The following Fedora 20 Security updates need testing: Age URL 169 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.2... 124 https://admin.fedoraproject.org/updates/FEDORA-2015-1718/389-admin-1.1.38-1.... 107 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.3... 92 https://admin.fedoraproject.org/updates/FEDORA-2015-3417/389-ds-base-1.3.2.2... 87 https://admin.fedoraproject.org/updates/FEDORA-2015-3738/ImageMagick-6.8.6.3... 74 https://admin.fedoraproject.org/updates/FEDORA-2015-4672/quassel-0.11.0-2.fc... 59 https://admin.fedoraproject.org/updates/FEDORA-2015-5970/asterisk-11.17.1-1.... 59 https://admin.fedoraproject.org/updates/FEDORA-2015-5978/krb5-1.11.5-20.fc20 52 https://admin.fedoraproject.org/updates/FEDORA-2015-6339/realmd-0.14.6-6.fc2... 40 https://admin.fedoraproject.org/updates/FEDORA-2015-7231/libarchive-3.1.2-8.... 38 https://admin.fedoraproject.org/updates/FEDORA-2015-7302/drupal7-views-3.11-... 26 https://admin.fedoraproject.org/updates/FEDORA-2015-8159/rawstudio-2.1-0.1.2... 17 https://admin.fedoraproject.org/updates/FEDORA-2015-8142/cabal-install-1.16.... 17 https://admin.fedoraproject.org/updates/FEDORA-2015-8727/fail2ban-0.9.2-1.fc... 14 https://admin.fedoraproject.org/updates/FEDORA-2015-8777/ntfs-3g-2015.3.14-2... 14 https://admin.fedoraproject.org/updates/FEDORA-2015-8782/fuse-2.9.4-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-9163/fossil-1.33-1.fc20 9 https://admin.fedoraproject.org/updates/FEDORA-2015-9161/nss-util-3.19.1-1.0... 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9388/libreswan-3.13-1.fc... 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.f... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-9527/armacycles-ad-0.2.8... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-9500/xen-4.3.4-5.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2015-9604/python-django14-1.4... 1 https://admin.fedoraproject.org/updates/FEDORA-2015-9625/mbedtls-1.3.11-1.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2015-9649/libwmf-0.2.8.4-43.f...
The following Fedora 20 Critical Path updates have yet to be approved: Age URL 107 https://admin.fedoraproject.org/updates/FEDORA-2015-0951/xdg-utils-1.1.0-0.3... 12 https://admin.fedoraproject.org/updates/FEDORA-2015-8614/gnome-documents-3.1... 9 https://admin.fedoraproject.org/updates/FEDORA-2015-9131/cdrkit-1.1.11-23.fc... 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9379/perl-Getopt-Long-2.... 4 https://admin.fedoraproject.org/updates/FEDORA-2015-9371/openssl-1.0.1e-43.f... 3 https://admin.fedoraproject.org/updates/FEDORA-2015-9452/gnupg2-2.0.28-1.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2015-8911/kdelibs-4.14.9-2.fc...
