The following Fedora 20 Security updates need testing:
Age URL
38
https://admin.fedoraproject.org/updates/FEDORA-2013-17866/chicken-4.8.0.4...
27
https://admin.fedoraproject.org/updates/FEDORA-2013-18705/phpMyAdmin-3.5....
19
https://admin.fedoraproject.org/updates/FEDORA-2013-19198/quassel-0.9.1-1...
12
https://admin.fedoraproject.org/updates/FEDORA-2013-19934/openstack-glanc...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-20138/mantis-1.2.15-3...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-20216/python-setuptoo...
7
https://admin.fedoraproject.org/updates/FEDORA-2013-19507/openstack-keyst...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20749/python-djblets-...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20687/krb5-1.11.3-29....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20779/wireshark-1.10....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20662/gnutls-3.1.16-1...
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
13
https://admin.fedoraproject.org/updates/FEDORA-2013-19861/libcomps-0.1.4-...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-20219/perl-Socket-2.0...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-20216/python-setuptoo...
6
https://admin.fedoraproject.org/updates/FEDORA-2013-20393/phonon-4.6.0-9....
4
https://admin.fedoraproject.org/updates/FEDORA-2013-20475/libevdev-0.4.1-...
3
https://admin.fedoraproject.org/updates/FEDORA-2013-20513/xorg-x11-drv-at...
3
https://admin.fedoraproject.org/updates/FEDORA-2013-20522/highlight-3.16....
2
https://admin.fedoraproject.org/updates/FEDORA-2013-20610/soprano-2.9.4-2...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-20596/gupnp-0.20.8-1....
2
https://admin.fedoraproject.org/updates/FEDORA-2013-20573/iso-codes-3.48-...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20780/libbluray-0.4.0...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20751/kbd-1.15.5-10.fc20
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20701/initial-setup-0...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20687/krb5-1.11.3-29....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20662/gnutls-3.1.16-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-20254/gnome-abrt-0.3....
The following builds have been pushed to Fedora 20 updates-testing
ReviewBoard-1.7.17-1.fc20
alienarena-7.66-1.fc20
ardour3-3.5.74-1.fc20
azureus-5.1.0.0-1.fc20
cmocka-0.3.2-1.fc20
drupal7-backup_migrate-2.8-1.fc20
drupal7-rules-2.6-1.fc20
hplip-3.13.11-1.fc20
kamoso-2.0.2-13.fc20
kbd-1.15.5-10.fc20
krb5-1.11.3-29.fc20
libbluray-0.4.0-1.fc20
libguestfs-1.24.1-2.fc20
libltc-1.1.2-1.fc20
mingw-hidapi-0.7.0-2.a88c724.fc20
mlpack-1.0.7-1.fc20
netcdf-4.3.0-6.fc20
ocaml-camlidl-1.05-19.fc20.1
open-vm-tools-9.4.0-1.fc20
openlmi-tools-0.9-3.fc20
perl-Coro-6.32-1.fc20
php-pear-HTTP-OAuth-0.3.1-1.fc20
python-alchimia-0.4-3.fc20
python-chai-0.4.5-1.fc20
python-djblets-0.7.23-1.fc20
qemu-1.6.1-1.fc20
recoll-1.19.8-1.fc20
rubygem-cinch-2.0.10-1.fc20
rubygem-equalizer-0.0.7-2.fc20
rubygem-ice_nine-0.10.0-2.fc20
rubygem-rails_autolink-1.1.4-2.fc20
rubygem-redis-namespace-1.3.1-1.fc20
rubygem-shoulda-context-1.1.6-1.fc20
sddm-0.2.0-0.19.20130914git50ca5b20.fc20
slingshot-0.8.1p-11.fc20
tcpflow-1.4.0-2.fc20
tetex-elsevier-0.1.20090917-11.fc20
thunderbird-lightning-2.6.2-3.fc20
tortoisehg-2.10-1.fc20
tubo-5.0.10-2.fc20
wireshark-1.10.3-2.fc20
xfce4-session-4.10.1-3.fc20
Details about builds:
================================================================================
ReviewBoard-1.7.17-1.fc20 (FEDORA-2013-20749)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
- New upstream security release 1.7.17
-
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom
``template_name`` pointing to a template for the configuration page, if it needs
additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the caches for
pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on the diff
viewer.
* Discarding, reopening and then closing a review request no longer makes the review
request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default package on
CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the
'can_edit_reviewrequest' permission in order to close or reopen review requests.
* Switching a repository from using a hosting service to Custom no longer reverts back
to the hosting service.
* Fixed editing a repository if its associated hosting service can't be loaded (such
as if an extension providing that hosting service is disabled).
* Many diff validation errors weren't being shown on the New Review Request page,
generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and won't
result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 1.7.17-1
- New upstream security release 1.7.17
-
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file
captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom
``template_name`` pointing to a template for the configuration page, if it
needs additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the
caches for pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on
the diff viewer.
