Fedora EPEL 4 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Dec 13 19:58:23 UTC 2011 

The following Fedora EPEL 4 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5177/jasper-1.900.1-14.el4
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5208/cacti-0.8.7i-2.el4.1


The following builds have been pushed to Fedora EPEL 4 updates-testing

    cacti-0.8.7i-2.el4.1
    duplicity-0.6.14-2.el4

Details about builds:


================================================================================
 cacti-0.8.7i-2.el4.1 (FEDORA-EPEL-2011-5208)
 An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:

Update to 0.8.7i. Upstream release notes are at http://www.cacti.net/release_notes_0_8_7i.php. Notably "Multiple security vulnerabilities".

Also, merge some changes that were in Fedora: add mod_security overrides, and block HTTP access to log and rra directories.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 13 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7i-2.el4.1
- el4's rpm does not support complex conditionals
* Tue Dec 13 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7i-2
- Only set "su" logrotate parameter for F16 and above.
- Tweak mod_security rules.
* Mon Dec 12 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7i-1
- New upstream release (BZ #766573).
* Fri Nov 11 2011 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.7h-2
- block HTTP access to log and rra directories (#609856)
- overrides for mod_security
- set logrotate to su to cacti apache when rotating (#753079)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #766573 - cacti-0.8.7i is available
        https://bugzilla.redhat.com/show_bug.cgi?id=766573
  [ 2 ] Bug #609856 - cacti: no httpd restrictions for log and rra directories
        https://bugzilla.redhat.com/show_bug.cgi?id=609856
--------------------------------------------------------------------------------


================================================================================
 duplicity-0.6.14-2.el4 (FEDORA-EPEL-2011-5225)
 Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:

fix python-2.3 incompatibility
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 25 2011 Jérôme Benoit <jerome.benoit at steria.com> 0.6.14-2
- Use python-kitchen for subprocess on RHEL 4 (#745535)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #745535 - duplicity fail because of subprocess
        https://bugzilla.redhat.com/show_bug.cgi?id=745535
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list