Fedora EPEL 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Fri Mar 16 19:26:25 UTC 2012 

The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0728/libpng10-1.0.58-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.14-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0763/php-pear-CAS-1.3.0-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0795/nginx-1.0.14-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    lcgdm-dav-0.7.0-1.el6
    nagios-plugins-lcgdm-0.7.0-1.el6
    nginx-1.0.14-1.el6

Details about builds:


================================================================================
 lcgdm-dav-0.7.0-1.el6 (FEDORA-EPEL-2012-0794)
 HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:

This update follows a new upstream release - 0.7.0 - and fixes bug #803063 (dependency on httpd-mmn for lcgdm-dav-server).
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 16 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.7.0-1
- Update for new upstream release
- Added dependency on httpd-mmn for lcgdm-dav-server (bug #803063)
* Fri Feb 10 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.5.4-3
- Rebuilt for updated gsoap dependencies
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #803063 - Missing Requires: httpd-mmn
        https://bugzilla.redhat.com/show_bug.cgi?id=803063
--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-lcgdm-0.7.0-1.el6 (FEDORA-EPEL-2012-0796)
 Nagios probes to be run remotely against DPM / LFC nodes
--------------------------------------------------------------------------------
Update Information:

This update follows a new upstream release, and stops production of debuginfo packages (fix for bug #756827).
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 16 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.7.0-1
- Update for new upstream release
- Do not generate a debuginfo package (bug #756827)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #756827 - nagios-plugins-lcgdm-debuginfo is empty
        https://bugzilla.redhat.com/show_bug.cgi?id=756827
--------------------------------------------------------------------------------


================================================================================
 nginx-1.0.14-1.el6 (FEDORA-EPEL-2012-0795)
 A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:

Update to upstream release 1.0.14 to fix: malformed HTTP response headers leads to information leak.
Update to upstream release 1.0.13
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 15 2012 Jamie Nguyen <jamie at tomoyolinux.co.uk> - 1.0.14-1
- update to upstream release 1.0.14
- CVE-2012-1180 (#803856)
* Sun Mar  4 2012 Jamie Nguyen <jamie at tomoyolinux.co.uk> - 1.0.13-2
- remove incorrect BR
* Sat Mar  3 2012 Jamie Nguyen <jamie at tomoyolinux.co.uk> - 1.0.13-1
- update to upstream release 1.0.13
- general spec file cleanup to match rawhide (for easier diff), including:
- replace %define with %global
- amend nginx.init and nginx.conf
- amend %pre scriptlet to match with guidelines
- remove obsolete BuildRoot tag, %clean section and %defattr
- remove various unnecessary commands
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #803856 - CVE-2012-1180 nginx: malformed HTTP response headers leads to information leak
        https://bugzilla.redhat.com/show_bug.cgi?id=803856
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list