.c: Force some error messages to output on fatal errors.
* libfreeipmi/util/ipmi-sensor-util.c (ipmi_sensor_decode_raw_value): Fix error in input checks.
* ipmi-config/ipmi-config-category-sensors-threshold-section.c: Fix error message cut & paste typo.
* ipmiseld/ipmiseld.c: Fix error message typo.
* doc/freeipmi-faq.txi: Update with new information on OS issues.
* bmc-watchdog/bmc-watchdog.c (_fiid_obj_get_safe): New function.
* bmc-watchdog/bmc-watchdog.c (_get_watchdog_timer_cmd): Use _fiid_obj_get_safe and do not exit on data not available errors.
* doc/freeipmi-faq.txi: Update with new information.
* libfreeipmi/sdr/ipmi-sdr-cache-create.c (ipmi_sdr_cache_create): Fix bug w/ Fujitsu SDR count workaround.
* ipmiconsole/, libipmiconsole/: Support solchannelsupport workaround option / IPMICONSOLE_WORKAROUND_SKIP_CHANNEL_PAYLOAD_SUPPORT workaround flag.
* doc/freeipmi-bugs-issues-and-workarounds.txt, man/manpage-common-workaround-outofband-15-text.man: Document workaround for Quanta Winterfell.
* libfreeipmi/util/ipmi-rmcpplus-util.c (ipmi_rmcpplus_check_rakp_4_integrity_check_value): Fix incorrect secure memset call. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2013 Christopher Meng rpm@cicku.me - 1.3.4-1 - Updated to freeipmi-1.3.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1043061 - freeipmi-1.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1043061 --------------------------------------------------------------------------------
================================================================================ gimp-elsamuko-24-2.fc20 (FEDORA-2014-0148) Script collection for the GIMP -------------------------------------------------------------------------------- Update Information:
New GIMP scripts. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #924682 - Review Request: gimp-elsamuko - Elsamukos script collection for the GIMP https://bugzilla.redhat.com/show_bug.cgi?id=924682 --------------------------------------------------------------------------------
================================================================================ glances-1.7.2-1.fc20 (FEDORA-2014-0128) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information:
Upgrade to 1.7.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 12 2013 Edouard Bourguignon madko@linuxed.net - 1.7.2-1 - Update to 1.7.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1025996 - glances-1.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1025996 --------------------------------------------------------------------------------
================================================================================ glusterfs-3.4.2-1.fc20 (FEDORA-2014-0133) Cluster File System -------------------------------------------------------------------------------- Update Information:
GlusterFS 3.4.2 GA Update to glusterFS-3.4.2qa5 * include gfapi.py and the .../python*/site-packages/gluster/ -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-1 - GlusterFS 3.4.2 GA * Wed Dec 25 2013 Niels de Vos ndevos@redhat.com - 3.4.2-0.1qa5 - GlusterFS 3.4.2 QA5, glusterfs-3.4.2-0.1qa5 - Correct source URL to automatic release location * Fri Dec 20 2013 Niels de Vos ndevos@redhat.com - Include .../site-packages/gluster/gfapi.py in glusterfs-api * Thu Dec 19 2013 Niels de Vos ndevos@redhat.com - Include the .../site-packages/gluster/__init__.py file by default, skip EL-5 and earlier (#1045123) * Tue Dec 17 2013 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.4.2-0.1qa4 - GlusterFS 3.4.2 QA4 , glusterfs-3.4.2-0.1qa4 * Fri Dec 6 2013 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-0.1qa3 - GlusterFS 3.5.0 QA3 , glusterfs-3.5.0-0.1qa3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1045123 - Latest Fedora 3.4.1 RPM does not install python gluster directory https://bugzilla.redhat.com/show_bug.cgi?id=1045123 --------------------------------------------------------------------------------
================================================================================ kde-plasma-nm-0.9.3.2-3.fc20 (FEDORA-2014-0081) Plasma applet written in QML for managing network connections -------------------------------------------------------------------------------- Update Information:
Some upstream fixes -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Jan Grulich jgrulich@redhat.com - 0.9.3.2-3 - More upstream fixes * Thu Jan 2 2014 Jan Grulich jgrulich@redhat.com - 0.9.3.2-2 - Pickup some upstream fixes -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1043195 - KDE lies when asks for wifi password at startup https://bugzilla.redhat.com/show_bug.cgi?id=1043195 [ 2 ] Bug #1031997 - Prevent auto-reconnect on secrets failure until agents change https://bugzilla.redhat.com/show_bug.cgi?id=1031997 --------------------------------------------------------------------------------
================================================================================ librepo-1.5.1-1.fc20 (FEDORA-2014-0157) Repodata downloading library -------------------------------------------------------------------------------- Update Information:
Update to 1.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 1.5.1-1 - Downloading: LRO_MAXSPEED has effect over whole downloading, it is not per target max speed anymore. - Sanitize progresscb (GitHub issue 24) (Thanks zde/zpavlas) --------------------------------------------------------------------------------
================================================================================ linpsk-1.2-1.fc20 (FEDORA-2014-0132) Psk31 and RTTY program for Linux -------------------------------------------------------------------------------- Update Information:
This is new version of linpsk, for details see upstream page: http://linpsk.sourceforge.net/ -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Jaroslav Škarvada jskarvad@redhat.com - 1.2-1 - New version Resolves: rhbz#1046658 - Dropped compile-fix patch (not needed) - Various minor fixes -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1046658 - linpsk-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1046658 --------------------------------------------------------------------------------
