- Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Initial Package - build documentation - use other URL - smaller source tarball with --exclude-vcs - correct soname - adjust path to gpr files - add tools subpackage - add ldconfig call - add manpages for the tools - Rebuild for new gnat - Rebuild (#918586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 11.8.0 and rebuild for gcc - Initial packaging - Revert patch to link to libc, causes a dep on GLIBC_PRIVATE - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Perl 5.14 mass rebuild - Perl mass rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Perl 5.16 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix Source url for reported source audit - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add server_args to /etc/xinetd.d/bitlbee (#1102062) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upgrade to 3.2.2 (#1116567) - Enable libpurple support additionally to built-in protocols - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) - Really disable libpurple support for Fedora except Rawhide - Disable libpurple due to dbus issues also in EPEL (#1126930) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release. - Requires libotr >= 4 (so EPEL-6 will require new build of libotr 4) - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release (#1205936) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Let rpmbuild strip executable (#1008236). - online QSO upload to HamQTH, ClubLog and HRDLog added - improved QSL managers import, should be faster a bit - "Long Path" button to Rotor Control added (Darek, SP2MKI) - COMMENT field is exported to eQSL server - Always overwrite info from previous QSO with callbook data option added - help updated - country files updated - membership files updated - layout improved (mostly new QSO window) - LoTW QSL RCVD was not imported when ADIF didn't include LOTW_QSLRDATE value - fixed - CONTESTIA mode was saved as CONSTESTI (increased max length of mode to 10 characters) - fixed - ReverseBeacon support in Gray line didn't work - fixed - after click to OK button in Preferences, bandmap stopped deleting old spots - fixed - bandmap was not updated when any spot was not added - fixed - station was added to bandmap when offline mode was activated - fixed - big square statistics didn't work in newer versions of distributions - fixed - QSO JT65* mode were not confirmed by eQSL - fixed - "When TRX control is not active, use frequency and mode from NewQSO window" option to Preferences->Band map added - CTRL+N hotkey to QSO list window added (do NOT send QSL) - TRX control window was not sizeable - fixed - when ESC was pressed twice in Remote mode, log crashed - fixed - program crashed when freq was entered with comma as decimal separator - fixed - broken grid square statistic fixed - after hitting ESC in any window opened from NewQSO, cursor will be returned to callsign edit field - frequency in New QSO and QSO list wondow is formated to 0.0000 - added Help -> Keys and shortcut to menu in QSO window - RBN integration into GrayLine showed CW speed instead of signal strench - fixed - DXCC entity window didn't show when compiled in Debian Sid and Ubuntu 13.10 - fixed - when CQRLOG was run for the first time, two mysqld proccesses opened the same database - fixed - upload to ClubLog didn't work after enter QSO and delete - fixed (big thanks to Pawel, SQ5LTL) - TRX control window's layout was broken with some font sizes - fixed - F keys to CW type window added - address to RBN server can be changed in Preferences - full date (not only year,month) is supported in membership files - Close the "Status of log upload" window after successful upload added - moved to new LoTW url and updated upload routines - band button description is editable (Preferences -> TRX control -> Change default frequencies) - 6W/MM0NDX was marked as unknown country instead of Senegal - fixed - after View QSO and CTRL+F2 fields was still read-only - fixed - QSL information was added to Commend to QSO even if it already exists - '+' character is now allowed in any field in New QSO window - log could not recover from a wrong upload of updated QSO - fixed - '+' as hotkey to add to bandmap function removed, use CTRL+A instead - any result from ClubLog with 'Skipping QSO' won't stop uploading of the log - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - after click to "Upload all" qso to online logs, info about disabled services is not shown - added new optimized MySQL configuration file (log should be faster and won't show error about missing tables) - additional date formats for QSL label printing added (Tom, DL7BJ) - alert for for callsign on specific mode and band added - %h CW macro added (sends GM/GA/GE calculated from wkd station local time) - %rs CW macro added (sends RST_S and replace 9 with N) - design of gridlists can be changed in Preferences/Fonts/Gridlist settings (Tom, DL7BJ) - additional options to split RST (TX and RX) in three fields for QSL label printing (Tom, DL7BJ) - K3NG key support added - "Use '+' key to add spots to band map" option added to Preferences -> Band map - program crashed with error about Exceptions.tbl when started for the first time - Shift+F12 didn't cancel the filtr - fixed - "Filter is USED!" info wasn't canceled after click to Sort button (filter was disabled) - reading signal strength from RBN spots fixed - RBN default port is 7000 not 7300 - fixed - fixed a bug in DXCC statistics, mode 'Paper QSL only' (Tom, DL7BJ) - program crashed after close - fixed - program crashed after click to Cancel in DB connection window - sunrise, sunse and greeting info was broken - fixed - xplanet opened from the "New QSO Window" was not centred on own lattitude and longitude - Program crashed with error about Exceptions.tbl when started for the first time - After hit enter in New QSO window, it took long time to save QSO - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Fixed empty debugging (BZ 1126233) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to 0.14 upstream release - Rebuild for new boost_istream - Rebuild for Boost-1.53.0 - Rebuild for Boost-1.53.0 - Rebuild for boost 1.54.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.6.1 upstream release - incorrect fsf address reported to upstream - Solve too memory consuption in koji - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebase to 2014g - Turks & Caicos is switching from US eastern time to UTC-4 year-round, modeled as a switch from EST/EDT to AST on 2014-11-02 at 02:00. - Rebase to 2014h - Changes in past time stamps, code, and documentation. - Rebase to 2014i - Pacific/Fiji will observe DST from 2014-11-02 02:00 to 2015-01-18 03:00. - A new Zone Pacific/Bougainville, for the part of Papua New Guinea that plans to switch from UTC+10 to UTC+11 on 2014-12-28 at 02:00 - Rebase to 2014j - Turks & Caicos' switch from US eastern time to UTC-4 year-round did not occur on 2014-11-02 at 02:00. It's currently scheduled for 2015-11-01 at 02:00. - Rebase to 2015a - New leap second 2015-06-30 23:59:60 UTC as per IERS Bulletin C 49. - The Mexican state of Quintana Roo, represented by America/Cancun, will shift from Central Time with DST to Eastern Time without DST on 2015-02-01 at 02:00. - Chile will not change clocks in April or thereafter; its new standard time will be its old daylight saving time. This affects America/Santiago, Pacific/Easter, and Antarctica/Palmer. - Rebase to 2015b - Mongolia will start observing DST again this year, from the last Saturday in March at 02:00 to the last Saturday in September at 00:00. - Palestine will start DST on March 28, not March 27. Also, correct the fall 2014 transition from September 26 to October 24. Adjust future predictions accordingly. - Rebase to 2015c - Egypt's spring-forward transition is at 24:00 on April's last Thursday, not 00:00 on April's last Friday. 2015's transition will therefore be on Thursday, April 30 at 24:00, not Friday, April 24 at 00:00. Similar fixes apply to 2026, 2037, 2043, etc. (Thanks to Steffen Thorsen.) - Rebase javazic tool to match latest upstream OpenJDK version - Rebase to 2015d - Egypt will not observe DST in 2015 and will consider canceling it permanently. For now, assume no DST indefinitely. - The abbreviations for Hawaii-Aleutian standard and daylight times have been changed from HAST/HADT to HST/HDT, as per US Government Printing Office style. This affects only America/Adak since 1983, as America/Honolulu was already using the new style. - Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18 as we had guessed. - Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18 as we had guessed. - Assume Cayman Islands will observe DST starting next year, using US rules. Although it isn't guaranteed, it is the most likely. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - More Import-Package fixes. Note that fix-cglib-refs.patch is not suitable for upstream: http://code.google.com/p/mockito/issues/detail?id=373 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Patched LocalizedMatcher due to hamcrest update, (bug upstream) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Workaround for NPE in setting NamingPolicy - Use Requires: java-headless rebuild (#1067528) - Use junit R/BR over junit4. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Use .mfiles to pick up xmvn metadata - Don't use obsolete _mavenpomdir and _mavendepmapfragdir macros - Fix FTBFS - First build for EPEL7 - Resolves: BZ#1110030 - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - First version for Fedora - New upstream version - New upstream release candidate 5.2.1rc1 - New upstream release 5.2.1 - 1167331: Enabled native systemd support. - Does not disable old systemd, starter, ipsec.conf support yet. - New strongswan developer release 5.2.2dr1 - Enabled ccm, and ctr plugins as it seems enabling just openssl does not work for using ccm and ctr algos. - new version 5.2.2 - Fixes strongswan swanctl service issue rhbz#1193106 - new version 5.3.0 - new version 5.3.1 - new version 5.3.2 - Initial package for Fedora - Build only a py3 package - Update to lastest upstream release 0.10.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - define __AVR_LIBC_DEPRECATED_ENABLE__ (bug 891556) - ino needs to know the arduino version (bug 905681) - own /etc/arudino and /usr/share/arduino (bug 911931) - Update to 1.0.5. - Remove bug891556.patch. - Remove wifishield firmware for now, until I figure out whether it's reasonable/permissible to include. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add arduino-build-platform.patch to allow building on ARM (rhbz 991988). - Unversion documentation directory. - Force update of icon cache so that icon appears straight away. - Add appdata.xml. - Associate .ino files with the Arduino IDE. - Update to 1.0.6. - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Initial packaging - Cleanup of the spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild - Replace maven BuildRequires with maven-local - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Use Requires: java-headless rebuild (#1067528) - Switch to XMvn - Use pom macros - Update to 1.0.5 - Use the snappy package instead of a precompiled library - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Initial Package - build documentation - use other URL - smaller source tarball with --exclude-vcs - correct soname - adjust path to gpr files - add tools subpackage - add ldconfig call - add manpages for the tools - Rebuild for new gnat - Rebuild (#918586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 11.8.0 and rebuild for gcc - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - update to 2.1rc1 from git - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to the 3.0rc1 from git - Add -devel package. - build -compat subpackage against compat-lua - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - lua 5.3 - Rebuild for new lua - Fix broken release tag - Update to 0.14.22 - Validate and own /usr/share/appdata/xpra.appdata.xml - Add BuildRequires libappstream-glib - Remove Requires for xorg-x11-drv-void - Patch appdata file to have more information and proper paragraph ending period so validation works - Add patch to correctly locate Xorg binary in Fedora 22 onwards (BZ 1224678) - Update to 0.14.24 - Remove Requires for xorg-x11-server-Xvfb - Remove upstreamed appdata patch - Update to 0.15.0 - Add BuildRequires for cups-devel and Requires for cups-filesystem - Replace mention of avcodec with avcodec2 - Drop xpra-unbundle-rencode.patch, and no longer patch to use system rencode - Drop xpra-0.14-stop-using-void-driver.patch - Drop xpra-0.14.22-fedora22-xorg.patch - Remove extraneous second definition of cupslibdir - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 0.15.1 - Add Requires shared-mime-info for (/usr/share/mime/packages ownership) - Add /usr/share/mime/packages/application-x-xpraconfig.xml file - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.14.3 point release - Populate LoginFormats correctly [#961442] - Documentation clarifications - Set sssd.conf default_shell per domain - Notify in terminal output when installing packages - If joined via adcli, delete computer with adcli too [#961244] - If input is not a tty, read from stdin without getpass() [#983153] - Configure pam_winbind.conf appropriately [#983153] - Refer to FreeIPA as IPA - Support use of kerberos ccache to join when winbind - Update to upstream 0.14.4 point release - Fix up the [sssd] section in sssd.conf if it's screwed up - Add an --unattended argument to realm command line client - Clearer 'realm permit' manual page example - Update to upstream 0.14.5 point release - Fix regression conflicting --unattended and -U as in --user args - Pass discovered server address to adcli tool - Update to upstream 0.14.6 point release - Set 'kerberos method = system keytab' in smb.conf properly - Limit Netbios name to 15 chars when joining AD domain - Start oddjob after joining a domain [#967023] - Don't pass user defined strings to printf directly [#1049447] - Don't crash when full_name_format is missing in sssd.conf This is a regression from a prior update. - Fix desktop-centric polkit policy [#1094124] - Fixes for security issues: rhbz#1205752 rhbz#1205753 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release - Updated nopprof patch to match new release - Fixed a few bogus changelog entries - New upstream release. This release fixes a critical regression - Patch that removes explicit altivec on el5/ppc - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Added an i686 build fixing bz #1106933 - Added valgrind-devel to BuildRequires, fixing bz #974270 - bz #1106933 fix only for fedora 21 and above - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - valgrind-devel is not available on s390, closes #1131014 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - packaging enhancements (pkg-config, license tag) - packaging enhacements (structure, redundancy, ownership, scriptlets, symlink) - version bump so as not to collide with python-clufter co-packaged with pcs - bump upstream package - bump upstream package - add dependency on python-setuptools - bump upstream package - bump upstream package - bump upstream package - bump upstream package - move completion module to clufter-cli sub-package - bump upstream package - bump upstream package - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added upstream fix for threading issue with plugin registration (bug #912307). - Applied upstream fixes for threading (bug #951984). - Update to new release candidate version. - Update to new release candidate version. - Update to new upstream version. - Added a reference for Mac MLU tag - Added a way to read the profile creator from header - Added error descriptions on cmsSmoothToneCurve - Added identity curves support for write V2 LUT - Added new cmsPlugInTHR() and fixed some race conditions - Added TIFF Lab16 handling on tifficc - Fixed a bug on big endian platforms not supporting uint64 or long long. - Fixed a multithead bug on optimization - Fixed devicelink generation for 8 bits - Fixed some 64 bit warnings on size_t to uint32 conversions - Rendering intent used when creating the transform is now propagated to profile - RGB profiles store only one copy of the curve to save space - Transform2Devicelink now keeps white point when guessing deviceclass is enabled - Update black point detection algorithm to reflect ICC changes - User defined parametric curves can now be saved in ICC profiles - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to new upstream version. - Added a way to retrieve matrix shaper always, no matter LUT is present - Added pthread dependency - Big revamp on Contexts, from Artifex - Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks - Fixed some indexing out of bounds in floating point interpolation - Fix for delete tag memory corruption - New locking plug-in, from Artifex - Update to new upstream version. - Added a flag to clip negative values in unbounded transforms - Added a global optimization that merges consecutive matrices in pipelines. - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Write debuglog by default (/var/log/fedup.log) - Add support for applying updates to upgrade.img - Use proxy settings from yum.conf (#892994) - Fix "NameError: global name 'po' is not defined" (#895576) - Clearer error on already-upgraded systems (#895967) - Fix upgrade hang with multiple encrypted partitions (#896010) - Fix "OSError: [Errno 2]..." when `selinuxenabled` is not in PATH (#896721) - Fix tracebacks on bad arguments to --iso (#896440, #895665) - Fix traceback if grubby is missing (#896194) - Require newer systemd to fix hang on not-updated systems (#910326) - Fix hang starting upgrade on systems with /dev/md* (#895805) - Better error messages if you're out of disk space (#896144) - Check signatures on downloaded packages and images (#877623) - Added --nogpgcheck, --instrepokey, --enableplugin, --disableplugin - Improve error messages and warnings about transaction problems - Improve disk space error messages (#949963) - Clarify "instrepo not found" error (#980818) - Start upgrade using systemd generator instead of boot args (#964303) - Fix emergency shell on F17 upgrades (#958586) - Don't start upgrade if media/packages are missing (#984415) - Check for mismatched instrepo arch (#981180) - Fix traceback with deltarpm (#1005895) - Use the right kernel for Xen guests (#1023618) - Fix mirror failover for instrepo (#1027573) - Download multiple packages in parallel for extra speed - Lots of other bugfixes - Fix crash with Ctrl-C on F18 - Fix --instrepo with --device/--iso - backport a few more bugfixes from git master: + fix upgrade startup when packagedir isn't on root (#1045168) + Fix --network VERSION if /etc/debian_release exists (#1057817) + Warn the user if upgrade contains no kernels - bump the required systemd version (also a 'backport' from git) - Warn the user when there is no kernel package in the upgrade - Fix crash when resizing terminal window (#1044987) - Fix crashes with bad arguments to --repo and --iso (#1045090, #1044083) - Fix some crashes during transaction test (#1043981, #1047005) - Fix upgrade hang if packagedir isn't on root partition (#1045168) - Don't redownload everything if the user just upgraded from 0.7.x - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Add --product=PRODUCT flag for upgrades to F21 - Use host's config files in upgrade.img - Fix logging during upgrade - upgrade logs will appear in system journal - Fix keymap problems during upgrade (#1038413) - Move cache to /var/cache (#1066679, CVE-2013-6494) - Make systemd consider startup finished before starting upgrade (#1159292) - Fix traceback if --product/--add-install is misspelled/missing (#1167971) - Make sure fedup --clean doesn't require --product (#1158766) - Give clearer error messages about invalid '--network' values - Improved feedback about possible upgrade problems - Prompt user to import key if we can't auto-trust it - Handle early_cpio initrds so we get your keyboard locale etc. (#1207251) - Handle lzo-compressed initrd (#1177862) - Fix crash with --debuglog=<badfile> (#1175480) - Remove --reboot (use fedup [args] && reboot if you want to do that) - Fix crash for people who use `su` wrong (tip: do `su -`; see su(1)) - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - New upstream version (#828716) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.7.9 - New upstream release - New upstream release - Initial package - Updated as per the Fedora guidelines - Updated to comply with Fedora guidelines - Added conditional for F19/F20 - Updated to latest upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - initial version - Added font requirement. - Removed obsolete parts (clean section, defattr, install, buildroot definition) - Added German summary and description - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resurrected from Orphaned - Re-generate autoconf files (rhbz#926726) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release (rhbz#1152577) - Initial Package - build documentation - use other URL - smaller source tarball with --exclude-vcs - correct soname - adjust path to gpr files - add tools subpackage - add ldconfig call - add manpages for the tools - Rebuild for new gnat - Rebuild (#918586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 11.8.0 and rebuild for gcc - the 1.1.6 release - git tag 389-admin-console-1.1.6 - Bug 668950 - Add posix group support to Console - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - the 1.1.7 release - git tag 389-admin-console-1.1.7 - Bug 476925 - Admin Server: Do not allow 8-bit passwords for - the admin user - Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) - Bug 723126 - Configure Admin Server -> Connection Restriction --> Add Screen is flicking consistently. - Resolves: Bug 766011 - Selecting "Administration Server" in Server Group causes stack trace - bump rel for java rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - bump version to 1.1.9 - Bug 886407 - Cannot restart SSL-admin server from console (#47477) - Bug 966958 - Improve online help for Add CRL dialog (#47467) - Bug 844764 - Directory Console generates insufficient key strength (#362) - bump version to 1.1.10 - Bug 1022104 - Remove versioned jarfiles from _javadir (idm-console-framework) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Update to 0.1.4. - Update to 0.1.5. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 0.2.0. - Rebuilt for gtksourceview3 soname bump - We need python3 now. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild against llvm 3.4 - Update to upstream 0.3, now uses gnome-code-assistance as a backend - Latest upstream is actually 0.3.1, my bad - Update description too - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Initial Fedora package - Use install to set permissions on cups-x2go - Drop %doc for now - Mark config file as %config(noreplace) - Fix Group - Drop tabs - Update to 3.0.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.0.1.1 - Require openssh-clients - remove unnecessary BR - fix CFLAGS - fix CXXFLAGS too - use macros consistently - fix files locations - fix formatting and change license to AGPLv3+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.7 release - move ccache to /run/httpd/ccache - add Requires(pre) for httpd to ensure apache uid exists at install time - hide stderr if finding httpd_mmn - package LICENSE - filter DSO auto provides - fix httpd_mmn stderr filter (thanks rcollet) - clarify licensing; clean up spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - don't truncate translated names with KrbLocalUserMapping - handle GSS_S_CONTINUE_NEEDED returned by accept_sec_token, fixes error 500 when trying to auth with expired token from Firefox - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix principal creation in Constrained Delegation so the principal can be defined in KrbServiceName rather than always computing the value. (#1012665) - initial rpm - Added akka-remote support - Update to 2.3.0-RC4 - Added akka-{agent,cluster,dataflow,kernel,osgi,transactor} support - Update to 2.3.0 - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - pick up new translations - pick up translation updates - require docs in enterprise builds - pick up translation updates - translation updates - use branded name and new icons (by Jakub Steiner, #562677) - pull updated translations - use pkexec instead of consolehelper - pull updated translations - tighten policy - get rid of ancient obsoletes (#1002127) - pull updated and new translations - fix bogus date in changelog - don't use exec in pkexec wrapper script - cope with unavailable display in pygtk >= 2.10 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - 0.5.0 bump - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 0.6.0 bump - 0.7.0 bump - 0.7.1 bump - 0.7.2 bump - 0.8.0 bump - 0.9.0 bump - 0.9.1 bump - The 1.1.6 release - Bug: 594939 - ACI editing dialog initial size is not big enough to display - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - fix fourth step of cert wizard for installing cert - Bug 668950 - Add posixGroup support to Console - Bug 583652 - Console caches magic numbers instead of DNA-generated values - The 1.1.7 release - Bug 158926 - Unable to install CA certificate when using hardware token - ( LunaSA ) - Bug 622436 - Removal of Security:domestic from Console - Bug 229699 - objectclass without parent causes StringIndexOutOfBounds in console - Bug 583652 - Console caches magic numbers instead of DNA-generated values - using new upstream git repo at fedorahosted.org - git tag idm-console-framework-1.1.7 - Use DefaultTopologyPlugin if topologyplugin not found in the DS - Bug 706472 - [console] java exception throw in UI, but user gets created - Bug 706258 - ACI Editor dialog flickers - rebuild with latest java - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Bump version to 1.1.9 - Ticket 47929 - idm-console-framework - set default min to tls1.0 - Ticket 47946 - ACI's are replaced by "ACI_ALL" after editing group of ACI's including invalid one - Ticket 47929 - Console - add tls1.1 support - Ticket 47472 - Entries cannot be highlighted in the "Edit Aci" Rights panel - Ticket 47364 - Console does not support passwords containing 8-bit characters - Ticket 47604 - idm-console-framework: remove versioned jars from /usr/share/java - Ticket 47480 - Admin Console "server restart dialog" disppears after clicking OK - Ticket 47467 - Improve CRL import dialog text - Ticket 362 - Directory Console generates insufficient key strength - Bug 1022104 - Remove versioned jarfiles from _javadir - Fixed broken "create symlinks" in 'install'. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - check whether package can be retraced before uploading - add possibility to disable interactive debugging - add support for chrooted crashes - also cache debuginfo for modules loaded in a vmcore - add task manager - add possibility to search kernel debuginfo in koji-like directory structure - fix permission denied on gdb.sh - add possibility to query an external FTP for task data - tasks may have multiple results - tasks may have remote resources - add possibility to run makedumpfile on vmcores - add possibility to archive old tasks instead of deleting them - use standard python mechanisms for logging - determine archive types with file magic - catch all task-specific exceptions - support various archive types - make AuthGroup configurable - allow overriding kernel version & architecture from command line - create a writable directory for interactive debuggers - add the retrace-server-interact printdir command - autoload modules when jumping into crash - make dead tasks deletable (really look to /proc) - show downloaded files in task manager - do not delete files that do not need unpacking - show task's start and finish time - added backref to downloaded file - make vmcore readable for retrace group - improve architecture guessing for vmcores - add possibility to wget kernel debuginfo - try harder to determine the actual vmcore - fix kernel version handling - fix httpd config - guess debuginfo name correctly for <= el4 - rename _log to retrace-log - fix cross-arch vmcores processing - debug mode checked by default in task manager - fix typos - touch task directory when using retrace-server-interact - forward kernel version from command line correctly - parse flavoured kernel version correctly - allow to send notification e-mails - symlink retrace_log to MISC_DIR - do not die on download error - rework front page - be able to specify custom core location - do not die if makedumpfile fails - make FTP buffer size configurable - fix detaching from httpd - add more logging - fix paths of DF_BIN and TAR_BIN - fix dependencies - unify access to task directory elements - display the progress of FTP download - add notes & case no. boxes - run bt_filter on vmcores automatically - add timestamps to logs - enable free space check in task manager - urlencode hyperlinks - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - add possibility to make case number clickable - support local files in 'Custom core location' - create the stats database group-writable - do not die when saving stats fails - add possibility to restart task - do not show the output of 'mod -S' in crash - change directory to $MISCDIR after jumping to crash - load correct flavour for el4 kernels - do not kill tasks started from task manager - do not die if task manager is disabled - add basic support for ARM - find correct debuginfo for realtime kernels - fix httpd config for apache 2.4 - use mtime instead of atime in RetraceTask.get_age() - use correct suffixes when unpacking archives - do not die if module list can't be read from vmcore - add support for X-CoreFileDirectory header - add support for tweaking yum config in reposync - rework reposync logging - accept package list in the archive with crash data - try harder to find ix86 debuginfo in koji - do not die trying to chmod a hardling - do not hardlink unpacked vmcores - print command line formatted correctly - allow submitting vmcores with spaces in file name - do not run makedumpfile when not necessary - allow to specify kernel VRA with custom cores - do not require the trailing slash in task manager URL - do not kill retrace-server-cleanup when retrace_log does not exist - cache kernel version into task directory - add support for ppc64, s390x - include floating point registers in userspace backtraces - execute ABRT's exploitability plugin if available - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - do not run kmem on vmcores by default - fix group readability of vmcores - add support for lzop compression - add DeleteFailedTaskAfter config option - add arch-based remote execution - add set-success and set-fail actions to retrace-server-interact - add config sanity checks to retrace-server-cleanup - manager.wsgi - fix kernelver handling (harshula@redhat.com) - add support for ppc64le and aarch64 - fix the invocation of mock shell - Add patch to fix ssh options (bug #1066744) - Update to 4.0.2.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 4.0.