The following builds have been pushed to Fedora 20 updates-testing
erfa-1.2.0-1.fc20 getmail-4.48.0-1.fc20 hawaii-widget-styles-0.4.0-1.fc20 homebank-5.0.3-1.fc20 kde-baseapps-15.04.2-1.fc20 kde-runtime-15.04.2-1.fc20 kdelibs-4.14.9-2.fc20 kdepimlibs-4.14.9-1.fc20 libwmf-0.2.8.4-43.fc20 osbs-0.11-1.fc20 oxygen-icon-theme-15.04.2-1.fc20 phoronix-test-suite-5.8.0-0.fc20 python-exif-2.1.1-1.fc20 python-ipaddress-1.0.7-2.fc20 rpkg-1.35-2.fc20
Details about builds:
================================================================================ erfa-1.2.0-1.fc20 (FEDORA-2015-9670) Essential Routines for Fundamental Astronomy -------------------------------------------------------------------------------- Update Information:
This version of ERFA (v1.2.0) is based on SOFA version "20150209_a". Includes 2015-Jun-30 leap second correction. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 29 2015 Sergio Pascual <sergiopr at fedoraproject.org> - 1.2.0-1 - New upstream version (1.2.0) (includes 2015-Jun-30 leap second) --------------------------------------------------------------------------------
================================================================================ getmail-4.48.0-1.fc20 (FEDORA-2015-9690) POP3, IMAP4 and SDPS mail retriever with Maildir delivery -------------------------------------------------------------------------------- Update Information:
Upstream 4.48.0 release -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 6 2015 Markus Mayer lotharlutz@gmx.de - 4.48.0-1 - Upstream 4.48.0 release --------------------------------------------------------------------------------
================================================================================ hawaii-widget-styles-0.4.0-1.fc20 (FEDORA-2015-9655) Styles for applications using QtQuick Controls -------------------------------------------------------------------------------- Update Information:
- Update to latest version. --------------------------------------------------------------------------------
================================================================================ homebank-5.0.3-1.fc20 (FEDORA-2015-9647) Free easy personal accounting for all -------------------------------------------------------------------------------- Update Information:
Rebuilt for new upstream version 5.0.3, fixes rhbz #1228899 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 6 2015 Filipe Rosset rosset.filipe@gmail.com - 5.0.3-1 - Rebuilt for new upstream version 5.0.3, fixes rhbz #1228899 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1228899 - homebank-5.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1228899 --------------------------------------------------------------------------------
================================================================================ kde-baseapps-15.04.2-1.fc20 (FEDORA-2015-8911) KDE Core Applications -------------------------------------------------------------------------------- Update Information:
New stable/bugfix core kde4 runtime LTS release, see also: https://www.kde.org/announcements/announce-applications-15.04.2.php https://www.kde.org/announcements/announce-applications-15.04.1.php
-------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 2 2015 Rex Dieter rdieter@fedoraproject.org - 15.04.2-1 - 15.04.2 * Thu May 14 2015 Rex Dieter rdieter@fedoraproject.org 15.04.1-1 - 15.04.1 * Fri May 1 2015 Rex Dieter rdieter@fedoraproject.org 15.04.0-3 - Added folders to left panel "Places" disappear (#345174) * Wed Apr 15 2015 Rex Dieter rdieter@fedoraproject.org 15.04.0-2 - dolphin: Recommends: ruby (servicemenuinstallation) --------------------------------------------------------------------------------
================================================================================ kde-runtime-15.04.2-1.fc20 (FEDORA-2015-8911) KDE Runtime -------------------------------------------------------------------------------- Update Information:
New stable/bugfix core kde4 runtime LTS release, see also: https://www.kde.org/announcements/announce-applications-15.04.2.php https://www.kde.org/announcements/announce-applications-15.04.1.php
-------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 2 2015 Rex Dieter rdieter@fedoraproject.org - 15.04.2-1 - 15.04.2 * Sat May 30 2015 Rex Dieter rdieter@fedoraproject.org 15.04.1-2 - omit kdesu,khelpcenter where plasma5 is present (f22+) * Thu May 14 2015 Rex Dieter rdieter@fedoraproject.org 15.04.1-1 - 15.04.1 --------------------------------------------------------------------------------
================================================================================ kdelibs-4.14.9-2.fc20 (FEDORA-2015-8911) KDE Libraries -------------------------------------------------------------------------------- Update Information:
New stable/bugfix core kde4 runtime LTS release, see also: https://www.kde.org/announcements/announce-applications-15.04.2.php https://www.kde.org/announcements/announce-applications-15.04.1.php
-------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 4 2015 Rex Dieter rdieter@fedoraproject.org 6:4.14.9-2 - fix sonnect/hunspell dictionary paths * Thu Jun 4 2015 Rex Dieter rdieter@fedoraproject.org 6:4.14.9-1.1 - Revert upstream kplaces sync fix (<f22, #1228340) * Mon Jun 1 2015 Rex Dieter rdieter@fedoraproject.org 6:4.14.9-1 - 4.14.9 (kde-apps-15.04.2) * Thu May 14 2015 Rex Dieter rdieter@fedoraproject.org 6:4.14.8-1 - 4.14.8 * Fri May 1 2015 Rex Dieter rdieter@fedoraproject.org - 6:4.14.7-5 - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) --------------------------------------------------------------------------------
