[SECURITY] Fedora 20 Update: pulseaudio-5.0-7.fc20

[updates at fedoraproject.org]

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-8183
2014-07-09 01:27:45
--------------------------------------------------------------------------------

Name        : pulseaudio
Product     : Fedora 20
Version     : 5.0
Release     : 7.fc20
URL         : http://www.freedesktop.org/wiki/Software/PulseAudio
Summary     : Improved Linux Sound Server
Description :
PulseAudio is a sound server for Linux and other Unix like operating
systems. It is intended to be an improved drop-in replacement for the
Enlightened Sound Daemon (ESOUND).

--------------------------------------------------------------------------------
Update Information:

Rebase current post-4.0 snapshot to 5.0 release, see also:
http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/5.0/

This update restores compatibility with pulseaudio upstream ABI, and includes rebuilds of affected fedora packages.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 16 2014 Rex Dieter <rdieter at fedoraproject.org> 5.0-7
- Provide padsp-32, /usr/bin/padsp is native arch only (#856146)
* Mon Jul  7 2014 Rex Dieter <rdieter at fedoraproject.org> - 5.0-6
- rtp-recv: fix crash on empty UDP packets (CVE-2014-3970,#1104835,#1108011)
- name HDMI outputs uniquely
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 13 2014 Dan Horák <dan[at]danny.cz> 5.0-4
- always run tests, but don't fail the build on big endian arches (relates #1067470)
* Sat Apr 12 2014 Rex Dieter <rdieter at fedoraproject.org> 5.0-3
- Pulse Audio settings lost after reboot / HDMI is set as default (#1035025)
* Tue Mar 11 2014 Rex Dieter <rdieter at fedoraproject.org> 5.0-2
- drop Requires: kernel (per recent -devel ml thread)
* Tue Mar  4 2014 Rex Dieter <rdieter at fedoraproject.org> 5.0-1
- 5.0 (#1072259)
* Wed Feb 26 2014 Karsten Hopp <karsten at redhat.com> 4.99.4-3
- disable make check on PPC* (rhbz #1067470)
* Mon Feb 17 2014 Rex Dieter <rdieter at fedoraproject.org> 4.99.4-2
- -qpaeq subpkg (#1002585)
* Sat Feb 15 2014 Rex Dieter <rdieter at fedoraproject.org> 4.99.4-1
- 4.99.4
* Wed Jan 29 2014 Rex Dieter <rdieter at fedoraproject.org> 4.99.3-1
- 4.99.3
* Mon Jan 27 2014 Wim Taymans <wtaymans at redhat.com> - 4.99.2-2
- don't mark .desktop and dbus configurations as %config
* Fri Jan 24 2014 Rex Dieter <rdieter at fedoraproject.org> - 4.99.2-1
- 4.99.2 (#1057528)
* Wed Jan 22 2014 Wim Taymans <wtaymans at redhat.com> - 4.0-12.gitf81e3
- Use the statically allocated UID and GID from /usr/share/doc/setup/uidgid (#1056656)
- The pulse-rt group doesn't exist (#885020)
* Wed Jan 22 2014 Rex Dieter <rdieter at fedoraproject.org> - 4.0-11.gitf81e3
- handle jack/lirc modules better (#1056619)
- -libs-devel: own some dirs to avoid deps on cmake/vala
- -module-bluetooth: make dep arch'd for consistency
* Fri Jan 10 2014 Rex Dieter <rdieter at fedoraproject.org> - 4.0-10.gitf81e3
- enable hardened build (#983606)
* Sat Dec  7 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.0-9.gitf81e3
- X-KDE-autostart-phase=1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1104835 - CVE-2014-3970 pulseaudio: denial of service in module-rtp-recv
        https://bugzilla.redhat.com/show_bug.cgi?id=1104835
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update pulseaudio' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------