The following Fedora 21 Security updates need testing:
Age URL
77 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-…
73 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.f…
69 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.…
66 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1…
63 https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.2…
53 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
47 https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2-1…
45 https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.…
43 https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21
29 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2…
22 https://admin.fedoraproject.org/updates/FEDORA-2015-1803/fcgi-2.4.0-26.fc21
14 https://admin.fedoraproject.org/updates/FEDORA-2015-2055/openldap-2.4.40-3.…
13 https://admin.fedoraproject.org/updates/FEDORA-2015-2101/drupal7-views-3.10…
8 https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2584/echoping-6.1-0.bet…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.…
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2729/qpid-cpp-0.30-12.f…
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2710/lftp-4.5.4-4.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2746/cabextract-1.5-1.f…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2863/libpng10-1.0.63-1.…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2828/suricata-2.0.7-1.f…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2895/qt-4.8.6-25.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2849/drupal7-entity-1.6…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2886/qt3-3.3.8b-62.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2893/gnupg-1.4.19-1.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2015-2238/libquvi-scripts-0.…
11 https://admin.fedoraproject.org/updates/FEDORA-2015-2145/tigervnc-1.4.2-1.f…
10 https://admin.fedoraproject.org/updates/FEDORA-2015-2266/vino-3.14.2-1.fc21
9 https://admin.fedoraproject.org/updates/FEDORA-2015-2306/device-mapper-mult…
8 https://admin.fedoraproject.org/updates/FEDORA-2015-2359/kde-settings-21-3.…
8 https://admin.fedoraproject.org/updates/FEDORA-2015-2351/gtkspell3-3.0.7-1.…
8 https://admin.fedoraproject.org/updates/FEDORA-2015-2347/krb5-1.12.2-14.fc21
7 https://admin.fedoraproject.org/updates/FEDORA-2015-2419/colord-1.2.9-1.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-2460/perl-Pod-Usage-1.6…
5 https://admin.fedoraproject.org/updates/FEDORA-2015-2463/xorg-x11-drv-evdev…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2602/abrt-2.3.0-4.fc21,…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2609/ibus-1.5.10-1.fc21
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2615/libjpeg-turbo-1.3.…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2505/xdg-utils-1.1.0-0.…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2511/e2fsprogs-1.42.12-…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2475/satyr-0.16-1.fc21
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2489/initscripts-9.56.1…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2545/perl-Getopt-Long-2…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2543/bind-9.9.6-8.P1.fc…
3 https://admin.fedoraproject.org/updates/FEDORA-2015-2502/setup-2.9.0-4.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2743/spatialite-tools-4…
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2694/glib2-2.42.2-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-2733/selinux-policy-3.1…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2890/librsvg2-2.40.8-1.…
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2895/qt-4.8.6-25.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-2837/glibc-2.20-8.fc21
The following builds have been pushed to Fedora 21 updates-testing
BibTool-2.58-1.fc21
antimicro-2.11.1-1.fc21
calligra-2.9.0-1.fc21
calligra-l10n-2.9.0-1.fc21
czmq-2.2.0-3.fc21
darkhttpd-1.11-1.fc21
dbmail-3.2.3-1.fc21
epiphany-3.14.2-4.fc21
gnupg-1.4.19-1.fc21
golang-github-evanphx-json-patch-0-0.1.gita1ba76c.fc21
librsvg2-2.40.8-1.fc21
libticonv-1.1.4-4.fc21
mate-themes-extras-3.14.6-2.fc21
okteta-4.14.3-3.fc21
parquet-format-2.1.0-1.fc21
puppet-3.7.1-2.fc21
qt-4.8.6-25.fc21
qt3-3.3.8b-62.fc21
seahorse-3.14.1-1.fc21
wine-1.7.37-1.fc21
Details about builds:
================================================================================
BibTool-2.58-1.fc21 (FEDORA-2015-2888)
A Tool for manipulating BibTeX data bases
--------------------------------------------------------------------------------
Update Information:
rebase to BibTool 2.58
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Michael J Gruber <mjg(a)fedoraproject.org> - 2.58-1
- rebase to BibTool 2.58
- drop obsolete patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1133194 - BibTool-2.58 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1133194
--------------------------------------------------------------------------------
================================================================================
antimicro-2.11.1-1.fc21 (FEDORA-2015-2902)
Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:
new upstream release v2.11.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Jeff Backus <jeff.backus(a)gmail.com> - 2.11.1-1
- new upstream release v2.11.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196447 - antimicro-2.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1196447
--------------------------------------------------------------------------------
================================================================================
calligra-2.9.0-1.fc21 (FEDORA-2015-2889)
An integrated office suite
--------------------------------------------------------------------------------
Update Information:
Calligra 2.9.0 release, see: https://www.calligra.org/news/calligra-2-9-released/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2015 Rex Dieter <rdieter(a)fedoraproject.org> 2.9.0-1
- 2.9.0
* Thu Feb 26 2015 Rex Dieter <rdieter(a)fedoraproject.org> 2.8.7-10
- rebuild (gcc5)
* Wed Feb 4 2015 Petr Machata <pmachata(a)redhat.com> - 2.8.7-9
- Bump for rebuild.
