Fedora EPEL 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Jul 21 00:23:50 UTC 2012 

The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6468/dropbear-0.55-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6453/nsd-3.2.12-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6374/rt3-3.8.13-1.el6.2
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6432/puppet-2.6.17-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6469/openstack-nova-2012.1.1-4.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6408/ganglia-3.1.7-6.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6422/mediawiki119-1.19.1-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    cmake-fedora-1.0.0-1.el6
    dropbear-0.55-1.el6
    erlang-js-1.0.2-4.el6
    gprof2dot-1.0-0.8.20120720git56961.el6
    jove-4.16.0.73-4.el6
    mozilla-adblockplus-2.1.2-1.el6
    nagios-plugins-1.4.16-2.el6
    openstack-nova-2012.1.1-4.el6
    php-horde-Horde-Http-1.1.1-1.el6
    php-horde-Horde-Stream-Wrapper-1.0.1-3.el6
    php-horde-Horde-Support-1.0.2-2.el6
    php-horde-Horde-Url-1.0.2-1.el6
    php-horde-Horde-Util-1.4.0-1.el6
    python-cherrypy2-2.3.0-17.el6
    sticky-notes-0.3.09062012.4-7.el6
    unzoo-4.4-7.el6

Details about builds:


================================================================================
 cmake-fedora-1.0.0-1.el6 (FEDORA-EPEL-2012-6470)
 CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:

- Greatly simplified the modules design and usage.
- Release version are now defined in cmake-fedora.conf
for easy maintenance.
- Fix the MANAGE_MESSAGE_LEVEL
- koji scratch builds are run only once before tagging.
- CVS support is removed.
- New command: koji-build-scratch for scratch build on all supported
releases.
- New module: ManageTarget
- New function: SETTING_STRING_GET_VARIABLE
- New macro: ADD_CUSTOM_TARGET_COMMAND
- Macros changed behavior:
MANAGE_ZANATA: Arguments are changed.
- Target changed: changelog_update are now separate as:
+ changelog_prev_update: Update ChangeLog.prev
+ rpm_changelog_prev_update: Update RPM-ChangeLog.prev
- Command renamed:
+ cmake-fedora-newprj.sh to cmake-fedora-newprj
- Module renamed:
+ ManageReleaseOnFedora to ManageReleaseFedora
+ ManageMaintainerTargets to ManageUpload
+ PackSource to ManageArchive
+ PackRPM to ManageRPM
+ UseGConf to ManageGConf
+ UseDoxygen to ManageAPIDoc
- Function renamed:
+ LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE
- Macro renamed:
+ PACK_SOURCE to PACK_SOURCE_ARCHIVE
+ USE_MOCK to RPM_MOCK_BUILD
+ USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN
+ USE_GETTEXT to MANAGE_GETTEXT
+ USE_ZANATA to MANAGE_ZANATA
- Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES
- RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora,
and "epel" for current epel.
- ChangeLog generation rewritten, target version_check no longer need.
- Removed target: version_check
- Variable Removed:
FEDORA_NEXT_RELEASE
FEDORA_NEXT_RELEASE_TAGS
FEDORA_LATEST_RELEASE
FEDORA_PREVIOUS_RELEASE
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 19 2012 Ding-Yi Chen <dchen at redhat.com> - 1.0.0-1
- Greatly simplified the modules design and usage.
- Release version are now defined in cmake-fedora.conf
  for easy maintenance.
- Fix the MANAGE_MESSAGE_LEVEL
- koji scratch builds are run only once before tagging.
- CVS support is removed.
- New command: koji-build-scratch for scratch build on all supported
  releases.
- New module: ManageTarget
- New function: SETTING_STRING_GET_VARIABLE
- New macro: ADD_CUSTOM_TARGET_COMMAND
- Macros changed behavior:
  MANAGE_ZANATA: Arguments are changed.
- Target changed: changelog_update are now separate as:
  + changelog_prev_update: Update ChangeLog.prev
  + rpm_changelog_prev_update: Update RPM-ChangeLog.prev
- Command renamed:
  + cmake-fedora-newprj.sh to cmake-fedora-newprj
- Module renamed:
  + ManageReleaseOnFedora to ManageReleaseFedora
  + ManageMaintainerTargets to ManageUpload
  + PackSource to ManageArchive
  + PackRPM to ManageRPM
  + UseGConf to ManageGConf
  + UseDoxygen to ManageAPIDoc
- Function renamed:
  + LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE
- Macro renamed:
  + PACK_SOURCE to PACK_SOURCE_ARCHIVE
  + USE_MOCK to RPM_MOCK_BUILD
  + USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN
  + USE_GETTEXT to MANAGE_GETTEXT
  + USE_ZANATA to MANAGE_ZANATA
- Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES
- RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora,
  and "epel" for current epel.
- ChangeLog generation rewritten, target version_check no longer need.
- Removed target: version_check
- Variable Removed:
  FEDORA_NEXT_RELEASE
  FEDORA_NEXT_RELEASE_TAGS
  FEDORA_LATEST_RELEASE
  FEDORA_PREVIOUS_RELEASE
--------------------------------------------------------------------------------


