Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Dec 13 19:58:23 UTC 2011 

The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4907/bugzilla-3.2.10-2.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5165/phpMyAdmin3-3.4.8-1.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3762/couchdb-1.0.2-8.el5,erlang-ibrowse-2.2.0-3.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5197/jasper-1.900.1-14.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5210/clearsilver-0.10.5-15.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5213/cacti-0.8.7i-2.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    cacti-0.8.7i-2.el5
    fetch-crl-2.8.5-1.el5
    perl-Directory-Queue-1.4-1.el5

Details about builds:


================================================================================
 cacti-0.8.7i-2.el5 (FEDORA-EPEL-2011-5213)
 An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:

Update to 0.8.7i. Upstream release notes are at http://www.cacti.net/release_notes_0_8_7i.php. Notably "Multiple security vulnerabilities".

Also, merge some changes that were in Fedora: add mod_security overrides, and block HTTP access to log and rra directories.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 13 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7i-2
- Only set "su" logrotate parameter for F16 and above.
- Tweak mod_security rules.
* Mon Dec 12 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7i-1
- New upstream release (BZ #766573).
* Fri Nov 11 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7h-2
- block HTTP access to log and rra directories (#609856)
- overrides for mod_security
- set logrotate to su to cacti apache when rotating (#753079)
* Thu Oct 27 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7h-1
- New upstream release.
- Remove upstream'd mysql patch.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #766573 - cacti-0.8.7i is available
        https://bugzilla.redhat.com/show_bug.cgi?id=766573
  [ 2 ] Bug #609856 - cacti: no httpd restrictions for log and rra directories
        https://bugzilla.redhat.com/show_bug.cgi?id=609856
--------------------------------------------------------------------------------


================================================================================
 fetch-crl-2.8.5-1.el5 (FEDORA-EPEL-2011-5231)
 Downloads Certificate Revocation Lists
--------------------------------------------------------------------------------
Update Information:

* fetch-crl was occasionally leaving behind {hash}.r0.XXXXXX.r0 files. This has been fixed in this release (patch thanks to Jason Smith, BNL)
* man page was not compliant to Debian guidelines, this has been fixed (patch thanks to Mattias Ellert, Uppsala University)

--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 12 2011 Steve Traylen <steve.traylen at cern.ch> - 2.8.5-1
- New upstream 2.8.5.
- Remove fetch-crl-2.8.4-mktemp.patch since fixed upstream.
--------------------------------------------------------------------------------


================================================================================
 perl-Directory-Queue-1.4-1.el5 (FEDORA-EPEL-2011-5227)
 Object oriented interface to a directory based queue
--------------------------------------------------------------------------------
Update Information:


* Documentation cleanup.
* Packaging cleanup.
* Minor speed improvement via better I/O.
* Refactored the code to better share common parts.
* Added Directory::Queue::Simple for an alternative queue system.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  8 2011 Steve Traylen <steve.traylen at cern.ch> - 1.4-1
- Update 1.4 rhbz#760472.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #760472 - Upgrade to new upstream version
        https://bugzilla.redhat.com/show_bug.cgi?id=760472
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list