Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jul 15 00:04:18 UTC 2011
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/libpng10-1.0.55-1.el6
https://admin.fedoraproject.org/updates/drupal7-7.4-1.el6
https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.3.1-1.el6
https://admin.fedoraproject.org/updates/asterisk-1.8.4.4-3.el6
https://admin.fedoraproject.org/updates/squirrelmail-1.4.22-2.el6
https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.el6
https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
SDL_gfx-2.0.22-1.el6
be-1.0.1-1.el6
django-tagging-0.3.1-3.el6
drupal6-admin_menu-1.8-1.el6
drupal6-diff-2.1-2.el6
drupal6-mobile_tools-2.3-2.el6
dspam-3.9.0-21.el6
squirrelmail-1.4.22-2.el6
Details about builds:
================================================================================
SDL_gfx-2.0.22-1.el6 (FEDORA-EPEL-2011-3810)
SDL graphics drawing primitives and other support functions
--------------------------------------------------------------------------------
Update Information:
Initial EPEL6 build of the latest SDL_gfx.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720879 - Update for EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=720879
--------------------------------------------------------------------------------
================================================================================
be-1.0.1-1.el6 (FEDORA-EPEL-2011-3811)
Bugs Everywhere, a distributed bug tracker
--------------------------------------------------------------------------------
Update Information:
Updates bugs-everywhere to the latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 13 2011 Michel Salim <salimma at fedoraproject.org> - 1.0.1-1
- Update to 1.0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #721325 - be-1.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=721325
--------------------------------------------------------------------------------
================================================================================
django-tagging-0.3.1-3.el6 (FEDORA-EPEL-2011-3806)
A generic tagging application for Django projects
--------------------------------------------------------------------------------
Update Information:
first version in el6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #721324 - please build and push django-tagging for epel6
https://bugzilla.redhat.com/show_bug.cgi?id=721324
--------------------------------------------------------------------------------
================================================================================
drupal6-admin_menu-1.8-1.el6 (FEDORA-EPEL-2011-3805)
Theme-independent administration interface for Drupal 6
--------------------------------------------------------------------------------
Update Information:
Theme-independent administration interface for Drupal 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #693118 - Review Request: drupal6-admin_menu - Theme-independent administration interface for Drupal 6
https://bugzilla.redhat.com/show_bug.cgi?id=693118
--------------------------------------------------------------------------------
================================================================================
drupal6-diff-2.1-2.el6 (FEDORA-EPEL-2011-3807)
Show diff-type changes in Drupal 6
--------------------------------------------------------------------------------
Update Information:
Show diff-type changes in Drupal 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699697 - Review Request: drupal6-diff - Show diff-type changes in Drupal 6
https://bugzilla.redhat.com/show_bug.cgi?id=699697
--------------------------------------------------------------------------------
================================================================================
drupal6-mobile_tools-2.3-2.el6 (FEDORA-EPEL-2011-3813)
The Mobile Tools provides some tools to assist in making a site mobile
--------------------------------------------------------------------------------
Update Information:
The Mobile Tools module provides Drupal developers with some tools
to assist in making a site mobile.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #719108 - Review Request: drupal6-mobile_tools - The Mobile Tools module provides some tools to assist in making a site mobile
https://bugzilla.redhat.com/show_bug.cgi?id=719108
--------------------------------------------------------------------------------
================================================================================
dspam-3.9.0-21.el6 (FEDORA-EPEL-2011-3814)
A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
Update Information:
Sets dspam to run as the dspam user instead of root
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 13 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-21
- Start daemon as dspam user
* Wed May 25 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-20
- add tmpfile for /var/run/dspam
- remove rpaths that suddenly show up in F15
* Tue Mar 22 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-19
- Rebuilt for libmysqlclient soname bump
* Wed Mar 9 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-18
- Removed patch
--------------------------------------------------------------------------------
================================================================================
squirrelmail-1.4.22-2.el6 (FEDORA-EPEL-2011-3812)
webmail client written in php
--------------------------------------------------------------------------------
Update Information:
fixes:
- CVE-2011-2023 : Messages containing style tags with malicious script attributes were being displayed without being sanitized
- CVE-2010-4555 : An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user preferences
- CVE-2010-4554 : SquirrelMail is vulnerable to clickjacking attacks wherein the entire application can be loaded in a frame that could overlay other elements on top of SquirrelMail
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 13 2011 Michal Hlavinka <mhlavink at redhat.com> - 1.4.22-2
- fix possible php warning
* Wed Jul 13 2011 Michal Hlavinka <mhlavink at redhat.com> - 1.4.22-1
- squirrelmail updated to 1.4.22
- fixes CVE-2010-4554, CVE-2010-4555, CVE-2011-2023
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720693 - CVE-2010-4554 SquirrelMail: Prone to clickjacking attacks
https://bugzilla.redhat.com/show_bug.cgi?id=720693
[ 2 ] Bug #720694 - CVE-2010-4555 SquirrelMail: Multiple XSS flaws
https://bugzilla.redhat.com/show_bug.cgi?id=720694
[ 3 ] Bug #720695 - CVE-2011-2023 SquirrelMail: XSS in <style> tag handling
https://bugzilla.redhat.com/show_bug.cgi?id=720695
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list