================================================================================
 dropbear-0.55-1.el6 (FEDORA-EPEL-2012-6468)
 SSH2 server and client
--------------------------------------------------------------------------------
Update Information:

Update to 0.55, fix CVE-2012-0920.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  1 2012 Itamar Reis Peixoto <itamar at ispbrasil.com.br> - 0.55-1
- new version 2012.55
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.52-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.52-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #783776 - 2011.54 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=783776
  [ 2 ] Bug #800657 - CVE-2012-0920 dropbear: use-after-free vulnerability [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=800657
  [ 3 ] Bug #800656 - CVE-2012-0920 dropbear: use-after-free vulnerability [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=800656
--------------------------------------------------------------------------------


================================================================================
 erlang-js-1.0.2-4.el6 (FEDORA-EPEL-2012-6471)
 A Friendly Erlang to Javascript Binding
--------------------------------------------------------------------------------
Update Information:

- Fix building releases using rebar
- Fix dependencides (add _isa)
- Drop EL5-related stuff
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Peter Lemenkov <lemenkov at gmail.com> - 1.0.2-4
- Fix building releases using rebar
- Fix dependencides (add _isa)
- Drop EL5-related stuff
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 gprof2dot-1.0-0.8.20120720git56961.el6 (FEDORA-EPEL-2012-6465)
 Generate dot graphs from the output of several profilers
--------------------------------------------------------------------------------
Update Information:

Update from upstream that handles perf format data
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Toshio Kuratomi <toshio at fedoraproject.org> - 1.0-0.8.20120720git56961
- Update to solve https://bugzilla.redhat.com/show_bug.cgi?id=821864 (support perf)
- Upstream has switched to a git repo
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-0.7.20100708hg89
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-0.6.20100708hg89
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-0.5.20100708hg89
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #821864 - gprof2dot package does not support perf format
        https://bugzilla.redhat.com/show_bug.cgi?id=821864
--------------------------------------------------------------------------------


================================================================================
 jove-4.16.0.73-4.el6 (FEDORA-EPEL-2012-6476)
 Jonathan's Own Version of Emacs
--------------------------------------------------------------------------------
Update Information:

Initial release for jove (Jonathan's Own Version of Emacs)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #830581 - Review Request: jove - Jonathan's Own Version of Emacs
        https://bugzilla.redhat.com/show_bug.cgi?id=830581
--------------------------------------------------------------------------------


================================================================================
 mozilla-adblockplus-2.1.2-1.el6 (FEDORA-EPEL-2012-6474)
 Adblocking extension for Mozilla Firefox, Thunderbird, and Seamonkey
--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.1.2.

Mostly performance improvements.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-1.4.16-2.el6 (FEDORA-EPEL-2012-6472)
 Host/service/network monitoring program plugins for Nagios
--------------------------------------------------------------------------------
Update Information:

Update to version 1.4.16; Provides bundled(gnulib) (#821779).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  9 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.16-2
- Provides bundled(gnulib) (#821779)
* Mon Jul  9 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.16-1
- Update to version 1.4.16
- Dropped nagios-plugins-0005-Patch-for-check_linux_raid-with-on-linear-raid0-arra.patch
  (upstream).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #821779 - nagios-plugins: Gnulib bundled but no bundled(gnulib) provides
        https://bugzilla.redhat.com/show_bug.cgi?id=821779
--------------------------------------------------------------------------------


================================================================================
 openstack-nova-2012.1.1-4.el6 (FEDORA-EPEL-2012-6469)
 OpenStack Compute (nova)
--------------------------------------------------------------------------------
Update Information:

- Update to latest essex stable branch

- Enable auto cleanup of old cached instance images
- Fix ram_allocation_ratio based over subscription
- Expose over quota exceptions via native API
- Return 413 status on over quota in the native API
- Fix call to network_get_all_by_uuids
- Fix libvirt get_memory_mb_total with xen
- Use compute_api.get_all in affinity filters (CVE-2012-3371)
- Use default qemu img cluster size in libvirt connect
- Ensure libguestfs has completed before proceeding

