From updates at fedoraproject.org Sat Dec 1 00:59:16 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 01 Dec 2012 00:59:16 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121201005916.8883B20F80@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13529/moodle-2.1.9-1.el6 223 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13499/weechat-0.3.8-4.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13492/sticky-notes-0.3.09062012.4-10.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13495/cgit-0.9.1-2.el6 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6 145 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6 411 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing drupal6-ctools-1.10-1.el6 mod_python-3.3.1-15.el6 munin-2.0.8-2.el6 opendkim-2.7.3-1.el6 pam_mapi-0.1.2-1.el6 python-fedmsg-meta-fedora-infrastructure-0.0.3-1.el6 python-webob1.2-1.2.1-9.el6 scitools-0.9.0-1.el6 tito-0.4.10-1.el6 voms-api-java-2.0.9-1.el6 Details about builds: ================================================================================ drupal6-ctools-1.10-1.el6 (FEDORA-EPEL-2012-13610) This suite is primarily a set of APIs and tools -------------------------------------------------------------------------------- Update Information: New security release, http://drupal.org/node/1841030. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Peter Borsa - 1.10-1 - Fix BZ#881987 - Fix BZ#881988 -------------------------------------------------------------------------------- References: [ 1 ] Bug #881986 - CVE-2012-5559 drupal6-ctools: XSS flaw (SA-CONTRIB-2012-165) https://bugzilla.redhat.com/show_bug.cgi?id=881986 -------------------------------------------------------------------------------- ================================================================================ mod_python-3.3.1-15.el6 (FEDORA-EPEL-2012-13614) An embedded Python interpreter for the Apache HTTP Server -------------------------------------------------------------------------------- Update Information: - fix #633905 - fixed AVC message caused by accessing ~/.local directory - Add patch to use hashlib instead of md5 (#526062) -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Orion Poplawski - 3.3.1-15 - fix #633905 - fixed AVC message caused by accessing ~/.local directory - Add patch to use hashlib instead of md5 (#526062) -------------------------------------------------------------------------------- ================================================================================ munin-2.0.8-2.el6 (FEDORA-EPEL-2012-13613) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: FCGI sample files included -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 D. Johnson - 2.0.8-2 - Added cgitmp patch c/o Diego Elio Petten? - BZ# 861816 Add sample files for switching to FCGI -------------------------------------------------------------------------------- References: [ 1 ] Bug #861816 - munin-2.x CGI support is broken without manual hacks https://bugzilla.redhat.com/show_bug.cgi?id=861816 -------------------------------------------------------------------------------- ================================================================================ opendkim-2.7.3-1.el6 (FEDORA-EPEL-2012-13604) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Steve Jenkins 2.7.3-1 - Updated to use newer upstream 2.7.3 source code * Mon Nov 19 2012 Steve Jenkins 2.7.2-1 - Updated to use newer upstream 2.7.2 source code -------------------------------------------------------------------------------- ================================================================================ pam_mapi-0.1.2-1.el6 (FEDORA-EPEL-2012-13617) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: - Added checks for build-time dependencies on zlib, uuid & icu to work around the broken Zarafa binary distribution packages - Fixed the "undefined symbol" errors appearing with GCC 4.6, thanks to Steffen Sachse (reporter) and Tomas Mraz (Red Hat) -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Robert Scheck 0.1.2-1 - Upgrade to 0.1.2 * Fri Jul 20 2012 Fedora Release Engineering - 0.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun May 6 2012 Robert Scheck 0.1.1-2 - Rebuilt for libicu 49.1.1 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.0.3-1.el6 (FEDORA-EPEL-2012-13605) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Initial import. -------------------------------------------------------------------------------- References: [ 1 ] Bug #880875 - Review Request: python-fedmsg-meta-fedora-infrastructure - fedmsg metadata providers for Fedora Infrastructure's deployment https://bugzilla.redhat.com/show_bug.cgi?id=880875 -------------------------------------------------------------------------------- ================================================================================ python-webob1.2-1.2.1-9.el6 (FEDORA-EPEL-2012-13606) WSGI request and response object -------------------------------------------------------------------------------- Update Information: Fixed python3 subpackage. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Ralph Bean - 1.2.1-9 - Trying pyver again with py2ver and py3ver. Getting ugly. * Thu Nov 29 2012 Ralph Bean - 1.2.1-8 - Hardcode python3 version * Thu Nov 29 2012 Ralph Bean - 1.2.1-7 - Forced rebuild. * Tue Oct 16 2012 Ralph Bean - 1.2.1-6 - Use pyver macro to use the correct easy-install. * Tue Oct 16 2012 Ralph Bean - 1.2.1-5 - Forced rebuild. -------------------------------------------------------------------------------- ================================================================================ scitools-0.9.0-1.el6 (FEDORA-EPEL-2012-13609) A Python library for scientific computing -------------------------------------------------------------------------------- Update Information: New package scitools -------------------------------------------------------------------------------- References: [ 1 ] Bug #871095 - RFE: Build scitools for EPEL6 https://bugzilla.redhat.com/show_bug.cgi?id=871095 -------------------------------------------------------------------------------- ================================================================================ tito-0.4.10-1.el6 (FEDORA-EPEL-2012-13608) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Allow specifying a build target for dist-git releasers. Added release --no-build option to skip dist-git builds. Added first draft of a gem builder. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 28 2012 Devan Goodwin 0.4.10-1 - Add --no-build; this will allow scripted DistGit commits and koji/brew chain-builds (admiller at redhat.com) - Added gembuilder, cleaned up pep8 (admiller at redhat.com) - Add a Travis configuration (jbowes at repl.ca) - Update README.mkd (misc at zarb.org) - fix: RsyncReleaser doesn't handle multiple rsync locations (jesusr at redhat.com) - remove tabs and trailing whitespace. add whitespace between methods (jesusr at redhat.com) - Handle stderr noise getting from remote server (inecas at redhat.com) - Can now specify a build target for fedora and distgit releasers (mstead at redhat.com) * Tue Sep 4 2012 Devan Goodwin 0.4.9-1 - Stop passing --installdeps for mock builds. (dgoodwin at redhat.com) - YumRepoReleaser feature: createrepo command can now be specified from releasers.conf with the 'createrepo_command' config option (palli at opensource.is) - Created new releaser called RsyncReleaser. Based heavily on YumRepoReleaser. Refactored YumRepoReleaser to inherit most code from RsyncReleaser. (palli at opensource.is) - Optionally print stacktrace whenever error_out is hit (bleanhar at redhat.com) - encourage users to push only their new tag (jbowes at redhat.com) - Attempt to copy local Sources during releases. (dgoodwin at redhat.com) -------------------------------------------------------------------------------- ================================================================================ voms-api-java-2.0.9-1.el6 (FEDORA-EPEL-2012-13607) Virtual Organization Membership Service Java API -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Mattias Ellert - 2.0.9-1 - Update to version 2.0.9 * Sun Jul 22 2012 Fedora Release Engineering - 2.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Dec 1 00:59:18 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 01 Dec 2012 00:59:18 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121201005918.1DCA220F9E@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubemail-0.1.1-7.el5 223 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5 117 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13496/mod_security-2.6.8-2.el5 45 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing drupal6-ctools-1.10-1.el5 munin-2.0.8-2.el5 opendkim-2.7.3-1.el5 pam_mapi-0.1.2-1.el5 tito-0.4.10-1.el5 voms-api-java-2.0.9-1.el5 Details about builds: ================================================================================ drupal6-ctools-1.10-1.el5 (FEDORA-EPEL-2012-13612) This suite is primarily a set of APIs and tools -------------------------------------------------------------------------------- Update Information: New security release, http://drupal.org/node/1841030. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Peter Borsa - 1.10-1 - Fix BZ#881987 - Fix BZ#881988 -------------------------------------------------------------------------------- References: [ 1 ] Bug #881986 - CVE-2012-5559 drupal6-ctools: XSS flaw (SA-CONTRIB-2012-165) https://bugzilla.redhat.com/show_bug.cgi?id=881986 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.8-2.el5 (FEDORA-EPEL-2012-13611) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: FCGI sample files included -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 D. Johnson - 2.0.8-2 - Added cgitmp patch c/o Diego Elio Petten? - BZ# 861816 Add sample files for switching to FCGI -------------------------------------------------------------------------------- References: [ 1 ] Bug #861816 - munin-2.x CGI support is broken without manual hacks https://bugzilla.redhat.com/show_bug.cgi?id=861816 -------------------------------------------------------------------------------- ================================================================================ opendkim-2.7.3-1.el5 (FEDORA-EPEL-2012-13615) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Steve Jenkins 2.7.3-1 - Updated to use newer upstream 2.7.3 source code * Mon Nov 19 2012 Steve Jenkins 2.7.2-1 - Updated to use newer upstream 2.7.2 source code -------------------------------------------------------------------------------- ================================================================================ pam_mapi-0.1.2-1.el5 (FEDORA-EPEL-2012-13619) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: - Added checks for build-time dependencies on zlib, uuid & icu to work around the broken Zarafa binary distribution packages - Fixed the "undefined symbol" errors appearing with GCC 4.6, thanks to Steffen Sachse (reporter) and Tomas Mraz (Red Hat) -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Robert Scheck 0.1.2-1 - Upgrade to 0.1.2 * Fri Jul 20 2012 Fedora Release Engineering - 0.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun May 6 2012 Robert Scheck 0.1.1-2 - Rebuilt for libicu 49.1.1 -------------------------------------------------------------------------------- ================================================================================ tito-0.4.10-1.el5 (FEDORA-EPEL-2012-13618) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Allow specifying a build target for dist-git releasers. Added release --no-build option to skip dist-git builds. Added first draft of a gem builder. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. New RsyncReleaser (similar to YumRepo but more generic), several bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 28 2012 Devan Goodwin 0.4.10-1 - Add --no-build; this will allow scripted DistGit commits and koji/brew chain-builds (admiller at redhat.com) - Added gembuilder, cleaned up pep8 (admiller at redhat.com) - Add a Travis configuration (jbowes at repl.ca) - Update README.mkd (misc at zarb.org) - fix: RsyncReleaser doesn't handle multiple rsync locations (jesusr at redhat.com) - remove tabs and trailing whitespace. add whitespace between methods (jesusr at redhat.com) - Handle stderr noise getting from remote server (inecas at redhat.com) - Can now specify a build target for fedora and distgit releasers (mstead at redhat.com) * Tue Sep 4 2012 Devan Goodwin 0.4.9-1 - Stop passing --installdeps for mock builds. (dgoodwin at redhat.com) - YumRepoReleaser feature: createrepo command can now be specified from releasers.conf with the 'createrepo_command' config option (palli at opensource.is) - Created new releaser called RsyncReleaser. Based heavily on YumRepoReleaser. Refactored YumRepoReleaser to inherit most code from RsyncReleaser. (palli at opensource.is) - Optionally print stacktrace whenever error_out is hit (bleanhar at redhat.com) - encourage users to push only their new tag (jbowes at redhat.com) - Attempt to copy local Sources during releases. (dgoodwin at redhat.com) -------------------------------------------------------------------------------- ================================================================================ voms-api-java-2.0.9-1.el5 (FEDORA-EPEL-2012-13616) Virtual Organization Membership Service Java API -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Mattias Ellert - 2.0.9-1 - Update to version 2.0.9 * Sun Jul 22 2012 Fedora Release Engineering - 2.