Fedora EPEL 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Mon Mar 21 17:53:00 UTC 2011 

The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/cgit-0.9-1.el6
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
    https://admin.fedoraproject.org/updates/clamav-0.97-11.el6
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.10-1.el6
    https://admin.fedoraproject.org/updates/wordpress-3.1-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    crlibm-1.0-0.4.beta4.el6
    phpMyAdmin-3.3.10-1.el6
    python-cli-1.1-1.el6
    wordpress-3.1-1.el6
    zarafa-6.40.6-1.el6

Details about builds:


================================================================================
 crlibm-1.0-0.4.beta4.el6 (FEDORA-EPEL-2011-2882)
 Correctly Rounded mathematical library
--------------------------------------------------------------------------------
Update Information:

Correctly Rounded mathematical library
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #676159 - Review Request: crlibm - Correctly Rounded mathematical library
        https://bugzilla.redhat.com/show_bug.cgi?id=676159
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-3.3.10-1.el6 (FEDORA-EPEL-2011-2877)
 Web based MySQL browser written in php
--------------------------------------------------------------------------------
Update Information:

Changes for 3.3.10.0 (2011-03-19)

 - [structure] Aria table size printed as unknown, thanks to erickoh75 - erickoh75
 - [structure] Ordering by size gives incorrect results, thanks to Madhura Jayaratne - madhuracj
 - [core] 0 row(s) affected
 - [core] Edit relational page and page number
 - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
 - [lang] German update, thanks to jannicars at users.sourceforge.net.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 21 2011 Robert Scheck <robert at fedoraproject.org> 3.3.10-1
- Upstream released 3.3.10 (#661335, #662366, #662367, #689213)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #661335 - CVE-2010-4480 phpMyAdmin: XSS vulnerability via crafted BBCode tag in error.php
        https://bugzilla.redhat.com/show_bug.cgi?id=661335
  [ 2 ] Bug #662366 - CVE-2010-4481 phpMyAdmin: information disclosure flaw (PMASA-2010-10)
        https://bugzilla.redhat.com/show_bug.cgi?id=662366
--------------------------------------------------------------------------------


================================================================================
 python-cli-1.1-1.el6 (FEDORA-EPEL-2011-2875)
 A CLI construction toolkit for Python
--------------------------------------------------------------------------------
Update Information:

New Package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688922 - Review Request: python-cli - A CLI construction toolkit for Python
        https://bugzilla.redhat.com/show_bug.cgi?id=688922
--------------------------------------------------------------------------------


================================================================================
 wordpress-3.1-1.el6 (FEDORA-EPEL-2011-2879)
 WordPress blogging software
--------------------------------------------------------------------------------
Update Information:

    In order to protect against two CVEs*, I'm upgrading Wordpress in all releases to 3.1. In addition, this will obsolete wordpress-mu, since this functionality has been migrated to the main wordpress release as of wordpress 3.0, and wordpress-mu has been deprecated upstream. I would not normally make so drastic a change on any stable release, especially EPEL, but backporting patches to the 2.x series is becoming increasingly unmaintainable. This is already done for rawhide and F15, and I intend to build for F13, F14, EL5 and EL6 today, and send them to testing, and then push to stable one the appropriate period has elapsed.

    Please redistribute this to anyone you know who might be affected and may not be on this list.

    Thank you, Jon

    * https://bugzilla.redhat.com/show_bug.cgi?id=687909 https://bugzilla.redhat.com/show_bug.cgi?id=687911
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 23 2011 Jon Ciesla <limb at jcomserv.net> - 3.1-1
- 3.1.
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan  3 2011 Jon Ciesla <limb at jcomserv.net> - 3.0.4-2
- Obsoletes wordpress-mu, deprecated by upstream as of 3.0.x.
* Mon Jan  3 2011 Jon Ciesla <limb at jcomserv.net> - 3.0.4-1
- 3.0.4. Security fixes, BZ 666782.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #687909 - CVE-2011-0700 CVE-2011-0701 wordpress: multiple vulnerabilities corrected in 3.0.5 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=687909
--------------------------------------------------------------------------------


================================================================================
 zarafa-6.40.6-1.el6 (FEDORA-EPEL-2011-2878)
 Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:

Changelog 6.40.6 final [25584]
==============================


Backend:

 - Feature #6630: Zarafa-gateway hostname in greeting.
 - Feature #6950: Added more logging to spooler, dagent server and Outlook client.
 - Fix #6730: Error in server.log: SQL Failed: Mixing of GROUP columns.
 - Fix #7068: Indexer not used for searches in shared folders.
 - Fix #7152: unable to run zarafa-msr.
 - Fix #7156: Zarafa-msr does not work on a 6.40.6 server (non-unicode).
 - Fix #6774: BES license check fails.
 - Fix #6810: Some fields are not shown in the GAB contact details.
 - Fix #7056: Merge mail store relocator for 6.40.
 - Fix #7112: Rules are not working any more after store relocated via zarafa-msr.
 - Fix #7116: Webaccess still destubed archived messages the wrong way.
 - Fix #7124: Permissions on store are missing after msr move action.
 - Fix #7126: Windows 7 ssl shows cert accept dialogue or can not create profile.
 - Fix #7146: zarafa-msr has no man-page.
 - Fix #6876: zarafa-admin/outlook crash with ldap attribute 0x3A4E001E.
 - Fix #7111: Zarafa-msr will not migrate WebAccess settings and out of office settings.
 - Fix #7058 	Upgrading from 6.40.4 to 6.40.5 can break the rules.
 - Fix #6067: Installer does not install the indexer or checks if initscript is available to enable.
 - Fix #7079: Segfault Zarafa-indexer 6.40.5.(Rare occasion).
 - Fix #7028: Zarafa-indexer still fails in certain cases when index_sync_stream is enabled.
 - Fix #7098: Message stay in the outbox with cached mode.
 - Fix #7072: No error given when wrong options are in the admin.cfg.
 - Fix #7039: Unable to dismiss specific reminders.
 - Fix #7030: Mac Ical cannot work with German(non English) folder names.
 - Fix #6964: Search on attachment content in Sent Items of Outlook 2007 will show no results.
 - Fix #6887: Segfault zarafa-server 6.40.4. (Rare occasion).
 - Fix #6165: Recursive restore does not stop on error.
 - Fix #6326: caldav: Deleted appointments are still shown in sunbird.
 - Fix #6825: ZARAFA_USERSCRIPT_LOCALE is not defined in any configuration file when using Debian.
 - Fix #6858: migration with exchange, RTF mail with large body crashes.
 - Fix #6891: Memleak in spooler, introduced in [15597].
 - Fix #6901: php-ext: don't use short tags in library classes.
 - Fix #6913: Spooler log contains "BUG: invalid data in OutgoingQueue" notifications.
 - Fix #6915: Zarafa-dagent.cfg(5) manpage missing in deb packages.
 - Fix #6930: Installer gives false errors on Ubuntu / Debian.
 - Fix #6937: IMAP literal problem.
 - Fix #7007: Error in include configfile gives wrong error on screen.


Webaccess:

 - Fix #5939: Possible to execute shell commands with WebAccess
 - Fix #7138: Tasks requests with umlauts in body will break.
 - Fix #5962: Dropdown box Zoom in MUC does not work in Safari and Chromium.
 - Fix #7022: Meting request occurence can be changed by an attendee without permission from the organizer.
 - Fix #6425: Script error pop-up when adding categories to email.
 - Fix #6461: Caldav: reminder times in sunbird/lightning are different than in WebAccess
 - Fix #6484: Switching weeks in you calendar with arrow top right will show empty calendar if you have all day event.
 - Fix #6589: Limit the TO field in print view of email always to 1 line (max 20 addresses).
 - Fix #6838: Cannot open task request message with preview pane off or bottom view.
 - Fix #6864: Convert to task doesn't set default priority.
 - Fix #6910: Folder list view is not set to last opened folder if scrollbar is present.
 - Fix #6948: Unsaved appointment print dialog doesn't show anything, and never stops loading.
 - Fix #6951: Rename convert to task to "Create task from email" for better understanding of the function.
 - Fix #6952: Webaccess in en_US language will still show military time format in print overview.
 - Fix #6992: Using the edit as new option in your Sent Items twice does not work, it will edit the first message.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 21 2011 Robert Scheck <robert at fedoraproject.org> 6.40.6-1
- Upgrade to 6.40.6
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list