* Discarding, reopening and then closing a review request no longer makes the
review request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default
package on CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the
'can_edit_reviewrequest' permission in order to close or reopen review
requests.
* Switching a repository from using a hosting service to Custom no longer
reverts back to the hosting service.
* Fixed editing a repository if its associated hosting service can't be
loaded (such as if an extension providing that hosting service is
disabled).
* Many diff validation errors weren't being shown on the New Review Request
page, generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and
won't result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk(a)gmail.com> - 1.7.16-2
- Update Djblets version
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk(a)redhat.com> - 1.7.15-2
- New upstream bugfix release 1.7.16
- Fixes a breakage when accessing the Review Group Users resource
- Fixes pagination in dashboard and similar pages
* Thu Oct 10 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 1.7.15-1
- New upstream security release 1.7.15
-
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/
- Resolves: CVE-2013-4410
- Fixes access-control problems with REST API
- Resolves: CVE-2013-4411
- Fixes URL processing allowing unauthorized users to view review lists
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1027010
--------------------------------------------------------------------------------
================================================================================
alienarena-7.66-1.fc20 (FEDORA-2013-20783)
Multiplayer retro sci-fi deathmatch game
--------------------------------------------------------------------------------
Update Information:
Add appdata, update to 7.66.
Updated autotools to 2.69 and added License: tag to alienarena-data package.
Added aarch64 by autoconf 2.69 and added License: entry to alienarena-data package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Tom Callaway <spot(a)fedoraproject.org> - 7.66-1
- update to 7.66
- add appdata file (bz 1023990)
* Wed Sep 4 2013 Chandler Wilkerson <chwilk(a)rice.edu> - 7.65-5
- Added aarch64 patch pending upstream move to autoconf 2.69 in next release (bz 924982)
- Tweaked license line of alienarena-data package to match license text. (bz 888201)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1023990 - Appdata file for Alien Arena
https://bugzilla.redhat.com/show_bug.cgi?id=1023990
[ 2 ] Bug #924982 - alienarena: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=924982
[ 3 ] Bug #888201 - Alienarena-data (Game data) is non-commercial use
https://bugzilla.redhat.com/show_bug.cgi?id=888201
--------------------------------------------------------------------------------
================================================================================
ardour3-3.5.74-1.fc20 (FEDORA-2013-20094)
Digital Audio Workstation
--------------------------------------------------------------------------------
Update Information:
Add ardour v3.x and libltc to Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #929044 - Ardour version 3 package request
https://bugzilla.redhat.com/show_bug.cgi?id=929044
[ 2 ] Bug #1022255 - Review Request: libltc - Linear/Longitudinal Time Code (LTC)
Library
https://bugzilla.redhat.com/show_bug.cgi?id=1022255
[ 3 ] Bug #1007099 - Review Request: ardour3 - Digital Audio Workstation
https://bugzilla.redhat.com/show_bug.cgi?id=1007099
--------------------------------------------------------------------------------
================================================================================
azureus-5.1.0.0-1.fc20 (FEDORA-2013-20767)
A BitTorrent Client
--------------------------------------------------------------------------------
Update Information:
Upgrade to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 5 2013 David Juran <djuran(a)redhat.com> - 5.1.0.0-1
- upgrade to 5.1.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1019019 - you need submit azureus-5.1.0.0-1.fc20 to bodhi reach Fedora 20
https://bugzilla.redhat.com/show_bug.cgi?id=1019019
--------------------------------------------------------------------------------
================================================================================
cmocka-0.3.2-1.fc20 (FEDORA-2013-20770)
Lightweight library to simplify and generalize unit tests for C
--------------------------------------------------------------------------------
Update Information:
Update to cmocka 0.3.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 - Andreas Schneider <asn(a)redhat.com> - 0.3.2-1
- Update to version 0.3.2.
- Include API documentation.
--------------------------------------------------------------------------------
================================================================================
drupal7-backup_migrate-2.8-1.fc20 (FEDORA-2013-20769)
Database backup, restore, and migrate module for Drupal 7
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.8 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2128465
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Peter Borsa <peter.borsa(a)gmail.com> - 2.8-1
- Update to upstream 2.8 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2128465
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027127 - drupal7-backup_migrate-2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1027127
--------------------------------------------------------------------------------
================================================================================
drupal7-rules-2.6-1.fc20 (FEDORA-2013-20782)
It allows site administrators to define conditionally executed actions
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.6 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2123171
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Peter Borsa <peter.borsa(a)gmail.com> - 2.6-1
- Update to upstream 2.6 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2123171
* Thu Sep 26 2013 Peter Borsa <peter.borsa(a)gmail.com> - 2.5-1
- Update to upstream 2.5 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2092781
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1024829 - drupal7-rules-2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1024829
--------------------------------------------------------------------------------
================================================================================
hplip-3.13.11-1.fc20 (FEDORA-2013-20752)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
New upstream release which adds support for several new printers.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Jiri Popelka <jpopelka(a)redhat.com> - 3.13.11-1
- 3.13.11
* Tue Oct 15 2013 Jaromír Končický <jkoncick(a)redhat.com> - 3.13.10-1
- 3.13.10: 8 patches applied upstream, big changes in tmp and log dirs, removed hp-mkuri
- Fixed Incorrect IEEE 1284 MFG value for LaserJet Professional P1102 (bug #1018826).