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- From updates at fedoraproject.org Sun Dec 2 19:36:48 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sun, 02 Dec 2012 19:36:48 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121202193649.01108200D8@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13529/moodle-2.1.9-1.el6 224 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6 48 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13492/sticky-notes-0.3.09062012.4-10.el6 48 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6 147 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6 412 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing nsd-3.2.14-2.el6 perl-Config-Validator-0.6-1.el6 perl-Directory-Queue-1.7-1.el6 perl-Messaging-Message-1.4-1.el6 python-fdb-0.9.9-1.el6 voms-api-java-2.0.9-2.el6 Details about builds: ================================================================================ nsd-3.2.14-2.el6 (FEDORA-EPEL-2012-13621) Fast and lean authoritative DNS Name Server -------------------------------------------------------------------------------- Update Information: Minor bugfixes and TCP writev support -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 23 2012 Paul Wouters - 3.2.14-2 - Updated to 32.14 with minor bugfixes and TCP writev support - Only run nsdc rebuild hourly cronjob when nsd service is running -------------------------------------------------------------------------------- ================================================================================ perl-Config-Validator-0.6-1.el6 (FEDORA-EPEL-2012-13627) Schema based configuration validation -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 0.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin 0.6-1 - Update to 0.6. * Fri Jul 20 2012 Fedora Release Engineering - 0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar - 0.4-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877913 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877913 -------------------------------------------------------------------------------- ================================================================================ perl-Directory-Queue-1.7-1.el6 (FEDORA-EPEL-2012-13623) Object oriented interface to a directory based queue -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.7 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin - 1.7-1 - Update to 1.7 rhbz#877951. * Fri Jul 20 2012 Fedora Release Engineering - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar - 1.6-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877951 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877951 -------------------------------------------------------------------------------- ================================================================================ perl-Messaging-Message-1.4-1.el6 (FEDORA-EPEL-2012-13625) Abstraction of a message -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin 1.4-1 - Upgrade to 1.4 upstream version. * Fri Jul 20 2012 Fedora Release Engineering - 1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 16 2012 Petr Pisar - 1.3-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877952 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877952 -------------------------------------------------------------------------------- ================================================================================ python-fdb-0.9.9-1.el6 (FEDORA-EPEL-2012-13624) Firebird RDBMS bindings for Python -------------------------------------------------------------------------------- Update Information: New upstream bugfix update. Firebird RDBMS bindings for Python. -------------------------------------------------------------------------------- ================================================================================ voms-api-java-2.0.9-2.el6 (FEDORA-EPEL-2012-13607) Virtual Organization Membership Service Java API -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Mattias Ellert - 2.0.9-2 - Correct runtime requires and URL tag * Thu Nov 29 2012 Mattias Ellert - 2.0.9-1 - Update to version 2.0.9 * Sun Jul 22 2012 Fedora Release Engineering - 2.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- From updates at fedoraproject.org Sun Dec 2 19:36:50 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sun, 02 Dec 2012 19:36:50 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121202193650.8474E201A3@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubemail-0.1.1-7.el5 224 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5 119 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 48 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13496/mod_security-2.6.8-2.el5 47 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing perl-Config-Validator-0.6-1.el5 perl-Directory-Queue-1.7-1.el5 perl-Messaging-Message-1.4-1.el5 voms-api-java-2.0.9-2.el5 Details about builds: ================================================================================ perl-Config-Validator-0.6-1.el5 (FEDORA-EPEL-2012-13622) Schema based configuration validation -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 0.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin 0.6-1 - Update to 0.6. * Fri Jul 20 2012 Fedora Release Engineering - 0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar - 0.4-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877913 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877913 -------------------------------------------------------------------------------- ================================================================================ perl-Directory-Queue-1.7-1.el5 (FEDORA-EPEL-2012-13620) Object oriented interface to a directory based queue -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.7 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin - 1.7-1 - Update to 1.7 rhbz#877951. * Fri Jul 20 2012 Fedora Release Engineering - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar - 1.6-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877951 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877951 -------------------------------------------------------------------------------- ================================================================================ perl-Messaging-Message-1.4-1.el5 (FEDORA-EPEL-2012-13626) Abstraction of a message -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin 1.4-1 - Upgrade to 1.4 upstream version. * Fri Jul 20 2012 Fedora Release Engineering - 1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 16 2012 Petr Pisar - 1.3-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877952 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877952 -------------------------------------------------------------------------------- ================================================================================ voms-api-java-2.0.9-2.el5 (FEDORA-EPEL-2012-13616) Virtual Organization Membership Service Java API -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Mattias Ellert - 2.0.9-2 - Correct runtime requires and URL tag * Thu Nov 29 2012 Mattias Ellert - 2.0.9-1 - Update to version 2.0.9 * Sun Jul 22 2012 Fedora Release Engineering - 2.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Dec 3 20:37:30 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 03 Dec 2012 20:37:30 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121203203730.4DFD52076E@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubemail-0.1.1-7.el5 225 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5 120 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 52 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 48 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing joda-time-1.5.2-11.tzdata2008e.el5 vile-9.8i-1.el5 weechat-0.3.9.2-2.el5 Details about builds: ================================================================================ joda-time-1.5.2-11.tzdata2008e.el5 (FEDORA-EPEL-2012-13630) Java date and time API -------------------------------------------------------------------------------- Update Information: epel-5 disable on ppc architecture. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 gil cattaneo - 1.5.2-11.tzdata2008e - disable on ppc architecture -------------------------------------------------------------------------------- ================================================================================ vile-9.8i-1.el5 (FEDORA-EPEL-2012-13637) VI Like Emacs -------------------------------------------------------------------------------- Update Information: upgrade to 9.8i -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Mark McKinstry - 9.8i-1 - upgrade to 9.8i - use better icons -------------------------------------------------------------------------------- ================================================================================ weechat-0.3.9.2-2.el5 (FEDORA-EPEL-2012-13632) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #863701 - New upstream version available https://bugzilla.redhat.com/show_bug.cgi?id=863701 -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Dec 3 20:37:32 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 03 Dec 2012 20:37:32 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121203203732.E47BF20B6E@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13529/moodle-2.1.9-1.el6 225 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13636/weechat-0.3.9.2-2.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6 52 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13635/totpcgi-0.5.4-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13629/openstack-keystone-2012.2.1-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13642/php-symfony2-HttpFoundation-2.1.4-1.el6 148 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6 413 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing geome-1.4-2.el6 openstack-keystone-2012.2.1-1.el6 pam_url-0.3.1-1.el6 pencil-2.0.3-1.el6 php-Pimple-1.0.0-2.el6 php-symfony2-Console-2.1.4-1.el6 php-symfony2-DependencyInjection-2.1.4-1.el6 php-symfony2-Filesystem-2.1.4-1.el6 php-symfony2-Form-2.1.4-1.el6 php-symfony2-HttpFoundation-2.1.4-1.el6 php-symfony2-HttpKernel-2.1.4-1.el6 php-symfony2-Locale-2.1.4-1.el6 php-symfony2-Process-2.1.4-1.el6 php-symfony2-Routing-2.1.4-1.el6 php-symfony2-Security-2.1.4-1.el6 php-symfony2-Translation-2.1.4-1.el6 php-symfony2-Validator-2.1.4-1.el6 python-django-horizon-2012.2.1-1.el6 rubygem-rspec-expectations-2.6.0-1.el6 rubygem-rspec-mocks-2.6.0-1.el6 totpcgi-0.5.4-1.el6 vile-9.8i-1.el6 weechat-0.3.9.2-2.el6 Details about builds: ================================================================================ geome-1.4-2.el6 (FEDORA-EPEL-2012-13634) Obtain your geo-location data from Google using NetworkManager -------------------------------------------------------------------------------- Update Information: Fix dependancy for python-geome -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Paul Wouters - 1.4-2 - Properly split library and command tool in subpackage (rhbz#656454) -------------------------------------------------------------------------------- References: [ 1 ] Bug #656454 - log levels don't seem to match ISC levels https://bugzilla.redhat.com/show_bug.cgi?id=656454 -------------------------------------------------------------------------------- ================================================================================ openstack-keystone-2012.2.1-1.el6 (FEDORA-EPEL-2012-13629) OpenStack Identity Service -------------------------------------------------------------------------------- Update Information: update to stable folsom release 2012.2.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 28 2012 Alan Pevec 2012.2.1-1 - updated to stable folsom release 2012.2.1 CVE-2012-5563 CVE-2012-5571 -------------------------------------------------------------------------------- References: [ 1 ] Bug #879402 - CVE-2012-5563 OpenStack: Extension of token validity through token chaining https://bugzilla.redhat.com/show_bug.cgi?id=879402 [ 2 ] Bug #880399 - CVE-2012-5571 OpenStack: Keystone EC2-style credentials invalidation issue https://bugzilla.redhat.com/show_bug.cgi?id=880399 -------------------------------------------------------------------------------- ================================================================================ pam_url-0.3.1-1.el6 (FEDORA-EPEL-2012-13631) PAM module to authenticate with HTTP servers -------------------------------------------------------------------------------- Update Information: Initial release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #880842 - Review Request: pam_url - PAM module to authenticate with HTTP servers https://bugzilla.redhat.com/show_bug.cgi?id=880842 -------------------------------------------------------------------------------- ================================================================================ pencil-2.0.3-1.el6 (FEDORA-EPEL-2012-13641) A sketching and GUI prototyping tool -------------------------------------------------------------------------------- Update Information: Update new release 2.0.3 from upstream for xulrunner 17 compatibility. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Truong Anh Tuan - 2.0.3-1 - Update new release 2.0.3 from upstream for xulrunner 17 compatibility. -------------------------------------------------------------------------------- ================================================================================ php-Pimple-1.0.0-2.el6 (FEDORA-EPEL-2012-13640) A simple Dependency Injection Container for PHP -------------------------------------------------------------------------------- Update Information: Pimple is a small Dependency Injection Container for PHP that consists of just one file and one class. -------------------------------------------------------------------------------- References: [ 1 ] Bug #882418 - Review Request: php-Pimple - A simple Dependency Injection Container for PHP 5.3 https://bugzilla.redhat.com/show_bug.cgi?id=882418 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Console-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Console Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-DependencyInjection-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 DependencyInjection Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Filesystem-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Filesystem Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Form-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Form Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-HttpFoundation-2.1.4-1.el6 (FEDORA-EPEL-2012-13642) Symfony2 HttpFoundation Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-HttpKernel-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 HttpKernel Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 - Added php-mbstring require -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Locale-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Locale Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Process-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Process Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Routing-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Routing Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Security-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Security Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Translation-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Translation Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Validator-2.1.4-1.el6 (FEDORA-EPEL-2012-13643) Symfony2 Validator Component -------------------------------------------------------------------------------- Update Information: Updated to version 2.1.4 Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Shawn Iwinski 2.1.4-1 - Updated to upstream version 2.1.4 -------------------------------------------------------------------------------- ================================================================================ python-django-horizon-2012.2.1-1.el6 (FEDORA-EPEL-2012-13628) Django application for talking to Openstack -------------------------------------------------------------------------------- Update Information: Update to latest stable release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Matthias Runge - 2012.2.1-1 - update to latest stable release 2012.2.1 -------------------------------------------------------------------------------- ================================================================================ rubygem-rspec-expectations-2.6.0-1.el6 (FEDORA-EPEL-2012-13639) Rspec-2 expectations (should and matchers) -------------------------------------------------------------------------------- Update Information: New package brought in from epel 6 -------------------------------------------------------------------------------- ================================================================================ rubygem-rspec-mocks-2.6.0-1.el6 (FEDORA-EPEL-2012-13633) Rspec-2 doubles (mocks and stubs) -------------------------------------------------------------------------------- Update Information: Pull in the latest fedora 16 package for epel -------------------------------------------------------------------------------- ================================================================================ totpcgi-0.5.4-1.el6 (FEDORA-EPEL-2012-13635) A centralized totp solution based on google-authenticator -------------------------------------------------------------------------------- Update Information: Make sure totpcgi-provisioning is setting no-cache headers. Initial release of totpcgi in Fedora. Initial release of totpcgi in Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #880863 - Review Request: totpcgi - A centralized totp solution based on google-authenticator https://bugzilla.redhat.com/show_bug.cgi?id=880863 -------------------------------------------------------------------------------- ================================================================================ vile-9.8i-1.el6 (FEDORA-EPEL-2012-13638) VI Like Emacs -------------------------------------------------------------------------------- Update Information: upgrade to 9.8i -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Mark McKinstry - 9.8i-1 - upgrade to 9.8i - use better icons -------------------------------------------------------------------------------- ================================================================================ weechat-0.3.9.2-2.el6 (FEDORA-EPEL-2012-13636) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: New upstream version Fix arbitrary code execution due to call of shell when executing command within hook_process Fix the security bug in the linked Bugzilla. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Paul Komkoff - 0.3.9.2-2 - add zlib-devel dependency for epel6/ppc build * Sat Dec 1 2012 Paul P. Komkoff Jr - 0.3.9.2-1 - new upstream, long overdue * Mon Nov 19 2012 Paul P. Komkoff Jr - 0.3.8-4 - fix bz#878025 * Fri Nov 9 2012 Paul P. Komkoff Jr - 0.3.8-3 - fix bz#875181 * Sun Jul 22 2012 Fedora Release Engineering - 0.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #878025 - CVE-2012-5534 weechat (scripts / plug-ins): Arbitrary code execution due to call of shell when executing command within hook_process https://bugzilla.redhat.com/show_bug.cgi?id=878025 [ 2 ] Bug #875181 - CVE-2012-5854 weechat: Heap-based buffer overflow when decoding IRC colors https://bugzilla.redhat.com/show_bug.cgi?id=875181 -------------------------------------------------------------------------------- From updates at fedoraproject.org Tue Dec 4 19:59:00 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 04 Dec 2012 19:59:00 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121204195900.8274A20A61@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13529/moodle-2.1.9-1.el6 226 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13636/weechat-0.3.9.2-2.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6 53 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13635/totpcgi-0.5.4-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13629/openstack-keystone-2012.2.1-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13642/php-symfony2-HttpFoundation-2.1.4-1.el6 149 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6 414 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing drupal7-views_bulk_operations-3.1-3.el6 fedora-packager-0.5.10.1-1.el6 gfal-1.14.0-0.el6 gfal2-2.1.0-1.el6 gfalFS-1.0.1-0.el6 ibus-table-chinese-1.4.6-1.el6 is-interface-1.14.0-0.el6 lcg-util-1.14.0-0.el6 libcommuni-1.2.0-2.el6 mawk-1.3.4-20121129.1.el6 multitail-5.2.8-2.el6 openstack-nova-2012.2.1-2.el6 python-django-select2-3.1.4-1.el6 python-zope-interface4-4.0.2-4.el6 srm-ifce-1.14.0-0.el6 torsocks-1.2-2.el6 unetbootin-0-12.581bzr.el6 Details about builds: ================================================================================ drupal7-views_bulk_operations-3.1-3.el6 (FEDORA-EPEL-2012-13664) This module augments Views by allowing bulk operations to be executed -------------------------------------------------------------------------------- Update Information: Update to upstream 3.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Jared Smith - 3.1-3 - Update to upstream 3.1 release - Remove pre-release versioning from spec file * Wed Jul 18 2012 Fedora Release Engineering - 3.0-0.2.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #882843 - drupal7-views_bulk_operations-3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=882843 -------------------------------------------------------------------------------- ================================================================================ fedora-packager-0.5.10.1-1.el6 (FEDORA-EPEL-2012-13660) Tools for setting up a fedora maintainer environment -------------------------------------------------------------------------------- Update Information: Fix fedora-burn-yubikey to allow specifying which Yubikey slot to write to -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Nick Bebout - 0.5.10.1-1 - fix fedora-burn-yubikey to allow specifying what slot to use -------------------------------------------------------------------------------- ================================================================================ gfal-1.14.0-0.el6 (FEDORA-EPEL-2012-13647) Grid File access library -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0 - correction of a warning message in lcg-util LCGUTIL-47 - change default srm timeout to 3600 seconds LCGUTIL-180 -------------------------------------------------------------------------------- ================================================================================ gfal2-2.1.0-1.el6 (FEDORA-EPEL-2012-13652) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information: GFAL2 2.1, following update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Adrien Devresse - 2.1.0-0 - One-globus session system for gsiftp plugin ( FTS 3.0 need ) - correct a major issue with the gass attribute system in gsiftp plugin - change the lfc set/get env var for a one compatible with set/get opt - add set/nb streams option for gsiftp - add the mkdir rec function for SRM transfer - correct an issue with opendir and srm_ls ( ENOTDIR error silent ) - correct a memory leak in the cache system - correct timeout support for gsiftp transfer - implement tcp buffer size support for gsiftp layer - apply a correction on the SRM over-write logic, related to a BeStMan errcode problem on File Not Found with srmRm ( EOS ) - apply a fix on the transfer gsiftp timeout ( protection against multiple cancel ) - fix for SRM filesize problem ( defined to 0, workaround ) related to globus 426 error bad filesize - secure the callback system for globus gass timeout - base implementation of the http plugin - improve reliability of the bdii resolution - add a fallback mechanism in case of bdii bad resolution - correct several race conditions in the bdii layer - add thread safe support for set/get variables in liblfc - correct a deadlock problem with globus and gisftp plugin - implement the mkdir_rec logic for general purpose - implement the parent folder creation logic with gridftp - add support for lfc://host/path URL style for the lfc plugin - switch off_t to 64bits size by default ( _FILE_OFFSET_BITS=64) - provide a "nobdii" like option - provide the choice of turl protocol resolution for srm plugin -------------------------------------------------------------------------------- ================================================================================ gfalFS-1.0.1-0.el6 (FEDORA-EPEL-2012-13646) Filesystem client based on GFAL 2.0 -------------------------------------------------------------------------------- Update Information: gfalFS 1.0.1, Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.0.1-0 - fix a 32 bits off_t size problem with gfal 2.1 -------------------------------------------------------------------------------- ================================================================================ ibus-table-chinese-1.4.6-1.el6 (FEDORA-EPEL-2012-13651) Chinese input tables for IBus -------------------------------------------------------------------------------- Update Information: - Fixed IBus Google issue 1126: An error in ChineseTableLicenseAuditing - Complete LICENSE tag for all of the tables. - Table build scripts has been refactored. - cmake-fedora is added as submodule. - Fixed Bug 855250 - Change the default filtering for Quick and Cangjie by merging maxiaojun's repository - Fixed Google Issue 1405: failed to build ibus-table-chinese due to missing db files - Fixed Google issue 1507: Add CJKV Extension C/D support for Array30 - Merge GitHub Pull request 3: Added the inter punct - Merge GitHub Pull request 4: Give Cangjie and Quick users 9 candidates per page -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Ding-Yi Chen - 1.4.6-1 - Fixed IBus Google issue 1126: An error in ChineseTableLicenseAuditing - Complete LICENSE tag for all of the tables. * Mon Nov 26 2012 Ding-Yi Chen - 1.4.5-1 - Table build scripts has been refactored. - cmake-fedora is added as submodule. - Fixed Bug 855250 - Change the default filtering for Quick and Cangjie by merging maxiaojun's repository - Fixed Google Issue 1405: failed to build ibus-table-chinese due to missing db files - Fixed Google issue 1507: Add CJKV Extension C/D support for Array30 - Merge GitHub Pull request 3: Added the inter punct - Merge GitHub Pull request 4: Give Cangjie and Quick users 9 candidates per page -------------------------------------------------------------------------------- References: [ 1 ] Bug #855250 - Change the default filtering for Quick and Cangjie https://bugzilla.redhat.com/show_bug.cgi?id=855250 -------------------------------------------------------------------------------- ================================================================================ is-interface-1.14.0-0.el6 (FEDORA-EPEL-2012-13657) Information service library for the lcg bdii system -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0 - correct several memory leaks - correct thread safety issues - implement session re-use system for fts 3.0 -------------------------------------------------------------------------------- ================================================================================ lcg-util-1.14.0-0.el6 (FEDORA-EPEL-2012-13655) Command line tools for wlcg storage system -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0-0 - several bug fixs from gfal 1.0, srm-ifce and is-interface - see respective changelog for details -------------------------------------------------------------------------------- ================================================================================ libcommuni-1.2.0-2.el6 (FEDORA-EPEL-2012-13653) Cross-platform IRC client library written with Qt 4 -------------------------------------------------------------------------------- Update Information: Fixes bottleneck in IRC messages parsing. Parsing is now 10x faster. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Jan Kaluza - 1.2.0-2 - add upstream fix to parser performance bottleneck caused by encoding settings -------------------------------------------------------------------------------- ================================================================================ mawk-1.3.4-20121129.1.el6 (FEDORA-EPEL-2012-13648) Interpreter for the AWK programming language -------------------------------------------------------------------------------- Update Information: upgrade to 1.3.4-20121129 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Mark McKinstry - 1.3.4-20121129.1 - upgrade to 1.3.4-20121129 (BZ #882867) * Sun Oct 10 2010 Mark McKinstry 1.3.4-5.20100625 - buildroot had a leftover macro from the old way of defining the version -------------------------------------------------------------------------------- References: [ 1 ] Bug #882867 - mawk-1.3.4-20121129 is available https://bugzilla.redhat.com/show_bug.cgi?id=882867 -------------------------------------------------------------------------------- ================================================================================ multitail-5.2.8-2.el6 (FEDORA-EPEL-2012-13650) View one or multiple files like tail but with multiple windows -------------------------------------------------------------------------------- Update Information: First release in EPEL. -------------------------------------------------------------------------------- ================================================================================ openstack-nova-2012.2.1-2.el6 (FEDORA-EPEL-2012-13661) OpenStack Compute (nova) -------------------------------------------------------------------------------- Update Information: Update to folsom stable release 1 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Nikola ?ipanov - 2012.2.1-2 - Fix rpc_control_exchange regression * Fri Nov 30 2012 Nikola ?ipanov - 2012.2.1-1 - Update to folsom stable release 1 -------------------------------------------------------------------------------- ================================================================================ python-django-select2-3.1.4-1.el6 (FEDORA-EPEL-2012-13667) Select2 option fields for Django -------------------------------------------------------------------------------- Update Information: python-django-select2 version 3.1.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #880964 - Review Request: python-django-select2 - Select2 option fields for Django https://bugzilla.redhat.com/show_bug.cgi?id=880964 -------------------------------------------------------------------------------- ================================================================================ python-zope-interface4-4.0.2-4.el6 (FEDORA-EPEL-2012-13649) Forward compatible package for Zope 3 Interface Infrastructure -------------------------------------------------------------------------------- Update Information: Initial import. -------------------------------------------------------------------------------- References: [ 1 ] Bug #881903 - Review Request: python-zope-interface4 - Forward compat package for Zope 3 Interface Infrastructure https://bugzilla.redhat.com/show_bug.cgi?id=881903 -------------------------------------------------------------------------------- ================================================================================ srm-ifce-1.14.0-0.el6 (FEDORA-EPEL-2012-13665) SRM client side library -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0-0 - correct misleading namespace in PrepareToGetRequestStatus - correct a timeout issue related to exponential backoff system in put/get - improve reliability of the exponential backoff wait system - big big code cleaning - re-factory of the context system with backward compatibility - fix the srm timeout issue - fix the srm put done issue for long transfer -------------------------------------------------------------------------------- ================================================================================ torsocks-1.2-2.el6 (FEDORA-EPEL-2012-13662) Use SOCKS-friendly applications with Tor -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #877705 - Review Request: torsocks - Use SOCKS-friendly applications with Tor https://bugzilla.redhat.com/show_bug.cgi?id=877705 -------------------------------------------------------------------------------- ================================================================================ unetbootin-0-12.581bzr.el6 (FEDORA-EPEL-2012-13666) Create bootable Live USB drives for a variety of Linux distributions -------------------------------------------------------------------------------- Update Information: Update to newest stable release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 17 2012 Jussi Lehtola - 0-11.581bzr - Update to 581. * Sun Jul 22 2012 Fedora Release Engineering - 0-12.577bzr - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jul 8 2012 Jussi Lehtola - 0-11.577bzr - Update to 577. * Tue Jun 12 2012 Jussi Lehtola - 0-11.575bzr - Update to 575. -------------------------------------------------------------------------------- From updates at fedoraproject.org Tue Dec 4 19:59:01 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 04 Dec 2012 19:59:01 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121204195901.BFC3120BDA@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubemail-0.1.1-7.el5 226 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5 121 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 53 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing drupal7-views_bulk_operations-3.1-3.el5 gfal-1.14.0-0.el5 gfal2-2.1.0-1.el5 gfalFS-1.0.1-0.el5 is-interface-1.14.0-0.el5 lcg-util-1.14.0-0.el5 mawk-1.3.4-20121129.1.el5 multitail-5.2.8-2.el5 srm-ifce-1.14.0-0.el5 Details about builds: ================================================================================ drupal7-views_bulk_operations-3.1-3.el5 (FEDORA-EPEL-2012-13645) This module augments Views by allowing bulk operations to be executed -------------------------------------------------------------------------------- Update Information: Update to upstream 3.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Jared Smith - 3.1-3 - Update to upstream 3.1 release - Remove pre-release versioning from spec file * Wed Jul 18 2012 Fedora Release Engineering - 3.0-0.2.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #882843 - drupal7-views_bulk_operations-3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=882843 -------------------------------------------------------------------------------- ================================================================================ gfal-1.14.0-0.el5 (FEDORA-EPEL-2012-13663) Grid File access library -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0 - correction of a warning message in lcg-util LCGUTIL-47 - change default srm timeout to 3600 seconds LCGUTIL-180 -------------------------------------------------------------------------------- ================================================================================ gfal2-2.1.0-1.el5 (FEDORA-EPEL-2012-13668) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information: GFAL2 2.1, following update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Adrien Devresse - 2.1.0-0 - One-globus session system for gsiftp plugin ( FTS 3.0 need ) - correct a major issue with the gass attribute system in gsiftp plugin - change the lfc set/get env var for a one compatible with set/get opt - add set/nb streams option for gsiftp - add the mkdir rec function for SRM transfer - correct an issue with opendir and srm_ls ( ENOTDIR error silent ) - correct a memory leak in the cache system - correct timeout support for gsiftp transfer - implement tcp buffer size support for gsiftp layer - apply a correction on the SRM over-write logic, related to a BeStMan errcode problem on File Not Found with srmRm ( EOS ) - apply a fix on the transfer gsiftp timeout ( protection against multiple cancel ) - fix for SRM filesize problem ( defined to 0, workaround ) related to globus 426 error bad filesize - secure the callback system for globus gass timeout - base implementation of the http plugin - improve reliability of the bdii resolution - add a fallback mechanism in case of bdii bad resolution - correct several race conditions in the bdii layer - add thread safe support for set/get variables in liblfc - correct a deadlock problem with globus and gisftp plugin - implement the mkdir_rec logic for general purpose - implement the parent folder creation logic with gridftp - add support for lfc://host/path URL style for the lfc plugin - switch off_t to 64bits size by default ( _FILE_OFFSET_BITS=64) - provide a "nobdii" like option - provide the choice of turl protocol resolution for srm plugin -------------------------------------------------------------------------------- ================================================================================ gfalFS-1.0.1-0.el5 (FEDORA-EPEL-2012-13658) Filesystem client based on GFAL 2.0 -------------------------------------------------------------------------------- Update Information: gfalFS 1.0.1, Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.0.1-0 - fix a 32 bits off_t size problem with gfal 2.1 -------------------------------------------------------------------------------- ================================================================================ is-interface-1.14.0-0.el5 (FEDORA-EPEL-2012-13669) Information service library for the lcg bdii system -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0 - correct several memory leaks - correct thread safety issues - implement session re-use system for fts 3.0 -------------------------------------------------------------------------------- ================================================================================ lcg-util-1.14.0-0.el5 (FEDORA-EPEL-2012-13656) Command line tools for wlcg storage system -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0-0 - several bug fixs from gfal 1.0, srm-ifce and is-interface - see respective changelog for details -------------------------------------------------------------------------------- ================================================================================ mawk-1.3.4-20121129.1.el5 (FEDORA-EPEL-2012-13644) Interpreter for the AWK programming language -------------------------------------------------------------------------------- Update Information: upgrade to 1.3.4-20121129 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Mark McKinstry - 1.3.4-20121129.1 - upgrade to 1.3.4-20121129 (BZ #882867) -------------------------------------------------------------------------------- References: [ 1 ] Bug #882867 - mawk-1.3.4-20121129 is available https://bugzilla.redhat.com/show_bug.cgi?id=882867 -------------------------------------------------------------------------------- ================================================================================ multitail-5.2.8-2.el5 (FEDORA-EPEL-2012-13654) View one or multiple files like tail but with multiple windows -------------------------------------------------------------------------------- Update Information: First release in EPEL. -------------------------------------------------------------------------------- ================================================================================ srm-ifce-1.14.0-0.el5 (FEDORA-EPEL-2012-13659) SRM client side library -------------------------------------------------------------------------------- Update Information: Update 1.14.0 of lcg-util -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Adrien Devresse - 1.14.0-0 - correct misleading namespace in PrepareToGetRequestStatus - correct a timeout issue related to exponential backoff system in put/get - improve reliability of the exponential backoff wait system - big big code cleaning - re-factory of the context system with backward compatibility - fix the srm timeout issue - fix the srm put done issue for long transfer -------------------------------------------------------------------------------- From gregswift at gmail.com Tue Dec 4 22:48:28 2012 From: gregswift at gmail.com (Greg Swift) Date: Tue, 4 Dec 2012 16:48:28 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <50AF4164.1030806@matthias-runge.de> References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> Message-ID: I've been sitting on this too long... so just wanted to get it sent. My apologies about the flow. On Fri, Nov 23, 2012 at 3:27 AM, Matthias Runge wrote: > On 11/23/2012 09:47 AM, Tom?? Smetana wrote: > > And does every package have to be present in all the channels? I can > imagine > > a package having a different maintainer in each channel or not to be > present > > in some at all: if maintaining more versions at once or backporting > patches > > is beyond the maintainers possibilities, he may decide to only > re-package the > > new upstream stuff in "unstable" or just backport critical patches to the > > "old" channel. > > > > Yes, I understand this may shift the complications to the users who will > have > > to invent more complicated yum configurations to get the right packages > from > > the right channels. > > > > Regards, > > > In my opinion, it's not necessary to have each package in each > repository. Yum will do it's magic and select that package with the > highest version number. E.g if you choose just the base EPEL-6 branch, > then you should get