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.0.3.0 - Update to 4.0.3.1 - Update to 4.0.3.2 - Rebuilt for GCC 5 C++11 ABI change - Update to 4.0.4.0 - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - initial Fedora version - Add doxygen-generated documentation in doc subpackage - Use explicit soversion in files section - Update sources to lastest git snapshot (3ceb8ae) - Remove empty doc macro from devel subpackage - Make doc subpackage dependent on main package - Document archive generation process and regenerate source archive - Use _smp_mflags macro when building doc to silence fedora-review - Updated sources to official libserialport release - Added "Provides" for bundled jquery - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Added build requirement to libXmu-devel for webspy (#553230) - Rebuild against libnids 1.24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - libnet rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Added a patch which adds further link layer offsets - Avoid opportunity for DoS in tabular data stream protocol handler - Added a memset in msgsnarf to correctly 0 out the C struct - Patched urlsnarf to use timestamps from pcap file if available - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Corrected patch which touches tabular data stream protocol handler - Added a patch to add both communication partners in arpspoof - Added patch to allow multiple targets to be imitated simultaniously - Added patch to allow the selection of source hw address in arpspoof - Added a patch which fixes and modernizes the POP decoder - Fixed segmentation faults related to libnet_name2addr4() (#1009879) - Added a patch to fix bit-shift in pntohl() macro (#714958, #850496) - Avoid xdrs being used without being initialised (#715042, #850494) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - rebuild for new suitesparse - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild (suitesparse) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Build with compat-lua (#992318, #1106264) - Fix missing reference to libvorbis - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 0.6.0 which includes: + Greatly expanded galaxy + New missions + Hidden jumps - Remove debug logs in stdout - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - update to 2.6.0 release - update to 2.6.1 release - add upstream patch to fix USERNAME issue - update to 2.6.2 release - update to 2.6.3 release - Fix synaptics issue - update to 2.6.4 release - use new license macro - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - rename the mimeapps.list - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Updated to emacs-goodies 33.5-1 - Updated to emacs-goodies 34.1-1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Updated to new upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Patch problems with ctypes.el Bug#833103 - Release 1.3.2.18 - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47763 - winsync plugin modify is broken - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47815 - Add operations rejected by betxn plugins remain in cache - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47808 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Release 1.3.2.19 - Ticket 47779 - Potential deadlock after startup if a dna configuration change is made - Ticket 47839 - 389-ds production segfault: __memcpy_sse2_unaligned... - Release 1.3.2.20 - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) 389-ds-base-1.3.2.22 = 389-ds-base-1.3.2.19 + Bug 1127833 fix. - Release 1.3.2.23 - Ticket 47871 - 389-ds-base-1.3.2.21-1.fc20 crashed over the weekend - Ticket 47866 - Errors after upgrading related to attribute "dnaremotebindmethod" - Ticket 47816 - v2- internal syncrepl searches are flagged as unindexed - Ticket 47877 - check_and_add_entry fails for changetype: add and existing entry - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47875 - dirsrv not running with old openldap - Revert "Ticket #47875 - dirsrv not running with old openldap" - Ticket 47875 - dirsrv not running with old openldap - Ticket 47446 - logconv.pl memory continually grows - Ticket 47874 - Performance degradation with scope ONE after some load - Ticket 47872 - Filter AND with only one clause should be optimized - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - fix the indentation - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.24 - Ticket 47922 - dynamically added macro aci is not evaluated on the fly - Ticket 47897 - Need to move slapi_pblock_set(pb, SLAPI_MODRDN_EXISTING_ENTRY, original_entry->ep_entry) prior to original_entry overwritten - Ticket 47920 - Encoding of SearchResultEntry is missing tag - Ticket 47919 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. - Ticket 47918 - result of dna_dn_is_shared_config is incorrectly used - Ticket 47900 - Server fails to start if password admin is set - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47900 - Adding an entry with an invalid password as rootDN is incorrectly rejected - Ticket 47907 - ldclt: assertion failure with -e "add,counteach" -e "object=<ldif file>,rdn=uid:test[A=INCRNNOLOOP(0;24 - Ticket 47889 - DS crashed during ipa-server-install on test_ava_filter - Ticket 47885 - did not always return a response control - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47875 - dirsrv not running with old openldap - Ticket 47875 - dirsrv not running with old openldap - Ticket 47885 - deref plugin should not return references with noc access rights - Ticket 47457 - default nsslapd-sasl-max-buffer-size should be 2MB - Bump version to 1.3.2.25 - Ticket 47996 - ldclt needs to support SSL Version range - Ticket 47991 - upgrade script fails if /etc and /var are on different file systems - Ticket 47989 - Windows Sync accidentally cleared raw_entry - Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute - Ticket 47934 - nsslapd-db-locks modify not taking into account. - Ticket 47617 - replication changelog trimming setting validation - Ticket 47905 - Bad manipulation of passwordhistory - Ticket 47973 - During schema reload sometimes the search returns no results - Ticket 47659 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV - Ticket 47880 - provide enabled ciphers as search result - Ticket 47945 - Add SSL/TLS version info to the access log - Ticket 47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only] - Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 47980 - Nested COS definitions can be incorrectly processed - Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone - Ticket 47965 - Fix coverity issues (2014/12/16) - Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown. - Ticket 47750 - Need to refresh cache entry after called betxn postop plugins - Ticket 47942: DS hangs during online total update - Ticket 47722 - Using the filter file does not work - Ticket 47965 - Fix coverity issues (2014/11/24) - Ticket 47969 - Fix coverity issue - Ticket 47970 - add lib389 testcase - Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind - Ticket 47969 - COS memory leak when rebuilding the cache - Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown - Ticket 47963 - skip nested groups breaks memberof fixup task - Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations - Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions - Ticket 47958 - Memory leak in password admin if the admin entry does not exist - Ticket 47952 - PasswordAdminDN attribute is not properly returned to client - Ticket 47953 - Should not check aci syntax when deleting an aci - Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS - Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued - bump version to 1.3.2.26 - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Ticket 47963 - memberof skip nested groups breaks the plugin - Bump version to 1.3.2.27 - Resolves: Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release - Updated nopprof patch to match new release - Fixed a few bogus changelog entries - New upstream release. This release fixes a critical regression - Patch that removes explicit altivec on el5/ppc - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Added an i686 build fixing bz #1106933 - Added valgrind-devel to BuildRequires, fixing bz #974270 - bz #1106933 fix only for fedora 21 and above - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - valgrind-devel is not available on s390, closes #1131014 - remove unnecessary BR - fix CFLAGS - fix CXXFLAGS too - use macros consistently - fix files locations - fix formatting and change license to AGPLv3+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.7 release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - version 28 - version 29 - version 30 - version 31 - version 33 - version 34 - version 35 - version 36 - version 37 - version 38 - initial rpm - Added akka-remote support - Update to 2.3.0-RC4 - Added akka-{agent,cluster,dataflow,kernel,osgi,transactor} support - Update to 2.3.0 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - FTBFS, BZ 819236. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added more requires to devel package as per BZ922937 - Added _isa to explicit requires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - General spec cleanup - Move libs into _lib and remove ldd config file - Fixes versioned doc dir as per BZ993719 - Bump up release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Upgraded to new upstream version. - Various fixes to the specfile - Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails - Initial package - Updated as per the Fedora guidelines - Updated to comply with Fedora guidelines - Added conditional for F19/F20 - Updated to latest upstream release - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Added python-openid as Require - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix #1056523 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Updated to 1.2.3 fixing the upgrade path at the same time - Update to 1.2.4 - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Upstream new release with relicensing to OFL - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Resolves bug 820478 - Upstream release 2.5.1 - Resolves bug 829143 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Upstream release 2.5.3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Resolves 1152203 :- Upstream release 2.91.0 - Rewritten all Open type tables with supporting taml and tml2 tags. - Renamed all the glyphs by following AGL syntax. - Open type tables are available in .fea file and this time it is compiled with AFDKO. - Reusing glyphs by "COPY REFERENCE" - Added GRID FITTING table and auto-hinting by fontforge. - Tested with Harfbuzz NG and Uniscribe (W8). - Auto test module available with test files. - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Perl 5.20 rebuild - Update to 3.20140831. - Perl 5.20 mass - Update to 3.20140916. - Exclude the S3 plugin on on RHEL instead of renaming it. - Update to 3.20141016. - Update to 3.20150107. - Update to 3.20150329. - Minor packaging changes regarding the Python plugin. - Perl 5.22 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 3.20150614. - Mark license. - Add BR on perl(open). - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Rebased to svn rev 816781 - Rebased to svn rev 818599 - Rebased to svn rev 819819 for F12 beta - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - cleanup spec - bump to revision 1686756 (rhbz#1234167) - use right license - generate html - move sources to devel subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - rebuild for haskell-platform-2011.4.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - update to latest darcs - update to 0.14.0 release - update to 1.16.0.2 - split out of haskell-platform (#1069062) - only show cabal-install upgrade notice for verbose - mark bash_completion.d and profile.d files as config (#1069062) - require filesystem and setup to own the sysconfig dirs (#1069062) - bump release over haskell-platform - f21 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - security release for http uploads - New release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Update to latest upstream release - Fix for CVE-2013-4422 (BZ#1017437) - Update to latest upstream release - Update to latest upstream release - Update to latest upstream - BZ1205130 - patch for CTCP Denial of Service - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Update to 2.0.s06 - Patch the source in order to be used on Fedora - The software can't be deamonize, so initscript is useless - Clean and recycle the spec file - Update to 2.0.s08 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - bump to newest release and fix some bugs - new upstream - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Initial package. - Rebased on 0.8 upstream. - Rebased on 0.9 upstream. - Removed python-posix_ipc dependency. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Updated latest source. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Updated latest source. - Added python-webassets as require - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to latest source - Add python3 support - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - PKI TRAC Ticket #283 - Dogtag 10: Integrate Tomcat 6 'tomcatjss.jar' and Tomcat 7 'tomcat7jss.jar' in Fedora 18 tomcatjss package - Bugzila Bug #819554 tomcatjss: Please migrate from tomcat6 to tomcat7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Updated tomcatjss to utilize tomcat-7.0.40. - Updated JNIDIR to /usr/lib/java. - Simplify installation of docs. - Remove versioned symlink (rhbz#1022167) - Move to java-headless - Resolves: rhbz#1068567 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Bugzilla Bug #1058366 NullPointerException in tomcatjss searching for attribute "clientauth" (cfu) - Bugzilla Bug #871171 - Provide Tomcat support for TLS v1.1 and TLS v1.2 (cfu) - Bumped revision to 7.1.1 - Bugzilla Bug #1198450 - Support for Tomcat 8 - Bugzilla Bug #1214858 - Add nuxwdog support (alee) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Update to nss-3.16.2 - Update to nss-3.17.0 - Update to nss-3.17.1 - Update to nss-3.17.2 - Update to nss-3.17.3 - Update to nss-3.17.4 - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added upstream fix for threading issue with plugin registration (bug #912307). - Applied upstream fixes for threading (bug #951984). - Update to new release candidate version. - Update to new release candidate version. - Update to new upstream version. - Added a reference for Mac MLU tag - Added a way to read the profile creator from header - Added error descriptions on cmsSmoothToneCurve - Added identity curves support for write V2 LUT - Added new cmsPlugInTHR() and fixed some race conditions - Added TIFF Lab16 handling on tifficc - Fixed a bug on big endian platforms not supporting uint64 or long long. - Fixed a multithead bug on optimization - Fixed devicelink generation for 8 bits - Fixed some 64 bit warnings on size_t to uint32 conversions - Rendering intent used when creating the transform is now propagated to profile - RGB profiles store only one copy of the curve to save space - Transform2Devicelink now keeps white point when guessing deviceclass is enabled - Update black point detection algorithm to reflect ICC changes - User defined parametric curves can now be saved in ICC profiles - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to new upstream version. - Added a way to retrieve matrix shaper always, no matter LUT is present - Added pthread dependency - Big revamp on Contexts, from Artifex - Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks - Fixed some indexing out of bounds in floating point interpolation - Fix for delete tag memory corruption - New locking plug-in, from Artifex - Update to new upstream version. - Added a flag to clip negative values in unbounded transforms - Added a global optimization that merges consecutive matrices in pipelines. - Initial rpm build - Added tests - Corrected file lists - Added docs - Split documentation to separate sub package - Make nosetest for py3 a wildcard - Correct nosetest3* usage - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Upload new archive with removed binary blobs - RHB #760366 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream. - Update to latest upstream. - Build python3 interface. - Drop unneeded dependencies. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Update to 3.1.0 - Correct the python3 package dependency. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - ExcludeArch armv7hl - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 1.5.10. - Update to 1.5.11. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.6.0. - Update to 1.7.0. - Update to 1.7.1 - Update %description. - Update to 1.7.3. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 1.7.4. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Perl 5.16 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 1.043 bump - 1.044 bump - 1.045 bump - 1.046 bump - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial release - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Declare GPL license usage due to list.h - Use version macro in spec file - Enable verbose building via V=1 - Use install -p to preserve timestamp of non generated files - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5 release - Update to 3.6 release - Added the kyua-tests package providing the run-time tests of Kyua, readily runnable by the end users. - Updated to new upstream version 0.5. - Made the installation of the package preserve the build times of the files. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Use Lutok 0.3 to support Lua 5.2. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.6 - Update to 0.7. - Update to 0.8. - Depend on atf-0.20 for libatf-c++ ABI changes. - initial spec - new upstream release - patch Makefile to be able to generate useful debuginfo - enable debuginfo - move non-executable file abibcode.awk to /usr/share/cdsclient - spec cleanups - new upstream release - new upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Initial package - Resolves: rhbz#1156492 - initial fedora upload - quiet setup - no test files, disable check - Add commit and shortcommit global variable related: #1156492 - Bump to upstream 2831f11f66ff4008f10e2cd7ed9a85e3d3fc2bed related: #1156492 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Update to nss-3.16.2 - Update to nss-3.17.0 - Update to nss-3.17.1 - Update to nss-3.17.2 - Update to nss-3.17.3 - Update to nss-3.17.4 - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Package new upstream version open-vm-tools-9.4.6-1770165 - Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) to generate configure script, this is required for version 9.4.6 as it does not have configure script bundled in the tar - Fix (sizeof_argument.patch) for bad sizeof argument error - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild for ICU 53.1 - Rebuild for new procps-ng version. - rebuild for ICU 54.1 - Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) - Package new upstream version open-vm-tools-9.10.0-2476743 - New version requires adding a new service vgauthd - Removed old patches that are no longer needed - Fix (asm_x86.patch) for correct GCC version check - Fix (strerror_r.patch) for picking GNU signature of strerror_r - Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 - F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel dependency ourselves. - Put Fedora 23 specific fix under a conditional, so that the change can be backported to other branches easily if required. - Claim ownership for /etc/vmware-tools directory - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - initial Fedora version - Add doxygen-generated documentation in doc subpackage - Use explicit soversion in files section - Update sources to lastest git snapshot (3ceb8ae) - Remove empty doc macro from devel subpackage - Make doc subpackage dependent on main package - Document archive generation process and regenerate source archive - Use _smp_mflags macro when building doc to silence fedora-review - Updated sources to official libserialport release - Added "Provides" for bundled jquery - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Initial version of the library - Fixed length bug reported by shawjef3 - big endian fix - More portable b64 libraries implemented. - Documentation corrections - Code improvements, courtesy of Coverity - Bugfixes involving large N, failure return values - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Work around broken krb5 with empty passwords [#960001] - Fix memory corruption issue [#959999] - Update to 0.7, fixing various bugs - Update to upstream 0.7.1 release - Fix problems with salt discovery [#961399] - Bump version to get around botched update - Run 'make check' when building the package - Build with verbose output logging - Update to upstream point release 0.7.2 - Part of fix for bug [#961244] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream point release 0.7.3 - Don't try to set encryption types on Windows 2003 - Update to upstream point release 0.7.4 - Correctly handle truncating long host names - Try to contact all available addresses for discovery - Build fixes - Update to upstream point release 0.7.5 - Workaround for discovery via IPv6 address - Correctly put IPv6 addresses in temporary krb5.conf - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - no changes - Adding URL to pypi and fix semantic issues for official fedora-review - Use autotools to build the project - Dropped unused python_ver global - Replaced the %libname macro with %name - Included the target directory /usr/lib/safelease in the RPM file list - Included a description of the package - Adding %license macro for COPYING - Adding vdsm hack to require platform depended packages which vdsm needs - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - update to latest upstream version - clean up spec for modern rpmbuild - update to latest upstream version - license change from LGPLv2+ to LGPLv3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - Updated to 1.12 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrok 0.2.1 - rebuild for new libzip - scan /sys/class/usbmisc - add support for Rigol DS1152 scopes with upgraded bandwidth - resolves: #1025968 - udev rules should react also on the usbmisc subsystem - update to libsigrok 0.2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuilt for libftdi1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to libsigrok 0.3.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to 1.4.10 (#843971). - Cleanup spec file. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - correct synergy-plus obs_ver - increase synergy-plus obs_ver once more to obsolete the F20 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 1.5.0 - Update source url - libcurl-devel, qt-devel, cryptopp-devel and desktop-file-utils buildrequired - unbundle cryptopp - unbundle gmock and gtest - include synergy gui - fix icon path - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 1.5.1 - Update to 1.6.1 - BuildRequire avahi-compat-libdns_sd-devel - Update to 1.6.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Updated to emacs-goodies 33.5-1 - Updated to emacs-goodies 34.1-1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Updated to new upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Patch problems with ctypes.el Bug#833103 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - packaging enhancements (pkg-config, license tag) - packaging enhacements (structure, redundancy, ownership, scriptlets, symlink) - version bump so as not to collide with python-clufter co-packaged with pcs - bump upstream package - bump upstream package - add dependency on python-setuptools - bump upstream package - bump upstream package - bump upstream package - bump upstream package - move completion module to clufter-cli sub-package - bump upstream package - bump upstream package - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Drop desktop vendor tag. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild (exiv2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix builds for new arches (aarch64/ppc64le) - Modernise spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild (libgphoto2) - Fix the build with lensfun 0.3 (#1184156) - Rebuilt for GCC 5 C++11 ABI change - Rawstudio from github https://github.com/rawstudio/rawstudio/ . - Drop all patches beacuse they are upstreamed. - https://fedoraproject.org/wiki/Packaging:SourceURL#Github - Updated requirements. - Use a parcial copy of autogen.sh to build this package. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - update to latest upstream version - clean up spec for modern rpmbuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - update to latest upstream version - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Perl 5.20 rebuild - 0.24 bugfix bump - 0.27 bugfix bump - Show must go on! - Update to latest release - Update to latest release - Update to latest release (# 1195539, 1195779) - Update to latest release (# 1201585) - Update to the latest release (#1205700) - Update to the latest release (#1210132) - Update to the latest release (#1218015, 1200569, 1206484) - Update to the latest release (#1222017) - Fix the License: field to Unlicense. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - packaging enhancements (pkg-config, license tag) - packaging enhacements (structure, redundancy, ownership, scriptlets, symlink) - version bump so as not to collide with python-clufter co-packaged with pcs - bump upstream package - bump upstream package - add dependency on python-setuptools - bump upstream package - bump upstream package - bump upstream package - bump upstream package - move completion module to clufter-cli sub-package - bump upstream package - bump upstream package - New upstream version 5.12 (RHBZ#837949). - Bring specfile up to modern standards. - Remove commented sections from previous commit. - Remove both patches (equivalent changes now upstream). - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream version 5.13. - Various documentation fixes (RHBZ#948883). - Enable /etc/watchdog.d directory for storing test binaries (RHBZ#657750, RHBZ#831190). - Missing BR systemd-units. - Update .gitignore. - Drop Group line, not required by modern RPM. - Rename README.Fedora to README.RHEL on RHEL. - Fix License field (software is GPLv2+, not "GPL+"). - SELinux: do not reopen descriptors for reading when only appending. - SELinux: Add /usr/libexec/watchdog/scripts/ for test-bin and repair-bin to inherit from. - systemd: service with network available dependency - systemd: correct cgroup for realtime settings - Document SELinux and systemd. - build version bump to resolve conflict of present build with discarded result. - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Fix %check phase. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add python3 package. - Update to 0.18. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.19. - Patch for BZ #1127796. - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuild against PCRE 8.30 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 2.6.0 - Build with global hardening as maildrop has setuid binaries and reads untrusted input - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove version from the doc directory name (#993910) - Update to 2.7.1 - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - Initial package. - Added six to build dependencies, needed during tests - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - ExcludeArch armv7hl - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuild due to "jpeg8-ABI" feature drop - Update to 2.9 - Upgrade to the Java packaging draft (JNI jar/so location) - Rebuild for hdf5 1.8.11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild for hdf5 1.8.12 - Update version - Change R:java to R:java-headless (Bug 1068283). - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuild for hdf 1.8.13 - Update to jhdf5 1.10.1 - rebuilt - Added make check to spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - New upstream release - New upstream release (1.2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release (1.3) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (closes #1167664) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - ecryptfs-utils updated to 101 - ecryptfs-utils updated to 103 - make executables hardened (#965505) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ecryptfs-migrate-home did not restore selinux labels (#1017402) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - ecryptfs-utils updated to 104 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - fix pam sigsegv (#1184645) - ecryptfs-utils updated to 106 - Update to 4.0.1.17 - Update to 4.0.1.18 - Require x2goserver-xession - Do not require x2goserver-xession, do not ship feature file in main package - Apply upstream fix for issue with Xsession aborting - Fix local desktop sharing breakage (bug #1180303) - Obsolete x2goserver-extensions to provide upgrade path from upstream rpms - Update to 4.0.1.19 - Drop Xsession and path patches fixed upstream - Provide x2goserver-extensions for upstream compatibility - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - more CSD fixes - edit description - add CSD fixes to f20 as well - more CSD fixes - update to 2.4.4 - drop upstream patches - update to 2.4.5 - bump release - update to git snapshot - update to git snapshot - update to 2.6.0 release - update to 2.6.1 release - fix packaging error (bz 1230988) - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - New upstream version (#828716) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.7.9 - New upstream release - New upstream release - Version bump - Return success if a domain exists but is already off. - bswap fix for big endian - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop libvirt-qmf-plugin - Rebuild - Fail properly when unable to bind the TCP listener socket. - Resolves: rhbz#814515 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream version 0.3.1 - New upstream version 0.3.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Initial RPM release - Added comment explaining licensing - Moved 'ChangeLog' file to doc subpackage (file much larger than library) - Removed -devel dependency for -doc subpackage - Removed _missing_build_ids_terminate_build undef - Update to libsigrokdecode-0.1.1 release - Drop dependency of -doc subpackage - Use explicit soversion in files section - Remove README from -devel subpackage (already included in main package) - Remove ChangeLog from -doc subpackage (only contains a 'git log') - Own datadir/libsigrokdecode directory - Add python3-devel as dependency of -devel subpackage - Add graphviz as a build dependency (needed for doxygen docs) - Cherry-pick upstream patch clarifying license - Fix typo in comment - Make verbose build (V=1 make) - Remove unneeded buildroot and defattr tags - Update to libsigrokdecode 0.2.0 release (soname version bump) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrokdecode-0.3.0 release - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Initial packaging - Revert patch to link to libc, causes a dep on GLIBC_PRIVATE - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1154165 - initial package - update to latest upstream master - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - Initial packaging - Cleanup of the spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild - Replace maven BuildRequires with maven-local - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Use Requires: java-headless rebuild (#1067528) - Switch to XMvn - Use pom macros - Update to 1.0.5 - Use the snappy package instead of a precompiled library - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Added dependency to libconfig - Bring spec up to date with current guidelines (no clean/Buildroot) - Modified CFLAGS - Prettified description - Set config file path - Prepare for 0.2 release - Set the epoch to 1 to solve branching issues with other releases - Add doc files - Upstream 0.3 with support for CA_CERT, plus minor bugfixes. - Upstream 0.3.1 with fixes for memory corruption on 32-bit platforms. - Upstream 0.3.2 with fixes for correct pam stacking. - fix build on all 64-bit arches - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Upstream 0.3.3 with minor new features. - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix license tag - enable sparc64 - actually fix license tag (whoops) - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Disable SSL3 - Support TLS 1.1 and newer using the NSS Version Range APIs. - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Initial Package - build documentation - use other URL - smaller source tarball with --exclude-vcs - correct soname - adjust path to gpr files - add tools subpackage - add ldconfig call - add manpages for the tools - Rebuild for new gnat - Rebuild (#918586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 11.8.0 and rebuild for gcc - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Inception - Package review fixes - Make appdata-validate informative, not imperative. - fix %files datadir ownership - remove redundant .desktop validation checks - add transitive dep in -common sub-package - Remove bundled libraries per package guidelines - Move waf ./configure to %build phase - Now using upstream 2014.03 - re-jiggered waf configure per upstream - Use current appdata validation standards. - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - more CSD fixes - edit description - add CSD fixes to f20 as well - more CSD fixes - update to 2.4.4 - drop upstream patches - update to 2.4.5 - bump release - update to git snapshot - update to git snapshot - update to 2.6.0 release - update to 2.6.1 release - fix packaging error (bz 1230988) - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Initial Fedora package - Update to 3.1.0.7 - Update to 3.1.1.0 - Create x2godesktopsharing group - Preserve timestamps on install - Update icon cache - Fix description formatting - Install scripts with correct permissions - Fix FSF address - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 3.1.1.1 (fixes bug #1065575) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.1.1.2 - Release 1.3.2.18 - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47763 - winsync plugin modify is broken - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47815 - Add operations rejected by betxn plugins remain in cache - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47808 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Release 1.3.2.19 - Ticket 47779 - Potential deadlock after startup if a dna configuration change is made - Ticket 47839 - 389-ds production segfault: __memcpy_sse2_unaligned... - Release 1.3.2.20 - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) 389-ds-base-1.3.2.22 = 389-ds-base-1.3.2.19 + Bug 1127833 fix. - Release 1.3.2.23 - Ticket 47871 - 389-ds-base-1.3.2.21-1.fc20 crashed over the weekend - Ticket 47866 - Errors after upgrading related to attribute "dnaremotebindmethod" - Ticket 47816 - v2- internal syncrepl searches are flagged as unindexed - Ticket 47877 - check_and_add_entry fails for changetype: add and existing entry - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47875 - dirsrv not running with old openldap - Revert "Ticket #47875 - dirsrv not running with old openldap" - Ticket 47875 - dirsrv not running with old openldap - Ticket 47446 - logconv.pl memory continually grows - Ticket 47874 - Performance degradation with scope ONE after some load - Ticket 47872 - Filter AND with only one clause should be optimized - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - fix the indentation - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.24 - Ticket 47922 - dynamically added macro aci is not evaluated on the fly - Ticket 47897 - Need to move slapi_pblock_set(pb, SLAPI_MODRDN_EXISTING_ENTRY, original_entry->ep_entry) prior to original_entry overwritten - Ticket 47920 - Encoding of SearchResultEntry is missing tag - Ticket 47919 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. - Ticket 47918 - result of dna_dn_is_shared_config is incorrectly used - Ticket 47900 - Server fails to start if password admin is set - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47900 - Adding an entry with an invalid password as rootDN is incorrectly rejected - Ticket 47907 - ldclt: assertion failure with -e "add,counteach" -e "object=<ldif file>,rdn=uid:test[A=INCRNNOLOOP(0;24 - Ticket 47889 - DS crashed during ipa-server-install on test_ava_filter - Ticket 47885 - did not always return a response control - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47875 - dirsrv not running with old openldap - Ticket 47875 - dirsrv not running with old openldap - Ticket 47885 - deref plugin should not return references with noc access rights - Ticket 47457 - default nsslapd-sasl-max-buffer-size should be 2MB - Bump version to 1.3.2.25 - Ticket 47996 - ldclt needs to support SSL Version range - Ticket 47991 - upgrade script fails if /etc and /var are on different file systems - Ticket 47989 - Windows Sync accidentally cleared raw_entry - Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute - Ticket 47934 - nsslapd-db-locks modify not taking into account. - Ticket 47617 - replication changelog trimming setting validation - Ticket 47905 - Bad manipulation of passwordhistory - Ticket 47973 - During schema reload sometimes the search returns no results - Ticket 47659 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV - Ticket 47880 - provide enabled ciphers as search result - Ticket 47945 - Add SSL/TLS version info to the access log - Ticket 47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only] - Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 47980 - Nested COS definitions can be incorrectly processed - Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone - Ticket 47965 - Fix coverity issues (2014/12/16) - Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown. - Ticket 47750 - Need to refresh cache entry after called betxn postop plugins - Ticket 47942: DS hangs during online total update - Ticket 47722 - Using the filter file does not work - Ticket 47965 - Fix coverity issues (2014/11/24) - Ticket 47969 - Fix coverity issue - Ticket 47970 - add lib389 testcase - Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind - Ticket 47969 - COS memory leak when rebuilding the cache - Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown - Ticket 47963 - skip nested groups breaks memberof fixup task - Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations - Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions - Ticket 47958 - Memory leak in password admin if the admin entry does not exist - Ticket 47952 - PasswordAdminDN attribute is not properly returned to client - Ticket 47953 - Should not check aci syntax when deleting an aci - Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS - Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued - bump version to 1.3.2.26 - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Ticket 47963 - memberof skip nested groups breaks the plugin - Bump version to 1.3.2.27 - Resolves: Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release. 1.4.