--------------------------------------------------------------------------------
================================================================================
calligra-l10n-2.9.0-1.fc21 (FEDORA-2015-2889)
Language files for calligra
--------------------------------------------------------------------------------
Update Information:
Calligra 2.9.0 release, see: https://www.calligra.org/news/calligra-2-9-released/
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Rex Dieter <rdieter(a)fedoraproject.org> 2.9.0-1
- 2.9.0 (-eu,-nds)
--------------------------------------------------------------------------------
================================================================================
czmq-2.2.0-3.fc21 (FEDORA-2015-2892)
High-level C binding for 0MQ (ZeroMQ)
--------------------------------------------------------------------------------
Update Information:
Renamed /usr/bin/makecert to avoid a file conflict (#1196483)
Update to 2.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-3
- Renamed /usr/bin/makecert to avoid a file conflict (#1196483)
* Fri Feb 20 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-2
- Add upstream patch eebf66a (0001-Use-_DEFAULT_SOURCE-instead-of-_BSD_SOURCE.patch)
* Tue Feb 17 2015 Jose Pedro Oliveira <jose.p.oliveira.oss at gmail.com> - 2.2.0-1
- Update to 2.2.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196483 - /usr/bin/makecert conflicts with mono
https://bugzilla.redhat.com/show_bug.cgi?id=1196483
--------------------------------------------------------------------------------
================================================================================
darkhttpd-1.11-1.fc21 (FEDORA-2015-2910)
A secure, lightweight, fast, single-threaded HTTP/1.1 server
--------------------------------------------------------------------------------
Update Information:
* Call setgroups() before setgid().
== Fedora package ==
* Fix erroneous %post section
* Add mimetype option for users in darkhttpd.sysconfig
* /bin/darkhttpd -> /sbin/darkhttpd
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 17 2015 Christopher Meng <rpm(a)cicku.me> - 1.11-1
- Update to 1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178330 - darkhttpd-1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1178330
--------------------------------------------------------------------------------
================================================================================
dbmail-3.2.3-1.fc21 (FEDORA-2015-2900)
A database backed mail storage system
--------------------------------------------------------------------------------
Update Information:
v 3.2.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.3-1
- v 3.2.3
- Introduce new systemd-rpm macros in dbmail spec file (bz #850081)
* Wed Sep 17 2014 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.0-1
- v 3.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #850081 - Introduce new systemd-rpm macros in dbmail spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850081
--------------------------------------------------------------------------------
================================================================================
epiphany-3.14.2-4.fc21 (FEDORA-2015-2891)
Web browser for GNOME
--------------------------------------------------------------------------------
Update Information:
Add patches to fix a few crashes
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Michael Catanzaro <mcatanzaro(a)gnome.org> - 1:3.14.2-4
- Add patches to fix a few crashes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196847 - [abrt] webkitgtk4: __strcmp_sse2_unaligned(): WebKitWebProcess killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1196847
--------------------------------------------------------------------------------
================================================================================
gnupg-1.4.19-1.fc21 (FEDORA-2015-2893)
A GNU utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
New upstream v1.4.19
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
- Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Brian C. Lane <bcl(a)redhat.com> 1.4.19-1
- New upstream v1.4.19
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
- Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
- Drop patches now included upstream
--------------------------------------------------------------------------------
================================================================================
golang-github-evanphx-json-patch-0-0.1.gita1ba76c.fc21 (FEDORA-2015-2898)
A Go library to apply RFC6902 patches to JSON documents
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196992 - Review Request: golang-github-evanphx-json-patch - A Go library to apply RFC6902 patches to JSON documents
https://bugzilla.redhat.com/show_bug.cgi?id=1196992
--------------------------------------------------------------------------------
================================================================================
librsvg2-2.40.8-1.fc21 (FEDORA-2015-2890)
An SVG library based on cairo
--------------------------------------------------------------------------------
Update Information:
Update to 2.40.8
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 David King <amigadave(a)amigadave.com> - 2.40.8-1
- Update to 2.40.8
- Use license macro for COPYING and COPYING.LIB
- Use pkgconfig for BuildRequires
- Add URL
--------------------------------------------------------------------------------
================================================================================
libticonv-1.1.4-4.fc21 (FEDORA-2015-2912)
Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
Update Information:
Texas Instruments calculators charsets library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186494 - Review Request: libticonv - Texas Instruments calculators charsets library
https://bugzilla.redhat.com/show_bug.cgi?id=1186494
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-3.14.6-2.fc21 (FEDORA-2015-2908)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
- re-work of submarine themes GTK3
- disable spinner animation to avoid high cpu load , all themes
- some improvements for GnomishBeige