the latest version of your desired package from > there. If you also enabled e.g. EPEL-6.1 and the package from there is > newer, then yum will fetch it from there. If that package doesn't exist > there, you'll get, what's in EPEL-6. > > So using newer versions which may include upgrades, you'll need to > enable another repository. > But to be clear, I just intend ONE version upgrade for a package for > each new repo, so when you chose to enable that newer repo, you'll stick > on that provided version. > > TL;DR - stability is nice - longer RHEL lifecycle = less useful EPEL if there are no updates - shouldn't be expected to solve local admin software management issues - So... I agree with a lot of the overall concerns about stability, however realistic expectations should be set on volunteers. I also think we'd want to avoid deviating to far from RHEL's update cycle beyond is absolutely necessary (i'm referring to the concept of dot release repositories). As an administrator I know it has annoyed me for years that I can't specifically get many apps from EPEL just because of the major version update rule. In my experience I've ended up repackaging the Fedora RPM because EPEL was just too far behind. So, first, be patient with me as I look at RHEL for a second. * Red Hat's release cycle for RHEL is ~8m per dot release (roughly averaged) * RHEL is now on a 13 year support cycle ( https://access.redhat.com/support/policy/updates/errata/) * Updated always go into the same repository (Unless you subscribe to Extended Update Support (EUS), but I believe that is a separate repository anyway) Based on the above, most people have come up with a way to handle deployment of updates in their environment: 1: paying extra to red hat for EUS 2: running a local repository that they manage the releases through (satellite or manual) 3: auto or manually updating the boxes on a schedule 4: updating haphazardly 5: other? So, unless someone wants to turn EPEL into a paid service, #1 is out (hey... thats an interesting concept...) To me (and most people I know) running your own local repository as a 'stability' control is way more efficient for the administrator. If you are doing 3 and 4 then I don't know that requesting the EPEL volunteers to provide that level of stability is very reasonable. I can however appreciate that there are two primary sets of users from what I've read on these conversations: 1: Those that don't want updates that change api compatibility 2: Those who need the newer version for X reason I'm personally inclined to lean toward the concept I was pushing in the thread discussing multiple versions [1]. I'd imagine that a 'api stable' repo and a 'rolling' repo would be less support effort than attempting to manage >8 repositories per major release and the security updates that need to be applied on older version. That being said I could about see doing a point in time 'snapshot' using hardlinks of the single repository whenever a dot release comes out. But then what about security updates? I realize that whichever route we go, work is required, but I also assume that as a given at this point of the conversation. -greg -------------- next part -------------- An HTML attachment was scrubbed... URL: From ktdreyer at ktdreyer.com Tue Dec 4 23:46:35 2012 From: ktdreyer at ktdreyer.com (Ken Dreyer) Date: Tue, 4 Dec 2012 16:46:35 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> Message-ID: On Tue, Dec 4, 2012 at 3:48 PM, Greg Swift wrote: > I'm personally inclined to lean toward the concept I was pushing in the > thread discussing multiple versions [1]. I'd imagine that a 'api stable' > repo and a 'rolling' repo would be less support effort than attempting to > manage >8 repositories per major release and the security updates that need > to be applied on older version. My main concern with multiple EPEL repos is that users will be in a worse condition security-wise. Many users will download an application from the "api stable" repo, but they will not realize that no one is doing backports any more, because all the interested EPEL maintainers left that behind to focus on the "rolling" repo. The analogy that comes to my mind is Fedora: What if we kept old Fedora releases going back all the way to Fedora 6 open to maintainers to patch on a voluntary basis, and we never really announced EOL for any Fedora release? Fedora users would have to know enough to keep jumping along with whatever's maintained. It seems to me that we have to choose between occasional instability and insecurity. I'd rather EPEL's reputation err on the side of instability rather than insecurity. > So, unless someone wants to turn EPEL into a paid service, #1 is out > (hey... thats an interesting concept...) Maybe money does have to enter the picture at some point. Corporations should commit to pay salaries for more developers to do EPEL backports if it's important to their businesses. - Ken From gregswift at gmail.com Wed Dec 5 14:47:23 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 5 Dec 2012 08:47:23 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> Message-ID: On Tue, Dec 4, 2012 at 5:46 PM, Ken Dreyer wrote: > On Tue, Dec 4, 2012 at 3:48 PM, Greg Swift wrote: > > I'm personally inclined to lean toward the concept I was pushing in the > > thread discussing multiple versions [1]. I'd imagine that a 'api stable' > > repo and a 'rolling' repo would be less support effort than attempting to > > manage >8 repositories per major release and the security updates that > need > > to be applied on older version. > > My main concern with multiple EPEL repos is that users will be in a > worse condition security-wise. Many users will download an application > from the "api stable" repo, but they will not realize that no one is > doing backports any more, because all the interested EPEL maintainers > left that behind to focus on the "rolling" repo. > > The analogy that comes to my mind is Fedora: What if we kept old > Fedora releases going back all the way to Fedora 6 open to maintainers > to patch on a voluntary basis, and we never really announced EOL for > any Fedora release? Fedora users would have to know enough to keep > jumping along with whatever's maintained. > > It seems to me that we have to choose between occasional instability > and insecurity. I'd rather EPEL's reputation err on the side of > instability rather than insecurity. > I can back that line of thought. Plus providing 1 path means less change! :) > > > So, unless someone wants to turn EPEL into a paid service, #1 is out > > (hey... thats an interesting concept...) > > Maybe money does have to enter the picture at some point. Corporations > should commit to pay salaries for more developers to do EPEL backports > if it's important to their businesses. > So... anyone got any motivation in pushing a product internally @ Red Hat that does this? :) Also.... I hadn't mentioned it before on here, because in general mentioning tends to mean you have to do it and I don't really have the cycles available. But as of this morning I figured I'd float the concept anyways. What would it take to basically have a yum plugin would check a 'notification' feed (something simple like rss or atom) about a specific repository. Notifications found on that feed would throw messages in the yum output and /var/log/messages. This feed could provide notices like 'Hey, this version is deprecated and insecure, you need to update'. An extension of this might be that it marks the package as an 'exclude' if it can't just be updated without interference. This would allow a notification method, and a way for users to not get an update if its going to break them, but also allowing the main page to just continuously be updated. Then this package could possibly be a required package from the epel-release package. -greg -------------- next part -------------- An HTML attachment was scrubbed... URL: From tdawson at redhat.com Wed Dec 5 14:58:44 2012 From: tdawson at redhat.com (Troy Dawson) Date: Wed, 05 Dec 2012 08:58:44 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> Message-ID: <50BF6124.1090504@redhat.com> On 12/05/2012 08:47 AM, Greg Swift wrote: > > On Tue, Dec 4, 2012 at 5:46 PM, Ken Dreyer > wrote: > > On Tue, Dec 4, 2012 at 3:48 PM, Greg Swift > wrote: > > I'm personally inclined to lean toward the concept I was pushing > in the > > thread discussing multiple versions [1]. I'd imagine that a 'api > stable' > > repo and a 'rolling' repo would be less support effort than > attempting to > > manage >8 repositories per major release and the security updates > that need > > to be applied on older version. > > My main concern with multiple EPEL repos is that users will be in a > worse condition security-wise. Many users will download an application > from the "api stable" repo, but they will not realize that no one is > doing backports any more, because all the interested EPEL maintainers > left that behind to focus on the "rolling" repo. > > The analogy that comes to my mind is Fedora: What if we kept old > Fedora releases going back all the way to Fedora 6 open to maintainers > to patch on a voluntary basis, and we never really announced EOL for > any Fedora release? Fedora users would have to know enough to keep > jumping along with whatever's maintained. > > It seems to me that we have to choose between occasional instability > and insecurity. I'd rather EPEL's reputation err on the side of > instability rather than insecurity. > > > I can back that line of thought. Plus providing 1 path means less > change! :) > > > > So, unless someone wants to turn EPEL into a paid service, #1 is out > > (hey... thats an interesting concept...) > > Maybe money does have to enter the picture at some point. Corporations > should commit to pay salaries for more developers to do EPEL backports > if it's important to their businesses. > > > So... anyone got any motivation in pushing a product internally @ Red > Hat that does this? :) > > > Also.... I hadn't mentioned it before on here, because in general > mentioning tends to mean you have to do it and I don't really have the > cycles available. But as of this morning I figured I'd float the > concept anyways. > > What would it take to basically have a yum plugin would check a > 'notification' feed (something simple like rss or atom) about a specific > repository. Notifications found on that feed would throw messages in > the yum output and /var/log/messages. This feed could provide notices > like 'Hey, this version is deprecated and insecure, you need to > update'. An extension of this might be that it marks the package as an > 'exclude' if it can't just be updated without interference. This would > allow a notification method, and a way for users to not get an update if > its going to break them, but also allowing the main page to just > continuously be updated. > > Then this package could possibly be a required package from the > epel-release package. > > -greg Not volunteering at the moment because I don't have the cycles, but I really like that idea. Something similar, except opposite, of the security plugin. If a package has the "breakable update" option set, then don't update it unless they do the "--reallyupdate" option. But also give them a nag that says the package has an update. Troy From mattdm at fedoraproject.org Wed Dec 5 15:33:04 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Wed, 5 Dec 2012 10:33:04 -0500 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <50BF6124.1090504@redhat.com> References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> Message-ID: <20121205153304.GA14022@disco.bu.edu> On Wed, Dec 05, 2012 at 08:58:44AM -0600, Troy Dawson wrote: > Not volunteering at the moment because I don't have the cycles, but I > really like that idea. > Something similar, except opposite, of the security plugin. If a > package has the "breakable update" option set, then don't update it > unless they do the "--reallyupdate" option. But also give them a nag > that says the package has an update. +1 to this -- Matthew Miller ??? Fedora Cloud Architect ??? From gregswift at gmail.com Wed Dec 5 20:56:33 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 5 Dec 2012 14:56:33 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <50BF6124.1090504@redhat.com> References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> Message-ID: On Wed, Dec 5, 2012 at 8:58 AM, Troy Dawson wrote: > On 12/05/2012 08:47 AM, Greg Swift wrote: > > > > On Tue, Dec 4, 2012 at 5:46 PM, Ken Dreyer > > wrote: > > > > On Tue, Dec 4, 2012 at 3:48 PM, Greg Swift > > wrote: > > > I'm personally inclined to lean toward the concept I was pushing > > in the > > > thread discussing multiple versions [1]. I'd imagine that a 'api > > stable' > > > repo and a 'rolling' repo would be less support effort than > > attempting to > > > manage >8 repositories per major release and the security updates > > that need > > > to be applied on older version. > > > > My main concern with multiple EPEL repos is that users will be in a > > worse condition security-wise. Many users will download an > application > > from the "api stable" repo, but they will not realize that no one is > > doing backports any more, because all the interested EPEL maintainers > > left that behind to focus on the "rolling" repo. > > > > The analogy that comes to my mind is Fedora: What if we kept old > > Fedora releases going back all the way to Fedora 6 open to > maintainers > > to patch on a voluntary basis, and we never really announced EOL for > > any Fedora release? Fedora users would have to know enough to keep > > jumping along with whatever's maintained. > > > > It seems to me that