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for GCC 5 C++11 ABI change - Update to latest upstream release. - Build splat-hd. - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New version Resolves: rhbz#849594 - Fixed -R option placement Resolves: rhbz#861937 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added group-separator, no-group-separator options decription - Aligned output of built-in help - Defuzzified gnulib-tests-rm-f patch - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New version Resolves: rhbz#1023698 - Fixed bogus date in the changelog - Dropped gnulib-tests-rm-f patch, rejected upstream and not needed for Fedora build system - Dropped man-fix-R patch, upstreamed - De-fuzzified other patches - Removed coloring restriction for interactive shells Resolves: rhbz#1034631 - New version Resolves: rhbz#1047813 - De-fuzzified patches - New version Resolves: rhbz#1066310 - De-fuzzified patches - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Drop desktop vendor tag. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild (exiv2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix builds for new arches (aarch64/ppc64le) - Modernise spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild (libgphoto2) - Fix the build with lensfun 0.3 (#1184156) - Rebuilt for GCC 5 C++11 ABI change - Rawstudio from github https://github.com/rawstudio/rawstudio/ . - Drop all patches beacuse they are upstreamed. - https://fedoraproject.org/wiki/Packaging:SourceURL#Github - Updated requirements. - Use a parcial copy of autogen.sh to build this package. - include bind, earthquake, hadoop, lighttpd, python, qpid, redis, registry - require docker-io - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - archful as per docker-io - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - more dockerfiles with bugfixes - fixing the source file with a version bump - we don't want debug package since it is noarch - update to master commit: f6cd84c2454208c8e0ba8c207f5eaaca37933b70 - preserve timestamps while copying files over - more dockerfiles - fixing the upstream to the official fedora-cloud account - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 2.1rc1 from git - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to the 3.0rc1 from git - Add -devel package. - build -compat subpackage against compat-lua - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - lua 5.3 - Rebuild for new lua - Fix broken release tag - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Initial package - Remove clean section, install unversioned javadocs - Accurate licenses in header - Fix license header again - Add license file to javadoc package - Remove defattr - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 1.9.0 - Revise build process and only enable extensions for which we have dependencies - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Enable "treetable" extension which wasn't being built by default - Initial rpm build - Added tests - Corrected file lists - Added docs - Split documentation to separate sub package - Make nosetest for py3 a wildcard - Correct nosetest3* usage - Perl 5.20 rebuild - Update to 3.20140831. - Perl 5.20 mass - Update to 3.20140916. - Exclude the S3 plugin on on RHEL instead of renaming it. - Update to 3.20141016. - Update to 3.20150107. - Update to 3.20150329. - Minor packaging changes regarding the Python plugin. - Perl 5.22 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 3.20150614. - Mark license. - Add BR on perl(open). - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 2.1rc1 from git - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to the 3.0rc1 from git - Add -devel package. - build -compat subpackage against compat-lua - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - lua 5.3 - Rebuild for new lua - Fix broken release tag - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial commit for Fedora resolves: #1204614 - Update to version 0.0.1 related: #1204614 - Update to version 0.0.3 related: #1204614 - Update to 30.0 build 1 - Disabled shared js - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix mozilla-config.h wrapper on aarch64 - Update to 31.0 build 2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 32.0 build 1 - move /sdk/bin to xulrunner libdir - Update to 32.0.2 - sync fixes to the same as firefox - Update to 33.0 - Fix filelist for secondary arches - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - new version - new version - new version - new version - new version - new version - new version - new version - new version - new version - Merge review fixes, BZ 226132. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix FBTFS, modernise spec - updated to latest mcelog - removed mcelog-fix-trigger-path-and-cacheing.patch. AFAICT triggers are correctly installed - added mcelog-disable-cron-job.patch as mcelog runs in daemon mode by default in Fedora - remaining scriptlets replaced with new systemd macros (#850199) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 101 (#1175832) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream release - Remove dependency of probes on urcu-bp - New upstream bugfix release - Remove patches applied upstream - add build workaround for s390(x) - New upstream release - Bump URCU dependency - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (include snapshop feature) - Rebuilt for URCU Soname change - New upstream release - Add new files (man and doc) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Require Django >= 1.4 - Update to 2.6.5 - Update to 2.6.6 - Update to 2.6.7 - Create and own directories in tftp_dir - Add patch to fix virt-install support for F21+/EL7 (bug #1188424) - Update to 2.6.8 - Backport upstream patch to fix centos version detection (bug #1201879) - Support django 1.8 in Fedora 22+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 2.6.9 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - New upstream release candidate 5.2.1rc1 - New upstream release 5.2.1 - 1167331: Enabled native systemd support. - Does not disable old systemd, starter, ipsec.conf support yet. - New strongswan developer release 5.2.2dr1 - Enabled ccm, and ctr plugins as it seems enabling just openssl does not work for using ccm and ctr algos. - new version 5.2.2 - Fixes strongswan swanctl service issue rhbz#1193106 - new version 5.3.0 - new version 5.3.1 - new version 5.3.2 - First package for Fedora resolves: #1193902 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - remove rhel logic from with_python3 conditional - Rebuild for Python 3.3 - Fix for use of sphinx's manpage writer with docutils-0.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Fix inheritance_diagram quoting bug, exposed by the newer, stricter dot - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add sphinx-*-3 links to scripts Resolves: #1098109 - Clean up python3-sphinx's locale files, they ended up in the python2 package. Share the locale files in /usr/share instead - If a separate LaTeX subpackage is not generated, the main package should have a virtual Provides: for it (bz#1187989) - Disable tests for the Python3 build; they were not fully adapted to Python 3. The tests previously passed because they were accidentally run using Python 2. - Complete LaTeX builder deps (fixes bz#882166) - Make test output verbose - Add BRs needed to enable all tests - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - New release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Update to latest upstream release - Fix for CVE-2013-4422 (BZ#1017437) - Update to latest upstream release - Update to latest upstream release - Update to latest upstream - BZ1205130 - patch for CTCP Denial of Service - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Updates from package review BZ986615 - Updates to build on F19, - Require systemd-units, allows mockbuild to work - Remove setuptools-git from setup.py, no downloads during build - 0.3 rc3 build - 0.3 release - Enable logging into /var/log/savanna - Fix db connection url - Include Vanilla Plugin SQL files (for EDP) - 2014.1.b1 release - 2014.1.b2 release - Added space around paramiko requires - Require stevedore >= 0.13 - Add patch to fix ssh options (bug #1066744) - Update to 4.0.2.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 4.0.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.0.3.0 - Update to 4.0.3.1 - Update to 4.0.3.2 - Rebuilt for GCC 5 C++11 ABI change - Update to 4.0.4.0 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Release 1.3.2.18 - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47763 - winsync plugin modify is broken - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47815 - Add operations rejected by betxn plugins remain in cache - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47808 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Release 1.3.2.19 - Ticket 47779 - Potential deadlock after startup if a dna configuration change is made - Ticket 47839 - 389-ds production segfault: __memcpy_sse2_unaligned... - Release 1.3.2.20 - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) 389-ds-base-1.3.2.22 = 389-ds-base-1.3.2.19 + Bug 1127833 fix. - Release 1.3.2.23 - Ticket 47871 - 389-ds-base-1.3.2.21-1.fc20 crashed over the weekend - Ticket 47866 - Errors after upgrading related to attribute "dnaremotebindmethod" - Ticket 47816 - v2- internal syncrepl searches are flagged as unindexed - Ticket 47877 - check_and_add_entry fails for changetype: add and existing entry - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47875 - dirsrv not running with old openldap - Revert "Ticket #47875 - dirsrv not running with old openldap" - Ticket 47875 - dirsrv not running with old openldap - Ticket 47446 - logconv.pl memory continually grows - Ticket 47874 - Performance degradation with scope ONE after some load - Ticket 47872 - Filter AND with only one clause should be optimized - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - fix the indentation - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.24 - Ticket 47922 - dynamically added macro aci is not evaluated on the fly - Ticket 47897 - Need to move slapi_pblock_set(pb, SLAPI_MODRDN_EXISTING_ENTRY, original_entry->ep_entry) prior to original_entry overwritten - Ticket 47920 - Encoding of SearchResultEntry is missing tag - Ticket 47919 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. - Ticket 47918 - result of dna_dn_is_shared_config is incorrectly used - Ticket 47900 - Server fails to start if password admin is set - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47900 - Adding an entry with an invalid password as rootDN is incorrectly rejected - Ticket 47907 - ldclt: assertion failure with -e "add,counteach" -e "object=<ldif file>,rdn=uid:test[A=INCRNNOLOOP(0;24 - Ticket 47889 - DS crashed during ipa-server-install on test_ava_filter - Ticket 47885 - did not always return a response control - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47875 - dirsrv not running with old openldap - Ticket 47875 - dirsrv not running with old openldap - Ticket 47885 - deref plugin should not return references with noc access rights - Ticket 47457 - default nsslapd-sasl-max-buffer-size should be 2MB - Bump version to 1.3.2.25 - Ticket 47996 - ldclt needs to support SSL Version range - Ticket 47991 - upgrade script fails if /etc and /var are on different file systems - Ticket 47989 - Windows Sync accidentally cleared raw_entry - Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute - Ticket 47934 - nsslapd-db-locks modify not taking into account. - Ticket 47617 - replication changelog trimming setting validation - Ticket 47905 - Bad manipulation of passwordhistory - Ticket 47973 - During schema reload sometimes the search returns no results - Ticket 47659 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV - Ticket 47880 - provide enabled ciphers as search result - Ticket 47945 - Add SSL/TLS version info to the access log - Ticket 47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only] - Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 47980 - Nested COS definitions can be incorrectly processed - Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone - Ticket 47965 - Fix coverity issues (2014/12/16) - Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown. - Ticket 47750 - Need to refresh cache entry after called betxn postop plugins - Ticket 47942: DS hangs during online total update - Ticket 47722 - Using the filter file does not work - Ticket 47965 - Fix coverity issues (2014/11/24) - Ticket 47969 - Fix coverity issue - Ticket 47970 - add lib389 testcase - Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind - Ticket 47969 - COS memory leak when rebuilding the cache - Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown - Ticket 47963 - skip nested groups breaks memberof fixup task - Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations - Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions - Ticket 47958 - Memory leak in password admin if the admin entry does not exist - Ticket 47952 - PasswordAdminDN attribute is not properly returned to client - Ticket 47953 - Should not check aci syntax when deleting an aci - Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS - Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued - bump version to 1.3.2.26 - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Ticket 47963 - memberof skip nested groups breaks the plugin - Bump version to 1.3.2.27 - Resolves: Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial RPM release - Added comment explaining licensing - Moved 'ChangeLog' file to doc subpackage (file much larger than library) - Removed -devel dependency for -doc subpackage - Removed _missing_build_ids_terminate_build undef - Update to libsigrokdecode-0.1.1 release - Drop dependency of -doc subpackage - Use explicit soversion in files section - Remove README from -devel subpackage (already included in main package) - Remove ChangeLog from -doc subpackage (only contains a 'git log') - Own datadir/libsigrokdecode directory - Add python3-devel as dependency of -devel subpackage - Add graphviz as a build dependency (needed for doxygen docs) - Cherry-pick upstream patch clarifying license - Fix typo in comment - Make verbose build (V=1 make) - Remove unneeded buildroot and defattr tags - Update to libsigrokdecode 0.2.0 release (soname version bump) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrokdecode-0.3.0 release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Add server_args to /etc/xinetd.d/bitlbee (#1102062) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upgrade to 3.2.2 (#1116567) - Enable libpurple support additionally to built-in protocols - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) - Really disable libpurple support for Fedora except Rawhide - Disable libpurple due to dbus issues also in EPEL (#1126930) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release. - Requires libotr >= 4 (so EPEL-6 will require new build of libotr 4) - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release (#1205936) - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Fix %check phase. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add python3 package. - Update to 0.18. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.19. - Patch for BZ #1127796. - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Initial Package. - Split out the doc package. - Add some missing BRs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.1 - Fix the unusable package. - Correct the pkgconfig libdir path. - NVR bump - %files section typo fix - Library path fix again. - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Update to 31.4.0 - Fixed rhbz#1187746 - GLib allocation error when starting thunderbird - Update to 31.5.0 - Fixed build flags for s390(x) - Add an AppData file for the software center - Update to 31.6.0 - rebuild for libvpx 1.4.0 - stop using compat defines, they went away in libvpx 1.4.0 - Update to 31.7.0 - Update to 38.0.1 - Bundling calendar extension - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Require Django >= 1.4 - Update to 2.6.5 - Update to 2.6.6 - Update to 2.6.7 - Create and own directories in tftp_dir - Add patch to fix virt-install support for F21+/EL7 (bug #1188424) - Update to 2.6.8 - Backport upstream patch to fix centos version detection (bug #1201879) - Support django 1.8 in Fedora 22+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 2.6.9 - Update to 30.0 build 1 - Disabled shared js - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix mozilla-config.h wrapper on aarch64 - Update to 31.0 build 2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 32.0 build 1 - move /sdk/bin to xulrunner libdir - Update to 32.0.2 - sync fixes to the same as firefox - Update to 33.0 - Fix filelist for secondary arches - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Update to 0.8, rhbz #915292. - Update to 0.9, rhbz #954346. - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream, rhbz #1043784. - Update to upstream, rhbz #1061604. - Update to upstream, rhbz #1097055. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Perl 5.20 rebuild - Update to 1.3.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Initial rpm build - Include license file - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Version bump - Return success if a domain exists but is already off. - bswap fix for big endian - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop libvirt-qmf-plugin - Rebuild - Fail properly when unable to bind the TCP listener socket. - Resolves: rhbz#814515 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream version 0.3.1 - New upstream version 0.3.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Release 1.3.2.18 - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47763 - winsync plugin modify is broken - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47815 - Add operations rejected by betxn plugins remain in cache - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47808 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Release 1.3.2.19 - Ticket 47779 - Potential deadlock after startup if a dna configuration change is made - Ticket 47839 - 389-ds production segfault: __memcpy_sse2_unaligned... - Release 1.3.2.20 - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) 389-ds-base-1.3.2.22 = 389-ds-base-1.3.2.19 + Bug 1127833 fix. - Release 1.3.2.23 - Ticket 47871 - 389-ds-base-1.3.2.21-1.fc20 crashed over the weekend - Ticket 47866 - Errors after upgrading related to attribute "dnaremotebindmethod" - Ticket 47816 - v2- internal syncrepl searches are flagged as unindexed - Ticket 47877 - check_and_add_entry fails for changetype: add and existing entry - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47875 - dirsrv not running with old openldap - Revert "Ticket #47875 - dirsrv not running with old openldap" - Ticket 47875 - dirsrv not running with old openldap - Ticket 47446 - logconv.pl memory continually grows - Ticket 47874 - Performance degradation with scope ONE after some load - Ticket 47872 - Filter AND with only one clause should be optimized - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - fix the indentation - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.24 - Ticket 47922 - dynamically added macro aci is not evaluated on the fly - Ticket 47897 - Need to move slapi_pblock_set(pb, SLAPI_MODRDN_EXISTING_ENTRY, original_entry->ep_entry) prior to original_entry overwritten - Ticket 47920 - Encoding of SearchResultEntry is missing tag - Ticket 47919 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. - Ticket 47918 - result of dna_dn_is_shared_config is incorrectly used - Ticket 47900 - Server fails to start if password admin is set - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47900 - Adding an entry with an invalid password as rootDN is incorrectly rejected - Ticket 47907 - ldclt: assertion failure with -e "add,counteach" -e "object=<ldif file>,rdn=uid:test[A=INCRNNOLOOP(0;24 - Ticket 47889 - DS crashed during ipa-server-install on test_ava_filter - Ticket 47885 - did not always return a response control - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47875 - dirsrv not running with old openldap - Ticket 47875 - dirsrv not running with old openldap - Ticket 47885 - deref plugin should not return references with noc access rights - Ticket 47457 - default nsslapd-sasl-max-buffer-size should be 2MB - Bump version to 1.3.2.25 - Ticket 47996 - ldclt needs to support SSL Version range - Ticket 47991 - upgrade script fails if /etc and /var are on different file systems - Ticket 47989 - Windows Sync accidentally cleared raw_entry - Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute - Ticket 47934 - nsslapd-db-locks modify not taking into account. - Ticket 47617 - replication changelog trimming setting validation - Ticket 47905 - Bad manipulation of passwordhistory - Ticket 47973 - During schema reload sometimes the search returns no results - Ticket 47659 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV - Ticket 47880 - provide enabled ciphers as search result - Ticket 47945 - Add SSL/TLS version info to the access log - Ticket 47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only] - Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 47980 - Nested COS definitions can be incorrectly processed - Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone - Ticket 47965 - Fix coverity issues (2014/12/16) - Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown. - Ticket 47750 - Need to refresh cache entry after called betxn postop plugins - Ticket 47942: DS hangs during online total update - Ticket 47722 - Using the filter file does not work - Ticket 47965 - Fix coverity issues (2014/11/24) - Ticket 47969 - Fix coverity issue - Ticket 47970 - add lib389 testcase - Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind - Ticket 47969 - COS memory leak when rebuilding the cache - Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown - Ticket 47963 - skip nested groups breaks memberof fixup task - Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations - Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions - Ticket 47958 - Memory leak in password admin if the admin entry does not exist - Ticket 47952 - PasswordAdminDN attribute is not properly returned to client - Ticket 47953 - Should not check aci syntax when deleting an aci - Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS - Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued - bump version to 1.3.2.26 - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Ticket 47963 - memberof skip nested groups breaks the plugin - Bump version to 1.3.2.27 - Resolves: Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Fixed broken dep on fltk for coda-vcodacon - Found an additional missing depends - Extend coda-6.9.5-vcodacon-configure.patch to reflect fltk headers having changed (Fix FTBS). - Add "touch-magic" to avoid rerunning the autotools. - Revert the Fri Jun 03 2011's spec changes. - Converted sysv init script to systemd scripts (bz 771490) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed service file error (bz1071534) - Fixed auth2 pid file naming (bz 1074321) - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - bug 521523 - add the "which" package to the Requires - Excluding PPC for EPEL builds as there is not openjdk there - 1.1.4 release - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - use jpackage_script instead of packaging our own shell script - support "skins" package for other brands/versions - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 1.1.9 release - Ticket 47604 - 389-console: remove versioned jars from /usr/share/java - Ticket 97 - 389-console should provide man page - Fixed symlink creation - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - Initial package - Add doc subpackage and make optflags - Update packaging - Update file permissions for bin/fossil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.28 - Remove patch to use system sqlite - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update config.guess/sub to fix ftbfs on new architectures (aarch64/ppc64le) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to latest release - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - New package with Kanji stroke order font 2.015 release. - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version, with additions and improvements to about 40 characters - New version - Using new GitHub rule to get archive with tests - Run tests manually - Added BR python-defusedxml - Dropped dance around release and development versioning - Added patch for Django 1.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Change Docdir to Unversioned Docdir - Fix unversioned docdir issue (rhbz#1001252). - Fix bogus changelog entry. - update to 0.11.0 (rhbz#959137) - remove check section :-(, upstream does not provide tests in tarballs - update to 0.11.1 (rhbz#1100733) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix python-dateutil Requires. - Fix python-dateutil requires - Update to 0.12.1 (rhbz#1142992) - 1163349: New upstream release 5.08 - 1163349: New upstream release 5.09. - New upstream release 5.10. - New upstream release 5.11. - New upstream release 5.12. - New upstream release 5.13. - New upstream release 5.14. - New upstream release 5.15. - 1155977: Fixed upstream too so removed the associated patch - Updates other patches too. - New upstream release 5.16. - New upstream release 5.17. - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to latest upstream release. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release. - Update to latest upstream release. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to latest upstream release. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - 2.2.4-1 - version upgrade (#701603) - Rebuild for new libpng - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 2.3-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 2.3.1-1 - version upgrade - Initial package - accomodated changes from Vincent Batts - gopath is in the rpm macros, and set exclusive arch too, to prevent s390 builds - move the buildarch noarch to the devel, since it is source only - preserve timestamps of source copied and as an added perk - the tomlv command provided in this project is useful for validating *.toml files - go test - do not own golang directories - defattr and attr not needed - Bump to upstream 2ceedfee35ad3848e49308ab0c9a4f640cfb5fb2 - spec file polishing to follow go draft related: #1120865 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild - New upstream release (closes #590476) - CHANGELOG no longer included - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release (closes #789583) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Initial package. - Rebased on 0.8 upstream. - Rebased on 0.9 upstream. - Removed python-posix_ipc dependency. - remove rhel logic from with_python3 conditional - Rebuild for Python 3.3 - Fix for use of sphinx's manpage writer with docutils-0.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Fix inheritance_diagram quoting bug, exposed by the newer, stricter dot - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add sphinx-*-3 links to scripts Resolves: #1098109 - Clean up python3-sphinx's locale files, they ended up in the python2 package. Share the locale files in /usr/share instead - If a separate LaTeX subpackage is not generated, the main package should have a virtual Provides: for it (bz#1187989) - Disable tests for the Python3 build; they were not fully adapted to Python 3. The tests previously passed because they were accidentally run using Python 2. - Complete LaTeX builder deps (fixes bz#882166) - Make test output verbose - Add BRs needed to enable all tests - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Fix my changelog: date error reporting - Update to new snaphot - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to new release - Update to new release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to new release - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Update to 4.0.1.17 - Update to 4.0.1.18 - Require x2goserver-xession - Do not require x2goserver-xession, do not ship feature file in main package - Apply upstream fix for issue with Xsession aborting - Fix local desktop sharing breakage (bug #1180303) - Obsolete x2goserver-extensions to provide upgrade path from upstream rpms - Update to 4.0.1.19 - Drop Xsession and path patches fixed upstream - Provide x2goserver-extensions for upstream compatibility - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Ticket #281 - TLS not working with latest openldap - Ticket #161 - Review and address latest Coverity issues - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuild for new icu - Rebuild with correct icu on s390(x) -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password - Ticket #47415 "Manage certificates" crashes admin server - 8647ad8 fix compiler warnings - enhancements to test ticket 47415 - bump version to 1.1.21 - Ticket 47929 - adminutil - future proof getSSLVersion - Ticket 47929 - Adminutil - do not use SSL3 by default - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47881 - crash during debug session in adminutil - Ticket 47680 - Upgraded 389-admin rpms and now I can't start dirsrv-admin - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - ecryptfs-utils updated to 101 - ecryptfs-utils updated to 103 - make executables hardened (#965505) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ecryptfs-migrate-home did not restore selinux labels (#1017402) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - ecryptfs-utils updated to 104 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - fix pam sigsegv (#1184645) - ecryptfs-utils updated to 106 - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Initial version of the library - Fixed length bug reported by shawjef3 - big endian fix - More portable b64 libraries implemented. - Documentation corrections - Code improvements, courtesy of Coverity - Bugfixes involving large N, failure return values - Added README as doc in file section. - More specific files section. - Build requires change from python-devel to python2-devel. - Remove bundled egg-info. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New Upstream Version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New Upstream version - Fix BZ #1002074 - New Upstream version - python3 add subpackage - the version 0.8.3 have bug - New Upstream version 0.8.4 - don't trip over missing /etc/sysconfig/network file (#857412) - pull updated translations - install and use timezone translations properly - pkexec the right executable - tighten policy - hide SIGINT from firstboot exception handler (#862828) - pull updated translations - pull updated and new translations (#878319) - catch (rare) errors from fork() - catch unavailable display (#766936) - pull updated time zones - pull updated translations (#950571) - use optimized icon scriptlets - cope with systemd executables in several possible locations (#1048136) - pull updated translations - don't use exec in pkexec wrapper script (#1185857) - cope with unavailable display in pygtk >= 2.10 (#1197480) - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Patch "structsiginfo" to replace occurrences of "struct siginfo" by "siginfo_t". - Path "objalloc" to fix libiberty security bug CVE-2012-3509. https://bugzilla.redhat.com/show_bug.cgi?id=877014 - Enable Python to support STL extensions. https://bugzilla.redhat.com/show_bug.cgi?id=865554 - Patch "bz883591" to fix a segmentation fault. https://bugzilla.redhat.com/show_bug.cgi?id=883591 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Patch "nocygnus" to replace automake option "cygnus" by "foreign no-dist". - Compress snapshot tar archive with xz. https://bugzilla.redhat.com/show_bug.cgi?id=980597 - Patch "texinfo5" to adapt doc to texinfo version 5. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Use our own python and syscalls scripts rather than gdb's. https://bugzilla.redhat.com/show_bug.cgi?id=1067668 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Initial package. - Rebased on 0.8 upstream. - Rebased on 0.9 upstream. - Removed python-posix_ipc dependency. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - Created by pyp2rpm-0.5.1 - Revised - Introduced Python 3 subpackage - Remove the example in main() from the library and keep it separated - Added patch witch Python 3 specific things - Dealing with more Pyhton 3 stuff - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for Python 3.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.1.5 - Removed upstreamed patch. - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Initial version. - Update to 2014.11.14. - Rebuild the HTML docs. - Update License tag. - Update upstream URL. - Update to 2014.12.15. - Update to 2014.12.24. - Update to 2015.03.18. - Apply updated Python packaging guidelines. - Update to 2015.05.10. - Update to 2015.05.28. - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Added make check to spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - New upstream release - New upstream release (1.2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release (1.3) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (closes #1167664) - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - First package for Fedora resolves: #1196368 - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - fix license tag - enable sparc64 - actually fix license tag (whoops) - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Disable SSL3 - Support TLS 1.1 and newer using the NSS Version Range APIs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Updated to version 0.9.30.4 - Use default fonts, editoroptions.xml file removed - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop desktop vendor tag. - Updated to version 1.0.8 - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for Free Pascal with arm-support - Updated to version 1.0.14 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - initial version - implemented initial fixes suggested in BZ #1004257 - removed unused EL5 support, removed invalid BuildRoot, fixed BuildRequires - removed the unnecessary attr directive - fixed the location of the sed command invocation - make layout of install section consistent with that of build section - replaced {__python} with {__python2} - update to upstream release 2013.3.6 - replaced {python_sitelib} with {python2_sitelib} - update to pudb-2013.4 - update to pudb-2013.5.1 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - FTBFS, BZ 819236. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added more requires to devel package as per BZ922937 - Added _isa to explicit requires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - General spec cleanup - Move libs into _lib and remove ldd config file - Fixes versioned doc dir as per BZ993719 - Bump up release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Upgraded to new upstream version. - Various fixes to the specfile - Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - 4.13.97 - 4.14.