================================================================================ kdepimlibs-4.14.9-1.fc20 (FEDORA-2015-8911) KDE PIM Libraries -------------------------------------------------------------------------------- Update Information:
New stable/bugfix core kde4 runtime LTS release, see also: https://www.kde.org/announcements/announce-applications-15.04.2.php https://www.kde.org/announcements/announce-applications-15.04.1.php
-------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 2 2015 Rex Dieter rdieter@fedoraproject.org - 4.14.9-1 - 4.14.9 * Thu May 14 2015 Rex Dieter rdieter@fedoraproject.org 4.14.8-1 - 4.14.8 --------------------------------------------------------------------------------
================================================================================ libwmf-0.2.8.4-43.fc20 (FEDORA-2015-9649) Windows MetaFile Library -------------------------------------------------------------------------------- Update Information:
CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-0848 heap overflow when decoding BMP images -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 8 2015 Caolán McNamara caolanm@redhat.com - 0.2.8.4-43 - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images * Tue Jun 2 2015 Caolán McNamara caolanm@redhat.com - 0.2.8.4-42 - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images * Sat Feb 21 2015 Till Maas opensource@till.name - 0.2.8.4-41 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-ind... * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.8.4-40 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.8.4-39 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1227243 - CVE-2015-0848 libwmf: heap overflow when decoding BMP images https://bugzilla.redhat.com/show_bug.cgi?id=1227243 --------------------------------------------------------------------------------
================================================================================ osbs-0.11-1.fc20 (FEDORA-2015-9465) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information:
This update:
- adds new command - container-build - to support building container images via osbs client[1] and containerbuild plugin in Koji[2]. - has a lot of lookaside code refactoring supported by unit tests (by bochecha). - adds long --verbose option to -v and new --debug and -d option to get tracebacks
Note: Fedora currently doesn't have OpenShift builders nor container build support in Koji so container-build doesn't really work with fedpkg. But with this update rpkg requires osbs package therefore it is bundled with this update.
[1] https://github.com/DBuildService/osbs
[2] https://github.com/release-engineering/koji-containerbuild -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 3 2015 Martin Milata mmilata@redhat.com - 0.11-1 - new upstream release: 0.11 * Thu May 28 2015 Tomas Tomecek ttomecek@redhat.com - 0.10-1 - new upstream release: 0.10 * Thu May 28 2015 Tomas Tomecek ttomecek@redhat.com - 0.9-1 - new upstream release: 0.9 * Thu May 21 2015 Jiri Popelka jpopelka@redhat.com - 0.6-2 - fix %license handling * Thu May 21 2015 Tomas Tomecek ttomecek@redhat.com - 0.6-1 - new upstream release: 0.6 * Tue May 19 2015 Tomas Tomecek ttomecek@redhat.com - 0.5-1 - new upstream release: 0.5 * Tue May 12 2015 Slavek Kabrda bkabrda@redhat.com - 0.4-2 - Introduce python-osbs subpackage - move /usr/bin/osbs to /usr/bin/osbs2, /usr/bin/osbs is now a symlink - depend on python[3]-setuptools because of entrypoints usage --------------------------------------------------------------------------------
================================================================================ oxygen-icon-theme-15.04.2-1.fc20 (FEDORA-2015-8911) Oxygen icon theme -------------------------------------------------------------------------------- Update Information:
New stable/bugfix core kde4 runtime LTS release, see also: https://www.kde.org/announcements/announce-applications-15.04.2.php https://www.kde.org/announcements/announce-applications-15.04.1.php
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 1 2015 Rex Dieter rdieter@fedoraproject.org 15.04.2-1 - 15.04.2 * Thu May 14 2015 Rex Dieter rdieter@fedoraproject.org 15.04.1-1 - 15.04.1 --------------------------------------------------------------------------------
================================================================================ phoronix-test-suite-5.8.0-0.fc20 (FEDORA-2015-9642) An Automated, Open-Source Testing Framework -------------------------------------------------------------------------------- Update Information:
new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 6 2015 Markus Mayer lotharlutz@gmx.de 5.8.0-0 - new upstream release --------------------------------------------------------------------------------
================================================================================ python-exif-2.1.1-1.fc20 (FEDORA-2015-9637) Python module to extract EXIF information -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release exif-py 2.1.1.