================================================================================ lohit-gujarati-fonts-2.92.2-1.fc20 (FEDORA-2014-0161) Free Gujarati font -------------------------------------------------------------------------------- Update Information:
This is an update with enhancements in upstream. This is an update that provides latest upstream version with couple of bug fixes. This is an upstream release with enhancements over earlier release. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Pravin Satpute psatpute@redhat.com - 2.92.2-1 - Minor release 2.92.2 from upstream. * Thu Dec 12 2013 Pravin Satpute psatpute@redhat.com - 2.92.1-1 - Minor release 2.92.1 from upstream. * Mon Dec 9 2013 Pravin Satpute psatpute@redhat.com - 2.92.0-1 - Beta release 2.92.0 from upstream (lohit2 project) --------------------------------------------------------------------------------
================================================================================ mailman-2.1.15-17.fc20 (FEDORA-2014-0154) Mailing list manager with built in Web access -------------------------------------------------------------------------------- Update Information:
Add setgid for /usr/lib/mailman/mail/mailman. Fix bug caused by RPM change in setgid handling. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Jan Kaluza jkaluza@redhat.com - 3:2.1.15-17 - fix #1043677 - fix setgid for /usr/lib/mailman/mail/mailman * Wed Dec 18 2013 Jan Kaluza jkaluza@redhat.com - 3:2.1.15-16 - fix #1043677 - fix setgid for cgi binaries -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1043677 - mailman cgi scripts lack setgid bit https://bugzilla.redhat.com/show_bug.cgi?id=1043677 --------------------------------------------------------------------------------
================================================================================ nx-libs-3.5.0.21-5.fc20 (FEDORA-2014-0142) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information:
Provide /usr/share/X11/xkb/keymap.dir so nxagent can find keymap dir (bug #1033876) -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.21-5 - Provide /usr/share/X11/xkb/keymap.dir so nxagent can find keymap dir (bug #1033876) * Thu Oct 10 2013 Orion Poplawski orion@cora.nwra.com - 3.5.0.21-4 - Do not build/ship unneeded xlib18n libs -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1033876 - x2go session does not set correct keyboard type https://bugzilla.redhat.com/show_bug.cgi?id=1033876 --------------------------------------------------------------------------------
================================================================================ parcellite-1.1.7-2.fc20 (FEDORA-2013-22534) A lightweight GTK+ clipboard manager -------------------------------------------------------------------------------- Update Information:
This update fixes a problem with two duplicate action keys, several translation issues and a crash that occurred when right-clicking empty lines in the history. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Christoph Wickert cwickert@fedoraproject.org - 1.1.7-2 - Add 6 upstream patches to fix three segfaults (#1038899 is one of them), case-sensitive search, search-as-you-type and updates Russian translations * Wed Oct 16 2013 Christoph Wickert cwickert@fedoraproject.org - 1.1.7-1 - Update to 1.1.7 (#1019649) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #913586 - [abrt] parcellite-1.1.4-1.fc18: _dbus_abort: Process /usr/bin/parcellite was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=913586 [ 2 ] Bug #949190 - [abrt] parcellite-1.1.4-1.fc18: g_malloc0: Process /usr/bin/parcellite was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=949190 [ 3 ] Bug #1019649 - parcellite-1.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1019649 [ 4 ] Bug #1038899 - [abrt] parcellite-1.1.7-1.fc19: set_keys_from_prefs: Process /usr/bin/parcellite was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1038899 --------------------------------------------------------------------------------
================================================================================ perl-Encode-2.54-2.fc20 (FEDORA-2014-0150) Character encodings in Perl -------------------------------------------------------------------------------- Update Information:
Passing non-string argument to decode_utf8() returned random data. This release fixes it to return stringified value of the argument. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Petr Pisar ppisar@redhat.com - 1:2.54-2 - Stringify all decode_utf8() arguments (bug #1048134) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1048134 - decode_utf8() returns gibberish on non-string value https://bugzilla.redhat.com/show_bug.cgi?id=1048134 --------------------------------------------------------------------------------
================================================================================ perl-Perl-Critic-Tics-0.008-1.fc20 (FEDORA-2014-0164) Policies for things that make me wince -------------------------------------------------------------------------------- Update Information:
This release avoids warnings about undefined variables. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Petr Pisar ppisar@redhat.com - 0.008-1 - 0.008 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1047216 - perl-Perl-Critic-Tics-0.008 is available https://bugzilla.redhat.com/show_bug.cgi?id=1047216 --------------------------------------------------------------------------------
================================================================================ php-sabre-dav-1.8.7-1.fc20 (FEDORA-2014-0134) WebDAV Framework for PHP -------------------------------------------------------------------------------- Update Information:
What is SabreDAV
SabreDAV allows you to easily add WebDAV support to a PHP application. SabreDAV is meant to cover the entire standard, and attempts to allow integration using an easy to understand API.
