Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu May 24 15:55:44 UTC 2012
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5944/python-tornado-2.2.1-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5854/perl-Config-IniFiles-2.72-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5955/socat-1.7.2.1-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5960/moodle-2.1.6-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
erlang-gen_leader-1.0-1.el6
gitolite3-3.03-1.el6
ldns-1.6.13-1.el6
moodle-2.1.6-1.el6
rubygem-aws-sdk-1.4.1-1.el6
rubygem-aws-sdk-1.4.1-2.el6
socat-1.7.2.1-1.el6
zeroinstall-injector-1.8-1.el6
Details about builds:
================================================================================
erlang-gen_leader-1.0-1.el6 (FEDORA-EPEL-2012-5957)
A leader election behavior modeled after gen_server
--------------------------------------------------------------------------------
Update Information:
* First stable release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 22 2012 Peter Lemenkov <lemenkov at gmail.com> - 1.0-1
- Ver. 1.0
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0-0.4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0-0.3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gitolite3-3.03-1.el6 (FEDORA-EPEL-2012-5954)
Highly flexible server for git directory version tracker
--------------------------------------------------------------------------------
Update Information:
3.03.
New upstream.
New package for gitolite 3.01.
New package for gitolite 3.01.
New package for gitolite 3.01.
New upstream.
New package for gitolite 3.01.
New package for gitolite 3.01.
New package for gitolite 3.01.
New upstream.
New package for gitolite 3.01.
New package for gitolite 3.01.
New package for gitolite 3.01.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #821838 - Review Request: gitolite3 - Highly flexible server for git directory version tracker
https://bugzilla.redhat.com/show_bug.cgi?id=821838
--------------------------------------------------------------------------------
================================================================================
ldns-1.6.13-1.el6 (FEDORA-EPEL-2012-5956)
Lowlevel DNS(SEC) library with API
--------------------------------------------------------------------------------
Update Information:
Various minor bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 21 2012 Paul Wouters <pwouters at redhat.com> - 1.6.13-1
- Upgraded to 1.6.13, bugfix release
- Added --disable-ecdsa as ECC is still banned
- Removed --with-sha2 - it is always enabled and option was removed
--------------------------------------------------------------------------------
================================================================================
moodle-2.1.6-1.el6 (FEDORA-EPEL-2012-5960)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
CVE-2012-2353 MSA-12-0024: Hidden information access issue
CVE-2012-2354 MSA-12-0025: Personal communication access issue
CVE-2012-2355 MSA-12-0026: Quiz capability issue
CVE-2012-2356 MSA-12-0027: Question bank capability issues
CVE-2012-2357 MSA-12-0028: Insecure authentication issue
CVE-2012-2358 MSA-12-0029: Information editing access issue
CVE-2012-2359 MSA-12-0030: Capability manipulation issue
CVE-2012-2360 MSA-12-0031: Cross-site scripting vulnerability in Wiki
CVE-2012-2361 MSA-12-0032: Cross-site scripting vulnerability in Web services
CVE-2012-2362 MSA-12-0033: Cross-site scripting vulnerability in Blog
CVE-2012-2363 MSA-12-0034: Potential SQL injection issue
CVE-2012-2364 MSA-12-0035: Cross-site scripting vulnerability in "download all"
CVE-2012-2365 MSA-12-0036: Cross-site scripting vulnerability in category identifier
CVE-2012-2366 MSA-12-0037: Write access issue in Database activity module
CVE-2012-2367 MSA-12-0038: Calendar event write permission issue
Correct CAS unbundling.
Drop bundled language packs.
New upstreams, multiple vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Jon Ciesla <limburgher at gmail.com> - 2.1.6-1
- 2.1.6, security fixes, BZ 824482.
* Thu May 10 2012 Jon Ciesla <limburgher at gmail.com> - 2.1.5-3
- Fixed CAS unbundling per rcollet.
* Wed May 9 2012 Jon Ciesla <limburgher at gmail.com> - 2.1.5-2
- Dropped bundled language packs, BZ 748958.
* Mon Apr 2 2012 Jon Ciesla <limburgher at gmail.com> - 2.1.5-1
- New upstream, BZ 809227.
--------------------------------------------------------------------------------
================================================================================
rubygem-aws-sdk-1.4.1-1.el6 (FEDORA-EPEL-2012-5952)
AWS SDK for Ruby
--------------------------------------------------------------------------------
Update Information:
Update rubygem-aws-sdk in EPEL to latest version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Brett Lentz <blentz at redhat.com> - 1.4.1-1
- Upstream release 1.4.1
* Thu Mar 15 2012 Brett Lentz <blentz at redhat.com> - 1.3.7-1
- Upstream release 1.3.7
--------------------------------------------------------------------------------
================================================================================
rubygem-aws-sdk-1.4.1-2.el6 (FEDORA-EPEL-2012-5953)
AWS SDK for Ruby
--------------------------------------------------------------------------------
Update Information:
Updated aws-sdk for el6
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Brett Lentz <blentz at redhat.com> - 1.4.1-2
- Re-add dropped patch to fix nokogiri deps.
* Wed May 23 2012 Brett Lentz <blentz at redhat.com> - 1.4.1-1
- Upstream release 1.4.1
* Thu Mar 15 2012 Brett Lentz <blentz at redhat.com> - 1.3.7-1
- Upstream release 1.3.7
--------------------------------------------------------------------------------
================================================================================
socat-1.7.2.1-1.el6 (FEDORA-EPEL-2012-5955)
Bidirectional data relay between two data channels ('netcat++')
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2012-0219 heap-based buffer overflow
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Paul Wouters <pwouters at redhat.com> - 1.7.2.1-1
- Updated to 1.7.2.1 for CVE-2012-0219, rhbz#821554, rhbz#821688
- Remove patch merged upstream
- Remove --disable-fips from configure
- Added socat-1.7.2.1-errqueue.patch
--------------------------------------------------------------------------------
================================================================================
zeroinstall-injector-1.8-1.el6 (FEDORA-EPEL-2012-5959)
The Zero Install Injector (0launch)
--------------------------------------------------------------------------------
Update Information:
Latest upstream release; see
http://article.gmane.org/gmane.comp.file-systems.zero-install.devel/5866
for details.
New features:
- Warn about replaced interfaces in "0install update".
- Attempting to create an alias to a replaced interface uses the replacement.
- Allow <command> inside <package-implementation>.
Many bug fixes; see http://article.gmane.org/gmane.comp.file-systems.zero-install.devel/5493 for details
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Michel Salim <salimma at fedoraproject.org> - 1.8-1
- Update to 1.8
* Tue Apr 24 2012 Michel Salim <salimma at fedoraproject.org> - 1.7-1
- Update to 1.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #789695 - zeroinstall-injector-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=789695
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list