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 4.14.1 - 4.14.2 - 4.14.3 - 14.11.97 - 14.12.1 - 14.12.2 - 14.12.3 - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to 2.0 release - fix bluetoothd path for report tool - add requires dbus-python - add requires pulseaudio-module-bluetooth for audio - remove browse feature (upstream patch) - ammend description - rename service file (upstream patch) - clean up requires and buildrequires - update scriptlets - clean up spec file - add requires pulseaudio-libs-glib2 - add requires bluez (bz 1228488) - remove appindicator support - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - add upstream fix for bz 1233237 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrok 0.2.1 - rebuild for new libzip - scan /sys/class/usbmisc - add support for Rigol DS1152 scopes with upgraded bandwidth - resolves: #1025968 - udev rules should react also on the usbmisc subsystem - update to libsigrok 0.2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuilt for libftdi1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to libsigrok 0.3.0 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Package new upstream version open-vm-tools-9.4.6-1770165 - Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) to generate configure script, this is required for version 9.4.6 as it does not have configure script bundled in the tar - Fix (sizeof_argument.patch) for bad sizeof argument error - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild for ICU 53.1 - Rebuild for new procps-ng version. - rebuild for ICU 54.1 - Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) - Package new upstream version open-vm-tools-9.10.0-2476743 - New version requires adding a new service vgauthd - Removed old patches that are no longer needed - Fix (asm_x86.patch) for correct GCC version check - Fix (strerror_r.patch) for picking GNU signature of strerror_r - Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 - F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel dependency ourselves. - Put Fedora 23 specific fix under a conditional, so that the change can be backported to other branches easily if required. - Claim ownership for /etc/vmware-tools directory - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - FTBFS, BZ 819236. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added more requires to devel package as per BZ922937 - Added _isa to explicit requires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - General spec cleanup - Move libs into _lib and remove ldd config file - Fixes versioned doc dir as per BZ993719 - Bump up release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Upgraded to new upstream version. - Various fixes to the specfile - Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - more CSD fixes - edit description - add CSD fixes to f20 as well - more CSD fixes - update to 2.4.4 - drop upstream patches - update to 2.4.5 - bump release - update to git snapshot - update to git snapshot - update to 2.6.0 release - update to 2.6.1 release - fix packaging error (bz 1230988) - Migrate to systemd, BZ 767409. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop desktop vendor tag. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to flumotion-0.10.1 to fix the most common bug. - Update to flumotion-0.11.0.1-20140103-886031a.tar.bz2 github source using snapshot-flumotion.sh and bundle command.tar.bz2 of flumotion/extern/command@509 , we don't want do svn co when building package. - Added small patch to fix build ( flumotion-common ). - Update .spec with .spec generated by flumotion source. - Patches md5, manpages spelling and deprecated functions from https://github.com/equinox0815/flumotion/ - fix .desktop entries . - Fix logrotate, rhbz #790345 - Minor improves. - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrok 0.2.1 - rebuild for new libzip - scan /sys/class/usbmisc - add support for Rigol DS1152 scopes with upgraded bandwidth - resolves: #1025968 - udev rules should react also on the usbmisc subsystem - update to libsigrok 0.2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuilt for libftdi1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to libsigrok 0.3.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 1.8.9 - Move some options into a new tab “Details” - Ignore Shift+Space hotkey to switch fullwidth/halfwidth if the database is not for CJK - Resolves: rhbz#1133422 - Pass IBus.KEY_KP_Enter to the application if the preedit is empty - Resolves: rhbz#1133424 - update to 1.8.10 - Disable auto_commit option for tables which do not have RULES - Resolves: rhbz#1135759 - Disable hotkey to switch Chinese mode if database is not Chinese - Disable “onechar” (Phrase mode/Single char mode) option for non-CJK databases - update to 1.8.11 - fixes a Python backtrace when the dconf key /desktop/ibus/engine/table/wubi-jidian86/onechar was not set - update to 1.9.0 - Redesign the property menus, use sub-menus instead of toggles - update to 1.9.1 - Use proper fallback when reading the localized table name - Show pinyin mode as well in the input mode indicator - update to 1.9.2 - Use directories according to theXDG Base Directory Specification - Resolves: rhbz#1172524 - When a leading invalid character is passed through, it needs to be remembered in self._prev_char - Change class “KeyEvent” to store the keycode as well - update to 1.9.3 - Try to get the English name of the table if run in locale C/POSIX - Resolves: rhbz#1197001 - update to 1.9.4 - Check existence of old log files before trying to delete them - Resolves: rhbz#1199673 - update to 1.9.5 - Don’t strip space when parsing phrases from a source table - Resolves: rhbz#1211208 - update to 1.9.6 - Use os.path.expanduser('~') instead of os.getenv('HOME') - Resolves: rhbz#1218023 - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream release - Remove dependency of probes on urcu-bp - New upstream bugfix release - Remove patches applied upstream - add build workaround for s390(x) - New upstream release - Bump URCU dependency - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (include snapshop feature) - Rebuilt for URCU Soname change - New upstream release - Add new files (man and doc) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Updated to new upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Updated to new upstream version - Patches re-created and re-named - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Updated to new upstream version - Fixed bogus date in %changelog - Re-created patch to use system qtsingleapplication - Fixed include in lastfm.cpp and mediaview.cpp (patch dropped) - Removed %provides and %obsoletes (introduced when name changed) - Added a copy of the license LGPL because upstream removed it - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuild (qt/phonon) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to new upstream version 1.4 - Re-created patch to use system qtsingleapplication - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Update to new upstream version 2.2.1 - Update the extension to work with gnome shell 3.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 2.2.5 upstream version - Update to 2.3.3 with new calender updates - Fix python2.4/2.5 requirements - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.3.4, add pytz requirement - Update to upstream version 2.4.0 - Drop gnome shell extension: doesn't work correctly with gnome shell 3.14, and replacements are available - Update to upstream version 2.4.1: bug fixes - Created by pyp2rpm-0.5.1 - Revised - Introduced Python 3 subpackage - Remove the example in main() from the library and keep it separated - Added patch witch Python 3 specific things - Dealing with more Pyhton 3 stuff - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for Python 3.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.1.5 - Removed upstreamed patch. - Rebased on Cinch 2.0.7. - Rebased on Cinch 2.0.9. - Rebased on Cinch 2.0.10. - Rebased on Cinch 2.0.11. - Rebased on Cinch 2.0.12. - Rebased on Cinch 2.1.0. - Updated project URL. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebased on Cinch 2.2.2. - Added condition to the Provides to be only on EPEL and F20 - Rebased on Cinch 2.2.3. - Fixed the conditionals for the Requires to be easier to read. - Rebased on Cinch 2.2.4. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Fix %check phase. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add python3 package. - Update to 0.18. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.19. - Patch for BZ #1127796. - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - Don't depend on someone else to include unistd.h. Fixes FTBFS on gcc4.7 - Rebuilt for c++ ABI breakage - New upstream 0.2.2 - Remove unnecessary patches - New upstream 0.3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream 0.3.3 - Use gstreamer1. - First RPM release - Upgrade to 1.0.0 version - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - initial packaging - disabled tests for EL6 - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - more CSD fixes - edit description - add CSD fixes to f20 as well - more CSD fixes - update to 2.4.4 - drop upstream patches - update to 2.4.5 - bump release - update to git snapshot - update to git snapshot - update to 2.6.0 release - update to 2.6.1 release - fix packaging error (bz 1230988) - Added make check to spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - New upstream release - New upstream release (1.2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release (1.3) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (closes #1167664) - Release 1.3.2.18 - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47763 - winsync plugin modify is broken - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47815 - Add operations rejected by betxn plugins remain in cache - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47808 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Release 1.3.2.19 - Ticket 47779 - Potential deadlock after startup if a dna configuration change is made - Ticket 47839 - 389-ds production segfault: __memcpy_sse2_unaligned... - Release 1.3.2.20 - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Release 1.3.2.21 - Resolves: #1127833 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) 389-ds-base-1.3.2.22 = 389-ds-base-1.3.2.19 + Bug 1127833 fix. - Release 1.3.2.23 - Ticket 47871 - 389-ds-base-1.3.2.21-1.fc20 crashed over the weekend - Ticket 47866 - Errors after upgrading related to attribute "dnaremotebindmethod" - Ticket 47816 - v2- internal syncrepl searches are flagged as unindexed - Ticket 47877 - check_and_add_entry fails for changetype: add and existing entry - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47875 - dirsrv not running with old openldap - Revert "Ticket #47875 - dirsrv not running with old openldap" - Ticket 47875 - dirsrv not running with old openldap - Ticket 47446 - logconv.pl memory continually grows - Ticket 47874 - Performance degradation with scope ONE after some load - Ticket 47872 - Filter AND with only one clause should be optimized - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 47753 - Add switch to disable pre-hashed password checking - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47797 - fix the indentation - Ticket 47797 - DB deadlock when two threads (on separated backend) try to record changes in retroCL - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Release 1.3.2.24 - Ticket 47922 - dynamically added macro aci is not evaluated on the fly - Ticket 47897 - Need to move slapi_pblock_set(pb, SLAPI_MODRDN_EXISTING_ENTRY, original_entry->ep_entry) prior to original_entry overwritten - Ticket 47920 - Encoding of SearchResultEntry is missing tag - Ticket 47919 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. - Ticket 47918 - result of dna_dn_is_shared_config is incorrectly used - Ticket 47900 - Server fails to start if password admin is set - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47900 - Adding an entry with an invalid password as rootDN is incorrectly rejected - Ticket 47907 - ldclt: assertion failure with -e "add,counteach" -e "object=<ldif file>,rdn=uid:test[A=INCRNNOLOOP(0;24 - Ticket 47889 - DS crashed during ipa-server-install on test_ava_filter - Ticket 47885 - did not always return a response control - Ticket 47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted. - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47875 - dirsrv not running with old openldap - Ticket 47875 - dirsrv not running with old openldap - Ticket 47885 - deref plugin should not return references with noc access rights - Ticket 47457 - default nsslapd-sasl-max-buffer-size should be 2MB - Bump version to 1.3.2.25 - Ticket 47996 - ldclt needs to support SSL Version range - Ticket 47991 - upgrade script fails if /etc and /var are on different file systems - Ticket 47989 - Windows Sync accidentally cleared raw_entry - Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute - Ticket 47934 - nsslapd-db-locks modify not taking into account. - Ticket 47617 - replication changelog trimming setting validation - Ticket 47905 - Bad manipulation of passwordhistory - Ticket 47973 - During schema reload sometimes the search returns no results - Ticket 47659 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV - Ticket 47880 - provide enabled ciphers as search result - Ticket 47945 - Add SSL/TLS version info to the access log - Ticket 47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only] - Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 47980 - Nested COS definitions can be incorrectly processed - Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone - Ticket 47965 - Fix coverity issues (2014/12/16) - Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown. - Ticket 47750 - Need to refresh cache entry after called betxn postop plugins - Ticket 47942: DS hangs during online total update - Ticket 47722 - Using the filter file does not work - Ticket 47965 - Fix coverity issues (2014/11/24) - Ticket 47969 - Fix coverity issue - Ticket 47970 - add lib389 testcase - Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind - Ticket 47969 - COS memory leak when rebuilding the cache - Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown - Ticket 47963 - skip nested groups breaks memberof fixup task - Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations - Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions - Ticket 47958 - Memory leak in password admin if the admin entry does not exist - Ticket 47952 - PasswordAdminDN attribute is not properly returned to client - Ticket 47953 - Should not check aci syntax when deleting an aci - Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS - Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued - bump version to 1.3.2.26 - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Ticket 47963 - memberof skip nested groups breaks the plugin - Bump version to 1.3.2.27 - Resolves: Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] - Ticket 48027 - revise the rootdn plugin configuration validation - Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Added README as doc in file section. - More specific files section. - Build requires change from python-devel to python2-devel. - Remove bundled egg-info. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New Upstream Version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New Upstream version - Fix BZ #1002074 - New Upstream version - python3 add subpackage - the version 0.8.3 have bug - New Upstream version 0.8.4 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - initial package - update - update to latest version - remove uncesary changes of directory - change define to global - fix documentation directory - Fix description - specified php version as pointed out by phpci - update to 2.1.0 - use our own package.xml created by Remi Collet as upstream doesn't use pear anymore - update to 2.1.3 - update to 2.1.4 - sources from github - fix upstream URL - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - update to 2.1.7 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial package - Backported commit c6949531d2399f81a5e15caf256f156dd68e00e9 for OwnCloud - Sub-packaged examples - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - new upstream release 1.0.6-beta - apply CA trust store path substitution to Curl as well as Stream - use new ASL 2.0 directory - add Packagist/Composer provide - new upstream release 1.1.2 - relocate autoloader to make it work with systemwide installation - update autoloader relocation patch to match latest upstream submission - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Initial build - add nodejs-tap to build requirements - remove whitespace - remove dot at the end of summary - add BuildArch noarch - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial package - Use systemd for rhel7 - Own logrotate.d - Fix python2-devel dep - Update to 2.0.12-Oracle - Update to 2.0.13 - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Minor fixes for httpd.conf location (jomara@redhat.com) - Fixing tuskar prep location (jomara@redhat.com) - Removing %configure block (jomara@redhat.com) - Adding PBR to buildrequires (jomara@redhat.com) - Adding PBR to buildrequires (jomara@redhat.com) - Fixing various rpm issues (jomara@redhat.com) - Fixing more rpmlint issues (jomara@redhat.com) - __python --> __python2 (jomara@redhat.com) - remove wsgi, add post/preun/postun runs for systemctl - misc cleanup from additional reviews (jomara@redhat.com) - new source 0.2.3 (jomara@redhat.com) - Package new upstream version open-vm-tools-9.4.6-1770165 - Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) to generate configure script, this is required for version 9.4.6 as it does not have configure script bundled in the tar - Fix (sizeof_argument.patch) for bad sizeof argument error - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild for ICU 53.1 - Rebuild for new procps-ng version. - rebuild for ICU 54.1 - Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) - Package new upstream version open-vm-tools-9.10.0-2476743 - New version requires adding a new service vgauthd - Removed old patches that are no longer needed - Fix (asm_x86.patch) for correct GCC version check - Fix (strerror_r.patch) for picking GNU signature of strerror_r - Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 - F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel dependency ourselves. - Put Fedora 23 specific fix under a conditional, so that the change can be backported to other branches easily if required. - Claim ownership for /etc/vmware-tools directory - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Update to upstream 0.11 release - Update to upstream 0.12 release - Update to 0.13 release - Update to 0.14 release - Update to 0.15 release - Put pam_reauthorize.so in the cockpit PAM stack - Update to 0.16 release - Update to 0.18 release - Add glib-networking build requirement - Distribute our own selinux policy in cockpit RPM until available for real in F21 and later - Update to 0.19 release - Update to 0.20 release - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - [frontend] bugfix: context_processor shouldn't return None - [frontend] task queue sorting fix - fix spec parsing on arm - 'manage.py update_indexes' and search fix - [RHBZ:1131286] RFE: API endpoint for a project's "monitor" status - new package [copr-keygen] built with tito - [keygen] minor fixes/typos - [keygen] fixed BuildRequeres in .spec; added requirements.txt - [keygen] cleanup in .spec - [keygen] .spec: run tests, build py3 version for fedora - [keygen] py3 compatibility - [keygen] added unittests - [keygen] changed shebang in run scripts to #!/usr/bin/python3, Requires: {,python3-}mod_wsgi - [keygen] package only python3 version, targeting f19+ - [keygen] python3 bugfix, added logging - [keygen] replaced Python RotatedFileHandler with logrotate.d - [keygen] [.spec] fixes to follow Fedora packaging guidelines - [keygen] added option "--no-auto-check-trustdb" to gpg wrapper - Initial release - change license to ASL 2.0 - add defattr (from rpmlint) - add group tag (from rpmlint) - add python-futures as build-dep - add __python2* macros; convert to them - update to 0.2 - fix python-ordereddict dependency typo - update to 0.4 - 0.3 changed module name to trollius for python3.4 compatability (issue #8; see README) - update to 1.0.1 - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added upstream fix for threading issue with plugin registration (bug #912307). - Applied upstream fixes for threading (bug #951984). - Update to new release candidate version. - Update to new release candidate version. - Update to new upstream version. - Added a reference for Mac MLU tag - Added a way to read the profile creator from header - Added error descriptions on cmsSmoothToneCurve - Added identity curves support for write V2 LUT - Added new cmsPlugInTHR() and fixed some race conditions - Added TIFF Lab16 handling on tifficc - Fixed a bug on big endian platforms not supporting uint64 or long long. - Fixed a multithead bug on optimization - Fixed devicelink generation for 8 bits - Fixed some 64 bit warnings on size_t to uint32 conversions - Rendering intent used when creating the transform is now propagated to profile - RGB profiles store only one copy of the curve to save space - Transform2Devicelink now keeps white point when guessing deviceclass is enabled - Update black point detection algorithm to reflect ICC changes - User defined parametric curves can now be saved in ICC profiles - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to new upstream version. - Added a way to retrieve matrix shaper always, no matter LUT is present - Added pthread dependency - Big revamp on Contexts, from Artifex - Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks - Fixed some indexing out of bounds in floating point interpolation - Fix for delete tag memory corruption - New locking plug-in, from Artifex - Update to new upstream version. - Added a flag to clip negative values in unbounded transforms - Added a global optimization that merges consecutive matrices in pipelines. - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - define __AVR_LIBC_DEPRECATED_ENABLE__ (bug 891556) - ino needs to know the arduino version (bug 905681) - own /etc/arudino and /usr/share/arduino (bug 911931) - Update to 1.0.5. - Remove bug891556.patch. - Remove wifishield firmware for now, until I figure out whether it's reasonable/permissible to include. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add arduino-build-platform.patch to allow building on ARM (rhbz 991988). - Unversion documentation directory. - Force update of icon cache so that icon appears straight away. - Add appdata.xml. - Associate .ino files with the Arduino IDE. - Update to 1.0.6. - Update to 4.0.1.17 - Update to 4.0.1.18 - Require x2goserver-xession - Do not require x2goserver-xession, do not ship feature file in main package - Apply upstream fix for issue with Xsession aborting - Fix local desktop sharing breakage (bug #1180303) - Obsolete x2goserver-extensions to provide upgrade path from upstream rpms - Update to 4.0.1.19 - Drop Xsession and path patches fixed upstream - Provide x2goserver-extensions for upstream compatibility - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - rebuild due to "jpeg8-ABI" feature drop - Update to 2.9 - Upgrade to the Java packaging draft (JNI jar/so location) - Rebuild for hdf5 1.8.11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild for hdf5 1.8.12 - Update version - Change R:java to R:java-headless (Bug 1068283). - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuild for hdf 1.8.13 - Update to jhdf5 1.10.1 - rebuilt - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.14.3 point release - Populate LoginFormats correctly [#961442] - Documentation clarifications - Set sssd.conf default_shell per domain - Notify in terminal output when installing packages - If joined via adcli, delete computer with adcli too [#961244] - If input is not a tty, read from stdin without getpass() [#983153] - Configure pam_winbind.conf appropriately [#983153] - Refer to FreeIPA as IPA - Support use of kerberos ccache to join when winbind - Update to upstream 0.14.4 point release - Fix up the [sssd] section in sssd.conf if it's screwed up - Add an --unattended argument to realm command line client - Clearer 'realm permit' manual page example - Update to upstream 0.14.5 point release - Fix regression conflicting --unattended and -U as in --user args - Pass discovered server address to adcli tool - Update to upstream 0.14.6 point release - Set 'kerberos method = system keytab' in smb.conf properly - Limit Netbios name to 15 chars when joining AD domain - Start oddjob after joining a domain [#967023] - Don't pass user defined strings to printf directly [#1049447] - Don't crash when full_name_format is missing in sssd.conf This is a regression from a prior update. - Fix desktop-centric polkit policy [#1094124] - Fixes for security issues: rhbz#1205752 rhbz#1205753 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - ecryptfs-utils updated to 101 - ecryptfs-utils updated to 103 - make executables hardened (#965505) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ecryptfs-migrate-home did not restore selinux labels (#1017402) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - ecryptfs-utils updated to 104 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - fix pam sigsegv (#1184645) - ecryptfs-utils updated to 106 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Initial package - Resolves: rhbz#1156492 - initial fedora upload - quiet setup - no test files, disable check - Add commit and shortcommit global variable related: #1156492 - Bump to upstream 2831f11f66ff4008f10e2cd7ed9a85e3d3fc2bed related: #1156492 - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Initial build. - Replaced the python-qpid-proton requirement. - Added egg info to the list of docs for this package. - First official build. - Rebased on Pyngus 1.2.0. - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - FTBFS, BZ 819236. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added more requires to devel package as per BZ922937 - Added _isa to explicit requires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - General spec cleanup - Move libs into _lib and remove ldd config file - Fixes versioned doc dir as per BZ993719 - Bump up release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Upgraded to new upstream version. - Various fixes to the specfile - Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails - Update to 0.6.0 - Update to 0.6.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.6.2 - update mime scriptlet, BR: qt4-devel - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 0.6.3 - Update to 0.6.4 - Refactor secondary patch - Update to 0.6.5 - Update to 0.6.6 - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - systemd service script - license - update to 0.7.25 - fix spec file. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - update to 0.7.26 fixed XSS vulnerability (rhbz 1111808) - update to 0.8.0 - update to 0.8.3 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - packaging enhancements (pkg-config, license tag) - packaging enhacements (structure, redundancy, ownership, scriptlets, symlink) - version bump so as not to collide with python-clufter co-packaged with pcs - bump upstream package - bump upstream package - add dependency on python-setuptools - bump upstream package - bump upstream package - bump upstream package - bump upstream package - move completion module to clufter-cli sub-package - bump upstream package - bump upstream package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to 2.3.8, rebuild for R 3.0.2 - update to 2.3.9 - prepare the python3 support: - add virtual provides for python-rpy - change the build requirement from python-devel to python2-devel - rebuild for R 3.0.3 - update to 2.3.10 - R 3.1.0 - R 3.1.1 - R 3.1.2 - R 3.1.3 - R 3.2.0 - R 3.2.1 - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - rebuild due to "jpeg8-ABI" feature drop - Update to 2.9 - Upgrade to the Java packaging draft (JNI jar/so location) - Rebuild for hdf5 1.8.11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild for hdf5 1.8.12 - Update version - Change R:java to R:java-headless (Bug 1068283). - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuild for hdf 1.8.13 - Update to jhdf5 1.10.1 - rebuilt - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Initial RPM package - Version 0.12 - Update maven-local and file section using new macro - Upstream version upgrade and fix issue in review process - Remove conditional build to target only f19 and remove unnecessary BR - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Use Requires: java-headless rebuild (#1067528) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Drop unnecessary BRs and ship a license - Upstream update to 0.14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - [s390*] Import upstream fix for 64->32 debugging. - Fix crash on optimized-out entry data values (BZ 1111910). - Fix memory errors with demangled name hash (Tom Tromey). - Fix regression of the optimized-out entry data values fix (of BZ 1111910). - Fix regression#2 of the optimized-out entry data values fix (of BZ 1111910). - Import upstream demangler fixes (Gary Benson, Andrew Burgess, BZ 1119559). - Install gdb/jit-reader.h on include directory (BZ 1141968). - Fix 'Slow gstack performance' (RH BZ 1149865, Jan Kratochvil). - Accelerate interactive symbols lookup 15x. - Fix 'Unowned dir /usr/include/gdb/' (RH BZ 1164991). - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Upload new archive with removed binary blobs - RHB #760366 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream. - Update to latest upstream. - Build python3 interface. - Drop unneeded dependencies. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Update to 3.1.0 - Correct the python3 package dependency. - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - new upstream release 0.7.17 - update to 0.8.12 (#846793) - make building pam_ldap conditional on the targeted release - add "After=named.service dirsrv.target slapd.service" to nslcd.service, to make sure that nslcd is started after them if they're to be started on the local system (#832706) - alter the versioned Obsoletes: on pam_ldap to include the F18 package - use %{_unitdir} when deciding where to put systemd configuration, based on patch from Václav Pavlín (#850232) - use new systemd macros for scriptlet hooks, when available, based on patch from Václav Pavlín (#850232) - drop local patch to make the client flush some more read buffers - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - in %post, attempt to rewrite any instances of "map group uniqueMember ..." to be "map group member ..." in nslcd.conf, as the attribute name changed in 0.8.4 (via freeipa ticket #3589) - update to 0.8.13 - correct a syntax error in the fix that was added for #832706 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build with _hardened_build macro - Backport fixes for #1003011 - New upstream release 0.8.14 - Remove upstreamed patches - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Initial version - Update to version 0.0.2 - Update to version 0.0..8 - add python2-devel BuildRequires - quiet setup - Properly formatted changelog - Add python-pbr as a BuildRequires - Update to 0.1.5 - Add dependency on new dib-utils package - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - Fixed broken dep on fltk for coda-vcodacon - Found an additional missing depends - Extend coda-6.9.5-vcodacon-configure.patch to reflect fltk headers having changed (Fix FTBS). - Add "touch-magic" to avoid rerunning the autotools. - Revert the Fri Jun 03 2011's spec changes. - Converted sysv init script to systemd scripts (bz 771490) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed service file error (bz1071534) - Fixed auth2 pid file naming (bz 1074321) - Drop desktop vendor tag. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild (exiv2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix builds for new arches (aarch64/ppc64le) - Modernise spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild (libgphoto2) - Fix the build with lensfun 0.3 (#1184156) - Rebuilt for GCC 5 C++11 ABI change - Rawstudio from github https://github.com/rawstudio/rawstudio/ . - Drop all patches beacuse they are upstreamed. - https://fedoraproject.org/wiki/Packaging:SourceURL#Github - Updated requirements. - Use a parcial copy of autogen.sh to build this package. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Build on ARM too - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Updated to 0.8 - Updated to 0.9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Updated to 0.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Build on aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Added appdata file - Update to 4.0.1.17 - Update to 4.0.1.18 - Require x2goserver-xession - Do not require x2goserver-xession, do not ship feature file in main package - Apply upstream fix for issue with Xsession aborting - Fix local desktop sharing breakage (bug #1180303) - Obsolete x2goserver-extensions to provide upgrade path from upstream rpms - Update to 4.0.1.19 - Drop Xsession and path patches fixed upstream - Provide x2goserver-extensions for upstream compatibility - Install applications symlink by default so that "Published Applications" is populated (bug #1215474) - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Initial packaging - Adding missing created directory - Ditching empty file irs_nxt.jpg - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - enhance manual pages and fix typos - Rebuild for boost 1.54.0 - New upstream version - manual header fixes - rebuild against boost 1.54.0 - New upstream version - New upstream version 0.2.7 - New upstream version 0.2.8 introducing cache_{check,dump,repair,restore} - New upstream version 0.3.2 introducing era_{check,dump,invalidate} - New upstream version - Manual header additions/fixes - Resolves: bz#1159466 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrok 0.2.1 - rebuild for new libzip - scan /sys/class/usbmisc - add support for Rigol DS1152 scopes with upgraded bandwidth - resolves: #1025968 - udev rules should react also on the usbmisc subsystem - update to libsigrok 0.2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuilt for libftdi1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to libsigrok 0.3.