--------------------------------------------------------------------------------
================================================================================
kamoso-2.0.2-13.fc20 (FEDORA-2013-20778)
Application for taking pictures and videos from a webcam
--------------------------------------------------------------------------------
Update Information:
Fixed missing icons.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Alexey Kurov <nucleo(a)fedoraproject.org> - 2.0.2-13
- Requires: oxygen-icon-theme (#986964)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986964 - all Kamoso icons are missing
https://bugzilla.redhat.com/show_bug.cgi?id=986964
--------------------------------------------------------------------------------
================================================================================
kbd-1.15.5-10.fc20 (FEDORA-2013-20751)
Tools for configuring the console (keyboard, virtual terminals, etc.)
--------------------------------------------------------------------------------
Update Information:
Added PAM config for vlock.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 1.15.5-10
- Add PAM config for vlock
Resolves: #913309
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #913309 - vlock doesn't have a PAM configuration
https://bugzilla.redhat.com/show_bug.cgi?id=913309
--------------------------------------------------------------------------------
================================================================================
krb5-1.11.3-29.fc20 (FEDORA-2013-20687)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update incorporates a backported fix to make libgssapi_krb5's credential import
routines work better, which is needed by newer versions of gssproxy, and corrects a
packaging error which resulted in the /etc/gss directory not being owned by any packages.
Further, it incorporates a fix for a possible remotely-triggered crash in KDCs which are
configured to serve multiple realms at once (CVE-2013-1418).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-29
- incorporate upstream patch for remote crash of KDCs which serve multiple
realms simultaneously (RT#7756, CVE-2013-1418)
* Mon Nov 4 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-28
- drop patch to add additional access() checks to ksu - they add to breakage
when non-FILE: caches are in use (#1026099), shouldn't be resulting in any
benefit, and clash with proposed changes to fix its cache handling
* Tue Oct 22 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-27
- add some minimal description to the top of the wrapper scripts we use
when starting krb5kdc and kadmind to describe why they exist (tooling)
* Wed Oct 16 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-26
- create and own /etc/gss (#1019937)
* Tue Oct 15 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-25
- pull up fix for importing previously-exported credential caches in the
gssapi library (RT# 7706, #1019420)
* Mon Oct 14 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-24
- backport the callback to use the libkrb5 prompter when we can't load PEM
files for PKINIT (RT#7590, includes part of #965721/#1016690)
- extract the rest of the fix #965721/#1016690 from the changes for RT#7680
* Mon Oct 14 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-23
- fix trigger scriptlet's invocation of sed (#1016945)
* Fri Oct 4 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-22
- rebuild with keyutils 1.5.8 (part of #1012043)
* Wed Oct 2 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-21
- switch to the version of persistent-keyring that was just merged to
master (RT#7711), along with related changes to kinit (RT#7689)
- go back to setting default_ccache_name to a KEYRING type
* Mon Sep 30 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-20
- pull up fix for not calling a kdb plugin's check-transited-path
method before calling the library's default version, which only knows
how to read what's in the configuration file (RT#7709, #1013664)
* Thu Sep 26 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-19
- configure --without-krb5-config so that we don't pull in the old default
ccache name when we want to stop setting a default ccache name at configure-
time
* Wed Sep 25 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-18
- fix broken dependency on awk (should be gawk, rdieter)
* Wed Sep 25 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-17
- add missing dependency on newer keyutils-libs (#1012034)
* Tue Sep 24 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-16
- back out setting default_ccache_name to the new default for now, resetting
it to the old default while the kernel/keyutils bits get sorted (sgallagh)
* Mon Sep 23 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-15
- add explicit build-time dependency on a version of keyutils that's new
enough to include keyctl_get_persistent() (more of #991148)
* Thu Sep 19 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-14
- incorporate Simo's updated backport of his updated persistent-keyring changes
(more of #991148)
* Fri Sep 13 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-13
- don't break during %check when the session keyring is revoked
* Fri Sep 13 2013 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-12
- pull the newer F21 defaults back to F20 (sgallagh)
* Mon Sep 9 2013 Nalin Dahyabhai <nalin(a)redhat.com>
- only apply the patch to autocreate /run/user/0 when we're hard-wiring the
default ccache location to be under it; otherwise it's unnecessary
* Mon Sep 9 2013 Nalin Dahyabhai <nalin(a)redhat.com> 1.11.3-11
- don't let comments intended for one scriptlet become part of the "script"
that gets passed to ldconfig as part of another one (Mattias Ellert, #1005675)
* Fri Sep 6 2013 Nalin Dahyabhai <nalin(a)redhat.com> 1.11.3-10
- incorporate Simo's backport of his persistent-keyring changes (#991148)
- restore build-time default DEFCCNAME on Fedora 21 and later and EL, and
instead set default_ccache_name in the default krb5.conf's [libdefaults]
section (#991148)
- on releases where we expect krb5.conf to be configured with a
default_ccache_name, add it whenever we upgrade from an older version of
the package that wouldn't have included it in its default configuration
file (#991148)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1026942 - CVE-2013-1418 krb5: multi-realm KDC null dereference leads to
crash
https://bugzilla.redhat.com/show_bug.cgi?id=1026942
--------------------------------------------------------------------------------
================================================================================
libbluray-0.4.0-1.fc20 (FEDORA-2013-20780)
Library to access Blu-Ray disks for video playback
--------------------------------------------------------------------------------
Update Information:
Upstream changelog :
http://git.videolan.org/gitweb.cgi/libbluray.git/?p=libbluray.git;a=blob_...