we have to choose between occasional instability > > and insecurity. I'd rather EPEL's reputation err on the side of > > instability rather than insecurity. > > > > > > I can back that line of thought. Plus providing 1 path means less > > change! :) > > > > > > > So, unless someone wants to turn EPEL into a paid service, #1 is > out > > > (hey... thats an interesting concept...) > > > > Maybe money does have to enter the picture at some point. > Corporations > > should commit to pay salaries for more developers to do EPEL > backports > > if it's important to their businesses. > > > > > > So... anyone got any motivation in pushing a product internally @ Red > > Hat that does this? :) > > > > > > Also.... I hadn't mentioned it before on here, because in general > > mentioning tends to mean you have to do it and I don't really have the > > cycles available. But as of this morning I figured I'd float the > > concept anyways. > > > > What would it take to basically have a yum plugin would check a > > 'notification' feed (something simple like rss or atom) about a specific > > repository. Notifications found on that feed would throw messages in > > the yum output and /var/log/messages. This feed could provide notices > > like 'Hey, this version is deprecated and insecure, you need to > > update'. An extension of this might be that it marks the package as an > > 'exclude' if it can't just be updated without interference. This would > > allow a notification method, and a way for users to not get an update if > > its going to break them, but also allowing the main page to just > > continuously be updated. > > > > Then this package could possibly be a required package from the > > epel-release package. > > > > -greg > > Not volunteering at the moment because I don't have the cycles, but I > really like that idea. > Something similar, except opposite, of the security plugin. If a > package has the "breakable update" option set, then don't update it > unless they do the "--reallyupdate" option. But also give them a nag > that says the package has an update. > I'm very amused with myself for forgetting about the security plugin (mainly cause I never used it but still...) -------------- next part -------------- An HTML attachment was scrubbed... URL: From updates at fedoraproject.org Wed Dec 5 21:26:07 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 05 Dec 2012 21:26:07 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121205212608.0122920BE5@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 228 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13636/weechat-0.3.9.2-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13671/bogofilter-1.2.3-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6 54 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13629/openstack-keystone-2012.2.1-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13642/php-symfony2-HttpFoundation-2.1.4-1.el6 150 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6 416 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing abi-compliance-checker-1.98.6-1.el6 armadillo-3.4.4-1.el6 bogofilter-1.2.3-1.el6 facter-1.6.16-1.el6 mongodb-2.2.2-1.el6 nagios-3.4.3-1.el6 opendkim-2.7.3-2.el6 openstack-quantum-2012.2.1-1.el6 pam_url-0.3.2-1.el6 perl-CDB_File-0.97-1.el6 php-pluf-1.0-3.gitb1fed2e.el6 python-moksha-hub-1.0.9-1.el6 python-moksha-hub-1.1.0-1.el6 python-quantumclient-2.1.10-1.el6 python-txzmq-0.6.1-3.el6 Details about builds: ================================================================================ abi-compliance-checker-1.98.6-1.el6 (FEDORA-EPEL-2012-13674) An ABI Compliance Checker -------------------------------------------------------------------------------- Update Information: Version 1.98.6 (December 04, 2012) Improvements Extended -extra-info and -extra-dump options Bug Fixes Corrected processing of input XML descriptor Corrected "Parameter_Default_Value_Removed" rule Other fixes Version 1.98.5 (November 30, 2012) This is a bug-fix release with a few new features. Improvements Added "throw" and "weak" attributes of methods to ABI dump New Options -extra-info -extra-dump -force Bug Fixes Corrected order of user-defined include paths Corrected internal C++ mangler Removed false positives of the "Parameter_Type_Format" rule Other fixes Other Extended test suite Code cleaning Docs cleaning -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Richard Shaw - 1.98.6-1 - Update to latest upstream release. -------------------------------------------------------------------------------- ================================================================================ armadillo-3.4.4-1.el6 (FEDORA-EPEL-2012-13683) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: Update Armadillo to latest stable version. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Jos? Matos - 3.4.4-1 - Update to latest stable release - Clean the spec files (documentation has a special treatment with rpm) * Wed Jul 25 2012 Jos? Matos - 3.2.4-1 - Update to version 3.2.4 * Wed Jul 18 2012 Fedora Release Engineering - 2.2.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 12 2012 Fedora Release Engineering - 2.2.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ bogofilter-1.2.3-1.el6 (FEDORA-EPEL-2012-13671) Fast anti-spam filtering by Bayesian statistical analysis -------------------------------------------------------------------------------- Update Information: updated to 1.2.3 (fixes #883358, CVE-2012-5468) -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Adrian Reber - 1.2.3-1 - updated to 1.2.3 (fixes #883358, CVE-2012-5468) * Thu Jul 26 2012 Adrian Reber - 1.2.2-5 - add new libdb4 include path to configure options * Wed Jul 18 2012 Fedora Release Engineering - 1.2.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 12 2012 Fedora Release Engineering - 1.2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering - 1.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #883358 - CVE-2012-5468 bogofilter: Heap-based buffer overflow by decoding invalid base64 code (that decodes to incomplete multibyte characters) https://bugzilla.redhat.com/show_bug.cgi?id=883358 -------------------------------------------------------------------------------- ================================================================================ facter-1.6.16-1.el6 (FEDORA-EPEL-2012-13676) Command and ruby library for gathering system information -------------------------------------------------------------------------------- Update Information: Update from upstream with fixes for edge cases around ec2 facts. Rebase to 1.6.15 and fix issue found in bz #871211 This is a rebase to the upstream of 1.6.15. This should be a backward compatible release with what is currently in Fedora/EPEL. The known issue of openstack/ec2 fact exception handling has been resolved in 1.6.15. This commit also adds the .asc file back as it used by facter maintainers during package creation. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Rebase to 1.6.15 and fix issue found in bz #871211 This is a rebase to the upstream of 1.6.15. This should be a backward compatible release with what is currently in Fedora/EPEL. The known issue of openstack/ec2 fact exception handling has been resolved in 1.6.15. This commit also adds the .asc file back as it used by facter maintainers during package creation. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Michael Stahnke - 1.6.16-1 - Update to 1.6.16 * Wed Nov 28 2012 Michael Stahnke - 1.6.15-1 - Rebase to 1.6.15 - Put asc file back as Source1 * Fri Nov 9 2012 Michael Stahnke - 1.6.13-2 - Add patch for ec2 fix - Rebase to 1.6.14 via bz 871211 * Mon Oct 29 2012 Michael Stahnke - 1.6.13-1 - Rebase to 1.6.13 * Thu Jul 19 2012 Fedora Release Engineering - 1.6.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #871211 - Please update facter to the latest upstream (patch included) https://bugzilla.redhat.com/show_bug.cgi?id=871211 -------------------------------------------------------------------------------- ================================================================================ mongodb-2.2.2-1.el6 (FEDORA-EPEL-2012-13684) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Update to 2.2.2 Built with ssl support, minor bugfixes Update to 2.2.1, a bugfix only release Update to 2.2.0 Update init script to use a pidfile -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Troy Dawson - 2.2.2-1 - Updated to version 2.2.2 * Tue Nov 27 2012 Troy Dawson - 2.2.1-3 - Add ssl build option - Using the reserved mongod UID for the useradd - mongod man page in server package (#880351) - added optional MONGODB_OPTIONS to init script * Wed Oct 31 2012 Nathaniel McCallum - 2.2.1-2 - Make sure build and install flags are the same - Actually remove the js patch file * Wed Oct 31 2012 Nathaniel McCallum - 2.2.1-1 - Remove fork fix patch (fixed upstream) - Remove pcre patch (fixed upstream) - Remove mozjs patch (now using v8 upstream) - Update to 2.2.1 * Tue Oct 2 2012 Troy Dawson - 2.2.0-6 - full flag patch to get 32 bit builds to work * Tue Oct 2 2012 Troy Dawson - 2.2.0-5 - shared libraries patch - Fix up minor %files issues * Fri Sep 28 2012 Troy Dawson - 2.2.0-4 - Fix spec files problems * Fri Sep 28 2012 Troy Dawson - 2.2.0-3 - Updated patch to use system libraries - Update init script to use a pidfile * Thu Sep 27 2012 Troy Dawson - 2.2.0-2 - Added patch to use system libraries * Wed Sep 19 2012 Troy Dawson - 2.2.0-1 - Updated to 2.2.0 - Updated patches that were still needed - use v8 instead of spider_monkey due to bundled library issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #880351 - mongod man page is in mongodb package instead of mongodb-server package https://bugzilla.redhat.com/show_bug.cgi?id=880351 -------------------------------------------------------------------------------- ================================================================================ nagios-3.4.3-1.el6 (FEDORA-EPEL-2012-13686) Nagios monitors hosts and services and yells if somethings breaks -------------------------------------------------------------------------------- Update Information: Upgrade to 3.4.3 Update to 3.4.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Jose Pedro Oliveira - 3.4.3-1 - Upgrade to 3.4.3 * Sat Nov 10 2012 Jose Pedro Oliveira - 3.4.2-1 - Upgrade to 3.4.2 * Fri Jul 20 2012 Fedora Release Engineering - 3.4.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ opendkim-2.7.3-2.el6 (FEDORA-EPEL-2012-13681) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Changed default permissions of /etc/opendkim/keys based on suggestion by Patrick at puzzled.xs4all.nl. Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Steve Jenkins 2.7.3-2 - Set /etc/opendkim/keys default permissions to 750 (Thanks patrick at puzzled.xs4al.nl) * Thu Nov 29 2012 Steve Jenkins 2.7.3-1 - Updated to use newer upstream 2.7.3 source code * Mon Nov 19 2012 Steve Jenkins 2.7.2-1 - Updated to use newer upstream 2.7.2 source code -------------------------------------------------------------------------------- ================================================================================ openstack-quantum-2012.2.1-1.el6 (FEDORA-EPEL-2012-13680) Virtual network service for OpenStack (quantum) -------------------------------------------------------------------------------- Update Information: Update to folsom stable 2012.2.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Robert Kukura - 2012.2.1-1 - Update to folsom stable 2012.2.1 - Add upstream patch: Fix rpc control_exchange regression. - Remove workaround for missing l3_agent.ini -------------------------------------------------------------------------------- ================================================================================ pam_url-0.3.2-1.el6 (FEDORA-EPEL-2012-13685) PAM module to authenticate with HTTP servers -------------------------------------------------------------------------------- Update Information: Upstream 0.3.2 with fixes for pam stacking. Initial release. Initial release. Initial release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #880842 - Review Request: pam_url - PAM module to authenticate with HTTP servers https://bugzilla.redhat.com/show_bug.cgi?id=880842 -------------------------------------------------------------------------------- ================================================================================ perl-CDB_File-0.97-1.el6 (FEDORA-EPEL-2012-13687) Perl extension for access to cdb databases -------------------------------------------------------------------------------- Update Information: upgrade to 0.97 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Mark McKinstry - 0.97-1 - upgrade to 0.97 -------------------------------------------------------------------------------- References: [ 1 ] Bug #882869 - perl-CDB_File-0.97 is available https://bugzilla.redhat.com/show_bug.cgi?id=882869 -------------------------------------------------------------------------------- ================================================================================ php-pluf-1.0-3.gitb1fed2e.el6 (FEDORA-EPEL-2012-13672) PHP WebApp Framework -------------------------------------------------------------------------------- Update Information: Upgrade from GIT to satisfy Indefero dependency. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.0.9-1.el6 (FEDORA-EPEL-2012-13679) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: Update to latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Ralph Bean - 1.0.9-1 - Latest upstream. - Fixed check conditional for rhel6. -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.1.0-1.el6 (FEDORA-EPEL-2012-13678) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: Update to latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Ralph Bean - 1.1.0-1 - Latest upstream with support for zmq_tcp_keepalive. * Tue Dec 4 2012 Ralph Bean - 1.0.9-1 - Latest upstream. - Fixed check conditional for rhel6. -------------------------------------------------------------------------------- ================================================================================ python-quantumclient-2.1.10-1.el6 (FEDORA-EPEL-2012-13682) Python API and CLI for OpenStack Quantum -------------------------------------------------------------------------------- Update Information: Update to latest upstream release with bug fixes and enhancements -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 3 2012 Robert Kukura - 1:2.1.10-1 - Update to 2.1.10 - Add pyparsing dependency - Deal with hash in tarball name - Install /etc/bash_completion.d/quantum.bash_completion -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.6.1-3.el6 (FEDORA-EPEL-2012-13688) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: Add support for zmq_tcp_keepalive. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Ralph Bean - 0.6.1-3 - Patch to add support for tcp keepalives with zeromq3. - Fixed "bad" rhel conditional. -------------------------------------------------------------------------------- From updates at fedoraproject.org Wed Dec 5 21:26:09 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 05 Dec 2012 21:26:09 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121205212609.41F1720C22@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13670/bogofilter-1.2.3-1.el5 228 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5 122 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 54 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing bogofilter-1.2.3-1.el5 facter-1.6.16-1.el5 opendkim-2.7.3-2.el5 perl-CDB_File-0.97-1.el5 Details about builds: ================================================================================ bogofilter-1.2.3-1.el5 (FEDORA-EPEL-2012-13670) Fast anti-spam filtering by Bayesian statistical analysis -------------------------------------------------------------------------------- Update Information: updated to 1.2.3 (fixes #883358, CVE-2012-5468) -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Adrian Reber - 1.2.3-1 - updated to 1.2.3 (fixes #883358, CVE-2012-5468) * Thu Jul 26 2012 Adrian Reber - 1.2.2-5 - add new libdb4 include path to configure options * Wed Jul 18 2012 Fedora Release Engineering - 1.2.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 12 2012 Fedora Release Engineering - 1.2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering - 1.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #883358 - CVE-2012-5468 bogofilter: Heap-based buffer overflow by decoding invalid base64 code (that decodes to incomplete multibyte characters) https://bugzilla.redhat.com/show_bug.cgi?id=883358 -------------------------------------------------------------------------------- ================================================================================ facter-1.6.16-1.el5 (FEDORA-EPEL-2012-13675) Command and ruby library for gathering system information -------------------------------------------------------------------------------- Update Information: Update from upstream with fixes for edge cases around ec2 facts. Rebase to 1.6.15 and fix issue found in bz #871211 This is a rebase to the upstream of 1.6.15. This should be a backward compatible release with what is currently in Fedora/EPEL. The known issue of openstack/ec2 fact exception handling has been resolved in 1.6.15. This commit also adds the .asc file back as it used by facter maintainers during package creation. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Rebase to 1.6.15 and fix issue found in bz #871211 This is a rebase to the upstream of 1.6.15. This should be a backward compatible release with what is currently in Fedora/EPEL. The known issue of openstack/ec2 fact exception handling has been resolved in 1.6.15. This commit also adds the .asc file back as it used by facter maintainers during package creation. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. Moves facter to newest version. This is a fully compatible version from 1.6.6 which is in stable. It also has bug fixes and a few enhancements. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Michael Stahnke - 1.6.16-1 - Update to 1.6.16 * Wed Nov 28 2012 Michael Stahnke - 1.6.15-1 - Rebase to 1.6.15 - Put asc file back as Source1 * Fri Nov 9 2012 Michael Stahnke - 1.6.13-2 - Add patch for ec2 fix - Rebase to 1.6.14 via bz 871211 * Mon Oct 29 2012 Michael Stahnke - 1.6.13-1 - Rebase to 1.6.13 * Thu Jul 19 2012 Fedora Release Engineering - 1.6.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #871211 - Please update facter to the latest upstream (patch included) https://bugzilla.redhat.com/show_bug.cgi?id=871211 -------------------------------------------------------------------------------- ================================================================================ opendkim-2.7.3-2.el5 (FEDORA-EPEL-2012-13677) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Changed default permissions of /etc/opendkim/keys based on suggestion by Patrick at puzzled.xs4all.nl. Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Update to upstream release 2.7.3, which fixes the following bugs: Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including . Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view Updating to newer 2.7.2 source. Source release notes available here: http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Steve Jenkins 2.7.3-2 - Set /etc/opendkim/keys default permissions to 750 (Thanks patrick at puzzled.xs4al.nl) * Thu Nov 29 2012 Steve Jenkins 2.7.3-1 - Updated to use newer upstream 2.7.3 source code * Mon Nov 19 2012 Steve Jenkins 2.7.2-1 - Updated to use newer upstream 2.7.2 source code -------------------------------------------------------------------------------- ================================================================================ perl-CDB_File-0.97-1.el5 (FEDORA-EPEL-2012-13673) Perl extension for access to cdb databases -------------------------------------------------------------------------------- Update Information: upgrade to 0.97 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Mark McKinstry - 0.97-1 - upgrade to 0.97 -------------------------------------------------------------------------------- References: [ 1 ] Bug #882869 - perl-CDB_File-0.97 is available https://bugzilla.redhat.com/show_bug.cgi?id=882869 -------------------------------------------------------------------------------- From kevin at scrye.com Wed Dec 5 23:53:35 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 5 Dec 2012 16:53:35 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <20121205153304.GA14022@disco.bu.edu> References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> Message-ID: <20121205165335.2fbc6950@jelerak.scrye.com> On Wed, 5 Dec 2012 10:33:04 -0500 Matthew Miller wrote: > On Wed, Dec 05, 2012 at 08:58:44AM -0600, Troy Dawson wrote: > > Not volunteering at the moment because I don't have the cycles, but > > I really like that idea. > > Something similar, except opposite, of the security plugin. If a > > package has the "breakable update" option set, then don't update it > > unless they do the "--reallyupdate" option. But also give them a > > nag that says the package has an update. > > +1 to this -a lot. ;) Anything that requires someone to read output from updates is doomed. If I update 100 machines, I am not going to look at all the spew from yum, and if I don't specifically look at my logs often am I going to notice this. If I install a new machine with updates enabled, would I notice this before the machine was deployed? I don't think this is a good solution... still trying to think of one. ;) kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From dmitry at athabascau.ca Thu Dec 6 15:21:21 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Thu, 06 Dec 2012 08:21:21 -0700 Subject: tomcat7 ? Message-ID: <50C0B7F1.3040208@athabascau.ca> Hi EPEL'ers, I've noticed that tomcat-7.x is in Fedora and I would like to ask whether it is possible to add it to EPEL ? While tomcat is self-contained it may be that some of the dependencies may have to be bumped from their RHEL versions. Does anybody knows bit more detail before I dive into the subject of bringing tomcat7 to RHEL6 platform? Would this be considered a conflict with RHEL channels? What if the name have been changed? -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From dmitry at athabascau.ca Thu Dec 6 16:58:34 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Thu, 06 Dec 2012 09:58:34 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: Message-ID: <50C0CEBA.7060004@athabascau.ca> Based on some of the previous discussions on this thread, my own self-interests and looking around why not settle for "epel-rawhide" repo that could serve both as a QA stage for packages in EPEL and for the category of users who need "latest and greatest" version of package in RHEL. I do believe both groups: a) users who want stable b) users who want latest are quite sizable and have enough people involved to power such move. To address the security concerns: we need something that will require version bump whenever upstream drops maintenance of the currently packaged version in EPEL and there are no takers for backports within a week. That should minimize backporting efforts. just my $.02CDN -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From gregswift at gmail.com Thu Dec 6 17:13:42 2012 From: gregswift at gmail.com (Greg Swift) Date: Thu, 6 Dec 2012 11:13:42 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <20121205165335.2fbc6950@jelerak.scrye.com> References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> Message-ID: On Wed, Dec 5, 2012 at 5:53 PM, Kevin Fenzi wrote: > On Wed, 5 Dec 2012 10:33:04 -0500 > Matthew Miller wrote: > > > On Wed, Dec 05, 2012 at 08:58:44AM -0600, Troy Dawson wrote: > > > Not volunteering at the moment because I don't have the cycles, but > > > I really like that idea. > > > Something similar, except opposite, of the security plugin. If a > > > package has the "breakable update" option set, then don't update it > > > unless they do the "--reallyupdate" option. But also give them a > > > nag that says the package has an update. > > > > +1 to this > > -a lot. ;) > > Anything that requires someone to read output from updates is doomed. > I agree with this sentiment. Which is why you don't _have_ to read output. The automatic exclusion is the plugins behavior, with the goal of leaving your system in a running state. Any output is there to provide an explanation for the lack of an update when looked for. Ideally, we are talking about defining an expected system behavior. It will take communication on top of the plugin creation and feed updating. A specific scenario that raises accountability concerns would be if the package I have installed is a security risk and the only fix is the 'breakable update'. To address that would be a state such as 'required breakable update - security risk'. If you attempt update all, yum would fail out with an error explaining why. This is the only time I'd suggest an actual error because of the accountability aspect. The error prevents it from being completely ignored, unless the result of the process is blatantly ignored, and I can't help there. If there is a requirement to stay on the 'insecure' version, place the package into the standard exclude list and then this would not come into play. The plugin would have to support the concept of versioning. Allowing definitions along the lines of: package version 2+ is a breakable update for versions <2 or 1.* Not only does this keep the feed content smaller, as it isn't required for every released version, but if there needs to be a security update for the 1.* release, that is doable without interfering with the 2.