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Initial packaging - Remove old RPM relics - Bulk sad and useless attempt at consistent SPEC file formatting - Update to a new release tarball - Update to a newer snapshot - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.3 release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Update to 0.4 release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - First package for Fedora resolves: #1148704 - Correct Source0 URL - Correct paths for golang.org/x/crypto/* - Repository has moved to github.com/golang/crypto, updating spec file accordingly resolves: #1231618 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial version - Update call to update icon cache to match the one provided in http://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Icon_Cache - Remove useless call to update-mime-database - Use macro /builddir/build/BUILDROOT/office-runner-1.0.2-1.fc20.x86_64 consistently - New upstream release - More efficient drawing of the timer label - Fix conflicting desktop file categories - Fix "time to better time" calculation - Added French translation - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - Added dependency to libconfig - Bring spec up to date with current guidelines (no clean/Buildroot) - Modified CFLAGS - Prettified description - Set config file path - Prepare for 0.2 release - Set the epoch to 1 to solve branching issues with other releases - Add doc files - Upstream 0.3 with support for CA_CERT, plus minor bugfixes. - Upstream 0.3.1 with fixes for memory corruption on 32-bit platforms. - Upstream 0.3.2 with fixes for correct pam stacking. - fix build on all 64-bit arches - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Upstream 0.3.3 with minor new features. - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - 1.4.4. - Prevent the D-Bus service from freezing by disabling openprinting driver downloads in that service (bug #1052203). - 1.4.x requires gtk3 instead of gtk2 (#1099611) - 1.4.5: - Some codec fixes (bug #968142, bug #1023968, bug #1094037). - Traceback fixes (bug #982071, bug #1090479, bug #1105229). - IPv6 address entry fix (bug #1074245). - Auth info saving improvement (bug #1089029). - Use LockButton for fewer auth dialogs (bug #714820). - Handle failure when cups-pk-helper not installed (bug #1118836). - Fix job retrieval (bug #1119222). - 1.4.6. - 1.4.7: - Extract hostname from hp:/net/...?hostname= URIs when grouping by physical device (bug #1154686). - Fixed lock handling when OpenPrintingRequest is cancelled (bug #1156660). - Install smbclient and libsane-hpaio on demand. - Tell user how to retrieve journal entries as root in troubleshooter (bug #1157253). - Codec fix for AuthDialog.get_auth_info (bug #1060453). - Cancel deferred timer on quit (possible fix for bug #1145388). - Catch IPPError when writing server settings (bug #1159584). - Fixed moving jobs between queues. - 1.4.8: - Consider version suffices in PPD Nickname for Canon drivers. - Refresh job-printer-uri when updating job, to fix job auth. - Traceback fix (bug #1171469). - Handle non-UTF8 PPD files (Launchpad #1400232). - Firewall-handling fix (bug #1179590). - Fixed typo preventing retrieve/reprint from working. - Handle missing 'licensetext'/'functionality' fields for downloadable drivers. - Parse serial device URIs correctly (bug #1186475). - Fixed callback race (bug #1176443). - Don't try decoding already-decoded Unicode (bug #1195974). - Fixed display of downloadable drivers (bug #1167978). - Fixes for CMD matching (bug #1167978, bug #1171874). - Fixed artifacts when compositing emblems (bug #1200375). - Fixed traceback (bug #1213136). - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to 1.4.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.6.1 - add rifle command - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix documentation typo - Fix the right file (was the source file, but upstream regenerates the installed file manually). - fix mupdf binary name (rhbz#1186823) - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - sync with debian mmv_1.01b-15 - man page formatting fixes - wrap cmdname in basename() (debian: #452989) - initialize tv_usec (debian: #452993) - enable LFS support - updated changelog and copyright files - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - sync with debian mmv_1.01b-18 - deb pkg format switch to 3.0 - format-security fix - added diagnostic for directories - man page improvements - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial RPM release - Added comment explaining licensing - Moved 'ChangeLog' file to doc subpackage (file much larger than library) - Removed -devel dependency for -doc subpackage - Removed _missing_build_ids_terminate_build undef - Update to libsigrokdecode-0.1.1 release - Drop dependency of -doc subpackage - Use explicit soversion in files section - Remove README from -devel subpackage (already included in main package) - Remove ChangeLog from -doc subpackage (only contains a 'git log') - Own datadir/libsigrokdecode directory - Add python3-devel as dependency of -devel subpackage - Add graphviz as a build dependency (needed for doxygen docs) - Cherry-pick upstream patch clarifying license - Fix typo in comment - Make verbose build (V=1 make) - Remove unneeded buildroot and defattr tags - Update to libsigrokdecode 0.2.0 release (soname version bump) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrokdecode-0.3.0 release - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Package new upstream version open-vm-tools-9.4.6-1770165 - Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) to generate configure script, this is required for version 9.4.6 as it does not have configure script bundled in the tar - Fix (sizeof_argument.patch) for bad sizeof argument error - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild for ICU 53.1 - Rebuild for new procps-ng version. - rebuild for ICU 54.1 - Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) - Package new upstream version open-vm-tools-9.10.0-2476743 - New version requires adding a new service vgauthd - Removed old patches that are no longer needed - Fix (asm_x86.patch) for correct GCC version check - Fix (strerror_r.patch) for picking GNU signature of strerror_r - Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 - F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel dependency ourselves. - Put Fedora 23 specific fix under a conditional, so that the change can be backported to other branches easily if required. - Claim ownership for /etc/vmware-tools directory - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - initial packaging - disabled tests for EL6 - Initial package - Updated as per the comments - Updated as per the Fedora usage guidelines - Updated to comply with Fedora guidelines - Correcting missing requirements & updating as per the Fedora guidelines - Updating licensing & other issues so as to comply with Fedora guidelines - Fixing licensing issues - Added conditional for F19/F20 and marked readme as doc - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Initial package. - Fix up Requires and BuildRequires - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - new upstream version 0.3 - VirtualBox compatibility - header decode util functions - docker first run error fix - excluded for ppc64 - debug_package nil - exclusivearch as per golang - noarch for f19+ and rhel7+, exclusivearch otherwise - removed double quotes from provides - require golang 1.2 and up - revert golang >= 1.2 version requirement - exclusivearch for el6+ - update to commit 67e2db24c8 (required for docker 1.0 https://github.com/dotcloud/docker/issues/5908 ) - Bump to upstream 05017fcccf23c823bfdea560dcc958a136e54fb7 related: #1001396 - Fixed #994814: enable time_quota helper - Update to latest upstream version 3.3.9 - Fixed #976815: file descriptors are hard coded to 16384 - Fixed: active ftp crashing - Fixed: offset of patches - Update to latest upstream bugfix version 3.3.11 - Fixed #1034306: fails to build for AArch64 - Fixed: active ftp - Fixed: building of helpers - new package version 3.3.12 - Fixed #1099970: missing /var/run/squid folder - Update to upstream version 3.3.13 - Fixed: CVE-2014-3609 - Fixed: CVE-2014-6270 - Updated to upstream version 3.3.14 - Fixed: CVE-2015-3455 - rebuild due to "jpeg8-ABI" feature drop - Update to 2.9 - Upgrade to the Java packaging draft (JNI jar/so location) - Rebuild for hdf5 1.8.11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild for hdf5 1.8.12 - Update version - Change R:java to R:java-headless (Bug 1068283). - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuild for hdf 1.8.13 - Update to jhdf5 1.10.1 - rebuilt - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - Fix connecting to non-SSL servers (#953243). - Remove unused patch files. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix path to docs where doc dir is unversioned (#993765). - Update to 0.16 rc1 - Update Requires. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upstream release 0.16 rc2. - Upstream release 0.16. - Upstream release 0.16.1. - Force Python 2. Gajim is not quite ready for Python 3. - Bump required version of python-nbxmpp. - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - pull in upstream patch for CVE-2014-0160 - removed CHANGES file portion from patch for expediency - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) - print ephemeral key size negotiated in TLS handshake (#1057715) - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records - add ECC TLS extensions to DTLS (#1119803) - do not send ECC ciphersuites in SSLv2 client hello (#1090955) - copy digest algorithm when handling SNI context switch - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) - fix regression in RAND locking (#1225994) - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable - fix the CVE-2015-1791 fix (partially broken renegotiation) - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Link against ncursesw for lines with UTF-8 and PuTTY (#546032) - Corrected the wrong synopsis for -F/-N parameter (#601087 #c3) - Added patch to avoid pointer with free(ed) memory (#601087 #c2) - Updated man page patch to correct some further man page typos - Added two patches to avoid two crashes on arm architectures - Added patch to fix drives line going crazy if order is frozen - Added a patch to turns off the bar display using -b option - Fixed a segfault when using same argument repeatedly (#654343) - Added patch from Mats Erik Andersson to add IPv6 support - Added patch to use better hash algorithm in address pairs - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.0pre2 (#661448, #743535) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Added patch to fix a memory leak in resolver.c (#782275, #861582) - Run autoreconf to recognize aarch64 (#925579) - Added patch to fix needlessly caused assertion failure when using nss-myhostname (#839750, #847124, #868065, #961236, #1007434) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - package rendercheck - update to latest git - Update to the latest upstream - Update to the latest upstream, preparation for the package review - Update to the latest upstream - Corrections for the latest package review comments: - add files to %doc - fix BuildRequires ... this actually DOES build on s390* - remove %clean section - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - upstream rendercheck 1.5 release - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Initial Package. - Split out the doc package. - Add some missing BRs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.1 - Fix the unusable package. - Correct the pkgconfig libdir path. - NVR bump - %files section typo fix - Library path fix again. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - packaging enhancements (pkg-config, license tag) - packaging enhacements (structure, redundancy, ownership, scriptlets, symlink) - version bump so as not to collide with python-clufter co-packaged with pcs - bump upstream package - bump upstream package - add dependency on python-setuptools - bump upstream package - bump upstream package - bump upstream package - bump upstream package - move completion module to clufter-cli sub-package - bump upstream package - bump upstream package - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - initial package - change layout to match upstream's (with the /src sub-directory) - new release 3.0.3 - Related #688361 - Get ESC to run on Gecko 2.0. - Related #688361 - Get ESC to run on Gecko 2.0, again. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Pick up latest fixes. - Gecko no longer supports UniversalXPConnect, remove it. - Appease latest compiler errors and build to xulrunner 21.0. - Make buildable with kernels > 3.5. - %changelog syntax and bogus date fixes. - Bump xulrunner version to 22.0. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Appease more xulrunner changes. - Fix minor http client error. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Initial version 1.0.0 - Update to version 1.0.1 * Added --libs to pkg-config. * Added nss_wrapper-config.cmake * Fixed a bug packaging the obj directory. - resolves: #1060906 - Fedora package. - Remove Group - Remove glibc-devel build requirement - Do not create a subpackage. - resolves: #1075932 - Fix segfault in 'getent hosts'. - Update to version 1.0.2. - Update to version 1.0.3. - Fix format of changelog entries. - Require cmake. - Don't own _libdir/pkgconfig, and require pkgconfig instead. - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Upload new archive with removed binary blobs - RHB #760366 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream. - Update to latest upstream. - Build python3 interface. - Drop unneeded dependencies. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Update to 3.1.0 - Correct the python3 package dependency. - Version bump - Return success if a domain exists but is already off. - bswap fix for big endian - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop libvirt-qmf-plugin - Rebuild - Fail properly when unable to bind the TCP listener socket. - Resolves: rhbz#814515 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream version 0.3.1 - New upstream version 0.3.2 - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Ticket #281 - TLS not working with latest openldap - Ticket #161 - Review and address latest Coverity issues - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuild for new icu - Rebuild with correct icu on s390(x) -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password - Ticket #47415 "Manage certificates" crashes admin server - 8647ad8 fix compiler warnings - enhancements to test ticket 47415 - bump version to 1.1.21 - Ticket 47929 - adminutil - future proof getSSLVersion - Ticket 47929 - Adminutil - do not use SSL3 by default - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47881 - crash during debug session in adminutil - Ticket 47680 - Upgraded 389-admin rpms and now I can't start dirsrv-admin - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash. - bump rel for rebuild - support for apache 2.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - bump version to 1.1.31 - Ticket #476 - 389 ds do not start on F18 due to missing modules - Ticket #293 - remove-ds-admin.pl does not remove everything - Ticket 400 - BIND operation result not checked properly in admin server - Ticket 401 - Console login fails with anonymous access disabled - Rebuild for new icu - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 0417dc7 add Eclipse and patch files - f2004ea compiler warning - ldif_read_record lineno type depends on openldap version - Ticket #47413 389-admin fails to build with latest httpd - 2a67826 add more debugging for SSL connection problems - Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw - Ticket #47486 compiler warnings in adminutil, admin, dsgw - 14b1bf9 ignore files generated by Eclipse - Ticket 47467 - Improve CRL import error messages - Ticket 362 - Directory Console generates insufficient key strength - Ticket 47466 - Importing CA cert with existing name crashes security CGI - Ticket 47468 - Change security password validation error is out of order - Ticket #47334 - Avoid quoting all settings in console.conf - Ticket #47333 - Relabel lockfile when starting Admin Server - Ticket #47298 - remove-ds-admin.pl does not stop the admin server - Ticket #567 - Restart of Admin server from console fails on segfault - bump version to 1.1.38 - Ticket 48024 - repl-monitor invoked from adminserver cgi fails - Ticket 47995 - Admin Server: source code cleaning - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47929 - Admin Server - disable SSLv3 by default - Ticket 201 - nCipher HSM cannot be configured via the console - Ticket 47493 - Configuration Tab does not work with FIPS mode enabled - Ticket 47697 - Resource leak in lib/libdsa/dsalib_updown.c - Ticket 47860 - register-ds-admin.pl problem when following steps to replicate o=netscaperoot - Ticket 47548 - register-ds-admin does not register into remote config ds - Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47300 - Update man page for remove-ds-admin.pl - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47497 - Admin Express - remove "Security Level" - Ticket 47495 - admin express: wrong instance creation time - Ticket 47665 - Create new instance results in setting wrong ACI for the "cn=config" entry - Ticket 47478 - No groups file? error restarting Admin server - Ticket 47300 - [RFE] remove-ds-admin.pl: redesign the behaviour - Ticket 434 - admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve <ip address>" - Ticket 47563 - cannot restart directory server from console - Ticket 222 - Admin Express issues "Internal Server Error" when the Config DS is down. - Ticket 418 - Error with register-ds-admin.pl - Ticket 377 - Unchecked use of SELinux command Reviewed by: rmeggins - Ticket 47498 - Error Message for Failed to create the configuration directory server - Add patch to fix ssh options (bug #1066744) - Update to 4.0.2.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 4.0.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.0.3.0 - Update to 4.0.3.1 - Update to 4.0.3.2 - Rebuilt for GCC 5 C++11 ABI change - Update to 4.0.4.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Initial RPM release - Use {name} macro instead of 'pulseview' - Stop abusing wildcards in files section - Rebuild for boost 1.54.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to version 0.2.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - More Import-Package fixes. Note that fix-cglib-refs.patch is not suitable for upstream: http://code.google.com/p/mockito/issues/detail?id=373 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Patched LocalizedMatcher due to hamcrest update, (bug upstream) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Workaround for NPE in setting NamingPolicy - Use Requires: java-headless rebuild (#1067528) - Use junit R/BR over junit4. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Use .mfiles to pick up xmvn metadata - Don't use obsolete _mavenpomdir and _mavendepmapfragdir macros - Fix FTBFS - First build for EPEL7 - Resolves: BZ#1110030 - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - do not remove frontend/afe/fixtures - add mysql-server and conmux to requires for server - patches for #502 drone_utility does not respect results directory - patch for adding system-wide parser utility - Package 0.14.3 release - replace mod_python with mod_wsgi - Package 0.14.4 release - Dropped patches applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package 0.16.0 release - Fixed bogus date on ancient (0.11.0-2) release - Added patch in upstream 0.16.0 branch but still not on released tarball - Added python macros for proper building on EL6 - Added fix for shared module installation - Renamed httpd configuration so that it is parsed last - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Package 0.16.2 release - Removed downstream patches as they are now all upstream - Fixed #994814: enable time_quota helper - Update to latest upstream version 3.3.9 - Fixed #976815: file descriptors are hard coded to 16384 - Fixed: active ftp crashing - Fixed: offset of patches - Update to latest upstream bugfix version 3.3.11 - Fixed #1034306: fails to build for AArch64 - Fixed: active ftp - Fixed: building of helpers - new package version 3.3.12 - Fixed #1099970: missing /var/run/squid folder - Update to upstream version 3.3.13 - Fixed: CVE-2014-3609 - Fixed: CVE-2014-6270 - Updated to upstream version 3.3.14 - Fixed: CVE-2015-3455 - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Initial version. - Update to 2014.11.14. - Rebuild the HTML docs. - Update License tag. - Update upstream URL. - Update to 2014.12.15. - Update to 2014.12.24. - Update to 2015.03.18. - Apply updated Python packaging guidelines. - Update to 2015.05.10. - Update to 2015.05.28. - Bring in 1.0.9 from upstream. - Fixed the License, it is actually LGPL - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for Ruby 1.9.3. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0 - Update to FFI 1.4.0. - Use %{gem_extdir_mri} instead of %{gem_extdir}. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to FFI 1.9.3 - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release - Package new upstream version open-vm-tools-9.4.6-1770165 - Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) to generate configure script, this is required for version 9.4.6 as it does not have configure script bundled in the tar - Fix (sizeof_argument.patch) for bad sizeof argument error - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild for ICU 53.1 - Rebuild for new procps-ng version. - rebuild for ICU 54.1 - Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) - Package new upstream version open-vm-tools-9.10.0-2476743 - New version requires adding a new service vgauthd - Removed old patches that are no longer needed - Fix (asm_x86.patch) for correct GCC version check - Fix (strerror_r.patch) for picking GNU signature of strerror_r - Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 - F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel dependency ourselves. - Put Fedora 23 specific fix under a conditional, so that the change can be backported to other branches easily if required. - Claim ownership for /etc/vmware-tools directory - Update to 2.0.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 2.0.11 - enable on s390x - Update to 2.0.12 - Add EFI support for grub - Don't start kdump if there's no reserved memory - Change default action and filter level to same values as is used in kdump.conf by default - Fix couple of UI glitches - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 2.0.13 - Silence scrollkeeper warnings from scriptlets when it's not present - Update to 2.0.14 - Update to 2.0.15 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Initial package - accomodated changes from Vincent Batts - gopath is in the rpm macros, and set exclusive arch too, to prevent s390 builds - move the buildarch noarch to the devel, since it is source only - preserve timestamps of source copied and as an added perk - the tomlv command provided in this project is useful for validating *.toml files - go test - do not own golang directories - defattr and attr not needed - Bump to upstream 2ceedfee35ad3848e49308ab0c9a4f640cfb5fb2 - spec file polishing to follow go draft related: #1120865 - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Initial RPM release - Added comment explaining licensing - Moved 'ChangeLog' file to doc subpackage (file much larger than library) - Removed -devel dependency for -doc subpackage - Removed _missing_build_ids_terminate_build undef - Update to libsigrokdecode-0.1.1 release - Drop dependency of -doc subpackage - Use explicit soversion in files section - Remove README from -devel subpackage (already included in main package) - Remove ChangeLog from -doc subpackage (only contains a 'git log') - Own datadir/libsigrokdecode directory - Add python3-devel as dependency of -devel subpackage - Add graphviz as a build dependency (needed for doxygen docs) - Cherry-pick upstream patch clarifying license - Fix typo in comment - Make verbose build (V=1 make) - Remove unneeded buildroot and defattr tags - Update to libsigrokdecode 0.2.0 release (soname version bump) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrokdecode-0.3.0 release - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebased to svn rev 816781 - Rebased to svn rev 818599 - Rebased to svn rev 819819 for F12 beta - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - cleanup spec - bump to revision 1686756 (rhbz#1234167) - use right license - generate html - move sources to devel subpackage - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Added make check to spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - New upstream release - New upstream release (1.2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release (1.3) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (closes #1167664) - Update to 0.8.10 security release - Use upstream provided systemd files - Drop upstreamed patches, rebase log2syslog and notmp patches - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.9 git branch - Rebase patches - Require systemd-python for journal support - Ship jail.conf(5) man page - Ship empty /etc/fail2ban/jail.d directory - Update to current 0.9 git branch - Rebase init patch, drop jail.d and notmp patch applied upstream - Update to 0.9 - Use Fedora paths - Start after firewalld (bug #1067147) - Update to 0.9.1 (bug #1169024) - Fix php-url-fopen logpath (bug #1169026) - Update to 0.9.2 - Add requires ipset - Do not load user paths (bug #1202151) - Remove non-Linux actions - Run tests - Version bump - Return success if a domain exists but is already off. - bswap fix for big endian - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop libvirt-qmf-plugin - Rebuild - Fail properly when unable to bind the TCP listener socket. - Resolves: rhbz#814515 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream version 0.3.1 - New upstream version 0.3.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update nss-util build dependency - Fix check of test suite result - Update to nss-3.17.2 - Resolves: Bug 1155306 - Provide sym key derive mechansm as result of encryption of message - Update to nss-3.17.3 - Update to nss-3.17.4 - fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and release - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Initial package - Include template files - 0.3 rc3 build - 0.3 release - 2014.1.b1 release - 2014.1.b2 release - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Clarify auth middleware ordering in the hub settings template. (Daniel Mach) - Add kobo.threads -- a simple threading worker pool. (Daniel Mach) - Fix force_list and force_tuple to work with sets. (Daniel Mach) - Implement removing files from a file cache. (Daniel Mach) - Make shortcuts.run() thread-safe. (Daniel Mach) - Proxy support enhancement (Tomas Mlcoch) - Improve task ordering. (Daniel Mach) - Better formatting in Traceback output. (Tomas Tomecek) - Add JSONField.value_to_string() method. (Tomas Tomecek) - Improve task dir deletion and task files view. (Tomas Tomecek) - allow line buffering for shortcuts.run() (Tomas Kopecek) - Allow to specify buffer_size in shortcuts.run(). (Daniel Mach) - Add rpmlib.get_changelogs_from_header() and pkgset.RpmWrapper.changelogs. (Daniel Mach) - Support https_proxy environ variable (Tomas Mlcoch) - Create pid file in a more secure way. (Daniel Mach) - Create empty kobo.django.auth.models module to fix crashes in Django 1.4. (Daniel Mach) - Add shortcuts.makedirs() function which is identical to os.makedirs but doesn't fail on existing dirs. (Daniel Mach) - Fix typo in the 404.html template. (Daniel Mach) - Fix traceback on undefined workdir in kobo.shortcuts.run(). (Daniel Mach) - Add help-rst command which generates rst documentation for all CommandOptionParser's commands. (Daniel Mach) - Don't catch and mask any exceptions in cli.CommandOptionParser.run(). (Daniel Mach) - Set an empty keyring in rpmlib.get_rpm_header(). (Daniel Mach) - Format Fault's output to be nicer. (Tomas Tomecek) - Display error when cancelling task fails. (Tomas Tomecek) - Fix task cancelation method name. (Tomas Tomecek) - Add pkgset.SimpleRpmWrapper; support pickle by providing __getstate__() and __setstate__() methods. (Daniel Mach) - Enable searching in task list by label. (Tomas Tomecek) - Enable making custom queries in view task_list. (Tomas Tomecek) - Limit value length to 200 characters in tback.Traceback. (Daniel Mach) - Fix email.utils import to work with py2.4. (Daniel Mach) - Backwards compatibility bugfix in hub.models. (Tomas Tomecek) - Drop django and hub subpackages on rhel <= 5 - Set filename to be real name of a downloaded file. (Tomas Tomecek) - Fix logwatcher to scroll to latest logs. (Tomas Tomecek) - Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek) - Updated README for 0.4.0 release (Tomas Kopecek) - Revamp setup.py and related files. (Daniel Mach) - LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek) - Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek) - Add kobo.threads.run_in_threads() helper. (Tomas Kopecek) - Django 1.5 rebase. (Tomas Kopecek) - Remove unnecessary slots from pkgset.FileCache. (Daniel Mach) - Drop admin subpackage on rhel <= 5 - Drop admin, django and hub subpackages on epel 6 - Return 'nosrc' arch when RPMTAG_NOPATCH RPM header is set. (Daniel Mach) - Fix 'ImproperlyConfigured: The SECRET_KEY setting must not be empty.' exception in test_types.py. (Daniel Mach) - Fix setup script to install additional package data. (Daniel Mach) - Fix reading RPMTAG_NOSOURCE and RPMTAG_NOPATCH headers from 'nosrc' RPMs. (Daniel Mach) - Revamp make_nvr() and make_nvra(), make them public (add to __all__), add tests. (Daniel Mach) - Fix: display subtasks in task's detail view (Tomas Tomecek) - Fix JSONField (load and dump) (Tomas Tomecek) - Fix CSRF exemption in XML-RPC handler factory (Tomas Tomecek) - View simplifications (Tomas Kopecek) - Translate everything in templates (Tomas Kopecek) - Additional fields visible in admin, searching/filtering (Tomas Kopecek) - Use more proper class-based style for generic forms (Tomas Kopecek) - Refactored generic views. (Tomas Kopecek) - Fix rtf content type test for py2.4. (Daniel Mach) - Add FileCache.items() to export items() and also fix py3. (Daniel Mach) - Remove slots from most places. (Daniel Mach) - Improve shortcuts.parse_checksum_line() to support escaped checksum lines. (Daniel Mach) - Add 'executable' argument to shortcuts.run(). (Daniel Mach) - Rename User model to properly adjust to older db schema. (Tomas Kopecek) - Fix typo in login template. (Tomas Kopecek) - Switch from simplejson to json. (Daniel Mach) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach) - Admin page for kobo.auth.User (Tomas Kopecek) - Unset active menu if no other menu is active (Lubomír Sedlář) - Allow rendering menu for bootstrap's navbar (Lubomír Sedlář) - Handle menu items without text as dividers (Lubomír Sedlář) - allow --force in resubmit-tasks CLI command (Tomas Kopecek) - Django 1.6 db transaction model (Tomas Kopecek) - CLI command for viewing log files (Tomas Kopecek) - Display overall time in task page (Tomas Kopecek) - Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek) - Don't count assigned tasks into worker load. (Tomas Tomecek) - Human readable state exceptions. (Tomas Kopecek) - Human readable JSONField. (Tomas Kopecek) - [s390*] Import upstream fix for 64->32 debugging. - Fix crash on optimized-out entry data values (BZ 1111910). - Fix memory errors with demangled name hash (Tom Tromey). - Fix regression of the optimized-out entry data values fix (of BZ 1111910). - Fix regression#2 of the optimized-out entry data values fix (of BZ 1111910). - Import upstream demangler fixes (Gary Benson, Andrew Burgess, BZ 1119559). - Install gdb/jit-reader.h on include directory (BZ 1141968). - Fix 'Slow gstack performance' (RH BZ 1149865, Jan Kratochvil). - Accelerate interactive symbols lookup 15x. - Fix 'Unowned dir /usr/include/gdb/' (RH BZ 1164991). - fix account expiration if inactive default is set - pull updated translations - use pkexec instead of consolehelper - pull updated translations - tighten policy - avoid deleting primary groups of remaining users (#881022) - fix editing group properties (#885147) - pull updated and new translations - don't ask libuser to create a home directory over an existing one (#908852, patch by Miloslav Trmač) - correct check if SELinux is enabled - cope with changes handling empty shadow fields in libuser (patches by Miloslav Trmač) - catch runtime errors and display them to the user (#1096545) - consistently don't use separators in dialogs - pull updated translations - don't use exec in pkexec wrapper script (#1115053) - cope with unavailable display in pygtk >= 2.10 (#1207977) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - First package for Fedora resolves: #1193902 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - bump up release - merge of changes done by Leigh Scott - remove un-needed python3 lib (python-urllib3) - add requires python-simplejson - remove live365 plugin till it's fixed - preserve file timestamps - fix logo and menu icon - fix myoggradio plugin - fix issue with totem playing youtube video - add requires youtube-dl (required for youtube record) - update to 2.1.3 - drop upstream patch - readd live365 plugin - drop requires gtk-doc - update to 2.1.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 2.1.9 - add requires gtk3 - spec file clean up - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Fix my changelog: date error reporting - Update to new snaphot - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to new release - Update to new release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to new release - Update to 2.0.11 - Update to 2.0.12 - Fix macro problem affecting EPEL builds - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 2.0.13 - rebuild for lua 5.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 2.1.2 - Update to 2.2.0 - Update to 2.2.2 - Add runtime dependencies on unzip and zip (h/t Ignacio Burgueño) - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - new upstream release 0.7.17 - update to 0.8.12 (#846793) - make building pam_ldap conditional on the targeted release - add "After=named.service dirsrv.target slapd.service" to nslcd.service, to make sure that nslcd is started after them if they're to be started on the local system (#832706) - alter the versioned Obsoletes: on pam_ldap to include the F18 package - use %{_unitdir} when deciding where to put systemd configuration, based on patch from Václav Pavlín (#850232) - use new systemd macros for scriptlet hooks, when available, based on patch from Václav Pavlín (#850232) - drop local patch to make the client flush some more read buffers - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - in %post, attempt to rewrite any instances of "map group uniqueMember ..." to be "map group member ..." in nslcd.conf, as the attribute name changed in 0.8.4 (via freeipa ticket #3589) - update to 0.8.13 - correct a syntax error in the fix that was added for #832706 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build with _hardened_build macro - Backport fixes for #1003011 - New upstream release 0.8.14 - Remove upstreamed patches - Update to 3.1.1 - NEWS seems to be valid UTF-8 nowadays - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 3.1.2 - Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105) - Remove libunistring-devel build require - bsdtar/bsdcpio should require versioned libarchive - enable testsuite in the %check phase - try to workaround racy testsuite fail - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed Bug 993048 - added #ifdef ACL_TYPE_NFS4 to code which requires NFS4 ACL support - fix libarchive segfault for intentionally broken cpio archives (rhbz#1216892) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - ecryptfs-utils updated to 101 - ecryptfs-utils updated to 103 - make executables hardened (#965505) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ecryptfs-migrate-home did not restore selinux labels (#1017402) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - ecryptfs-utils updated to 104 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - fix pam sigsegv (#1184645) - ecryptfs-utils updated to 106 - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Initial Fedora packaging. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream release. - New upstream release, required by Gajim 0.16. - Upstream bugfix release 0.5.2. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrok 0.2.1 - rebuild for new libzip - scan /sys/class/usbmisc - add support for Rigol DS1152 scopes with upgraded bandwidth - resolves: #1025968 - udev rules should react also on the usbmisc subsystem - update to libsigrok 0.2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuilt for libftdi1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to libsigrok 0.3.0 - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Update to nss-3.16.2 - Update to nss-3.17.0 - Update to nss-3.17.1 - Update to nss-3.17.2 - Update to nss-3.17.3 - Update to nss-3.17.4 - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream release - Remove dependency of probes on urcu-bp - New upstream bugfix release - Remove patches applied upstream - add build workaround for s390(x) - New upstream release - Bump URCU dependency - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (include snapshop feature) - Rebuilt for URCU Soname change - New upstream release - Add new files (man and doc) - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial package - Remove clean section, install unversioned javadocs - Accurate licenses in header - Fix license header again - Add license file to javadoc package - Remove defattr - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to 1.9.0 - Revise build process and only enable extensions for which we have dependencies - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Enable "treetable" extension which wasn't being built by default - define __AVR_LIBC_DEPRECATED_ENABLE__ (bug 891556) - ino needs to know the arduino version (bug 905681) - own /etc/arudino and /usr/share/arduino (bug 911931) - Update to 1.0.5. - Remove bug891556.patch. - Remove wifishield firmware for now, until I figure out whether it's reasonable/permissible to include. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add arduino-build-platform.patch to allow building on ARM (rhbz 991988). - Unversion documentation directory. - Force update of icon cache so that icon appears straight away. - Add appdata.xml. - Associate .ino files with the Arduino IDE. - Update to 1.0.6. - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - fix license tag - enable sparc64 - actually fix license tag (whoops) - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Disable SSL3 - Support TLS 1.1 and newer using the NSS Version Range APIs. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - rebuild against new libjpeg - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update desktop file patch to correct mimetype - Update patch - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Bump up for dcmtk rebuild - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Require Django >= 1.4 - Update to 2.6.5 - Update to 2.6.6 - Update to 2.6.7 - Create and own directories in tftp_dir - Add patch to fix virt-install support for F21+/EL7 (bug #1188424) - Update to 2.6.8 - Backport upstream patch to fix centos version detection (bug #1201879) - Support django 1.8 in Fedora 22+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Update to 2.6.9 - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Upload new archive with removed binary blobs - RHB #760366 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream. - Update to latest upstream. - Build python3 interface. - Drop unneeded dependencies. - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - Update to 3.1.0 - Correct the python3 package dependency. - initial version - implemented initial fixes suggested in BZ #1004257 - removed unused EL5 support, removed invalid BuildRoot, fixed BuildRequires - removed the unnecessary attr directive - fixed the location of the sed command invocation - make layout of install section consistent with that of build section - replaced {__python} with {__python2} - update to upstream release 2013.3.6 - replaced {python_sitelib} with {python2_sitelib} - update to pudb-2013.4 - update to pudb-2013.5.1 - rebuilt with new openssl - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to 1.12.11. - Drop non-weak symbol patch. Fixed upstream. - Drop buildroot and clean section. No longer necessary. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Do not use enable-sctp option. (#817579) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt to fix broken binary possibly caused by broken toolchain - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add patch to fix compiler error. (#981056) - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to new upstream release - Removed previously required patches (integrated upstream) - Update for new upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Removed devel package - Removed (x86-64) suffix from globus-gridftp-server-progs - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update for new upstream release - Fixed bogus date - Patch for proper EOF handling - Patch for the FTS2 issue - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - update to 2.4.14 - update to 2.5.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - rebuild against new libjpeg - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream release 2.5.1 - This adds aarch64 support (rhbz#925472) - Modernize spec-file - New upstream release 2.5.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Bump to latest updtream version 2.5.3 - Add Source1 gpg2 signature to SRPM - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - many updates and code cleanups - preliminary DVB-T2 support - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - bugfixes - Israel DVB-T support - updated all sattelite info - added support for 67 more sattelites - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bugfixes - support for VDR < 1.7.3 was dropped upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to 20140118 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - update to 20140727 - Initial RPM release - Limit libsigrok+decode max version due to incompatible APIs - Drop unused post and postun sections - Add NEWS README COPYING to doc. (ChangeLog is just a git log, exclude it) - Don't abuse wildcards (man*/* -> man1/%{name}.1*) - Update to sigrok-cli 0.4.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sigrok-cli 0.5.0 - postgresql-setup: typos - update to 9.3.3 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-3.html - Fix WAL replay of locking an updated tuple kudos to Alvaro Herrera - update to 9.3.4 minor version per release notes: http://www.postgresql.org/docs/9.3/static/release-9-3-4.html - update to 9.3.5 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-5.html - be forgiving of variant spellings of locale names in pg_upgrade (#1007802) - update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html - update to 9.3.7 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-7.html - update to 9.3.8 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-8.html - update to 9.3.9 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-9.html - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - new release - Fixed AIX & AIX64 support (SamG) - Fixed mips 64-bits support (lew van) - Added experimental lz4frame API. - Fix s390x support. - New LZ4 HC Streaming mode - Fixed a bug in LZ4 HC streaming mode - New lz4frame API integrated into liblz4 - Fixed a GCC 4.9 bug on highest performance settings - Bump dist to override an earlier build. - lz4cli sparse file support - Restored lz4hc compression ratio - lz4 cli supports long commands - Introduced lz4-static sub package BZ#1208203 - Update files section to install unlz4 & its manual - New LZ4_compress_fast() API. - New LZ4 CLI improved performance with multiple files. - Other bug fix and documentation updates. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream release - Remove dependency of probes on urcu-bp - New upstream bugfix release - Remove patches applied upstream - add build workaround for s390(x) - New upstream release - Bump URCU dependency - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release (include snapshop feature) - Rebuilt for URCU Soname change - New upstream release - Add new files (man and doc) - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added upstream fix for threading issue with plugin registration (bug #912307). - Applied upstream fixes for threading (bug #951984). - Update to new release candidate version. - Update to new release candidate version. - Update to new upstream version. - Added a reference for Mac MLU tag - Added a way to read the profile creator from header - Added error descriptions on cmsSmoothToneCurve - Added identity curves support for write V2 LUT - Added new cmsPlugInTHR() and fixed some race conditions - Added TIFF Lab16 handling on tifficc - Fixed a bug on big endian platforms not supporting uint64 or long long. - Fixed a multithead bug on optimization - Fixed devicelink generation for 8 bits - Fixed some 64 bit warnings on size_t to uint32 conversions - Rendering intent used when creating the transform is now propagated to profile - RGB profiles store only one copy of the curve to save space - Transform2Devicelink now keeps white point when guessing deviceclass is enabled - Update black point detection algorithm to reflect ICC changes - User defined parametric curves can now be saved in ICC profiles - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to new upstream version. - Added a way to retrieve matrix shaper always, no matter LUT is present - Added pthread dependency - Big revamp on Contexts, from Artifex - Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks - Fixed some indexing out of bounds in floating point interpolation - Fix for delete tag memory corruption - New locking plug-in, from Artifex - Update to new upstream version. - Added a flag to clip negative values in unbounded transforms - Added a global optimization that merges consecutive matrices in pipelines. - First package for Fedora resolves: #1172603 - Bump to 4fb5c728a37b361a1e971a3bb3d785fcc96b6ef5 related: #1172603 - Bump to upstream 3bc1590d16074751993dd3b1a76e7a8d1a916a11 related: #1172603 - Bump to upstream 588cb435e59ee8b6c2795482887755841ad67207 related: #1172603 - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - the 1.2.5 release - git tag 389-ds-console-1.2.5 - Bug 616707 - Add attribute matching rule UI to Console - Bug 533505 - Warn about CA cert trust when enabling SSL in Console - Bug 158262 - Windows Sync UI is inconistent - Bug 504803 - Allow nsslapd-*-logmaxdiskspace to be set to -1 in UI - Bug 474113 - Allow access log level to be configured from Console - Bug 229693 - Update naming attribute when objectclass is removed - Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) - git tag 389-ds-console-1.2.6 - added skins support - Bug 700908 - Validate matching rules when creating a new attribute - Bug 705753 - Refresh problem in Console directory browser - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - git tag 389-ds-console-1.2.7 - Bug 806566 - Opening merge qualifier CoS entry using RHDS console changes the entr - Bug 757773 - SSL Port issue in Console - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Bumped version to 1.2.9 - Bug 1184175 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted (DS 47994) - Bug 916045 - RFE: Winsync loses connection with AD objects when they move from the console. (#47380) - Bug 1173281 - DS console - right clicking an object does not select that object (#135) - Bug 1134688 - DS Console does not correctly disable SSL (#47887) - Bug 963254 - DS instance cannot be restored from remote console (#47485) - Ticket 47886 - DS Console - mouse wheel speed very slow - Bug 758983 - DS Console should timeout when mismatched port and protocol combination is chosen (#176) - Bug 1173283 - DS Console - java exception when refreshing schema (#47883) - Bug 1173284 - Window too large for Manage password policy (#96) - Bumped version to 1.2.10 - Bug 1022104 - Remove versioned jarfiles from _javadir (idm-console-framework) - update to latest master - make sure required package is docker-io - update to latest master 3c781d0cd8a961a85449d362fb5d8c88c5a34a22 - Require docker-io to fix BZ 1097638 - selinux fix in master 0-0.9 not required in f20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New builds from upstream master at commit id 8b2dcfc - New builds from upstream master at commit id 8b2dcfc - Add sti binary - Remove sti binary as per upstream feedback - Conditionally patch for selinux F20 vs F21+ - New builds from upstream master at commit id 6850c8d - New builds from upstream master at commit id 06df437 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update to master commit e2502a6e33a117b23be05443854ac83b7e45a977 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - remove unnecessary BR - fix CFLAGS - fix CXXFLAGS too - use macros consistently - fix files locations - fix formatting and change license to AGPLv3+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.7 release - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Initial release for Fedora. - Made lutok-devel depend on lua-devel (needed for c_gate.hpp). - Forced lutok and lutok-devel to depend on Lua 5.1; 5.2 is not supported by Lutok 0.1. - Package updated to Lutok 0.2. - Added the lutok-tests package providing the run-time tests of Lutok, readily runnable by the end users. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package updated to Lutok 0.3. - Lutok now supports both Lua 5.1 and 5.2. The specific version used in this release depends on the Fedora branch this package is built for. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Package updated to Lutok 0.4. - Depend on atf-0.20 for libatf-c++ ABI changes. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Updated latest source. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Updated latest source. - Added python-webassets as require - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to latest source - Add python3 support - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Resolves: rhbz#925929 support aarch64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Resolves: rhbz#1227244 CVE-2015-0848 heap overflow when decoding BMP images - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Related: rhbz#1227244 CVE-2015-4695 meta_pen_create heap buffer overflow - Related: rhbz#1227244 CVE-2015-4696 wmf2gd/wmf2eps use after free - Fixed broken dep on fltk for coda-vcodacon - Found an additional missing depends - Extend coda-6.9.5-vcodacon-configure.patch to reflect fltk headers having changed (Fix FTBS). - Add "touch-magic" to avoid rerunning the autotools. - Revert the Fri Jun 03 2011's spec changes. - Converted sysv init script to systemd scripts (bz 771490) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed service file error (bz1071534) - Fixed auth2 pid file naming (bz 1074321) - initial package for Fedora - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - update to 1.8.9 - Move some options into a new tab “Details” - Ignore Shift+Space hotkey to switch fullwidth/halfwidth if the database is not for CJK - Resolves: rhbz#1133422 - Pass IBus.KEY_KP_Enter to the application if the preedit is empty - Resolves: rhbz#1133424 - update to 1.8.10 - Disable auto_commit option for tables which do not have RULES - Resolves: rhbz#1135759 - Disable hotkey to switch Chinese mode if database is not Chinese - Disable “onechar” (Phrase mode/Single char mode) option for non-CJK databases - update to 1.8.11 - fixes a Python backtrace when the dconf key /desktop/ibus/engine/table/wubi-jidian86/onechar was not set - update to 1.9.0 - Redesign the property menus, use sub-menus instead of toggles - update to 1.9.1 - Use proper fallback when reading the localized table name - Show pinyin mode as well in the input mode indicator - update to 1.9.2 - Use directories according to theXDG Base Directory Specification - Resolves: rhbz#1172524 - When a leading invalid character is passed through, it needs to be remembered in self._prev_char - Change class “KeyEvent” to store the keycode as well - update to 1.9.3 - Try to get the English name of the table if run in locale C/POSIX - Resolves: rhbz#1197001 - update to 1.9.4 - Check existence of old log files before trying to delete them - Resolves: rhbz#1199673 - update to 1.9.5 - Don’t strip space when parsing phrases from a source table - Resolves: rhbz#1211208 - update to 1.9.6 - Use os.path.expanduser('~') instead of os.getenv('HOME') - Resolves: rhbz#1218023 - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - Initial package - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to latest upstream version 0.2.7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream version 0.3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Switch to py3 - Update the URL and the source URL - Update to latest upstream version 0.3.4 - Fix package naming (rhbz#1174115) - Fix wrong package naming - add setuptools build dependency - make sure to include box2d.py - implement comments from the review - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - update to zip file - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix comments for SWIG 3.0.3 and higher (BZ#1196718) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Changes to SPEC file per packaging guidelines. - Including bundled manpage, updating SPEC - Fixing permissions on manpage - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to version 2.0.1 - Removing patches where integrated upstream - patch for unversioned docdirs on Fedora releases >= 20 - Update to version 2.0.2 - Mostly a bugfix release, see http://www.brewtarget.org/changelog.html - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to upstream 2.1.0 - Adds inventory tracking for ingredients - Folders for organizing recipes - Recipe parameter sliders - Various bugfixes, ref http://www.brewtarget.org/changelog.html - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Inception - Package review fixes - Make appdata-validate informative, not imperative. - fix %files datadir ownership - remove redundant .desktop validation checks - add transitive dep in -common sub-package - Remove bundled libraries per package guidelines - Move waf ./configure to %build phase - Now using upstream 2014.03 - re-jiggered waf configure per upstream - Use current appdata validation standards. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - initial Fedora version - Add doxygen-generated documentation in doc subpackage - Use explicit soversion in files section - Update sources to lastest git snapshot (3ceb8ae) - Remove empty doc macro from devel subpackage - Make doc subpackage dependent on main package - Document archive generation process and regenerate source archive - Use _smp_mflags macro when building doc to silence fedora-review - Updated sources to official libserialport release - Added "Provides" for bundled jquery - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to 0.14 upstream release - Rebuild for new boost_istream - Rebuild for Boost-1.53.0 - Rebuild for Boost-1.53.0 - Rebuild for boost 1.54.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.6.1 upstream release - incorrect fsf address reported to upstream - Solve too memory consuption in koji - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash. - bump rel for rebuild - support for apache 2.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - bump version to 1.1.31 - Ticket #476 - 389 ds do not start on F18 due to missing modules - Ticket #293 - remove-ds-admin.pl does not remove everything - Ticket 400 - BIND operation result not checked properly in admin server - Ticket 401 - Console login fails with anonymous access disabled - Rebuild for new icu - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 0417dc7 add Eclipse and patch files - f2004ea compiler warning - ldif_read_record lineno type depends on openldap version - Ticket #47413 389-admin fails to build with latest httpd - 2a67826 add more debugging for SSL connection problems - Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw - Ticket #47486 compiler warnings in adminutil, admin, dsgw - 14b1bf9 ignore files generated by Eclipse - Ticket 47467 - Improve CRL import error messages - Ticket 362 - Directory Console generates insufficient key strength - Ticket 47466 - Importing CA cert with existing name crashes security CGI - Ticket 47468 - Change security password validation error is out of order - Ticket #47334 - Avoid quoting all settings in console.conf - Ticket #47333 - Relabel lockfile when starting Admin Server - Ticket #47298 - remove-ds-admin.pl does not stop the admin server - Ticket #567 - Restart of Admin server from console fails on segfault - bump version to 1.1.38 - Ticket 48024 - repl-monitor invoked from adminserver cgi fails - Ticket 47995 - Admin Server: source code cleaning - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47929 - Admin Server - disable SSLv3 by default - Ticket 201 - nCipher HSM cannot be configured via the console - Ticket 47493 - Configuration Tab does not work with FIPS mode enabled - Ticket 47697 - Resource leak in lib/libdsa/dsalib_updown.c - Ticket 47860 - register-ds-admin.pl problem when following steps to replicate o=netscaperoot - Ticket 47548 - register-ds-admin does not register into remote config ds - Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47300 - Update man page for remove-ds-admin.pl - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47497 - Admin Express - remove "Security Level" - Ticket 47495 - admin express: wrong instance creation time - Ticket 47665 - Create new instance results in setting wrong ACI for the "cn=config" entry - Ticket 47478 - No groups file? error restarting Admin server - Ticket 47300 - [RFE] remove-ds-admin.pl: redesign the behaviour - Ticket 434 - admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve <ip address>" - Ticket 47563 - cannot restart directory server from console - Ticket 222 - Admin Express issues "Internal Server Error" when the Config DS is down. - Ticket 418 - Error with register-ds-admin.pl - Ticket 377 - Unchecked use of SELinux command Reviewed by: rmeggins - Ticket 47498 - Error Message for Failed to create the configuration directory server - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Fixed passing NULL array from get_instance - Add bindings for CMTraceMessage (patches by Jan Safranek) - Fix memory leaks Resolves: #902809 - Fixed passing NULL array from get_instance Resolves: #883041 - Fixed 'env' parameter value in 'get_providers()' function Resolves: #919082 - Fixed embedded instance properties Resolves: #919081 - Update to 0.9.4 - Update to 0.9.5 - Fix URL, fix sources - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fix placement of *.py[co] files - Remove /usr/share/cmpi - it's used by ruby binding that we don't build - Fix comments for SWIG 3.0.3 and higher (BZ#1196712) - Initial Fedora packaging. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream release. - New upstream release, required by Gajim 0.16. - Upstream bugfix release 0.5.2. - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Use python2-devel instead of python-devel - New upstream release - New upstream release - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.0.1 from upstream - Fix dependancy error - Update to 4.1.0 from upstream - Update to 4.2.0 from upstream - Update to 4.2.1 from upstream - do not remove frontend/afe/fixtures - add mysql-server and conmux to requires for server - patches for #502 drone_utility does not respect results directory - patch for adding system-wide parser utility - Package 0.14.3 release - replace mod_python with mod_wsgi - Package 0.14.4 release - Dropped patches applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Package 0.16.0 release - Fixed bogus date on ancient (0.11.0-2) release - Added patch in upstream 0.16.0 branch but still not on released tarball - Added python macros for proper building on EL6 - Added fix for shared module installation - Renamed httpd configuration so that it is parsed last - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Package 0.16.2 release - Removed downstream patches as they are now all upstream - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebased on Cinch 2.0.7. - Rebased on Cinch 2.0.9. - Rebased on Cinch 2.0.10. - Rebased on Cinch 2.0.11. - Rebased on Cinch 2.0.12. - Rebased on Cinch 2.1.0. - Updated project URL. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebased on Cinch 2.2.2. - Added condition to the Provides to be only on EPEL and F20 - Rebased on Cinch 2.2.3. - Fixed the conditionals for the Requires to be easier to read. - Rebased on Cinch 2.2.4. - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Initial package. - Added six to build dependencies, needed during tests - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - missingdeps now lists missing dependencies recursively - do not assume package order when testing if dependencies installed - check ~/.cabal/packages/ exists before looking for tarballs - pass actual executable names to ghc_fix_dynamic_rpath - lots of bug fixes - new "update" command to update spec to latest version - improved missingdeps output - use https for hackage URLs (codeblock) - no longer override _sourcedir, _rpmdir, and _srcrpmdir macros, unless git dir - use 'rpm --eval ".fc20"' to determine OS type - use TMPDIR - remove the old cblrpm-diff script - make sure tarball destdir exists before copying - update improvements: new-sources first, continue if patch fails, git commit changes - sort executables and use pkg_name in ghc_fix_dynamic_rpath - drop the debuginfo handling for C files - ignore emacs temp ".#pkgname.spec" files - improve output for listing missing packages - remove %'s from previous changelog - use dnf if installed instead of yum for install and repoquery (#1156553) - update now only commits changes and adds new source if git origin is ssh - cblrpm update needs rpmdevtools - require dnf-plugins-core instead of yum-utils for F22+ - fix for dnf repoquery - create SOURCES/ for tarball - fixes for Cabal-1.22 - nogpgcheck for Fedora 22+ - warn about hidden backup spec files - make "cabal list" quiet - filter missing packages from repoquery - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - remove unnecessary BR - fix CFLAGS - fix CXXFLAGS too - use macros consistently - fix files locations - fix formatting and change license to AGPLv3+ - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for c++ ABI breakage - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.7 release - First package for Fedora resolves: #1148704 - Correct Source0 URL - Correct paths for golang.org/x/crypto/* - Repository has moved to github.com/golang/crypto, updating spec file accordingly resolves: #1231618 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - 4.14.1 - 4.14.2 - 4.14.3 - 14.11.97 - 14.12.1, drop cmake hacks - 14.12.2 - 14.12.3 - 15.04.0 - 15.04.1 - 15.04.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream version (#828716) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.7.9 - New upstream release - New upstream release - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Add coreutils as preun/post requirements for wodim and genisoimage Resolves: #862554 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - changed or deleted faulty and unneeded memset's that caused build failure with gcc-4.8 -Werror - modified the memset patch, memsetting the whole array - ported from cdda-paranoia to libcdio-paranoia, modified paranoia-cdda.patch - fixed bogus date in changelog - Perl 5.18 rebuild - do not include empty fedora/* directories in debuginfo package - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Perl 5.18 rebuild - libusal: added /dev/srN next to /dev/scdN path when scanning for devices added cdrkit-1.1.11-devname.patch bz#1053056 - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - ExcludeArch armv7hl - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Update to latest upstream checkout including: Afghanistan, Argentina, Armenia, Australia, Austria, Bahrain, Canada, Croatia, Denmark, Dominican Republic, Finland, France, French Polynesia, Germany, Greece, Hong Kong, Hungary, China, Iceland, India, Indonesia, Iran, Israel, Israel, Italy, Latvia, Luxembourg, Mexico, Montenegro, Netherlands, New Zealand, Nicaragua, Norway, Paraguay, Philippines, Poland, Portugal, Romania, Rwanda/Burundi, Slovakia, Slovenia, Spain, Sudan, Sweden, Switzerland, Thailand, Tunisia, Uganda, United Arab , - Own the %{_datadir}/%{name} dir. - Remove duplicate "make check". - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to latest upstream checkout including: * south africa: add 8.ta (Telkom) provider (bgo #641916), remove username for Cell-C (bgo #640794) * switzerland: update Orange plans and APNs (bgo #638115) * tanzania: add Sasatel and TTCL, add CDMA for Zantel (bgo #634609) * india: new unified BSNL APNs (rh #667280) * ec: add Movistar Ecuador (bgo #638223) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Update to latest upstream release 20120614 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream git snapshot 20150421git - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - ExcludeArch armv7hl - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Update to 30.0 build 1 - Disabled shared js - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix mozilla-config.h wrapper on aarch64 - Update to 31.0 build 2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 32.0 build 1 - move /sdk/bin to xulrunner libdir - Update to 32.0.2 - sync fixes to the same as firefox - Update to 33.0 - Fix filelist for secondary arches - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream version (#828716) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.7.9 - New upstream release - New upstream release - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - dolphin: Requires: konsole4-part - 14.12.2 - 14.12.3 - drop unused strigi/soprano build deps - lower kfmclient_dir.desktop IntialPreference to 9, lower than dolphin 10 (f22+) - omit kde-plasma-folderview (f22+) - 15.04.0 - dolphin: Recommends: ruby (servicemenuinstallation) - Added folders to left panel "Places" disappear (#345174) - 15.04.1 - 15.04.2 - Initial version of the library - Fixed length bug reported by shawjef3 - big endian fix - More portable b64 libraries implemented. - Documentation corrections - Code improvements, courtesy of Coverity - Bugfixes involving large N, failure return values - [frontend] bugfix: context_processor shouldn't return None - [frontend] task queue sorting fix - fix spec parsing on arm - 'manage.py update_indexes' and search fix - [RHBZ:1131286] RFE: API endpoint for a project's "monitor" status - new package [copr-keygen] built with tito - [keygen] minor fixes/typos - [keygen] fixed BuildRequeres in .spec; added requirements.txt - [keygen] cleanup in .spec - [keygen] .spec: run tests, build py3 version for fedora - [keygen] py3 compatibility - [keygen] added unittests - [keygen] changed shebang in run scripts to #!