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 3.14.6.2
- build with a fixed tarball
* Sat Feb 28 2015 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 3.14.6.1
- update to 3.14.6 release
- re-work of submarine themes GTK3
- disable spinner animation to avoid high cpu load , all themes
- some improvements for GnomishBeige
--------------------------------------------------------------------------------
================================================================================
okteta-4.14.3-3.fc21 (FEDORA-2015-2905)
Binary/hex editor
--------------------------------------------------------------------------------
Update Information:
Fix availability of algorithms in checksum tool.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.14.3-3
- lack of algorithms in checksum tool (#1197339)
* Sat Jan 17 2015 Rex Dieter <rdieter(a)fedoraproject.org> 4.14.3-2
- kde-applications fixes, cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197339 - lack of algorithms in checksum tool
https://bugzilla.redhat.com/show_bug.cgi?id=1197339
--------------------------------------------------------------------------------
================================================================================
parquet-format-2.1.0-1.fc21 (FEDORA-2015-2885)
Columnar file format for Hadoop
--------------------------------------------------------------------------------
Update Information:
Initial import (#1073014).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1073014 - Review Request: parquet-format - Columnar file format for Hadoop
https://bugzilla.redhat.com/show_bug.cgi?id=1073014
--------------------------------------------------------------------------------
================================================================================
puppet-3.7.1-2.fc21 (FEDORA-2015-2899)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
Use systemd macros (RHBZ #1197239)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Haïkel Guémar <hguemar(a)fedoraproject.org> - 3.7.1-2
- Use systemd macros (RHBZ #1197239)
* Tue Sep 30 2014 Orion Poplawski <orion(a)cora.nwra.com> - 3.7.1-1
- Drop server deps and configuration changes (bug #1144298)
* Wed Sep 17 2014 Jeroen van Meeuwen <vanmeeuwen(a)kolabsys.com> - 3.7.1-1
- Update to 3.7.1
* Tue Aug 19 2014 Lukas Zapletal <lzap+rpm(a)redhat.com> 3.6.2-3
- 1131398 - added start-puppet-ca SELinux wrapper binary
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197239 - Unknown operation '/bin/systemctl' on puppet %preun
https://bugzilla.redhat.com/show_bug.cgi?id=1197239
--------------------------------------------------------------------------------
================================================================================
qt-4.8.6-25.fc21 (FEDORA-2015-2895)
Qt toolkit
--------------------------------------------------------------------------------
Update Information:
DoS vulnerability in the BMP image handler (CVE-2015-0295)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-25
- DoS vulnerability in the BMP image handler (CVE-2015-0295)
* Mon Feb 16 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-24
- more gcc5 detection fixes, in particular, ensure same QT_BUILD_KEY as gcc4 for now
* Fri Feb 13 2015 Rex Dieter <rdieter(a)fedoraproject.org> - 1:4.8.6-23
- Qt: FTBFS with gcc5 (#1192464)
- Make Adwaita the default theme for applications running in the GNOME DE (#1192453)
* Wed Feb 11 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-22
- rebuild (gcc5)
* Thu Jan 29 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-21
- refresh boost/moc patch (QTBUG-22829)
* Sun Jan 18 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-20
- fix %pre scriptlet (#1183299)
* Sat Jan 17 2015 Rex Dieter <rdieter(a)fedoraproject.org> 1:4.8.6-19
- ship /etc/xdg/qtchooser/4.conf alternative instead (of qt4.conf)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197273 - CVE-2015-0295 QT: BMP image handler crash
https://bugzilla.redhat.com/show_bug.cgi?id=1197273
--------------------------------------------------------------------------------
================================================================================
qt3-3.3.8b-62.fc21 (FEDORA-2015-2886)
The shared library for the Qt 3 GUI toolkit
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2015-0295, a division by zero when loading some specific invalid BMP/DIB image files, which could be exploited for denial of service (application crash) attacks. The security patch is backported from Qt 4.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 Kevin Kofler <Kevin(a)tigcc.ticalc.org> - 3.3.8b-62
- backport CVE-2015-0295 (BMP image handler DoS, #1197275) fix from Qt 4
* Fri Feb 27 2015 Rex Dieter <rdieter(a)fedoraproject.org> 3.3.8b-61
- rebuild (gcc5)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1197273 - CVE-2015-0295 QT: BMP image handler crash
https://bugzilla.redhat.com/show_bug.cgi?id=1197273
--------------------------------------------------------------------------------
================================================================================
seahorse-3.14.1-1.fc21 (FEDORA-2015-2903)
A GNOME application for managing encryption keys
--------------------------------------------------------------------------------
Update Information:
Update to 3.14.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 28 2015 David King <amigadave(a)amigadave.com> - 3.14.1-1
- Update to 3.14.1
- Update URL
- Use license macro for COPYING and COPYING.LIB
- Use pkgconfig for BuildRequires
- Update man page glob in files section
- Validate AppData in check
--------------------------------------------------------------------------------
================================================================================
wine-1.7.37-1.fc21 (FEDORA-2015-2911)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
What's new in this release:
* Interface change notifications.
* Support for the UTF-7 encoding.
* A number of graphical fixes for themed controls.
* Wininet now implemented on top of Win32 sockets.
* Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 22 2015 Andreas Bierfert <andreas.bierfert(a)lowlatency.de>
- 1.7.37-1
- version upgrade
--------------------------------------------------------------------------------