* releases while using the same repository. If designed and implemented well this might be an interesting path towards allowing newer versions of lots of software, even in base RHEL. Obviously, it wouldn't work for everything... but it has potential. > If I update 100 machines, I am not going to look at all the spew from > yum, and if I don't specifically look at my logs often am I going to > notice this. > So, I feel that falls under the realm of an admins responsibility, and most facilitation for the handling of it should readily come from what is described above. Its not like I'm suggesting we push a potentially broken package, I'm talking about letting their system keep running as it is, unless they specifically update it. If I install a new machine with updates enabled, would I notice this > before the machine was deployed? > This concept is specific to updates, not fresh installs. During a new install one would get the latest version of the software available , just like today. If a specific version is defined, and there is a 'breakable update' available before you deploy, then no, it would not be installed on a 'yum update'. -greg -------------- next part -------------- An HTML attachment was scrubbed... URL: From gregswift at gmail.com Thu Dec 6 17:25:53 2012 From: gregswift at gmail.com (Greg Swift) Date: Thu, 6 Dec 2012 11:25:53 -0600 Subject: tomcat7 ? In-Reply-To: <50C0B7F1.3040208@athabascau.ca> References: <50C0B7F1.3040208@athabascau.ca> Message-ID: I did just look at this a little this week. Here is what I noticed: 1: jakarta-commons versus apache-commons 2: buildRequires circular dependency of tomcat7 -> geronimo-jaxrpc -> servlet (which tomcat7 provides) then i just went to the jpackage release cause i needed to finish what i was doing. -greg On Thu, Dec 6, 2012 at 9:21 AM, Dmitry Makovey wrote: > > Hi EPEL'ers, > > I've noticed that tomcat-7.x is in Fedora and I would like to ask > whether it is possible to add it to EPEL ? While tomcat is > self-contained it may be that some of the dependencies may have to be > bumped from their RHEL versions. Does anybody knows bit more detail > before I dive into the subject of bringing tomcat7 to RHEL6 platform? > Would this be considered a conflict with RHEL channels? What if the name > have been changed? > > -- > Dmitry Makovey > Web Systems Administrator > Athabasca University > (780) 675-6245 > --- > Confidence is what you have before you understand the problem > Woody Allen > > When in trouble when in doubt run in circles scream and shout > http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 > > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From smooge at gmail.com Thu Dec 6 17:45:54 2012 From: smooge at gmail.com (Stephen John Smoogen) Date: Thu, 6 Dec 2012 10:45:54 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <50ADED32.3000909@matthias-runge.de> <20121122095633.GP1128@redhat.com> <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> Message-ID: On 6 December 2012 10:13, Greg Swift wrote: > > > > On Wed, Dec 5, 2012 at 5:53 PM, Kevin Fenzi wrote: >> >> On Wed, 5 Dec 2012 10:33:04 -0500 >> Matthew Miller wrote: >> >> > On Wed, Dec 05, 2012 at 08:58:44AM -0600, Troy Dawson wrote: >> > > Not volunteering at the moment because I don't have the cycles, but >> > > I really like that idea. >> > > Something similar, except opposite, of the security plugin. If a >> > > package has the "breakable update" option set, then don't update it >> > > unless they do the "--reallyupdate" option. But also give them a >> > > nag that says the package has an update. >> > >> > +1 to this >> >> -a lot. ;) >> >> Anything that requires someone to read output from updates is doomed. > > > I agree with this sentiment. Which is why you don't _have_ to read output. > The automatic exclusion is the plugins behavior, with the goal of leaving > your system in a running state. Any output is there to provide an > explanation for the lack of an update when looked for. > > Ideally, we are talking about defining an expected system behavior. It will > take communication on top of the plugin creation and feed updating. Ok looking at the security plugin code it seems it bases its decisions on what is already stored in the repodata. That being the case any sort of plugin is going to need to have extra stuff stored in repodata which means changes to createrepo, rpm, yum-utils, and yum. I don't think this is going to happen so we might as well look for some other solution. -- Stephen J Smoogen. "Don't derail a useful feature for the 99% because you're not in it." Linus Torvalds "Years ago my mother used to say to me,... Elwood, you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant. You may quote me." ?James Stewart as Elwood P. Dowd From mattdm at fedoraproject.org Thu Dec 6 17:58:56 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Thu, 6 Dec 2012 12:58:56 -0500 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> Message-ID: <20121206175856.GA777@disco.bu.edu> On Thu, Dec 06, 2012 at 10:45:54AM -0700, Stephen John Smoogen wrote: > Ok looking at the security plugin code it seems it bases its decisions > on what is already stored in the repodata. That being the case any > sort of plugin is going to need to have extra stuff stored in repodata > which means changes to createrepo, rpm, yum-utils, and yum. I don't > think this is going to happen so we might as well look for some other > solution. Why not? The security metadata wasn't always there and _that_ feature got added. -- Matthew Miller ??? Fedora Cloud Architect ??? From smooge at gmail.com Thu Dec 6 18:11:45 2012 From: smooge at gmail.com (Stephen John Smoogen) Date: Thu, 6 Dec 2012 11:11:45 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: <20121206175856.GA777@disco.bu.edu> References: <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> <20121206175856.GA777@disco.bu.edu> Message-ID: On 6 December 2012 10:58, Matthew Miller wrote: > On Thu, Dec 06, 2012 at 10:45:54AM -0700, Stephen John Smoogen wrote: >> Ok looking at the security plugin code it seems it bases its decisions >> on what is already stored in the repodata. That being the case any >> sort of plugin is going to need to have extra stuff stored in repodata >> which means changes to createrepo, rpm, yum-utils, and yum. I don't >> think this is going to happen so we might as well look for some other >> solution. > > Why not? The security metadata wasn't always there and _that_ feature got > added. It got added before RHEL-6 was out the door. EPEL does not control yum, createrepo, rpm or yum-utils for Red Hat Enterprise Linux. Getting it into there means working with Fedora yum/rpm developers on how it will be stored.. getting it working in Fedora, then figuring out how to back port that to the RHEL-5 and RHEL-6 yum's. Then working with Red Hat on allowing for a large ABI break where old yum users are guarenteed to still be able to make yum commands without yum crashing and that new yum users won't crash when reading old yum repos. > -- > Matthew Miller ??? Fedora Cloud Architect ??? > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list -- Stephen J Smoogen. "Don't derail a useful feature for the 99% because you're not in it." Linus Torvalds "Years ago my mother used to say to me,... Elwood, you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant. You may quote me." ?James Stewart as Elwood P. Dowd From gregswift at gmail.com Thu Dec 6 18:49:11 2012 From: gregswift at gmail.com (Greg Swift) Date: Thu, 6 Dec 2012 12:49:11 -0600 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> <20121206175856.GA777@disco.bu.edu> Message-ID: On Thu, Dec 6, 2012 at 12:11 PM, Stephen John Smoogen wrote: > On 6 December 2012 10:58, Matthew Miller wrote: > > On Thu, Dec 06, 2012 at 10:45:54AM -0700, Stephen John Smoogen wrote: > >> Ok looking at the security plugin code it seems it bases its decisions > >> on what is already stored in the repodata. That being the case any > >> sort of plugin is going to need to have extra stuff stored in repodata > >> which means changes to createrepo, rpm, yum-utils, and yum. I don't > >> think this is going to happen so we might as well look for some other > >> solution. > > > > Why not? The security metadata wasn't always there and _that_ feature got > > added. > > It got added before RHEL-6 was out the door. EPEL does not control > yum, createrepo, rpm or yum-utils for Red Hat Enterprise Linux. > Getting it into there means working with Fedora yum/rpm developers on > how it will be stored.. getting it working in Fedora, then figuring > out how to back port that to the RHEL-5 and RHEL-6 yum's. Then working > with Red Hat on allowing for a large ABI break where old yum users are > guarenteed to still be able to make yum commands without yum crashing > and that new yum users won't crash when reading old yum repos. > > If updateinfo.xml could store the data, would the addition of an alternate 'update' type break existing systems? From what I can tell updateinfo.xml is populated by parsing errata feeds. If this data could be presented as a specifically formatted errata, which to me makes a bit on sense because its just an update, then the updateinfo.xml generator and the plugin would be the primary change points. As long as the clients don't blow up at an alternate or whatever, then maybe there wouldn't be a large ABI break. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dmitry at athabascau.ca Thu Dec 6 19:48:36 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Thu, 06 Dec 2012 12:48:36 -0700 Subject: tomcat7 ? In-Reply-To: References: <50C0B7F1.3040208@athabascau.ca> Message-ID: <50C0F694.6080606@athabascau.ca> On 12/06/2012 10:25 AM, Greg Swift wrote: > I did just look at this a little this week. Here is what I noticed: > > 1: jakarta-commons versus apache-commons > 2: buildRequires circular dependency of tomcat7 -> geronimo-jaxrpc -> > servlet (which tomcat7 provides) which SPEC files were you using? rhel:tomcat6.spec + version bump, or fedora:tomcat.spec or jpackage:tomcat7.spec ? Just curious about the starting point. My idea was to grab Fedora's spec and massage it into submission. Main point (aside from libraries & their versions) would probably be the startup script as RHEL doesn't use systemd. But that should be easy to address and possibly plead for conditional SPEC file with RHEL-based builds using init.d startup vs Fedora's systemd. However it's still unclear whether EPEL would be the place for such build as RHN offers tomcat7 under JBoss channel which may be in conflict with EPEL guidelines. > then i just went to the jpackage release cause i needed to finish what i > was doing. OT: hmm. My past experience with Jpackage+RHEL was a mixed bag with conflicting packages and rather peculiar resulting install sets (mix of RHEL and Jpackage rpm's). Have you used "yum-plugin-priorities" to get around those conflicts? > > -greg > > > On Thu, Dec 6, 2012 at 9:21 AM, Dmitry Makovey wrote: > >> >> Hi EPEL'ers, >> >> I've noticed that tomcat-7.x is in Fedora and I would like to ask >> whether it is possible to add it to EPEL ? While tomcat is >> self-contained it may be that some of the dependencies may have to be >> bumped from their RHEL versions. Does anybody knows bit more detail >> before I dive into the subject of bringing tomcat7 to RHEL6 platform? >> Would this be considered a conflict with RHEL channels? What if the name >> have been changed? >> >> -- >> Dmitry Makovey >> Web Systems Administrator >> Athabasca University >> (780) 675-6245 >> --- >> Confidence is what you have before you understand the problem >> Woody Allen >> >> When in trouble when in doubt run in circles scream and shout >> http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 >> >> >> _______________________________________________ >> epel-devel-list mailing list >> epel-devel-list at redhat.com >> https://www.redhat.com/mailman/listinfo/epel-devel-list >> > > > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list > -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From gregswift at gmail.com Thu Dec 6 19:56:37 2012 From: gregswift at gmail.com (Greg Swift) Date: Thu, 6 Dec 2012 13:56:37 -0600 Subject: tomcat7 ? In-Reply-To: <50C0F694.6080606@athabascau.ca> References: <50C0B7F1.3040208@athabascau.ca> <50C0F694.6080606@athabascau.ca> Message-ID: On Thu, Dec 6, 2012 at 1:48 PM, Dmitry Makovey wrote: > On 12/06/2012 10:25 AM, Greg Swift wrote: > > I did just look at this a little this week. Here is what I noticed: > > > > 1: jakarta-commons versus apache-commons > > 2: buildRequires circular dependency of tomcat7 -> geronimo-jaxrpc -> > > servlet (which tomcat7 provides) > > which SPEC files were you using? rhel:tomcat6.spec + version bump, or > fedora:tomcat.spec or jpackage:tomcat7.spec ? Just curious about the > starting point. My idea was to grab Fedora's spec and massage it into > submission. Main point (aside from libraries & their versions) would > probably be the startup script as RHEL doesn't use systemd. But that > should be easy to address and possibly plead for conditional SPEC file > with RHEL-based builds using init.d startup vs Fedora's systemd. > So I started with the fedora:tomcat.spec. The init scripts are actually still there in a sub package, which is handy. I had forgotten that I pulled all the systemd stuph out and moved the sysv bits back into the base package. here is the spec: http://nytefyre.net/rpms/tomcat.spec so, obviously, it doesn't work. > However it's still unclear whether EPEL would be the place for such > build as RHN offers tomcat7 under JBoss channel which may be in conflict > with EPEL guidelines. > does the JBoss channel count as a conflict? I thought based on the recent discussions that it didn't. > > then i just went to the jpackage release cause i needed to finish what i > > was doing. > > OT: > hmm. My past experience with Jpackage+RHEL was a mixed bag with > conflicting packages and rather peculiar resulting install sets (mix of > RHEL and Jpackage rpm's). Have you used "yum-plugin-priorities" to get > around those conflicts? > > I didn't run into any dependency issues at this point, and we were previously using a more limited locally packaged version. We'd definitely prefer an EPEL version to just negate that risk. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin at scrye.com Thu Dec 6 20:05:15 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Thu, 6 Dec 2012 13:05:15 -0700 Subject: RFC: Rethinking EPEL at FUDcon Lawrence 2013 In-Reply-To: References: <20121123094708.77f5cc14@zaphod.usersys.redhat.com> <50AF4164.1030806@matthias-runge.de> <50BF6124.1090504@redhat.com> <20121205153304.GA14022@disco.bu.edu> <20121205165335.2fbc6950@jelerak.scrye.com> <20121206175856.GA777@disco.bu.edu> Message-ID: <20121206130515.50eae6bf@jelerak.scrye.com> A few more questions: - Who is going to write/maintain this plugin? :) - How do you plan on making sure everyone using EPEL is using the plugin? Have a Requires in epel-release? That strikes me as pretty ugly. - Who is going to update all the compose/build tools/scripts to handle this metadata. - How is the metadata added? By maintainer? What if they don't update it? - What are the metadata keywords? * Breakable = excluding this update because it needs intervention * Insecure = this package is no longer updated and insecure ? - How do you handle trains of updates? foo-1.0-1 pushes out to stable