Feature list: * Fully WebDAV compliant * Supports Windows XP, Windows Vista, Mac OS/X, DavFSv2, Cadaver, Netdrive, Open Office, and probably more. * Passing all Litmus tests. * Supporting class 1, 2 and 3 Webdav servers. * Locking support. * Custom property support. * CalDAV (tested with Evolution, iCal, iPhone and Lightning). * CardDAV (tested with OS/X addressbook, the iOS addressbook and Evolution). * Over 97% unittest code coverage.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1047551 - Review Request: php-sabre-dav - WebDAV Framework for PHP https://bugzilla.redhat.com/show_bug.cgi?id=1047551 --------------------------------------------------------------------------------
================================================================================ php-sabre-vobject-2.1.3-1.fc20 (FEDORA-2014-0138) Library to parse and manipulate iCalendar and vCard objects -------------------------------------------------------------------------------- Update Information:
The VObject library allows you to easily parse and manipulate iCalendar and vCard objects using PHP. The goal of the VObject library is to create a very complete library, with an easy to use API.
This project is a spin-off from SabreDAV, where it has been used for several years. The VObject library has 100% unittest coverage.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1047532 - Review Request: php-sabre-vobject - Library to parse and manipulate iCalendar and vCard objects https://bugzilla.redhat.com/show_bug.cgi?id=1047532 --------------------------------------------------------------------------------
================================================================================ poppler-0.24.3-3.fc20 (FEDORA-2014-0156) PDF rendering library -------------------------------------------------------------------------------- Update Information:
Use correct format string for a syntax error.
-------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Marek Kasik mkasik@redhat.com - 0.24.3-3 - Use correct format string - Resolves: #1048202 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1048199 - poppler: DoS due to a format string error https://bugzilla.redhat.com/show_bug.cgi?id=1048199 --------------------------------------------------------------------------------
================================================================================ python-libcloud-0.13.3-1.fc20 (FEDORA-2014-0129) A Python library to address multiple cloud provider APIs -------------------------------------------------------------------------------- Update Information:
Security Fix - BUG: 1047867 1047868 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Daniel Bruno dbruno@fedoraproject.org - 0.13.3-1 - Security Fix - BUG: 1047867 1047868 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1047867 - CVE-2013-6480 python-libcloud: doesn't send scrub_data query parameter when destroying a DigitalOcean node https://bugzilla.redhat.com/show_bug.cgi?id=1047867 --------------------------------------------------------------------------------
================================================================================ pywbem-0.7.0-23.20131121svn626.fc20 (FEDORA-2014-0162) Python WBEM Client and Provider Interface -------------------------------------------------------------------------------- Update Information:
Skip hostname check when no verification is desired. Work around M2Crypto's inability to handle unicode strings. Adjusted default certificate paths. Fixed TOCTOU vulnerability in certificate validation. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Michal Minar miminar@redhat.com 0.7.0-23.20131121svn656 - Skip hostname check when no verification is desired. * Fri Dec 27 2013 Michal Minar miminar@redhat.com 0.7.0-22.20131121svn656 - Work around M2Crypto's inability to handle unicode strings. * Wed Dec 18 2013 Michal Minar miminar@redhat.com 0.7.0-21.20131121svn656 - Adjusted default certificates paths searched for cert validation. * Tue Dec 17 2013 Michal Minar miminar@redhat.com 0.7.0-20.20131121svn656 - Tweaked the ssl_verify_host patch. * Mon Dec 16 2013 Michal Minar miminar@redhat.com 0.7.0-18.20131121svn656 - Fixes TOCTOU vulnerability in certificate validation. - Resolves: rhbz#1026891 --------------------------------------------------------------------------------
================================================================================ quiterss-0.14.2-1.fc20 (FEDORA-2014-0140) RSS/Atom aggregator -------------------------------------------------------------------------------- Update Information:
Version bump. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 TI_Eugene ti.eugene@gmail.com - 0.14.2-1 - Version bump --------------------------------------------------------------------------------
================================================================================ xfig-3.2.5-38.b.fc20 (FEDORA-2014-0153) An X Window System tool for drawing basic vector graphics -------------------------------------------------------------------------------- Update Information:
Fix crash when creating lines with linestyle 3 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 3 2014 Michal Srb msrb@redhat.com - 3.2.5-38.b - Fix crash when creating lines with linestyle 3 - Resolves: rhbz#1023744 (Thanks to Maurizio Paolini and David Kaufmann) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1023744 - xfig crashes when creating lines with linestyle 4 https://bugzilla.redhat.com/show_bug.cgi?id=1023744 --------------------------------------------------------------------------------