Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Mar 3 00:55:52 UTC 2011
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/telepathy-gabble-0.8.15-1.el6
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
https://admin.fedoraproject.org/updates/pywebdav-0.9.4.1-1.el6
https://admin.fedoraproject.org/updates/asterisk-1.8.3-1.el6
https://admin.fedoraproject.org/updates/moodle-1.9.11-1.el6
https://admin.fedoraproject.org/updates/perl-Mail-Box-2.097-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
avrdude-5.10-3.el6
bouncycastle-1.46-1.el6
dspam-3.9.0-15.el6
dvisvgm-1.0.5-1.el6
perl-Mail-Box-2.097-1.el6
pfHandle-1.1-4.el6
php-pear-Cache-Lite-1.7.9-1.el6
xawtv-3.100-1.el6
Details about builds:
================================================================================
avrdude-5.10-3.el6 (FEDORA-EPEL-2011-0558)
Software for programming Atmel AVR Microcontroller
--------------------------------------------------------------------------------
Update Information:
This release just re-syncs the git source with the actual packages. It should not change the actual package content except for changelogs and package version number.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Hans Ulrich Niedermann <hun at n-dimensional.de> - 5.10-3
- Rebuilt package from fixed sources (unchanged package content)
- Unify pkg source in git for el6, f13, f14, f15, rawhide
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
bouncycastle-1.46-1.el6 (FEDORA-EPEL-2011-0554)
Bouncy Castle Crypto Package for Java
--------------------------------------------------------------------------------
Update Information:
Release Notes - Java APIs 1.X - Version 1.46
* Bug
* [BJA-60] - JCE EC keypairs to be serializable
* [BJA-151] - RFC3280/CertpathValidator infinite loop crashes as StackOverFlowError
* [BJA-197] - Add a binary to PEM converter
* [BJA-226] - PKCS12 KeyStore should write using DEROutputStream, not BEROutputStream
* [BJA-227] - AccessControlException trying to put provider properties during initialisation
* [BJA-228] - Extra array copy in BEROctetStringGenerator
* [BJA-240] - Adding an identifier to PKCSObjectIdentifiers
* [BJA-241] - AccessControlException creating instance of org.bouncycastle.jce.provider.symmetric.AESMappings in provider constructor
* [BJA-242] - Parsing ESSCertIDv2 fails if Algorithm Identifier is id_sha256
* [BJA-244] - Unprintable characters in DSAParametersGenerator.java
* [BJA-249] - Incorrect fetching of CRLs for specified time
* [BJA-255] - Incompatibility between TimeStampToken#validate and RFC 3161
* [BJA-259] - Tag number check is missing in `asn1.cms.ContentInfo` parser
* [BJA-260] - ECPoint calculation not correct
* [BJA-268] - Can't validate SMIME message (generated by BC)
* [BJA-271] - The method isRevoked in class X509CRLObject is not thread-safe
* [BJA-272] - Checking revocation reason on CRL without extensions produces NPE
* [BJA-276] - PGPUtil.getDecoderStream() and streams larger 2GB
* [BJA-277] - Implementation of RFC 5746
* [BJA-280] - Incomplete ISO-9796-1 padding causes verification issues
* [BJA-283] - In OpenPGP API, encoding and decoding is not working for a sub-key
* [BJA-284] - org.bouncycastle.asn1.DERGeneralizedTim.getDate() returns incorrect date when time string carries fractional seconds
* [BJA-286] - PEMWriter writeObject does not encrypt KeyPair objects when asked
* [BJA-288] - -org.bouncycastle.asn1.DERGeneralizedTim.getDate() returns incorrect date when time string carries fractional seconds with 2 decimal point
* [BJA-289] - error constructing MAC: java.security.NoSuchAlgorithmException
* [BJA-290] - java.io.EOFException: premature end of stream in PartialInputStream
* [BJA-293] - BufferedBlockCipher.doFinal() does not call reset() in the case that it throws DataLengthException. This leaves Cipher object unusable.
* [BJA-300] - PSSSigner gives incorrect result when MGF digest and content digest are not the same
* [BJA-302] - SignerLocation DirectoryString parsing
* [BJA-304] - Supplied key (sun.security.pkcs11.P11Key$P11PrivateKey) is not a RSAPrivateKey instance
* [BJA-305] - PEMReader class cannot read private keys generated by OpenSSL 1.0.0
* [BJA-306] - Exception encoding CMSSignedData/SignerInfo with version set to 3
* [BJA-309] - X509Name SN defaultLookup binds to SerialNumber instead of SurName
* [BJA-311] - SMIMEGenerator.extractHeaders uses setHeader instead of addHeader and thus removes headers occuring multiple times
* [BJA-313] - PEMReader using specific Provider problematic / useless with Sun's default Provider
* [BJA-314] - Regression regarding Certificate Path Validation algorithm with CRL check enabled
* [BJA-317] - Cannot open this item.Your digital id name cannot be found by the underlying security system
* [BJA-319] - It is not possible to pass an IV to the init method of ISO9797Alg3Mac
* [BJA-320] - Base64.decode(byte[] in) throws ArrayIndexOutOfBoundsException when bytevalue exceeds 127
* [BJA-326] - Finding a generator in DHParametersHelper
* Improvement
* [BJA-189] - Change the signature of CMSEnvelopedDataStreamGenerator method: private OutputStream open(OutputStream out, String encryptionOID, KeyGenerator keyGen, Provider provider) from private to protected / public
* [BJA-221] - ESSCertIDv2 update for RFC 3161
* [BJA-237] - SubjectKeyIdentifierStructure constructor throws CertificateParsingException instead of InvalidKeyException
* [BJA-238] - Request to update bzip2 classes to ASL 2.0 license
* [BJA-243] - Improve high-level support for PKCS#8 keys
* [BJA-248] - RFE: New addSigner variants for CMSSignedDataStreamGenerator
* [BJA-258] - SignerId and key usage
* [BJA-261] - extra attributes required in manifest for BC jars to stop dialog boxes.