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Xavier Bachelot <xavier(a)bachelot.org> 0.4.0-1
- Update to 0.4.0.
- Fix rpath issues with some test utilities.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1015755 - current version is 0.4.0
https://bugzilla.redhat.com/show_bug.cgi?id=1015755
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.24.1-2.fc20 (FEDORA-2013-20761)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
Adds new features from upstream virt-builder.
New stable branch version 1.24.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.24.1-2
- Backport virt-builder features from upstream at users [multiple] requests.
- Use git to manage patches, add copy-patches.sh script.
- +BR flex & bison.
- +BR xz-devel (for liblzma) to accelerate virt-builder.
* Fri Nov 1 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.24.1-1
- New upstream version 1.24.1.
* Tue Oct 22 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.24.0-2
- Don't use versioned jar file (RHBZ#1022133).
* Sat Oct 19 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.24.0-1
- New upstream version 1.24.0.
* Tue Oct 15 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.33-1
- New upstream version 1.23.33.
* Mon Oct 14 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.32-1
- New upstream version 1.23.32.
* Sun Oct 13 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.31-1
- New upstream version 1.23.31.
* Fri Oct 11 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.30-1
- New upstream version 1.23.30.
* Tue Oct 8 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.28-1
- New upstream version 1.23.28.
* Mon Oct 7 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.27-1
- New upstream version 1.23.27.
* Fri Oct 4 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.25-1
- New upstream version 1.23.25.
- Add virt-builder and its dependencies.
* Mon Sep 30 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.23-2
- New upstream version 1.23.23.
- Remove patch which is now upstream.
* Thu Sep 12 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.23.22-2
- Add patch to debug parallel tests.
--------------------------------------------------------------------------------
================================================================================
libltc-1.1.2-1.fc20 (FEDORA-2013-20094)
Linear/Longitudinal Time Code (LTC) Library
--------------------------------------------------------------------------------
Update Information:
Add ardour v3.x and libltc to Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #929044 - Ardour version 3 package request
https://bugzilla.redhat.com/show_bug.cgi?id=929044
[ 2 ] Bug #1022255 - Review Request: libltc - Linear/Longitudinal Time Code (LTC)
Library
https://bugzilla.redhat.com/show_bug.cgi?id=1022255
[ 3 ] Bug #1007099 - Review Request: ardour3 - Digital Audio Workstation
https://bugzilla.redhat.com/show_bug.cgi?id=1007099
--------------------------------------------------------------------------------
================================================================================
mingw-hidapi-0.7.0-2.a88c724.fc20 (FEDORA-2013-20760)
Library for communicating with USB and Bluetooth HID devices
--------------------------------------------------------------------------------
Update Information:
Initial build of mingw-hidapi package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1022317 - Review Request: mingw-hidapi - Library for communicating with USB
and Bluetooth HID devices
https://bugzilla.redhat.com/show_bug.cgi?id=1022317
--------------------------------------------------------------------------------
================================================================================
mlpack-1.0.7-1.fc20 (FEDORA-2013-20784)
Scalable, fast C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 3 2013 Ryan Curtin <gth671b(a)mail.gatech.edu> - 1.0.7-1
- Update to latest stable release.
--------------------------------------------------------------------------------
================================================================================
netcdf-4.3.0-6.fc20 (FEDORA-2013-20756)
Libraries for the Unidata network Common Data Form
--------------------------------------------------------------------------------
Update Information:
Enable hdf4 support
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 4 2013 Orion Poplawski <orion(a)cora.nwra.com> - 4.3.0-6
- Enable hdf4 support
--------------------------------------------------------------------------------
================================================================================
ocaml-camlidl-1.05-19.fc20.1 (FEDORA-2013-20758)
Stub code generator and COM binding for Objective Caml
--------------------------------------------------------------------------------
Update Information:
Add META file.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1.05-19.fc20.1
- Add META file (RHBZ#1026991).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1026991 - ocaml-camlidl does not install META file for use with findlib
https://bugzilla.redhat.com/show_bug.cgi?id=1026991
--------------------------------------------------------------------------------
================================================================================
open-vm-tools-9.4.0-1.fc20 (FEDORA-2013-20774)
Open Virtual Machine Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:
New stable version 9.4.0 from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Ravindra Kumar <ravindrakumar(a)vmware.com> - 9.4.0-1
- Package new upstream version open-vm-tools-9.4.0-1280544.