- Distinguish volume overlimit exceptions
- Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361)
- Support injecting new .ssh/authorized_keys files to SELinux enabled guests
- Improve performance and stability of file injection
- add upstart jobs, alternative to sysv initscripts
- fix an exception caused by the fix for CVE-2012-2654
- fix the encoding of the dns_domains table (requires a db sync)
- fix a crash due to a nova services startup race (#825051)
- Fix for protocol case handling (CVE-2012-2654)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-4
- Enable auto cleanup of old cached instance images
- Fix ram_allocation_ratio based over subscription
- Expose over quota exceptions via native API
- Return 413 status on over quota in the native API
- Fix call to network_get_all_by_uuids
- Fix libvirt get_memory_mb_total with xen
- Use compute_api.get_all in affinity filters (CVE-2012-3371)
- Use default qemu img cluster size in libvirt connect
- Ensure libguestfs has completed before proceeding
* Thu Jul  5 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-3
- Distinguish volume overlimit exceptions
- Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361)
* Wed Jun 27 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-2
- Update to latest essex stable branch
- Support injecting new .ssh/authorized_keys files to SELinux enabled guests
* Fri Jun 22 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-1
- Update to essex stable release 2012.1.1
- Improve performance and stability of file injection
- add upstart jobs, alternative to sysv initscripts
* Fri Jun 15 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-12
- update performance and stability fixes from essex stable
* Mon Jun 11 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-11
- fix an exception caused by the fix for CVE-2012-2654
- fix the encoding of the dns_domains table (requires a db sync)
- fix a crash due to a nova services startup race (#825051)
* Fri Jun  8 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-10
- Enable libguestfs image inspection
* Wed Jun  6 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-9
- Sync up with Essex stable branch, including...
- Fix for protocol case handling (#829441, CVE-2012-2654)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #839407 - CVE-2012-3371 OpenStack-Nova: Scheduler denial of service through scheduler_hints [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=839407
  [ 2 ] Bug #825052 - Restarting nova-network removes ip packet filters
        https://bugzilla.redhat.com/show_bug.cgi?id=825052
  [ 3 ] Bug #825051 - qpid timeout causing compute service to crash
        https://bugzilla.redhat.com/show_bug.cgi?id=825051
  [ 4 ] Bug #829441 - CVE-2012-2654 OpenStack Nova security groups fail to be set correctly [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=829441
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Http-1.1.1-1.el6 (FEDORA-EPEL-2012-6473)
 Horde HTTP libraries
--------------------------------------------------------------------------------
Update Information:

New Horde packages for el6
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Stream-Wrapper-1.0.1-3.el6 (FEDORA-EPEL-2012-6473)
 Horde Stream wrappers
--------------------------------------------------------------------------------
Update Information:

New Horde packages for el6
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Support-1.0.2-2.el6 (FEDORA-EPEL-2012-6473)
 Horde support package
--------------------------------------------------------------------------------
Update Information:

New Horde packages for el6
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Url-1.0.2-1.el6 (FEDORA-EPEL-2012-6473)
 Horde Url class
--------------------------------------------------------------------------------
Update Information:

New Horde packages for el6
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Util-1.4.0-1.el6 (FEDORA-EPEL-2012-6473)
 Horde Utility Libraries
--------------------------------------------------------------------------------
Update Information:

New Horde packages for el6
--------------------------------------------------------------------------------


================================================================================
 python-cherrypy2-2.3.0-17.el6 (FEDORA-EPEL-2012-6466)
 Pythonic, object-oriented web development framework
--------------------------------------------------------------------------------
Update Information:

* Keep server from dieing when it receives EPIPE.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Toshio Kuratomi <toshio at fedoraproject.org> - 2.3.0-17
- Catch EPIPE's provoked by clients. (dcallagh)
  https://bugzilla.redhat.com/show_bug.cgi?id=795984
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Aug  2 2010 Martin Bacovsky <mbacovsk at redhat.com> - 2.3.0-14
- fixed hanging of test framework on failing tests (on python 2.7)
* Fri Jul 30 2010 Martin Bacovsky <mbacovsk at redhat.com> - 2.3.0-13
- fixed tests failing on python 2.7
* Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com> - 2.3.0-12
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #795984 - CherryPy WSGI server does not handle EPIPE
        https://bugzilla.redhat.com/show_bug.cgi?id=795984
--------------------------------------------------------------------------------


================================================================================
 sticky-notes-0.3.09062012.4-7.el6 (FEDORA-EPEL-2012-6479)
 Sticky notes is a free and open source paste-bin application
--------------------------------------------------------------------------------
Update Information:

Fix some packaging issues
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Athmane Madjoudj <athmane at fedoraproject.org> 0.3.09062012.4-7
- Remove exec perms on files
* Fri Jul 20 2012 Athmane Madjoudj <athmane at fedoraproject.org> 0.3.09062012.4-6
- Remove defattr to avoid bug #481363.
- Remove clean section
--------------------------------------------------------------------------------


================================================================================
 unzoo-4.4-7.el6 (FEDORA-EPEL-2012-6467)
 ZOO archive extractor
--------------------------------------------------------------------------------
Update Information:

Add unzoo to EPEL-6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #837933 - Please build latest unzoo for EPEL 5 and 6
        https://bugzilla.redhat.com/show_bug.cgi?id=837933
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list