The following Fedora 20 Security updates need testing: Age URL 183 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 77 https://admin.fedoraproject.org/updates/FEDORA-2014-9474/pipelight-0.2.7.3-3... 52 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20 52 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.2... 37 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-20... 29 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc2... 20 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc2... 15 https://admin.fedoraproject.org/updates/FEDORA-2014-12991/deluge-1.3.10-1.fc... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13574/php-Smarty-3.1.21-... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13720/wss4j-1.6.17-1.fc2... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13783/hostapd-2.3-1.fc20 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13781/subscription-manag... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13777/Pound-2.6-8.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13879/xml-security-1.5.7... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14091/wget-1.16-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14033/qemu-1.6.2-10.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14058/mokutil-0.2.0-1.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14069/pidgin-2.10.10-1.f... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14113/tnftp-20141031-1.f... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-13791/konversation-1.5-7...
The following Fedora 20 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2014-13348/libpcap-1.5.3-2.fc... 11 https://admin.fedoraproject.org/updates/FEDORA-2014-13377/libfm-1.2.3-1.fc20... 10 https://admin.fedoraproject.org/updates/FEDORA-2014-13448/libsoup-2.44.2-2.f... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-13575/xulrunner-33.0-2.f... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-13756/sddm-0.10.0-2.fc20 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13875/python-nss-0.16.0-... 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13873/device-mapper-pers... 3 https://admin.fedoraproject.org/updates/FEDORA-2014-13775/ibus-1.5.9-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14080/perl-5.18.4-291.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14032/systemd-208-26.fc2...
The following builds have been pushed to Fedora 20 updates-testing
atlas-3.8.4-12.fc20 dyninst-8.2.1-1.fc20 golang-github-cpuguy83-go-md2man-1-2.fc20 nodejs-seq-0.3.5-3.fc20 pdns-recursor-3.6.2-1.fc20 perl-Email-Sender-1.300016-1.fc20 perl-Locale-Maketext-Fuzzy-0.11-1.fc20 perl-Net-DNS-SEC-0.21-1.fc20 perl-qpid-0.30-1.fc20 python-qpid_messaging-0.30-1.fc20 qpid-cpp-0.30-3.fc20 stunnel-5.06-1.fc20 tnftp-20141031-1.fc20 wget-1.16-1.fc20
Details about builds:
================================================================================ atlas-3.8.4-12.fc20 (FEDORA-2014-14136) Automatically Tuned Linear Algebra Software -------------------------------------------------------------------------------- Update Information:
added pkgconfig file -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 24 2014 Frantisek Kluknavsky fkluknav@redhat.com - 3.8.4-12 - added pkgconfig file - disabled cpu throttling detection to be able to rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1062023 - Atlas should have rpm macros https://bugzilla.redhat.com/show_bug.cgi?id=1062023 --------------------------------------------------------------------------------
================================================================================ dyninst-8.2.1-1.fc20 (FEDORA-2014-14103) An API for Run-time Code Generation -------------------------------------------------------------------------------- Update Information:
Update to point release 8.2.1. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 Josh Stone jistone@redhat.com - 8.2.1-1 - Update to point release 8.2.1. --------------------------------------------------------------------------------
================================================================================ golang-github-cpuguy83-go-md2man-1-2.fc20 (FEDORA-2014-14085) Process markdown into manpages -------------------------------------------------------------------------------- Update Information:
Resolves: rhbz#1156492 - initial fedora upload -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1156492 - Review Request: golang-github-cpuguy83-go-md2man - Process markdown into manpages https://bugzilla.redhat.com/show_bug.cgi?id=1156492 --------------------------------------------------------------------------------
================================================================================ nodejs-seq-0.3.5-3.fc20 (FEDORA-2014-14099) An asynchronous flow control library -------------------------------------------------------------------------------- Update Information:
Initial package. Fix chainsaw module dependency version Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1142050 - Review Request: nodejs-seq - An asynchronous flow control library https://bugzilla.redhat.com/show_bug.cgi?id=1142050 --------------------------------------------------------------------------------
================================================================================ pdns-recursor-3.6.2-1.fc20 (FEDORA-2014-14109) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information:
- Update to 3.6.2 - Enable security status polling
Version 3.6.2 is a bugfix update to 3.6.1. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 Morten Stevens mstevens@imt-systems.com - 3.6.2-1 - Update to 3.6.2 - Enable security status polling --------------------------------------------------------------------------------
================================================================================ perl-Email-Sender-1.300016-1.fc20 (FEDORA-2014-14116) A library for sending email -------------------------------------------------------------------------------- Update Information:
Update to the latest version -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 Jitka Plesnikova jplesnik@redhat.com - 1.300016-1 - 1.300016 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1159047 - Please update to at least v1.300011 https://bugzilla.redhat.com/show_bug.cgi?id=1159047 --------------------------------------------------------------------------------
================================================================================ perl-Locale-Maketext-Fuzzy-0.11-1.fc20 (FEDORA-2014-14108) Maketext from already interpolated strings -------------------------------------------------------------------------------- Update Information:
-------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 19 2013 Ralf Corsépius corsepiu@fedoraproject.org - 0.11-1 - Upstream upgrade. - Modernize spec. --------------------------------------------------------------------------------
================================================================================ perl-Net-DNS-SEC-0.21-1.fc20 (FEDORA-2014-14132) DNSSEC modules for Perl -------------------------------------------------------------------------------- Update Information:
Updated to 0.21, restores canonicalization of a RRSIG’s Signer Name -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 Paul Wouters pwouters@redhat.com - 0.21-1 - Updated to 0.21, restores canonicalization of a RRSIG’s Signer Name * Thu Aug 28 2014 Jitka Plesnikova jplesnik@redhat.com - 0.20-2 - Perl 5.20 rebuild --------------------------------------------------------------------------------
================================================================================ perl-qpid-0.30-1.fc20 (FEDORA-2014-14128) Perl bindings for the Qpid messaging framework -------------------------------------------------------------------------------- Update Information:
Rebased on Qpid 0.30 rebased. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 6 2014 Darryl L. Pierce dpierce@redhat.com - 0.30-1 - Rebased on Qpid 0.30 rebased. - Upstream tarball was renamed to qpid-cpp-#.##.tar.gz. * Wed Aug 27 2014 Jitka Plesnikova jplesnik@redhat.com - 0.28-7 - Perl 5.20 rebuild * Mon Aug 18 2014 Darryl L. Pierce dpierce@redhat.com - 0.28-6 - Fixed a typo in the requires. * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.28-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Aug 15 2014 Darryl L. Pierce dpierce@redhat.com - 0.28-4 - Updated the virtual package dependencies.