- Added CUSTOM_PROCPS_NAME=procps and -Wno-deprecated-declarations
for version 9.4.0.
--------------------------------------------------------------------------------
================================================================================
openlmi-tools-0.9-3.fc20 (FEDORA-2013-20785)
Set of CLI tools for Openlmi providers
--------------------------------------------------------------------------------
Update Information:
- fix instance deletion
- fix passing LMIInstance argumetns to method calls
Upgrade to v0.9.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Peter Hatina <phatina(a)redhat.com> - 0.9-3
- fix passing instance references to method call
* Wed Nov 6 2013 Peter Hatina <phatina(a)redhat.com> - 0.9-2
- fix instance deletion
* Mon Nov 4 2013 Peter Hatina <phatina(a)redhat.com> - 0.9-1
- upgrade to v0.9
* Wed Oct 23 2013 Peter Hatina <phatina(a)redhat.com> - 0.8-1
- upgrade to v0.8
--------------------------------------------------------------------------------
================================================================================
perl-Coro-6.32-1.fc20 (FEDORA-2013-20768)
The only real threads in perl
--------------------------------------------------------------------------------
Update Information:
This release fixes possible NULL pointer derefence with Perl 5.18.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Petr Pisar <ppisar(a)redhat.com> - 6.32-1
- 6.32 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027095 - perl-Coro-6.32 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1027095
--------------------------------------------------------------------------------
================================================================================
php-pear-HTTP-OAuth-0.3.1-1.fc20 (FEDORA-2013-20786)
Implementation of the OAuth spec
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
API changes:
* added $body parameter to HTTP_OAuth_Provider::__construct()
* added HTTP_OAuth_Provider::setBody()
* renamed HTTP_OAuth_Provider::getPostData() to getBody()
* made HTTP_OAuth_Provider::getBody() public
New features and bugs fixed:
* Fixed PEAR #17806. DELETE method is not supported.
* Fixed PEAR #18574. Avoid try-catch-rethrow.
* Fixed PEAR #18701. Only variables should be passed by reference.
* Fixed PEAR #18425. Array keys not decoded in HTTP_OAuth_Provider.
* Fixed PEAR #18431. Handle PUT requests better in HTTP_OAuth_Provider.
* Fixed PEAR #20106. rawBodyData always included in provider request.
* Fixed PEAR #20107. Handle multiple query params with same name as array.
* Added LICENSE file.
* Include README in package file.
* Fixed reset() call in MessageTest in unit tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Remi Collet <remi(a)fedoraproject.org> - 0.3.1-1
- Update to 0.3.1 (alpha)
- License file is provided in tarball
- Drop patch merged upstream
* Sat Nov 2 2013 Remi Collet <remi(a)fedoraproject.org> - 0.3.0-1
- update to 0.3.0 (alpha)
- add explicit spec License
- open issues for missing License file and failed test
--------------------------------------------------------------------------------
================================================================================
python-alchimia-0.4-3.fc20 (FEDORA-2013-20764)
A Python library that integrates Twisted with SqlAlchemy
--------------------------------------------------------------------------------
Update Information:
alchimia lets you use most of the SQLAlchemy-core API with Twisted, it does not allow you
to use the ORM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1019428 - Review Request: python-alchimia - A Python library that integrates
Twisted with SqlAlchemy
https://bugzilla.redhat.com/show_bug.cgi?id=1019428
--------------------------------------------------------------------------------
================================================================================
python-chai-0.4.5-1.fc20 (FEDORA-2013-20772)
Easy to use mocking/stub framework
--------------------------------------------------------------------------------
Update Information:
Import python-chai
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1024259 - Review Request: python-chai - Easy to use mocking/stub framework
https://bugzilla.redhat.com/show_bug.cgi?id=1024259
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.7.23-1.fc20 (FEDORA-2013-20749)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
- New upstream security release 1.7.17
-
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom
``template_name`` pointing to a template for the configuration page, if it needs
additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the caches for
pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on the diff
viewer.
* Discarding, reopening and then closing a review request no longer makes the review
request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default package on
CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the
'can_edit_reviewrequest' permission in order to close or reopen review requests.
* Switching a repository from using a hosting service to Custom no longer reverts back
to the hosting service.
* Fixed editing a repository if its associated hosting service can't be loaded (such
as if an extension providing that hosting service is disabled).
* Many diff validation errors weren't being shown on the New Review Request page,
generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and won't
result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.7.23-1
- New upstream release 0.7.23
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS
* djblets.webapi:
* Added a has_list_access_permissions function, which is used to determine
access to a list resource.