/usr/bin/python3, Requires: {,python3-}mod_wsgi - [keygen] package only python3 version, targeting f19+ - [keygen] python3 bugfix, added logging - [keygen] replaced Python RotatedFileHandler with logrotate.d - [keygen] [.spec] fixes to follow Fedora packaging guidelines - [keygen] added option "--no-auto-check-trustdb" to gpg wrapper - Initial version of the library - Fixed length bug reported by shawjef3 - big endian fix - More portable b64 libraries implemented. - Documentation corrections - Code improvements, courtesy of Coverity - Bugfixes involving large N, failure return values - initial Fedora version - Add doxygen-generated documentation in doc subpackage - Use explicit soversion in files section - Update sources to lastest git snapshot (3ceb8ae) - Remove empty doc macro from devel subpackage - Make doc subpackage dependent on main package - Document archive generation process and regenerate source archive - Use _smp_mflags macro when building doc to silence fedora-review - Updated sources to official libserialport release - Added "Provides" for bundled jquery - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Version bump - Return success if a domain exists but is already off. - bswap fix for big endian - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Drop libvirt-qmf-plugin - Rebuild - Fail properly when unable to bind the TCP listener socket. - Resolves: rhbz#814515 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream version 0.3.1 - New upstream version 0.3.2 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - pull in upstream fixes, including minor BIC fix for 4.14.6 - disable plasma/pacakgekit feature (for f22+) - 4.14.7 - apps_version to 15.04.0 - omit apidocs in bootstrap mode - -ktexteditor subpkg (Requires: kate4-part) - drop cmake hacks - Added folders to left panel "Places" disappear (kde#345174) - 4.14.8 - 4.14.9 (kde-apps-15.04.2) - Revert upstream kplaces sync fix (<f22, #1228340) - fix sonnect/hunspell dictionary paths - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - update to upstream's xmlunit-1.4 - Update to latest packaging guidelines - Cleanup BuildRequires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Enable test suite - Resolves: rhbz#987412 - update to upstream's xmlunit-1.5 - update to upstream's xmlunit-1.6 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - New release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Update to latest upstream release - Fix for CVE-2013-4422 (BZ#1017437) - Update to latest upstream release - Update to latest upstream release - Update to latest upstream - BZ1205130 - patch for CTCP Denial of Service - the 1.2.5 release - git tag 389-ds-console-1.2.5 - Bug 616707 - Add attribute matching rule UI to Console - Bug 533505 - Warn about CA cert trust when enabling SSL in Console - Bug 158262 - Windows Sync UI is inconistent - Bug 504803 - Allow nsslapd-*-logmaxdiskspace to be set to -1 in UI - Bug 474113 - Allow access log level to be configured from Console - Bug 229693 - Update naming attribute when objectclass is removed - Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) - git tag 389-ds-console-1.2.6 - added skins support - Bug 700908 - Validate matching rules when creating a new attribute - Bug 705753 - Refresh problem in Console directory browser - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - git tag 389-ds-console-1.2.7 - Bug 806566 - Opening merge qualifier CoS entry using RHDS console changes the entr - Bug 757773 - SSL Port issue in Console - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Bumped version to 1.2.9 - Bug 1184175 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted (DS 47994) - Bug 916045 - RFE: Winsync loses connection with AD objects when they move from the console. (#47380) - Bug 1173281 - DS console - right clicking an object does not select that object (#135) - Bug 1134688 - DS Console does not correctly disable SSL (#47887) - Bug 963254 - DS instance cannot be restored from remote console (#47485) - Ticket 47886 - DS Console - mouse wheel speed very slow - Bug 758983 - DS Console should timeout when mismatched port and protocol combination is chosen (#176) - Bug 1173283 - DS Console - java exception when refreshing schema (#47883) - Bug 1173284 - Window too large for Manage password policy (#96) - Bumped version to 1.2.10 - Bug 1022104 - Remove versioned jarfiles from _javadir (idm-console-framework) - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Update to 0.12.1 - Add patch1 and patch2 to support capability bits - Update to 0.12.2 - Update to 0.12.3 - Update to 0.12.4 - Update to 0.12.5 - Update to 0.12.6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.12.7 - 14.12.1 - tarball respin - don't provide kdesu on F22+ (provided by kde-cli-tools) - 14.12.2 - 14.12.3 - kdesu subpkg (#1199720) - move plasmapkg.1 manpage to main pkg (it's safe) - 15.04.0 - 15.04.1 - omit kdesu,khelpcenter where plasma5 is present (f22+) - 15.04.2 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - 1.4.4. - Prevent the D-Bus service from freezing by disabling openprinting driver downloads in that service (bug #1052203). - 1.4.x requires gtk3 instead of gtk2 (#1099611) - 1.4.5: - Some codec fixes (bug #968142, bug #1023968, bug #1094037). - Traceback fixes (bug #982071, bug #1090479, bug #1105229). - IPv6 address entry fix (bug #1074245). - Auth info saving improvement (bug #1089029). - Use LockButton for fewer auth dialogs (bug #714820). - Handle failure when cups-pk-helper not installed (bug #1118836). - Fix job retrieval (bug #1119222). - 1.4.6. - 1.4.7: - Extract hostname from hp:/net/...?hostname= URIs when grouping by physical device (bug #1154686). - Fixed lock handling when OpenPrintingRequest is cancelled (bug #1156660). - Install smbclient and libsane-hpaio on demand. - Tell user how to retrieve journal entries as root in troubleshooter (bug #1157253). - Codec fix for AuthDialog.get_auth_info (bug #1060453). - Cancel deferred timer on quit (possible fix for bug #1145388). - Catch IPPError when writing server settings (bug #1159584). - Fixed moving jobs between queues. - 1.4.8: - Consider version suffices in PPD Nickname for Canon drivers. - Refresh job-printer-uri when updating job, to fix job auth. - Traceback fix (bug #1171469). - Handle non-UTF8 PPD files (Launchpad #1400232). - Firewall-handling fix (bug #1179590). - Fixed typo preventing retrieve/reprint from working. - Handle missing 'licensetext'/'functionality' fields for downloadable drivers. - Parse serial device URIs correctly (bug #1186475). - Fixed callback race (bug #1176443). - Don't try decoding already-decoded Unicode (bug #1195974). - Fixed display of downloadable drivers (bug #1167978). - Fixes for CMD matching (bug #1167978, bug #1171874). - Fixed artifacts when compositing emblems (bug #1200375). - Fixed traceback (bug #1213136). - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Added README ChangeLog AUTHORS - New Release Version - fix BZ 785462 comment 6 - New Release Version. Added COPYING. Changed License. Filter requires and provides. - Rebuild for boost 1.54.0 - Boost.Signal and Boost.System DSO's do not include -mt suffix anymore (sinfo-0.0.47-boost_mt.patch). - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - no needed sinfo-0.0.47-boost_mt.patch anymore - updated to 0.0.48 version * removed some warnings from newer g++s * changed configure to locate boost by AX_BOOST_BASE * many changes to make cppcheck more happy * updated for newer boost libraries i.e. no -mt any more * removed bashisms in scripts - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Fix permissions after a Fedora/Brew build. (dgoodwin@redhat.com) - Comment out old nightly releaser. (dgoodwin@redhat.com) - add newline to sys.stderr.write (msuchy@redhat.com) - Merge the FiledVersionTagger into the base VersionTagger. (dgoodwin@redhat.com) - add Copr releaser (msuchy@redhat.com) - Fix broken asciidoc. (dgoodwin@redhat.com) - Fix old versions in yum repodata. (dgoodwin@redhat.com) - adding the FiledVersionTagger class that we are using internally (vbatts@redhat.com) - tito report man page missing options (admiller@redhat.com) - Implement OBS releaser (msuchy@redhat.com) - Prep for python3. (jumanjiman@gmail.com) - Print output live for longer running rpmbuild commands. (dgoodwin@redhat.com) - Add GitAnnexBuilder, using git-annex to store blobs (dcleal@redhat.com) - Remove legacy CvsBuilder and CvsReleaser. (dgoodwin@redhat.com) - Stop writing temp file to load tito.props from past tag. (dgoodwin@redhat.com) - Remove deprecated support for build.py.props config filename. (dgoodwin@redhat.com) - Remove a very old hack for assuming config from Makefiles. (dgoodwin@redhat.com) - Refactor config overriding. (dgoodwin@redhat.com) - Move taggers to sub-directory. (dgoodwin@redhat.com) - Move releasers to sub-directory. (dgoodwin@redhat.com) - Improved docs for [version_template] section of tito.props (chris.a.st.pierre@gmail.com) - allow empty dist tag in functional tests (jumanjiman@gmail.com) - docs: createrepo is needed for functional tests (jumanjiman@gmail.com) - provide config for editorconfig plugins (jumanjiman@gmail.com) - Add more missing documentation to MANIFEST.in. (dgoodwin@redhat.com) - Assume a default fetch strategy. (dgoodwin@redhat.com) - Add markdown docs for FetchBuilder instead of manpage. (dgoodwin@redhat.com) - Fix releasers and respect offline flag. (dgoodwin@redhat.com) - Support release with fetch builder. (dgoodwin@redhat.com) - Add support for passing builder args through a releaser. (dgoodwin@redhat.com) - MANIFEST.in: include README.mkd and asciidoc files (code@alan.grosskurth.ca) - Rename --builder-arg to just --arg in build command. (dgoodwin@redhat.com) - Fix issue with releaser temp dir. (dgoodwin@redhat.com) - Refactor to just one config object. (dgoodwin@redhat.com) - Make external source builder fetch strategy configurable. (dgoodwin@redhat.com) - Fix buildroot using ~/rpmbuild/BUILDROOT. (dgoodwin@redhat.com) - Refactor builders to allow separate modules. (dgoodwin@redhat.com) - Restore building of specific tags. (dgoodwin@redhat.com) - Start building with external sources and no tag. (dgoodwin@redhat.com) - Allow possibility of building without a pre-existing tag. (dgoodwin@redhat.com) - Print koji/brew task ID and URL during release. (dgoodwin@redhat.com) - Raise error on failed run_command. (dgoodwin@redhat.com) - Allow builder to run in test mode on untagged project (dcleal@redhat.com) - Add 'scl' builder option for software collection name (dcleal@redhat.com) - added rpmbuild output to an error raised by tito to easier the error's cause analysis (artur.krysiak.warszawa@gmail.com) - propagate docs to docker public registry (jumanjiman@gmail.com) - spec: remove dependency on GitPython (jumanjiman@gmail.com) - Update tito.8.asciidoc (james.slagle@gmail.com) - Cleanup releasers + builders when interrupted (dcleal@redhat.com) - make run_command_print() compatible with python3 (msuchy@redhat.com) - remove unused import "commands" (msuchy@redhat.com) - Change package-specific config message to debug (dcleal@redhat.com) - Fix releaser getcwd error. (dgoodwin@redhat.com) - avoid syntax error on el5 (jumanjiman@gmail.com) - Support pre-5.20131213 versions of git-annex for EL6 (dcleal@redhat.com) - Add version comparison utility (dcleal@redhat.com) - make version comparison compat with python2 and python3 (jumanjiman@gmail.com) - Merge pull request #130 from domcleal/git-annex-cleanup (dgoodwin@rm-rf.ca) - Fix a test issue. (dgoodwin@redhat.com) - Fix bugs in git-annex cleanup method (dcleal@redhat.com) - Remove excess whitespace on EL6 and duplicate SRPM output (dcleal@redhat.com) - Require new srpm_disttag for rsync/yum releasers. (dgoodwin@rm-rf.ca) - Drop more test only requirements from spec. (dgoodwin@redhat.com) - NameError: global name 'RawConfigParser' is not defined (miroslav@suchy.cz) - NameError: global name 'getoutput' is not defined (miroslav@suchy.cz) - E:166,16: Undefined variable 'config' (undefined-variable) (miroslav@suchy.cz) - defattr is not needed (miroslav@suchy.cz) - get rid of wildcards imports (miroslav@suchy.cz) - E:112,24: Instance of BuilderBase has no REQUIRED_ARGS member (no-member) (miroslav@suchy.cz) - change inheritance for ObsReleaser (miroslav@suchy.cz) - raw_input was renamed under python3 (miroslav@suchy.cz) - TypeError: __init__() takes exactly 1 argument (2 given) (miroslav@suchy.cz) - MockBuilder: cleanup underlying builder on completion (dcleal@redhat.com) - Fix bugs building old tag with custom tito.props. (at that time) (dgoodwin@redhat.com) - add links to upstream announcements and how-to articles (jumanjiman@gmail.com) - add rpmdevtools as build dep for el5 (jumanjiman@gmail.com) - Fix failing tests with no ~/.bugzillarc. (dgoodwin@redhat.com) - Add documentation for bugzilla flag checking. (dgoodwin@redhat.com) - Hookup bugzilla flag checking with dist git releasers. (dgoodwin@redhat.com) - Fixes for Python 3. (dgoodwin@redhat.com) - Add support for checking bz flags. (dgoodwin@redhat.com) - Refactor dist-git releasers to separate module. (dgoodwin@redhat.com) - fix the configuration examples to match the code (tlestach@redhat.com) - add mailmap for cleaner shortlog output (jumanjiman@gmail.com) - Allow overriding of builder on all releasers (dcleal@redhat.com) - Cleanup builders on interruption when called directly (dcleal@redhat.com) - Add support for Red Hat Java MEAD builds. (awood@redhat.com) - Enable mkdocs and add documentation on Mead. (awood@redhat.com) - Add RHPKG/FEDPKG_USER to be passed to rh/fedpkg (elobatocs@gmail.com) - Replace old Perl script for munging RPM release number. (awood@redhat.com) - Give Tito some color! (awood@redhat.com) - Remove support for very old spacewalk user config file. (dgoodwin@redhat.com) - Allow builder arguments to be given multiple times. (awood@redhat.com) - Fix tarball timestamps from git archive with Python. (awood@redhat.com) - New - bash-completion facilities (john_florian@dart.biz) - clarify --offline option #141 (miroslav@suchy.cz) - substitute /releng for /.tito #161 (miroslav@suchy.cz) - Allow override of rpmbuild_options from builder arguments (dcleal@redhat.com) - Fixes macro initialisation on EL6, F22+ (dcleal@redhat.com) - Help new packagers find tools related to tito (craig@2ndquadrant.com) - no need to gzip man pages, rpmbuild do that automatically (miroslav@suchy.cz) - use python3 on Fedora 22 (miroslav@suchy.cz) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release - Updated nopprof patch to match new release - Fixed a few bogus changelog entries - New upstream release. This release fixes a critical regression - Patch that removes explicit altivec on el5/ppc - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Added an i686 build fixing bz #1106933 - Added valgrind-devel to BuildRequires, fixing bz #974270 - bz #1106933 fix only for fedora 21 and above - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - valgrind-devel is not available on s390, closes #1131014 - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Initial package. - Removed scriptlets and fixed License name - Added patch to include GPLv2+ License (commit da45a4a3eb4ebea6bca7044868b9b4779a0315a0) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - 1.4.4. - Prevent the D-Bus service from freezing by disabling openprinting driver downloads in that service (bug #1052203). - 1.4.x requires gtk3 instead of gtk2 (#1099611) - 1.4.5: - Some codec fixes (bug #968142, bug #1023968, bug #1094037). - Traceback fixes (bug #982071, bug #1090479, bug #1105229). - IPv6 address entry fix (bug #1074245). - Auth info saving improvement (bug #1089029). - Use LockButton for fewer auth dialogs (bug #714820). - Handle failure when cups-pk-helper not installed (bug #1118836). - Fix job retrieval (bug #1119222). - 1.4.6. - 1.4.7: - Extract hostname from hp:/net/...?hostname= URIs when grouping by physical device (bug #1154686). - Fixed lock handling when OpenPrintingRequest is cancelled (bug #1156660). - Install smbclient and libsane-hpaio on demand. - Tell user how to retrieve journal entries as root in troubleshooter (bug #1157253). - Codec fix for AuthDialog.get_auth_info (bug #1060453). - Cancel deferred timer on quit (possible fix for bug #1145388). - Catch IPPError when writing server settings (bug #1159584). - Fixed moving jobs between queues. - 1.4.8: - Consider version suffices in PPD Nickname for Canon drivers. - Refresh job-printer-uri when updating job, to fix job auth. - Traceback fix (bug #1171469). - Handle non-UTF8 PPD files (Launchpad #1400232). - Firewall-handling fix (bug #1179590). - Fixed typo preventing retrieve/reprint from working. - Handle missing 'licensetext'/'functionality' fields for downloadable drivers. - Parse serial device URIs correctly (bug #1186475). - Fixed callback race (bug #1176443). - Don't try decoding already-decoded Unicode (bug #1195974). - Fixed display of downloadable drivers (bug #1167978). - Fixes for CMD matching (bug #1167978, bug #1171874). - Fixed artifacts when compositing emblems (bug #1200375). - Fixed traceback (bug #1213136). - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - update to 2.1rc1 from git - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to the 3.0rc1 from git - Add -devel package. - build -compat subpackage against compat-lua - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - lua 5.3 - Rebuild for new lua - Fix broken release tag - Add dist tag - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Update to 0.5.1 - with new missions, a new faction and other improvements - Update to 0.5.3 - with new missions and bugfixes - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Attempt another rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.6.0 which includes: + Greatly expanded galaxy + New missions + Hidden jumps - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - update to 2.6.0 release - update to 2.6.1 release - add upstream patch to fix USERNAME issue - update to 2.6.2 release - update to 2.6.3 release - Fix synaptics issue - update to 2.6.4 release - use new license macro - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - rename the mimeapps.list - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 2.1rc1 from git - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - update to the 3.0rc1 from git - Add -devel package. - build -compat subpackage against compat-lua - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - lua 5.3 - Rebuild for new lua - Fix broken release tag - Initial Package. - Split out the doc package. - Add some missing BRs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.1 - Fix the unusable package. - Correct the pkgconfig libdir path. - NVR bump - %files section typo fix - Library path fix again. - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Initial RPM package - Version 0.12 - Update maven-local and file section using new macro - Upstream version upgrade and fix issue in review process - Remove conditional build to target only f19 and remove unnecessary BR - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Use Requires: java-headless rebuild (#1067528) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Drop unnecessary BRs and ship a license - Upstream update to 0.14 - Initial Package - build documentation - use other URL - smaller source tarball with --exclude-vcs - correct soname - adjust path to gpr files - add tools subpackage - add ldconfig call - add manpages for the tools - Rebuild for new gnat - Rebuild (#918586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 11.8.0 and rebuild for gcc - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - 2.40 bump - 2.41 bump - Link minimal build-root packages against libperl.so explicitly - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - 2.42 bump - 2.43 bump - 2.44 bump - 2.45 bump - 2.46 bump - 2.47 bump - First package for Fedora resolves: #1193902 - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Update to upstream release 1.4.4 - Security fix BZ 1032267 - update to upstream release 1.4.5 - avoid multiple index directives (#1065488) - update to upstream release 1.4.6 - update to upstream release 1.4.7 - patch for CVE-2014-3616 virtual host confusion (#1142573, #1142575) - create nginx-filesystem subpackage (patch from Remi Collet) - add vim files (#1142849) - use default.d directory - fix path to png images in error pages (#1232277) - optimize png images with optipng - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Initial RPM release - New Release - New Release - Added pytz to Requires section - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - update to 2.6.0 release - update to 2.6.1 release - add upstream patch to fix USERNAME issue - update to 2.6.2 release - update to 2.6.3 release - Fix synaptics issue - update to 2.6.4 release - use new license macro - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - rename the mimeapps.list - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - update to upstream's xmlunit-1.4 - Update to latest packaging guidelines - Cleanup BuildRequires - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Enable test suite - Resolves: rhbz#987412 - update to upstream's xmlunit-1.5 - update to upstream's xmlunit-1.6 - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - xdg-screensaver plasma5 support - workaround %autosetup failure, again (#1084309) - workaround %autosetup failure harder (#1084309) - xdg-utils-1.1.0-rc3 - pull in latest commits - refresh for latest attepmt to fix upstream BR66670 - pull in latest commits, notably more fdo screensaver fixes - pull in upstream performance improvement (fdo#88524) - xdg-open wrongly passes all command line arguments as one argument to e.g. okular on non Gnome desktops (#1191981) - minor s/$arg/$target/ fix for prior commit - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Initial package - Add doc subpackage and make optflags - Update packaging - Update file permissions for bin/fossil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 1.28 - Remove patch to use system sqlite - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update config.guess/sub to fix ftbfs on new architectures (aarch64/ppc64le) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to latest release - New release - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream release - Update to latest upstream release - Fix for CVE-2013-4422 (BZ#1017437) - Update to latest upstream release - Update to latest upstream release - Update to latest upstream - BZ1205130 - patch for CTCP Denial of Service - Update to 30.0 build 1 - Disabled shared js - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix mozilla-config.h wrapper on aarch64 - Update to 31.0 build 2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 32.0 build 1 - move /sdk/bin to xulrunner libdir - Update to 32.0.2 - sync fixes to the same as firefox - Update to 33.0 - Fix filelist for secondary arches - rebuild due to "jpeg8-ABI" feature drop - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Added upstream fix for threading issue with plugin registration (bug #912307). - Applied upstream fixes for threading (bug #951984). - Update to new release candidate version. - Update to new release candidate version. - Update to new upstream version. - Added a reference for Mac MLU tag - Added a way to read the profile creator from header - Added error descriptions on cmsSmoothToneCurve - Added identity curves support for write V2 LUT - Added new cmsPlugInTHR() and fixed some race conditions - Added TIFF Lab16 handling on tifficc - Fixed a bug on big endian platforms not supporting uint64 or long long. - Fixed a multithead bug on optimization - Fixed devicelink generation for 8 bits - Fixed some 64 bit warnings on size_t to uint32 conversions - Rendering intent used when creating the transform is now propagated to profile - RGB profiles store only one copy of the curve to save space - Transform2Devicelink now keeps white point when guessing deviceclass is enabled - Update black point detection algorithm to reflect ICC changes - User defined parametric curves can now be saved in ICC profiles - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to new upstream version. - Added a way to retrieve matrix shaper always, no matter LUT is present - Added pthread dependency - Big revamp on Contexts, from Artifex - Fixed a bug in PCS/Colorspace order when reading V2 Lab devicelinks - Fixed some indexing out of bounds in floating point interpolation - Fix for delete tag memory corruption - New locking plug-in, from Artifex - Update to new upstream version. - Added a flag to clip negative values in unbounded transforms - Added a global optimization that merges consecutive matrices in pipelines. - New upstream version - New upstream version - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - New upstream version - New upstream version - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream version - New upstream version - Rebuild for dcmtk update - Update to 1.2.0 - Re-add cflags patch to fix FTBFS - Rebuild for boost 1.55.0 - Update to 1.2.1 - Remove format-security patch, now that fix is in upstream - Include README - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to upstream 1.2.2 - Add appdata and new icon - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 1.2.3 - Correct notes - Update to 1.2.4 - Notes file now replaced by Changelog - Add blas-devel and lapack-devel as BR - update for R 3.0.3 - rebuild for R 3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - rebuild for R 3.1.1 - rebuild for R 3.1.2 - rebuild for R 3.1.3 - Requires: kate4-part (kde-apps cleanup) - R 3.2.0 - R 3.2.1 - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Update to upstream 0.11 release - Update to upstream 0.12 release - Update to 0.13 release - Update to 0.14 release - Update to 0.15 release - Put pam_reauthorize.so in the cockpit PAM stack - Update to 0.16 release - Update to 0.18 release - Add glib-networking build requirement - Distribute our own selinux policy in cockpit RPM until available for real in F21 and later - Update to 0.19 release - Update to 0.20 release - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial rpm build - Added tests - Corrected file lists - Added docs - Split documentation to separate sub package - Make nosetest for py3 a wildcard - Correct nosetest3* usage - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Inital packaging - Update to 0.01.10 - Setting CFLAGS and LDFLAGS - Adding PIE compiler flags - Capitalizing summary - Update to 0.01.11 - fix license tag - enable sparc64 - actually fix license tag (whoops) - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Disable SSL3 - Support TLS 1.1 and newer using the NSS Version Range APIs. - Initial RPM release - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - ExcludeArch armv7hl - Initial rpm build - Include license file - Drop desktop vendor tag. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - rebuild (exiv2) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix builds for new arches (aarch64/ppc64le) - Modernise spec - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - rebuild (libgphoto2) - Fix the build with lensfun 0.3 (#1184156) - Rebuilt for GCC 5 C++11 ABI change - Rawstudio from github https://github.com/rawstudio/rawstudio/ . - Drop all patches beacuse they are upstreamed. - https://fedoraproject.org/wiki/Packaging:SourceURL#Github - Updated requirements. - Use a parcial copy of autogen.sh to build this package. - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 4.2.0 - Switch to unversioned docdir for >= F20 (bz#993768) - Update to 4.2.1 - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 4.3.0 - Update to 4.3.3 - Rebuild for boost 1.57.0 - Rebuilt for GCC 5 C++11 ABI change - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - Initial package - Updated as per the comments - Updated as per the Fedora usage guidelines - Updated to comply with Fedora guidelines - Correcting missing requirements & updating as per the Fedora guidelines - Updating licensing & other issues so as to comply with Fedora guidelines - Fixing licensing issues - Added conditional for F19/F20 and marked readme as doc - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - New upstream release candidate 5.2.1rc1 - New upstream release 5.2.1 - 1167331: Enabled native systemd support. - Does not disable old systemd, starter, ipsec.conf support yet. - New strongswan developer release 5.2.2dr1 - Enabled ccm, and ctr plugins as it seems enabling just openssl does not work for using ccm and ctr algos. - new version 5.2.2 - Fixes strongswan swanctl service issue rhbz#1193106 - new version 5.3.0 - new version 5.3.1 - new version 5.3.2 - Add server_args to /etc/xinetd.d/bitlbee (#1102062) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upgrade to 3.2.2 (#1116567) - Enable libpurple support additionally to built-in protocols - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) - Really disable libpurple support for Fedora except Rawhide - Disable libpurple due to dbus issues also in EPEL (#1126930) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release. - Requires libotr >= 4 (so EPEL-6 will require new build of libotr 4) - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release (#1205936) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - enable SSE2 on x86_64 only, fixes build on secondary arches - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to upstream 0.7.5a - Remove nosse2 patch because 0.7+ versions only build on x86_64 - Update to upstream 0.7.9a - Docs now in Markdown format, including new README.md - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to upstream 0.7.10 - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Ticket #281 - TLS not working with latest openldap - Ticket #161 - Review and address latest Coverity issues - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuild for new icu - Rebuild with correct icu on s390(x) -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password - Ticket #47415 "Manage certificates" crashes admin server - 8647ad8 fix compiler warnings - enhancements to test ticket 47415 - bump version to 1.1.21 - Ticket 47929 - adminutil - future proof getSSLVersion - Ticket 47929 - Adminutil - do not use SSL3 by default - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47881 - crash during debug session in adminutil - Ticket 47680 - Upgraded 389-admin rpms and now I can't start dirsrv-admin - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - 4.14.2 - 4.14.3 - 4.14.4 - Rebuild for boost 1.57.0 - rebuild (gcc5) - 4.14.5 - 4.14.6 - 4.14.7 - 4.14.8 - 4.14.9 - the 1.1.6 release - git tag 389-admin-console-1.1.6 - Bug 668950 - Add posix group support to Console - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - the 1.1.7 release - git tag 389-admin-console-1.1.7 - Bug 476925 - Admin Server: Do not allow 8-bit passwords for - the admin user - Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) - Bug 723126 - Configure Admin Server -> Connection Restriction --> Add Screen is flicking consistently. - Resolves: Bug 766011 - Selecting "Administration Server" in Server Group causes stack trace - bump rel for java rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - bump version to 1.1.9 - Bug 886407 - Cannot restart SSL-admin server from console (#47477) - Bug 966958 - Improve online help for Add CRL dialog (#47467) - Bug 844764 - Directory Console generates insufficient key strength (#362) - bump version to 1.1.10 - Bug 1022104 - Remove versioned jarfiles from _javadir (idm-console-framework) - Add server_args to /etc/xinetd.d/bitlbee (#1102062) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upgrade to 3.2.2 (#1116567) - Enable libpurple support additionally to built-in protocols - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) - Really disable libpurple support for Fedora except Rawhide - Disable libpurple due to dbus issues also in EPEL (#1126930) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release. - Requires libotr >= 4 (so EPEL-6 will require new build of libotr 4) - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release (#1205936) - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Update to ganglia-web 3.5.7 - Add extra patch for XSS security - Hardened build in FC > 18. - Update to ganglia 3.6.0 and ganglia-web 3.5.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to ganglia-web 3.5.10 - Add patch as workaround for CVE-2013-6395 (bz #1034527) - Update to ganglia-web 3.5.12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - 3.7.1 & ganglia-web 3.6.2 - ganglia-web 3.7.0 - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - Rebase to 2014g - Turks & Caicos is switching from US eastern time to UTC-4 year-round, modeled as a switch from EST/EDT to AST on 2014-11-02 at 02:00. - Rebase to 2014h - Changes in past time stamps, code, and documentation. - Rebase to 2014i - Pacific/Fiji will observe DST from 2014-11-02 02:00 to 2015-01-18 03:00. - A new Zone Pacific/Bougainville, for the part of Papua New Guinea that plans to switch from UTC+10 to UTC+11 on 2014-12-28 at 02:00 - Rebase to 2014j - Turks & Caicos' switch from US eastern time to UTC-4 year-round did not occur on 2014-11-02 at 02:00. It's currently scheduled for 2015-11-01 at 02:00. - Rebase to 2015a - New leap second 2015-06-30 23:59:60 UTC as per IERS Bulletin C 49. - The Mexican state of Quintana Roo, represented by America/Cancun, will shift from Central Time with DST to Eastern Time without DST on 2015-02-01 at 02:00. - Chile will not change clocks in April or thereafter; its new standard time will be its old daylight saving time. This affects America/Santiago, Pacific/Easter, and Antarctica/Palmer. - Rebase to 2015b - Mongolia will start observing DST again this year, from the last Saturday in March at 02:00 to the last Saturday in September at 00:00. - Palestine will start DST on March 28, not March 27. Also, correct the fall 2014 transition from September 26 to October 24. Adjust future predictions accordingly. - Rebase to 2015c - Egypt's spring-forward transition is at 24:00 on April's last Thursday, not 00:00 on April's last Friday. 2015's transition will therefore be on Thursday, April 30 at 24:00, not Friday, April 24 at 00:00. Similar fixes apply to 2026, 2037, 2043, etc. (Thanks to Steffen Thorsen.) - Rebase javazic tool to match latest upstream OpenJDK version - Rebase to 2015d - Egypt will not observe DST in 2015 and will consider canceling it permanently. For now, assume no DST indefinitely. - The abbreviations for Hawaii-Aleutian standard and daylight times have been changed from HAST/HADT to HST/HDT, as per US Government Printing Office style. This affects only America/Adak since 1983, as America/Honolulu was already using the new style. - Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18 as we had guessed. - Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18 as we had guessed. - Assume Cayman Islands will observe DST starting next year, using US rules. Although it isn't guaranteed, it is the most likely. - Initial package - Backported commit c6949531d2399f81a5e15caf256f156dd68e00e9 for OwnCloud - Sub-packaged examples - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - new upstream release 1.0.6-beta - apply CA trust store path substitution to Curl as well as Stream - use new ASL 2.0 directory - add Packagist/Composer provide - new upstream release 1.1.2 - relocate autoloader to make it work with systemwide installation - update autoloader relocation patch to match latest upstream submission - Initial version 1.0.0 - Update to version 1.0.1 * Added --libs to pkg-config. * Added nss_wrapper-config.cmake * Fixed a bug packaging the obj directory. - resolves: #1060906 - Fedora package. - Remove Group - Remove glibc-devel build requirement - Do not create a subpackage. - resolves: #1075932 - Fix segfault in 'getent hosts'. - Update to version 1.0.2. - Update to version 1.0.3. - Fix format of changelog entries. - Require cmake. - Don't own _libdir/pkgconfig, and require pkgconfig instead. - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - [s390*] Import upstream fix for 64->32 debugging. - Fix crash on optimized-out entry data values (BZ 1111910). - Fix memory errors with demangled name hash (Tom Tromey). - Fix regression of the optimized-out entry data values fix (of BZ 1111910). - Fix regression#2 of the optimized-out entry data values fix (of BZ 1111910). - Import upstream demangler fixes (Gary Benson, Andrew Burgess, BZ 1119559). - Install gdb/jit-reader.h on include directory (BZ 1141968). - Fix 'Slow gstack performance' (RH BZ 1149865, Jan Kratochvil). - Accelerate interactive symbols lookup 15x. - Fix 'Unowned dir /usr/include/gdb/' (RH BZ 1164991). - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - Initial Package. - Split out the doc package. - Add some missing BRs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.1 - Fix the unusable package. - Correct the pkgconfig libdir path. - NVR bump - %files section typo fix - Library path fix again. - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Fixed broken dep on fltk for coda-vcodacon - Found an additional missing depends - Extend coda-6.9.5-vcodacon-configure.patch to reflect fltk headers having changed (Fix FTBS). - Add "touch-magic" to avoid rerunning the autotools. - Revert the Fri Jun 03 2011's spec changes. - Converted sysv init script to systemd scripts (bz 771490) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed service file error (bz1071534) - Fixed auth2 pid file naming (bz 1074321) - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062) - pull in upstream fix for a possible null dereference in a db2 btree error case (#1132063) - pull in upstream rewrite of getclhoststr() in the iprop service, to correctly detect wnen a client principal name is malformed (#1132067) - kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1078888) - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347) - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" - Fix NTLMSSP fallback (#1122324) - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) - rebuild for new tcl/tk - mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk libs) - update to 3.1.2 - rebuild for ICU 54.1 - update to 3.1.3 - update to 3.2.0 - conditionalize MAKEINFO for ancient things (rhel 6 or older) - valgrind is available only on selected arches, fixes build on s390 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - update to 3.2.1 - Update to upstream release 1.4.4 - Security fix BZ 1032267 - update to upstream release 1.4.5 - avoid multiple index directives (#1065488) - update to upstream release 1.4.6 - update to upstream release 1.4.7 - patch for CVE-2014-3616 virtual host confusion (#1142573, #1142575) - create nginx-filesystem subpackage (patch from Remi Collet) - add vim files (#1142849) - use default.d directory - fix path to png images in error pages (#1232277) - optimize png images with optipng - Initial package submission. - Updated file names to match upstream: s/license/LICENSE/ s/author.txt/AUTHOR/ - Added required build dependencies (gzip, pod2man) to build manual page. - Added build and install of manual page. - Removed BuildRequires on gzip. - Removed attribute declarations on file list. - Updated version/release strategy to be more consistent with Fedora naming guidelines. - Added /usr/share/gitstats to files list. - Added -p argument to install invocation to preserve timestamps. - Use release macro in pod2man arguments instead of rebuilding the equivalent again using the other macros. - Added handling of -h and --help arguments (rhbz#962168). - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Change manpage repository address to github. - Fix Makefile `make man` to work w/o .git - Correct splitting of git-ls-tree output - Add missing alt text for img. - Move </tr> to right place. - Use id-based fragment identifiers. - Generate html5, not xhtml. - Add missing xhtml end tag. - Added HTML header meta tag so that author names will be shown correctly also when the file is opened in a browser. - Removed useless merge_authors configuration option. Use .mailmap instead. - How to merge author information. - Document start_date option on the manpage. - implement a way to limit the statistics to commits after a start date - properly terminate created subprocesses - Fix indentation to be consistent. - Go back to previous dir to no fail on relative paths - Bump copyright year. - Y-Axis of graphs start at zero - fix: let "Pool" for line count data collection honor "processes" configuration setting - Bump README python requirement to 2.6.0. - Remove backticks from author names passed to gnuplot. - Fix minor documentation issues - Make number of processes configurable. - Fix performance issue for huge repositories - Bump copyright year. - Refer to manual page in usage. - Initial Package. - Split out the doc package. - Add some missing BRs. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 2.1 - Fix the unusable package. - Correct the pkgconfig libdir path. - NVR bump - %files section typo fix - Library path fix again. - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Update to 1.5.4 - drop hard-coded Requires: neon, qtkeychain, let rpm autodeps handle it - drop BR: gcc-c++ - -devel: tighten subpkg dep - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Updated to 1.7.0-beta1 - Updated Patch0 - Added Patch1 to fix rpath in binaries - Added nautilus subpackage - Updated tarball URL - Updated to 1.7.0 - Add missing dependency - Updated to 1.7.1 - Added gcc5 compliance patch - Update to bugfix release 2014.7.2 - Update to bugfix release 2014.7.4 - Fix RH bug #1210316 and Salt bug #22003 - Update to bugfix release 2014.7.5 - Update to feature release 2015.5.0 - Update to bugfix release 2015.5.1 - Add missing dependency on which (RH #1226636) - Update to bugfix release 2015.5.2 - Update skipped tests - Mark salt-ssh roster as a config file to prevent replacement - fix build w/httpd 2.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - fix build with new GnuTLS - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - fix _httpd_mmn expansion in absence of httpd-devel - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - config change to use system policy (rhbz#1109115) - fix change to use system policy (rhbz#1109115) only on newer fedoras - rebase to 0.6 (rhbz#1109115) - ecryptfs-utils updated to 101 - ecryptfs-utils updated to 103 - make executables hardened (#965505) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ecryptfs-migrate-home did not restore selinux labels (#1017402) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - ecryptfs-utils updated to 104 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - fix pam sigsegv (#1184645) - ecryptfs-utils updated to 106 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - New upstream release - Updated nopprof patch to match new release - Fixed a few bogus changelog entries - New upstream release. This release fixes a critical regression - Patch that removes explicit altivec on el5/ppc - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Added an i686 build fixing bz #1106933 - Added valgrind-devel to BuildRequires, fixing bz #974270 - bz #1106933 fix only for fedora 21 and above - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - valgrind-devel is not available on s390, closes #1131014 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - updated to 0.38.rc1 - updated to 0.38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - resolves: #850183 scriptlets replaced with new systemd macros (thanks to vpavlin) - cleaned .spec file - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - bump release and rebuild to fix some dependencies on PPC - add BR: systemd-units - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - resolves: #1018839 lex.l update: add \,% and @ character into regexp for ID - resolves: #647107 api.c: support for setting multiline values in control files - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - New version - Using new GitHub rule to get archive with tests - Run tests manually - Added BR python-defusedxml - Dropped dance around release and development versioning - Added patch for Django 1.5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Change Docdir to Unversioned Docdir - Fix unversioned docdir issue (rhbz#1001252). - Fix bogus changelog entry. - update to 0.11.0 (rhbz#959137) - remove check section :-(, upstream does not provide tests in tarballs - update to 0.11.1 (rhbz#1100733) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Fix python-dateutil Requires. - Fix python-dateutil requires - Update to 0.12.1 (rhbz#1142992) - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - rebuild (OpenEXR) - Update to 6.8.3-9 (so-naming scheme change to *-6.so) (ml: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg57163.html). - Split out libs subpackage by Remi Collet request (bz#849065). - Enable fftw to do Fourier transforms (add BuildRequires: fftw-devel) - bz#950254 by Søren Sandmann Pedersen request. - Update to 6.8.5-10 upstream version (bz#720285). - By Remi Collet request (bz#969760) enable those features in ImageMagick: --with-lcms2 (instead of --with-lcms): lcms2-devel --with-openexr: OpenEXR-devel --with-webp: libwebp-devel - Update to 6.8.6-3. - Added aarch64 to list of 64bit arches (bz#978339). - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Build 6.8.6-3 version because soname bump happened in newer. - Concretize soname versioning. - Add Patch0: ImageMagick-6.8.7-psd-CVE.patch CVE bug fix backporting: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=25128&sid=ff40ad66b1f845c767aa77c7e32f9f9c&p=109901#p109901 for fix CVE-2014-1958 (bz#1067276, bz#1067277, bz#1067278), CVE-2014-1947, CVE-2014-2030 (bz#1064098) - Enable %check by Alexander Todorov suggestion - bz#1076671. - Add %{?_smp_mflags} into make install and check (not main compilation). - Porting some other non-destructive minor enhancments from master branch: o Drop BR giflib-devel (bz#1039378) o Use %__isa_bits instead of hardcoding the list of 64-bit architectures. - Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354 Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch - Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355 Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch - Fix 4 more security bugs: o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263 Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265 Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269 Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271 Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - furher fixes: - BR: python2-devel for -python; drop -devel req - add tcl dep for owmon and owtap - update to 2.9p1, dropping merged patches - remove perl-owfs bits from .spec, for now - correct python _OW.so perms 0775 -> 0755 - deal with unused-direct-shlib-dependency - include main COPYING in -tap and -mon - add BR: systemd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - new upstream release - new upstream release - latest upstream release - new upstream version 2.9p7 - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Update to latest upstream checkout including: Afghanistan, Argentina, Armenia, Australia, Austria, Bahrain, Canada, Croatia, Denmark, Dominican Republic, Finland, France, French Polynesia, Germany, Greece, Hong Kong, Hungary, China, Iceland, India, Indonesia, Iran, Israel, Israel, Italy, Latvia, Luxembourg, Mexico, Montenegro, Netherlands, New Zealand, Nicaragua, Norway, Paraguay, Philippines, Poland, Portugal, Romania, Rwanda/Burundi, Slovakia, Slovenia, Spain, Sudan, Sweden, Switzerland, Thailand, Tunisia, Uganda, United Arab , - Own the %{_datadir}/%{name} dir. - Remove duplicate "make check". - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Update to latest upstream checkout including: * south africa: add 8.ta (Telkom) provider (bgo #641916), remove username for Cell-C (bgo #640794) * switzerland: update Orange plans and APNs (bgo #638115) * tanzania: add Sasatel and TTCL, add CDMA for Zantel (bgo #634609) * india: new unified BSNL APNs (rh #667280) * ec: add Movistar Ecuador (bgo #638223) - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Update to latest upstream release 20120614 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to latest upstream git snapshot 20150421git - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Remove per-edition config files - Decide on default configuration based on /etc/os-release - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink - Switch to using $VARIANT directly from /etc/os-release - Use VARIANT_ID instead of VARIANT for making decisions - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review - Fixed 'pid_file' referenced before assignment (RHBZ#1233232) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Supressed dmlite- prefix from the Python package - dmlite release 0.6.2 - Patched mistyped parenthesis in Security.cpp - Rebuild for boost 1.55.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Push on Fedora/EPEL for 0.7.0 - Fix ppc EPEL5 compilation issue - Fix issue related to memcache on F21 / rawhide - Update to 0.7.1, bugfix for memcached plugin - Update to 0.7.2, BugFix for too much verbose logging - rebuilt - new version - new version - No longer package compiled py files in /etc/fedmsg.d/ - new version - new version - new version - add dep on python-six - adjust ownership of fedmsg.d/ files. - Fix logrotate mode. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Re-enable cert validation for end clients. - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Remove versioned docdirs, BZ 994039 - add explicit avahi build deps - Update to 2.10.9 - Update to 2.10.10, includes security fixes for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697 and CVE-2014-3698 - Fix: Pidgin 2.10.10 can't connect to MSN (#1165066) - Fix: Bump MSN ApplicationID again (#1165066) - Update to 2.10.11 (#1232349) - removed python binding since python can use dbus interface instead - removed btrfs-progs and LVM dependecies (#852174) - patch: do not build zypp plugin - patch: avoid abrt when 'diff' command is executed without arguments - patch: do not check for btrfs-progs binary - patch: do not allow 'create-config' command on non-thin LVM volumes (#852174) - edit libtool script to link with: '-Wl, --as-needed' - spec file polishing - Rebuild for Boost-1.53.0 - updated to latest upstream version - fixed wrong include: "auto_ptr.h" -> <memory> - moved diffutils dependency to client - updatet to latest upstream version - add support to compare extended attributes ('xadiff' command) - add support to revert modificiations in file's extended attributes - patch: avoid useless build dependency on libattr-devel - fixed possible security vulnerability in extended attributes handling - rebuild for boost 1.54.0 - Boost.Thread DSO does not include -mt suffix anymore (snapper-boost-mt.patch) - updated to latest upstream - allow whitespace in ALLOW_USERS and ALLOW_GROUPS - enable new pam module - modified specfile to reflect recent change in %doc macro (no more version suffix) - patch: pam module installed in proper libdir - Add a missing requirement on crontabs to spec file (#989115) - Update to snapper 0.1.7. - removed --enable-xattrs (already enabled by default) - patch: reflect recent change in libbtrfs API - Update to snapper 0.1.8 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial RPM release - Added comment explaining licensing - Moved 'ChangeLog' file to doc subpackage (file much larger than library) - Removed -devel dependency for -doc subpackage - Removed _missing_build_ids_terminate_build undef - Update to libsigrokdecode-0.1.1 release - Drop dependency of -doc subpackage - Use explicit soversion in files section - Remove README from -devel subpackage (already included in main package) - Remove ChangeLog from -doc subpackage (only contains a 'git log') - Own datadir/libsigrokdecode directory - Add python3-devel as dependency of -devel subpackage - Add graphviz as a build dependency (needed for doxygen docs) - Cherry-pick upstream patch clarifying license - Fix typo in comment - Make verbose build (V=1 make) - Remove unneeded buildroot and defattr tags - Update to libsigrokdecode 0.2.0 release (soname version bump) - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to libsigrokdecode-0.3.0 release - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - update to 2.6.0 release - update to 2.6.1 release - add upstream patch to fix USERNAME issue - update to 2.6.2 release - update to 2.6.3 release - Fix synaptics issue - update to 2.6.4 release - use new license macro - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - rename the mimeapps.list - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - only show cabal-install upgrade notice for verbose - HUnit is a separate package again - network is a separate package again - QuickCheck and HTTP are separate packages again - transformers lib is now separate package - cabal-install, happy, parallel, regex-compat are now separate packages - alex and syb are separate packages again - fix build for versioned docdirs - rebuild for F21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - bump cabal-install to 1.16.1.0 and allow newer versions - update urls - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work - Update to nss-3.17.2 - Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available - Resolves: Bug 994599 - Enable TLS 1.2 by default - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic - Own the %{_datadir}/doc/nss-tools dir - Update to nss-3.17.4 - Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Initial packaging - Remove old RPM relics - Bulk sad and useless attempt at consistent SPEC file formatting - Update to a new release tarball - Update to a newer snapshot - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 0.3 release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Update to 0.4 release - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Initial spec file. - Update Oz requirement to 0.7.0 or later for new target-specific package config - Update SPEC file to restart service after an install - Rebase with upstream - Remove references to man directories. Documentation will be hosted @ imgfac.org. - Rebase with upstream - Improved CLI parameter passing support - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - New upstream release - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release - BZ 850185, Use new systemd rpm macros - BZ 1122117, Use correct tmpfiles.d dir - Specify udev files to /usr/lib dir instead of /lib - Move command line python files to python package - New upstream release - Fix udev files directory - Move command line files to python package - Make updates work correctly for removed sub package libstoragemgmt-ibm-v7k-plugin - Rebuilt for GCC 5 C++11 ABI change - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release 1.2.1. - Changed upstream URL and source URL to github. - New sub-pacakges: * libstoragemgmt-megaraid-plugin New plugin in 1.2.0 release. * libstoragemgmt-hpsa-plugin New plugin in 1.2.0 release. - Add bash-completion script for lsmcli. - New rpmbuild switch: * '--without test' Use to skip 'make check' test to save debug time. * '--without megaraid' Don't compile megaraid plugin. * '--without hpsa' Don't compile hpsa plugin. - Remove PyYAML BuildRequires. - Add NEWS(changelog) to document folder. - Replace the hardcoded udev path with /usr/lib/udev/rules.d. - Fix rpmlint error 'dir-or-file-in-var-run'. - Mark /run/lsm and /run/lsm/ipc as %ghost folder. - Fix rpmlint warnning 'W: non-standard-uid /run/lsm libstoragemgmt'. - Add 'Requires(post)' and 'Requires(postun)' to plugins in order to make sure plugin is installed after libstoragemgmt and removed before libstoragemgmt. - Fix the incorrect use of - Removed autogen.sh which is not required for release version any more. - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Update to nss-3.16.2 - Update to nss-3.17.0 - Update to nss-3.17.1 - Update to nss-3.17.2 - Update to nss-3.17.3 - Update to nss-3.17.4 - Update to nss-3.18.0 - Update to NSS 3.19 - Update to NSS 3.19.1 - Update to NSS 3.19.2 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Rebuild for grass 6.4.3 - New upstream release - Exclude ARM for now, due to build issues - Remove import path for httplib2 module to use the system version - Use upstream desktop files - Fix Grass version to make breakage more visible - rebuild (sip) - Patch QGIS #8507 -- QGIS trunk failed to compile with sip 4.15 - Patch QGIS #8601 -- sip: QgsFieldValidator::fixup has versioned and unversioned overloads - Rebuild for new qwt and qwtpolar - Python sub-package must require psycopg2 for the Processing plug-in (BZ #1043683) - Rebuild for minor ABI breakage in spatialindex 1.8.1 - New upstream release - Fix the issue of the license text not being shown in the GUI - Drop EL5 support leftovers - Remove private provides - Remove unnecessary explicit paths for GDAL - Simplify conditionals - Remove custom plugin directory setting - Delete bundled Pyspatialite - Compress changelog file - Simplify documentation labeling - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - remove rhel logic from with_python3 conditional - Rebuild for Python 3.3 - Fix for use of sphinx's manpage writer with docutils-0.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Fix inheritance_diagram quoting bug, exposed by the newer, stricter dot - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Add sphinx-*-3 links to scripts Resolves: #1098109 - Clean up python3-sphinx's locale files, they ended up in the python2 package. Share the locale files in /usr/share instead - If a separate LaTeX subpackage is not generated, the main package should have a virtual Provides: for it (bz#1187989) - Disable tests for the Python3 build; they were not fully adapted to Python 3. The tests previously passed because they were accidentally run using Python 2. - Complete LaTeX builder deps (fixes bz#882166) - Make test output verbose - Add BRs needed to enable all tests - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - New upstream release candidate 5.2.1rc1 - New upstream release 5.2.1 - 1167331: Enabled native systemd support. - Does not disable old systemd, starter, ipsec.conf support yet. - New strongswan developer release 5.2.2dr1 - Enabled ccm, and ctr plugins as it seems enabling just openssl does not work for using ccm and ctr algos. - new version 5.2.2 - Fixes strongswan swanctl service issue rhbz#1193106 - new version 5.3.0 - new version 5.3.1 - new version 5.3.2 - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Update to sanlock-3.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to sanlock-3.1.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to sanlock-3.2.0 - Update to sanlock-3.2.1 - Drop exclusive arch - Initial packaging - update to 1.8.8 - drop max version for VObject - update to 1.8.9 - update to 1.8.10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - update to 1.8.12 (bugfix release, no bc breaks) - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - rebuild dmdfe 2.059 - Update to nex rev - update - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Update to rev 96fea24 - Update to rev 667c566 - Update to rev ff2b1d3 - exclude arm - Update to latest rev - update to latest rev - digikam-4.6.0 - rebuild (marble, f20/f21) - bump release - Rebuild (libgpohoto2) - digikam-4.7.0 - rebuild - digikam-4.8.0 - digikam-4.9.0 - removed libkgeomap translations - digikam-4.10.0 - added more kipiplugin translations - digikam-4.11.0 - Rebase with upstream - Add abort() method to TinMan plugin - Rebase with upstream - Improved parameters parsing that couples with improved parameters CLI support in core imagefactory - Add support for "offline" ICICLE generation in TinMan - Rework IndirectionCloud to work with recent Oz releases - Add Nova plugin - Upstream 1.1.6 release - Assorted fixes and features to enable rpm-ostree-toolbox integration - Upstream release 1.1.7 - Vagrant box support added to OVA plugin - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - initial Fedora version - Add doxygen-generated documentation in doc subpackage - Use explicit soversion in files section - Update sources to lastest git snapshot (3ceb8ae) - Remove empty doc macro from devel subpackage - Make doc subpackage dependent on main package - Document archive generation process and regenerate source archive - Use _smp_mflags macro when building doc to silence fedora-review - Updated sources to official libserialport release - Added "Provides" for bundled jquery - The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf - The Asterisk Development Team has announced the release of Asterisk 11.14.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.14.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24348 - Built-in editline tab complete segfault with - MALLOC_DEBUG (Reported by Walter Doekes) - * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to - INVITE retransmissions of rejected calls (Reported by Torrey - Searle) - * ASTERISK-23768 - [patch] Asterisk man page contains a (new) - unquoted minus sign (Reported by Jeremy Lainé) - * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits - (Reported by Jeremy Lainé) - * ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir - Cohen) - * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with - realtime peers (Reported by ibercom) - * ASTERISK-24384 - chan_motif: format capabilities leak on module - load error (Reported by Corey Farrell) - * ASTERISK-24385 - chan_sip: process_sdp leaks on an error path - (Reported by Corey Farrell) - * ASTERISK-24378 - Release AMI connections on shutdown (Reported - by Corey Farrell) - * ASTERISK-24354 - AMI sendMessage closes AMI connection on error - (Reported by Peter Katzmann) - * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with - ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell) - * ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are - incorrectly attempted (Reported by Joshua Colp) - * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too - high on linux systems with lots of RAM (Reported by Michael - Myles) - * ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates - received for component (Reported by Kevin Harwell) - * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE - results in a SIP channel leak (Reported by NITESH BANSAL) - * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP - Re-INVITE results in a SIP channel leak (Reported by Torrey - Searle) - * ASTERISK-24406 - Some caller ID strings are parsed differently - since 11.13.0 (Reported by Etienne Lessard) - * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30 - (Reported by Tzafrir Cohen) - * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by - Tzafrir Cohen) - * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE - (Reported by Paolo Compagnini) - * ASTERISK-18923 - res_fax_spandsp usage counter is wrong - (Reported by Grigoriy Puzankin) - * ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by - Corey Farrell) - * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout - (Reported by Dmitry Melekhov) - * ASTERISK-23846 - Unistim multilines. Loss of voice after second - call drops (on a second line). (Reported by Rustam Khankishyiev) - * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy - when sending qualify requests (Reported by Damian Ivereigh) - * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of - SSLv3, security fix POODLE (CVE-2014-3566) (Reported by - abelbeck) - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf - The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf - The Asterisk Development Team has announced the release of Asterisk 11.15.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.15.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-20402 - Unable to cancel (features.conf) attended - transfer (Reported by Matt Riddell) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf - The Asterisk Development Team has announced the release of Asterisk 11.16.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.16.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0 - The Asterisk Development Team has announced the release of Asterisk 11.17.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.17.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE - with replaces (Reported by Eelco Brolman) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf - Add server_args to /etc/xinetd.d/bitlbee (#1102062) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Upgrade to 3.2.2 (#1116567) - Enable libpurple support additionally to built-in protocols - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) - Really disable libpurple support for Fedora except Rawhide - Disable libpurple due to dbus issues also in EPEL (#1126930) - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - New upstream release. - Requires libotr >= 4 (so EPEL-6 will require new build of libotr 4) - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - New upstream release (#1205936) - Initial rpm build - Added tests - Corrected file lists - Added docs - Split documentation to separate sub package - Make nosetest for py3 a wildcard - Correct nosetest3* usage - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - Ticket #281 - TLS not working with latest openldap - Ticket #161 - Review and address latest Coverity issues - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuild for new icu - Rebuild with correct icu on s390(x) -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password - Ticket #47415 "Manage certificates" crashes admin server - 8647ad8 fix compiler warnings - enhancements to test ticket 47415 - bump version to 1.1.21 - Ticket 47929 - adminutil - future proof getSSLVersion - Ticket 47929 - Adminutil - do not use SSL3 by default - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47881 - crash during debug session in adminutil - Ticket 47680 - Upgraded 389-admin rpms and now I can't start dirsrv-admin - simplify dropbox autoloader patch (just drop it entirely a la AWS) - extend the htaccess patch to cover updater as well as initial setup - rebase apache config stuff again, private dir denials only on 8.x branch - update to 8.0.1rc1 - backport some significant app store fixes from upstream stable8 - new release 8.0.2 - Use php handler from php-fpm nginx conf - Fix nginx conf to serve static apps-appstore - new release 8.0.3 - disable the htaccess fiddling stuff harder - new release 8.0.4 - update to 3.5.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - update mime scriptlet - Update to 3.6.0 - Rebuild for llvm 3.5 - Update to 3.6.1 - Rebuild (poppler-0.28.1) - Rebuild (poppler-0.30.0) - update to 3.7.1 - provides/obsoletes the old -examples subpackage - Added the kyua-tests package providing the run-time tests of Kyua, readily runnable by the end users. - Updated to new upstream version 0.5. - Made the installation of the package preserve the build times of the files. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Use Lutok 0.3 to support Lua 5.2. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to 0.6 - Update to 0.7. - Update to 0.8. - Depend on atf-0.20 for libatf-c++ ABI changes. - Fixed broken dep on fltk for coda-vcodacon - Found an additional missing depends - Extend coda-6.9.5-vcodacon-configure.patch to reflect fltk headers having changed (Fix FTBS). - Add "touch-magic" to avoid rerunning the autotools. - Revert the Fri Jun 03 2011's spec changes. - Converted sysv init script to systemd scripts (bz 771490) - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Fixed service file error (bz1071534) - Fixed auth2 pid file naming (bz 1074321) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - fix buildrequires llvm 3.4-5 to 3.4-6, because 3.4-5 is not available for F20 - 10.1.3 upstream release - 10.1.4 upstream release - i915: add a missing NULL pointer check (RHBZ #1100967) - drop previous patch (not needed for F20) - 10.1.5 upstream release - 10.3.2 - 10.3.3 - 10.3.4 - 10.3.5 - vdsm tag 4.14.6-0 - vdsm tag 4.14.7-0 - vdsm tag 4.14.8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - vdsm 4.16.0-6.git5d3ed2d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - vdsm tag 4.16.4 - vdsm tag 4.16.5-5 - vdsm tag 4.16.7 * vdsm tag 4.16.10 - ovirt 3.5 build - Add patch to fix imake build - Add patch to fix -Werror=format-security build - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream - Update to 3.5.0.24 - Drop format patch applied upstream - Add patch for aarch64 support attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Update to 3.5.0.27 - Drop aarch64 patch applied upstream - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Update to 3.5.0.28 - Fix unowned directories - Minor cleanup - Update to 3.5.0.29 - Update to 3.5.0.31 - Own /etc/x2go to ensure proper cleanup - Resolves: rhbz#1169593 patch to set DOCKER_CERT_PATH regardless of config file - run tests inside a docker repo (doesn't affect koji builds - not built) - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean - Resolves:rhbz#1185423 - MountFlags=slave in unitfile - Resolves: rhbz#1184266 - enable debugging - enable creation of core dumps - set no limit on core dump size - Resolves: rhbz#1191438 - update to v1.5.0 - add env var for insecure-registry to /etc/sysconfig/docker - include arm builds - merge -pkg-devel into -devel - build @rhatdan/fedora-1.6 commit#b27feb4 - moved GOTRACEBACK=crash to unitfile - Obsolete docker-io-pkg-devel < 1.6.0-1 - Update a list of provides of devel subpackage resolves: #1215912 - Resolves: bz#1217987 - fix unqualified push - via Michal Minar <miminar@redhat.com> - Linux v3.19.6 - Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz 1218662) - CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074 1218110) - Linux v3.19.7 - Linux v3.19.8 - Fix spew from KVM switch (rhbz 1219343) - Fix DVB oops (rhbz 1220118) - Linux v4.0.4 - Backport patch to fix might_sleep splat (rhbz 1220519) - Add submitted stable fix for i915 flickering on ilk (rhbz 1218688) - Fix signed division error (rhbz 1200353) - Apply queued fixes for crasher reported by Alex Larsson - 3.10.1-1 - version upgrade - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Perl 5.20 rebuild - 3.11.0-1 - version upgrade (rhbz#1155086) - disable SSLv3 (rhbz#1153970) - include plugin appdata - 3.11.1-1 - version upgrade - appdata removed upstream - 3.11.1-2 - bump for libetpan 1.6 - 3.11.1-3 - fix segfault in wizard and account prefs (rhbz#1123895, rhbz#1182146) - do not own icon directories owned by hicolor-icon-theme (rhbz#1171902) patch by David King - add patch to build with system libical (rhbz#1079729) - add patch to utilize system crypto-policies >=f21 (rhbz#1179279) - require pinentry-gui on >f19 again (rhbz#587326,rhbz#981923) - 3.11.1-4 - workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158) - enable tnef plugin on epel - disable bsfilter plugin on epel - 3.11.1-5 - enable gdata plugin on epel - 3.11.1-6 - fix clamav preferences crash (rhbz#118891, rhbz#118774) - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1 - New upstream release 1.11.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.6 - Do not crash on resolving group SIDs in IPA server mode - Start before systemd-user-sessions.service and nss-user-lookup.target - New upstream release 1.11.7 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.7 - update the libldb requirement to 1.1.17, which is required by Samba - Fix a sysdb lookup error that resulted in IFP not returning subdomain users - Backport an upstream patch to ignore PAC verification failures - sssd_be crashes in nested LDAP code in case of ldap error - Resolves: rhbz#1126557 - backport fixes from upstream - Create new sub-packages for pcp-webjs and python3-pcp. - Fix __pmDiscoverServicesWithOptions(1) codes (BZ 1139529) - Update to latest PCP sources. - papi 5.4.0 rebuild - New conditionally-built pcp-pmda-perfevent sub-package. - Update to latest PCP sources. - Update to latest PCP sources. - Improve pmdaInit diagnostics for DSO helptext (BZ 1182949) - Tighten up PMDA termination on pmcd stop (BZ 1180109) - Correct units for cgroup memory metrics (BZ 1180351) - Add the pcp2graphite(1) export script (BZ 1163986) - Initial changes to support python3 as default (BZ 1194324) - Only use Python 3 in Fedora >= 23, more info at https://bugzilla.redhat.com/show_bug.cgi?id=1194324#c4 - Update to latest PCP sources. - New sub-package for pcp-import-ganglia2pcp. - Python3 support, enabled by default in f22 onward (BZ 1194324) - papi 5.4.1 rebuild - Update to latest PCP, pcp-webjs and Vector sources. - Packaging improvements after re-review (BZ 1204467) - Start pmlogger/pmie independent of persistent state (BZ 1185755) - Fix cron error reports for disabled pmlogger service (BZ 1208699) - Incorporate Vector from Netflix (https://github.com/Netflix/vector) - Sub-packages for pcp-webjs allowing choice and reducing used space. - Provide and use non-exit(1)ing pmGetConfig(3) variant (BZ 1187588) - Resolve a pmdaproc.sh pmlogger restart regression (BZ 1229458) - Replacement of pmatop/pcp-atop(1) utility (BZ 1160811, BZ 1018575) - Reduced installation size for minimal applications (BZ 1182184) - Ensure pmlogger start scripts wait on pmcd startup (BZ 1185760) - Need to run pmcd at least once before pmval -L will work (BZ 185749) - Resolves: rhbz#1167683 crash in SwPostItMgr::HasNotes - Resolves: rhbz#1016758 crash on exit - Resolves: fdo#79303 Writer setting tabs with ruler changes page number offset - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - update to 4.2.8 - Resolves: fdo#72811 fix ODF 1.1 export - Resolves: fdo#87141 Remove deletes the node but we want to release it - Resolves: fdo#87237 propagate error values through matrix comparisons - Resolves: fdo#86809 connect filter conditions correctly - Resolves: rhbz#1116534 crash when pasting over a formula - Resolves: fdo#79249 call formula compiler with error string - Resolves: fdo#68385 update references only if cut originates from the same document - Resolves: fdo#73165 don't restart timer if already running - Resolves: fdo#88005 fix check in SwWW8ImplReader::StopApo() - font cache gets broken on adding an embedded font - Resolves: rhbz#1177547 system autocorr files not detected - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing co-ords no longer works - Resolves: fdo#88721 correct negated condition in range name validation - fix abuse of OUStringBuffer(int) ctor - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - Resolves: rhbz#1134841 bn/ml "close without saving" short-cuts - Resolves: rhbz#1134824 as/or/ml "save" short-cuts - Resolves: rhbz#1134815 ta "cancel" short-cuts - Resolves: tdf#83461 do not override MatColsRows if already set - Resolves: rhbz#1190657 tdf#87199 Writer crashes when merging table cells - Resolves: tdf#89500 catch ISO 8601 datetime in all locales - Resolves: tdf#89484 check that sheet reference is within selected sheets - Resolves: tdf#81659 handle expand reference edge correctly - Resolves: tdf#89679 fix incorrect mapping of font-family-complex and CharFontNameAsian - Resolves: tdf#89958 filter ends with / does not end with correction - Resolves: rhbz#1216044 CVE-2015-1774 hwp filter fix - Resolves: rhbz#1204244 group sdb windows together as 'base' - Resolves: rhbz#1223696 some labels in print dialog are not translated, even though the translations exist - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - Perl 5.18 rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Update to rev e380a86 - Update to rev a4fa323 - Update to rev 48208d4 - Update to rev d238665 - Update to latest rev - Version 3.3.0 - Update to rev 3.4.0