Thu Jun 12 2014 Peter Robinson pbrobinson@fedoraproject.org 0.28-3 - qpid-cpp now builds on ARM * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jun 5 2014 Darryl L. Pierce dpierce@redhat.com - 0.28-1 - Rebase on Qpid 0.28. - Changed the upstream tarball to be the monolithic Qpid sources. --------------------------------------------------------------------------------
================================================================================ python-qpid_messaging-0.30-1.fc20 (FEDORA-2014-14094) Python bindings for the Qpid messaging framework -------------------------------------------------------------------------------- Update Information:
Rebased on Qpid 0.30 release. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 6 2014 Darryl L. Pierce dpierce@redhat.com - 0.30-1 - Rebased on Qpid 0.30 release. - Changed upstream source tarball to the monolithic Qpid sources. * Mon Aug 18 2014 Darryl L. Pierce dpierce@redhat.com - 0.28-4 - Updated requires on virtual Qpid packages. * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.28-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jun 5 2014 Darryl L. Pierce dpierce@redhat.com - 0.28-1 - Rebased on Qpid 0.28. --------------------------------------------------------------------------------
================================================================================ qpid-cpp-0.30-3.fc20 (FEDORA-2014-14127) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information:
Enabled building the linear store. -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 14 2014 Darryl L. Pierce dpierce@redhat.com - 0.30-3 - Enabled building the linear store. - Added qpid-cpp-server-linearstore package. - QPID-6150: qpid-qls-analyze tool cannot find Python modules * Wed Oct 8 2014 Darryl L. Pierce dpierce@redhat.com - 0.30-2 - Readded the qpid-tools subpackage rather than moving it to a new package. * Thu Oct 2 2014 Darryl L. Pierce dpierce@redhat.com - 0.30-1 - Rebased on Qpid 0.30. - Upstream tarball filename changed from qpid-##.#.tar.gz to qpid-cpp-##.#.tar.gz. - qpid-tools moved out to a separate package. - Moved qpid-send and qpid-receive to the qpid-cpp-client-devel package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1159008 - juno qpid: install qpid-cpp-server' returned 1: Error: Package: qpid-cpp-client-0.30-3.fc21.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1159008 --------------------------------------------------------------------------------
================================================================================ stunnel-5.06-1.fc20 (FEDORA-2014-14102) An SSL-encrypting socket wrapper -------------------------------------------------------------------------------- Update Information:
New upstream release. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 17 2014 Avesh Agarwal avagarwa@redhat.com - 5.06-1 - New upstream release 5.06 - Addresses Poodle security issue * Wed Oct 8 2014 Avesh Agarwal avagarwa@redhat.com - 5.05b5-1 - rhbz #1144393: New upstream beta release - systemd socket activation support --------------------------------------------------------------------------------
================================================================================ tnftp-20141031-1.fc20 (FEDORA-2014-14113) FTP (File Transfer Protocol) client from NetBSD -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2014-8517 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 David Cantrell dcantrell@redhat.com - 20141031-1 - Upgrade to tnftp-20141031 to fix CVE-2014-8517 (#1158287) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1158286 - CVE-2014-8517 tnftp: ftp client could be forced to execute arbitrary commands https://bugzilla.redhat.com/show_bug.cgi?id=1158286 --------------------------------------------------------------------------------
================================================================================ wget-1.16-1.fc20 (FEDORA-2014-14091) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information:
Security update -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 31 2014 Tomas Hozza thozza@redhat.com - 1.16-1 - update to 1.16 - fixes CVE-2014-4877 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1139181 - CVE-2014-4877 wget: FTP symlink arbitrary filesystem access https://bugzilla.redhat.com/show_bug.cgi?id=1139181 --------------------------------------------------------------------------------