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.22.NEWS
* djblets.extensions:
* AJAX_SERIAL is updated when extensions are enabled/disabled or their
configuration changes, allowing templates using AJAX_SERIAL as part of
their cache to invalidate.
* djblets.siteconfig:
* Reduced query counts for installs using siteconfig.
* djblets.webapi:
* Reduced query counts when returning payloads for list resources with no
entries.
* Common attribute lookups on WebAPIResource are now cached.
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.23.NEWS
* djblets.extensions:
* Fix URL errors when configuring extensions with a custom SITE_ROOT.
* djblets.util.fields:
* JSONFields can now be safely edited through the administration UI,
complete with validation.
* jquery.gravy:
* Fixed hiding the pencil icons on an inlineEditor when disabled.
* Sun Oct 13 2013 Patrick Uiterwijk <puiterwijk(a)gmail.com> - 0.7.21-1
- New upstream bugfix release 0.7.21
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS
- Added a has_list_access_permissions function, which is used to
determine access to a list resource.
* Fri Oct 11 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.7.20-1
- New upstream bugfix release 0.7.20
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.20.NEWS
- Fixed regression with pagination on the datagrid
* Thu Oct 10 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.7.19-1
- New upstream security release 0.7.19
-
http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.19.NEWS
- Resolves: CVE-2013-4409
- Resolves unsanitized eval() vulnerability
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1027010
--------------------------------------------------------------------------------
================================================================================
qemu-1.6.1-1.fc20 (FEDORA-2013-20776)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* Reduce CPU usage when audio is playing (bz #1017644)
* Base on qemu 1.6.1 tarball
* ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604)
* ksmtuned: Fix committed_memory when no qemu running (bz #1012610)
* Make sure bridge helper is setuid (bz #1017660)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Cole Robinson <crobinso(a)redhat.com> - 2:1.6.1-1
- Reduce CPU usage when audio is playing (bz #1017644)
- Base on qemu 1.6.1 tarball
- ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604)
- ksmtuned: Fix committed_memory when no qemu running (bz #1012610)
- Make sure bridge helper is setuid (bz #1017660)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017644 - PATCH: fix qemu using 50% host cpu when audio is playing
https://bugzilla.redhat.com/show_bug.cgi?id=1017644
--------------------------------------------------------------------------------
================================================================================
recoll-1.19.8-1.fc20 (FEDORA-2013-20750)
Desktop full text search tool with Qt GUI
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release recoll 1.19.8, will hopefully fix some bugs too.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Terje Rosten <terje.rosten(a)ntnu.no> - 1.19.8-1
- 1.19.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980947 - [abrt] recoll-1.19.4-2.fc18: inflate_table: Process /usr/bin/recoll
was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=980947
[ 2 ] Bug #989483 - [abrt] recoll-1.19.4-2.fc19: deallocate: Process
/usr/bin/recollindex was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=989483
[ 3 ] Bug #995796 - [abrt] recoll-1.19.4-2.fc18: operator delete: Process
/usr/bin/recollindex was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=995796
[ 4 ] Bug #979371 - [abrt] recoll-1.19.4-2.fc18: deallocate: Process
/usr/bin/recollindex was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=979371
[ 5 ] Bug #995699 - [abrt] recoll-1.19.4-2.fc18: std::_Rb_tree<std::string,
std::pair<std::string const, std::string>,
std::_Select1st<std::pair<std::string const, std::string> >,
std::less<std::string>, std::allocator<std::pair<std::string const,
std::string> > ...
https://bugzilla.redhat.com/show_bug.cgi?id=995699
--------------------------------------------------------------------------------
================================================================================
rubygem-cinch-2.0.10-1.fc20 (FEDORA-2013-20775)
An IRC Bot Building Framework
--------------------------------------------------------------------------------
Update Information:
Rebased on Cinch 2.0.10.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Darryl L. Pierce <dpierce(a)redhat.com> - 2.0.10-1
- Rebased on Cinch 2.0.10.