* [BJA-262] - TimeStampRequest requires a provider to support RIPEMD algorithms
* [BJA-263] - Failing decryption on mail from MS Outlook 2010 beta
* [BJA-266] - In the j2me version J2ME lcrypto-j2me-145.tar.gz lcrypto-j2me-145.zip
* [BJA-287] - Make OSGi Bundle out of the JARs
* [BJA-295] - Addition of algorithms for X.509 cert and PKCS #10 request generation
* [BJA-298] - Kept geting "Checksum validation failed, no checksums available from the repository"
* [BJA-327] - Validate TimeStampToken by public key
* New Feature
* [BJA-2] - Certificate Management Protocol (CMP)
* [BJA-155] - TLS: Access to the master secret, client random, server random
* [BJA-231] - TLS client side authentication
* [BJA-250] - Method for generating custom TimeStampResponse failure message
* [BJA-291] - Add support for EC cipher suites in TLS client (RFC 4492)
* [BJA-294] - Add support for DEFLATE compression to TLS
* [BJA-297] - Support for RFC 5544 - Syntax binding for documents with time stamps.
* [BJA-303] - ResponderID getters
* [BJA-310] - Add support for ECDSA_fixed_ECDH authentication to TLS client
* [BJA-312] - Support for LDSSecurityObject V1
* [BJA-324] - Stream processing of TimeStampedData documents (TSD, RFC 5544)
* Task
* [BJA-239] - TLS Record Padding
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Steve Traylen <steve.traylen at cern.ch> - 1.46-1
- Import Bouncy Castle 1.46.
- Drop gcj.
--------------------------------------------------------------------------------
================================================================================
dspam-3.9.0-15.el6 (FEDORA-EPEL-2011-0552)
A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 1 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0.-15
- Applied Matej Cepl's patch to move the web dir to /var/www/dspam
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.9.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 26 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-13
- Fixed dspam-web cgi bug
* Wed Jan 26 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-12
- Patch config & doc defaults to put the socket in /var/run/dspam
- remove ghosting
* Tue Nov 23 2010 Nathanael Noblet <nathanael at gnat.ca> - 3.9.0-11
- Updated for var-run-tmpfs feature
* Wed Sep 29 2010 jkeating - 3.9.0-10
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672068 - dspam web interface completely broken
https://bugzilla.redhat.com/show_bug.cgi?id=672068
--------------------------------------------------------------------------------
================================================================================
dvisvgm-1.0.5-1.el6 (FEDORA-EPEL-2011-0555)
DVI to SVG converter
--------------------------------------------------------------------------------
Update Information:
dvisvgm 1.0.5 is a maintenance release with the following changes:
* An optional argument to command-line option -n has been added to disable the generation of <use> elements.
* Font cache files are now validated with a checksum
* Missing measurement units have been added to the width/height attributes of the SVG root element
* A couple of minor issues have been fixed.
For further information see http://dvisvgm.sourceforge.net/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Martin Gieseking <martin.gieseking at uos.de> - 1.0.5-1
- updated to upstream release 1.0.5
--------------------------------------------------------------------------------
================================================================================
perl-Mail-Box-2.097-1.el6 (FEDORA-EPEL-2011-0557)
Manage a mailbox, a folder with messages
--------------------------------------------------------------------------------
Update Information:
Update perl-Mail-Box to 2.097.
No longer require spamassassin.
2.097 now randomizes boundary string to avoid (undemonstrated) security risks with boundary guessing.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Tom Callaway <spot at fedoraproject.org> - 2.097-1
- update to 2.097
- remove Mail::SpamAssassin from BuildRequires
- filter Mail::SpamAssassin out of Requires
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.095-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Dec 20 2010 Marcela Maslanova <mmaslano at redhat.com> - 2.095-2
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647783 - perl-Mail-Box shouldn't force spamassassin to be installed
https://bugzilla.redhat.com/show_bug.cgi?id=647783
--------------------------------------------------------------------------------
================================================================================
pfHandle-1.1-4.el6 (FEDORA-EPEL-2011-0548)
Postfix management wrapper utility
--------------------------------------------------------------------------------
Update Information:
releasing to epel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #617400 - Review Request: pfHandle - wrapper for tools to manage postfix mail queue
https://bugzilla.redhat.com/show_bug.cgi?id=617400
--------------------------------------------------------------------------------
================================================================================
php-pear-Cache-Lite-1.7.9-1.el6 (FEDORA-EPEL-2011-0550)
Fast and Safe little cache system for PHP
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
* If sys_get_temp_dir() is available and the 'cacheDir' option is not provided in the constructor options array its output is used to determine the suitable temporary directory. See Bug #18328
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Remi Collet <Fedora at FamilleCollet.com> 1.7.9-1
- Version 1.7.9 (stable) - API 1.7.7 (stable)
- define timezone during build
- run test suite during %check
--------------------------------------------------------------------------------
================================================================================
xawtv-3.100-1.el6 (FEDORA-EPEL-2011-0551)
TV applications for video4linux compliant devices
--------------------------------------------------------------------------------
Update Information:
Fixes a few bugs found during -rc phase for xawtv.
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list