-------------------------------------------------------------------------------- ChangeLog:
* Sun Jun 7 2015 Terje Rosten terje.rosten@ntnu.no - 2.1.1-1 - 2.1.1 --------------------------------------------------------------------------------
================================================================================ python-ipaddress-1.0.7-2.fc20 (FEDORA-2015-9632) Port of the python 3.3+ ipaddress module to 2.6+ -------------------------------------------------------------------------------- Update Information:
Conflicts with python-ipaddr -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 6 2015 Nathaniel McCallum npmccallum@redhat.com - 1.0.7-2 - Add Conflicts: python-ipaddr --------------------------------------------------------------------------------
================================================================================ rpkg-1.35-2.fc20 (FEDORA-2015-9465) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information:
This update:
- adds new command - container-build - to support building container images via osbs client[1] and containerbuild plugin in Koji[2]. - has a lot of lookaside code refactoring supported by unit tests (by bochecha). - adds long --verbose option to -v and new --debug and -d option to get tracebacks
Note: Fedora currently doesn't have OpenShift builders nor container build support in Koji so container-build doesn't really work with fedpkg. But with this update rpkg requires osbs package therefore it is bundled with this update.
[1] https://github.com/DBuildService/osbs
[2] https://github.com/release-engineering/koji-containerbuild -------------------------------------------------------------------------------- ChangeLog:
* Tue May 26 2015 Dennis Gilmore dennis@ausil.us - 1.35-2 - pyrpkg Requires python-osbs * Tue May 26 2015 Pavol Babincak pbabinca@redhat.com - 1.35-1 - Test for scratch opt in the actual argument of container_build_koji (pbabinca) - Move the GitIgnore class to its own module (bochecha) - Modernize the gitignore-handling code (bochecha) - gitignore: Properly handle adding matching lines (bochecha) - Refactor: remove unnecessary code (pbabinca) - Move custom UnknownTargetError to errors module (pbabinca) - New command: container-build (jluza) - lookaside: Take over file uploads (bochecha) - Remove unnecessary log message (bochecha) - Stop making source files read-only (bochecha) - Drop some useless comments (bochecha) - Only report we're uploading when we actually are (bochecha) - lookaside: Check if a file already was uploaded (bochecha) - lookaside: Allow client-side and custom CA certificates (bochecha) - lookaside: Be more flexible when building the download URL (bochecha) - lookaside: Use the hashtype for the URL interpolation (bochecha) - lookaside: Add a progress callback (bochecha) - lookaside: Handle downloading of source files (bochecha) - lookaside: Move handling of file verification (bochecha) - lookaside: Move handling of file hashing (bochecha) - utils: Add a new warn_deprecated helper (bochecha) - Add a new lookaside module (bochecha) - Add a new utils module (bochecha) - Properly set the logger (bochecha) - Move our custom errors to their own module (bochecha) - Don't assume MD5 for the lookaside cache (bochecha) - Remove dead code (bochecha) - Use the proper exception syntax (bochecha) * Thu Apr 16 2015 Pavol Babincak pbabinca@redhat.com - 1.34-1 - tests: Don't use assertIsNone (bochecha) - tests: Don't use assertRaises as a context manager (bochecha) - Add long --verbose option to -v, new --debug and -d option (pbabinca) --------------------------------------------------------------------------------