--------------------------------------------------------------------------------
================================================================================
rubygem-equalizer-0.0.7-2.fc20 (FEDORA-2013-20765)
Module to define equality, equivalence and inspection methods
--------------------------------------------------------------------------------
Update Information:
First Fedora release. rubygem-equalizer is a module to define equality, equivalence and
inspection methods.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025930 - Review Request: rubygem-equalizer - Module to define equality,
equivalence and inspection methods
https://bugzilla.redhat.com/show_bug.cgi?id=1025930
--------------------------------------------------------------------------------
================================================================================
rubygem-ice_nine-0.10.0-2.fc20 (FEDORA-2013-20781)
Deep Freeze Ruby Objects
--------------------------------------------------------------------------------
Update Information:
New Fedora package. This gem allows developers to deep freeze Ruby objects.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025928 - Review Request: rubygem-ice_nine - Deep Freeze Ruby Objects
https://bugzilla.redhat.com/show_bug.cgi?id=1025928
--------------------------------------------------------------------------------
================================================================================
rubygem-rails_autolink-1.1.4-2.fc20 (FEDORA-2013-20766)
Automatic generation of HTML links in texts
--------------------------------------------------------------------------------
Update Information:
New Fedora package. This is an extraction of the `auto_link` method from rails. The
`auto_link` method was removed from Rails in version Rails 3.1. This gem is meant to
bridge the gap for people migrating.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018010 - Review Request: rubygem-rails_autolink - Automatic generation of
HTML links in texts
https://bugzilla.redhat.com/show_bug.cgi?id=1018010
--------------------------------------------------------------------------------
================================================================================
rubygem-redis-namespace-1.3.1-1.fc20 (FEDORA-2013-20757)
Namespaces Redis commands
--------------------------------------------------------------------------------
Update Information:
New Fedora package. rubygem-redis-namespace adds a Redis::Namespace class which can be
used to namespace calls to Redis. This is useful when using a single instance of Redis
with multiple, different applications.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025984 - Review Request: rubygem-redis-namespace - Namespaces Redis
commands
https://bugzilla.redhat.com/show_bug.cgi?id=1025984
--------------------------------------------------------------------------------
================================================================================
rubygem-shoulda-context-1.1.6-1.fc20 (FEDORA-2013-20773)
Context framework extracted from Shoulda
--------------------------------------------------------------------------------
Update Information:
This update removes deprecation warnings with Rails 4.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1026732 - rubygem-shoulda-context-1.1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1026732
--------------------------------------------------------------------------------
================================================================================
sddm-0.2.0-0.19.20130914git50ca5b20.fc20 (FEDORA-2013-20753)
QML based X11 desktop manager
--------------------------------------------------------------------------------
Update Information:
Added a patch to fix PAM support
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Martin Briza <mbriza(a)redhat.com> - 0.2.0-0.19.20130914git50ca5b20
- Patch cleanup
* Tue Nov 5 2013 Martin Briza <mbriza(a)redhat.com> - 0.2.0-0.18.20130914git50ca5b20
- Cmake magic
* Tue Nov 5 2013 Martin Briza <mbriza(a)redhat.com> - 0.2.0-0.17.20130914git50ca5b20
- Rewritten the authentication stack to work right with PAM
* Tue Oct 15 2013 Martin Briza <mbriza(a)redhat.com> - 0.2.0-0.16.20130914git50ca5b20
- Fixed the Fedora theme wallpaper path
* Tue Oct 15 2013 Martin Briza <mbriza(a)redhat.com> - 0.2.0-0.15.20130914git50ca5b20
- Added XDMCP support patch
- Modified the config to reflect the added XDMCP support (disabled by default)
* Tue Oct 15 2013 Rex Dieter <rdieter(a)fedoraproject.org> -
0.2.0-0.14.20130914git50ca5b20
- sddm.conf: CurrentTheme=fedora
* Mon Oct 14 2013 Rex Dieter <rdieter(a)fedoraproject.org> -
0.2.0-0.13.20130914git50ca5b20
- include standard theme/config here, Obsoletes: kde-settings-sddm
- sddm.conf: SessionCommand=/etc/X11/xinit/Xsession
* Mon Oct 14 2013 Rex Dieter <rdieter(a)fedoraproject.org> -
0.2.0-0.12.20130914git50ca5b20
- -themes: Obsoletes: sddm ... for upgrade path
* Mon Oct 14 2013 Rex Dieter <rdieter(a)fedoraproject.org> -
0.2.0-0.11.20130914git50ca5b20
- -themes subpkg
* Sat Sep 21 2013 Rex Dieter <rdieter(a)fedoraproject.org> -
0.2.0-0.10.20130914git50ca5b20
- use %_qt4_importdir, %systemd_requires macros
- own %_datadir/apps/sddm
- fix Release
- drop explicit Requires: pam (let rpm autodeps handle it)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008951 - New KDE session starts just after Logout
https://bugzilla.redhat.com/show_bug.cgi?id=1008951
--------------------------------------------------------------------------------
================================================================================
slingshot-0.8.1p-11.fc20 (FEDORA-2013-20771)
A Newtonian strategy game
--------------------------------------------------------------------------------
Update Information:
Add appdata file.
Fix URL.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Jon Ciesla <limburgher(a)gmail.com> - 0.8.1p-11
- Fix URL, BZ 1023983.
- Add appdata file, BZ 1023986.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1023986 - Appdata file for slingshot
https://bugzilla.redhat.com/show_bug.cgi?id=1023986
[ 2 ] Bug #1023983 - Possibly incorrect URL for slingshot
https://bugzilla.redhat.com/show_bug.cgi?id=1023983
--------------------------------------------------------------------------------
================================================================================
tcpflow-1.4.0-2.fc20 (FEDORA-2013-20755)
Network traffic recorder
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release tcpflow 1.4.0.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Terje Rosten <terje.rosten(a)ntnu.no> - 1.4.0-2
- Add patches to build on arm
* Mon Oct 21 2013 Terje Rosten <terje.rosten(a)ntnu.no> - 1.4.0-1
- 1.4.0
--------------------------------------------------------------------------------
================================================================================
tetex-elsevier-0.1.20090917-11.fc20 (FEDORA-2013-20777)
Elsevier LaTeX style files and documentation
--------------------------------------------------------------------------------
Update Information:
fix install tree; follow f20 unversioned doc change
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Michael J Gruber <mjg(a)fedoraproject.org> - 0.1.20090917-11
- Use the actual texlive local tree, not the documented one (#971778).
* Sun Nov 3 2013 Ville Skyttä <ville.skytta(a)iki.fi> - 0.1.20090917-10
- Honor setups with unversioned doc dirs (#993901).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #971778 - tetex-elsevier after an update still in a "wrong" path
https://bugzilla.redhat.com/show_bug.cgi?id=971778
[ 2 ] Bug #993901 - tetex-elsevier possibly affected by F-20 unversioned docdir change
https://bugzilla.redhat.com/show_bug.cgi?id=993901
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-2.6.2-3.fc20 (FEDORA-2013-20763)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
Add upstream patch to fix caldav sync
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 4 2013 Orion Poplawski <orion(a)cora.nwra.com> - 2.6.2-3
- Add upstream patch to fix caldav sync
* Wed Oct 30 2013 Jan Horak <jhorak(a)redhat.com> - 2.6.2-2
- Update to 2.6.2
* Fri Sep 20 2013 Orion Poplawski <orion(a)cora.nwra.com> - 2.6-1
- Drop alarm patch
- Drop -fpermissive
- Update to 2.6
- Exclude arm architecture
--------------------------------------------------------------------------------
================================================================================
tortoisehg-2.10-1.fc20 (FEDORA-2013-20759)
Mercurial GUI command line tool thg
--------------------------------------------------------------------------------
Update Information:
https://bitbucket.org/tortoisehg/thg/wiki/ReleaseNotes#!tortoisehg-210
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Mads Kiilerich <mads(a)kiilerich.com> - 2.10-1
- tortoisehg 2.10
--------------------------------------------------------------------------------
================================================================================
tubo-5.0.10-2.fc20 (FEDORA-2013-20762)
Library to thread process std-in/std-err/std-out from fork() child
--------------------------------------------------------------------------------
Update Information:
*Update to 5.0.10
*'example' and 'tuboexec' binaries are now packaged
*Added glib2-devel BR
New package.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Antonio Trande <sagitter(a)fedoraproject.org> 5.0.10-2
- Added glib2-devel BR
* Wed Nov 6 2013 Antonio Trande <sagitter(a)fedoraproject.org> 5.0.10-1
- Update to 5.0.10
- 'example' and 'tuboexec' binaries are now packaged
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016807 - Review Request: tubo - Library to thread process
std-in/std-err/std-out from fork() child
https://bugzilla.redhat.com/show_bug.cgi?id=1016807
--------------------------------------------------------------------------------
================================================================================
wireshark-1.10.3-2.fc20 (FEDORA-2013-20779)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
Harden dumpcap capabilities
* Ver. 1.10.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 6 2013 Peter Hatina <phatina(a)redhat.com> - 1.10.3-2
- harden dumpcap capabilities
* Sat Nov 2 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 1.10.3-1
- Ver. 1.10.3
- Dropped upsteamed patch no. 13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1026534 - CVE-2013-6336 wireshark: IEEE 802.15.4 dissector crash
(wnpa-sec-2013-61)
https://bugzilla.redhat.com/show_bug.cgi?id=1026534
[ 2 ] Bug #1026538 - CVE-2013-6337 wireshark: NBAP dissector crash (wnpa-sec-2013-62)
https://bugzilla.redhat.com/show_bug.cgi?id=1026538
[ 3 ] Bug #1026539 - CVE-2013-6338 wireshark: SIP dissector crash (wnpa-sec-2013-63)
https://bugzilla.redhat.com/show_bug.cgi?id=1026539
[ 4 ] Bug #1026540 - CVE-2013-6339 wireshark: ActiveMQ OpenWire dissector large loop
(wnpa-sec-2013-64)
https://bugzilla.redhat.com/show_bug.cgi?id=1026540
[ 5 ] Bug #1026541 - CVE-2013-6340 wireshark: TCP dissector crash (wnpa-sec-2013-65)
https://bugzilla.redhat.com/show_bug.cgi?id=1026541
--------------------------------------------------------------------------------
================================================================================
xfce4-session-4.10.1-3.fc20 (FEDORA-2013-20754)
Xfce session manager
--------------------------------------------------------------------------------
Update Information:
Fix suspend/hibernate/poweroff support.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Kevin Fenzi <kevin(a)scrye.com> 4.10.1-3
- Add patch for better systemd support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1012650 - Hibernate and standby are disabled since upgrading to Fedora 20
https://bugzilla.redhat.com/show_bug.cgi?id=1012650
--------------------------------------------------------------------------------