From updates at fedoraproject.org Mon Oct 1 19:03:19 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 01 Oct 2012 19:03:19 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121001190319.EE5D120EC6@bastion01.phx2.fedoraproject.org> The following builds have been pushed to Fedora EPEL 5 updates-testing freerdp-1.0.1-8.el5 libyubikey-1.9-1.el5 perl-LWP-Authen-Negotiate-0.08-1.el5 Details about builds: ================================================================================ freerdp-1.0.1-8.el5 (FEDORA-EPEL-2012-13063) Remote Desktop Protocol client -------------------------------------------------------------------------------- Update Information: Backport minor fixes from el6 -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 30 2012 Mads Kiilerich - 1.0.1-8 - add --vendor= to please el5 vendor requirement * Sun Sep 30 2012 Mads Kiilerich - 1.0.1-7 - backport / merge from el6 -------------------------------------------------------------------------------- ================================================================================ libyubikey-1.9-1.el5 (FEDORA-EPEL-2012-13068) C library for decrypting and parsing Yubikey One-time passwords -------------------------------------------------------------------------------- Update Information: New upstream release 1.9 with memory leak and rpath fixes, gnulib update -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 1 2012 - Maxim Burgerhout - 1.9-1 - New upstream release 1.9 with memory leak and rpath fixes, gnulib update -------------------------------------------------------------------------------- ================================================================================ perl-LWP-Authen-Negotiate-0.08-1.el5 (FEDORA-EPEL-2012-13066) GSSAPI based Authentication Plugin for LWP -------------------------------------------------------------------------------- Update Information: First additions of perl-LWP-Authen-Negotiate to Fedora and EPEL. -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 1 19:03:19 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 01 Oct 2012 19:03:19 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121001190319.E332C20E5C@bastion01.phx2.fedoraproject.org> The following builds have been pushed to Fedora EPEL 6 updates-testing freerdp-1.0.1-7.el6 pass-1.4.1-1.el6 pencil-2.0.1-1.el6 perl-LWP-Authen-Negotiate-0.08-1.el6 python-django-helpdesk-0.1.7b-3.el6 rubygem-puppet-lint-0.2.1-3.el6 Details about builds: ================================================================================ freerdp-1.0.1-7.el6 (FEDORA-EPEL-2012-13062) Remote Desktop Protocol client -------------------------------------------------------------------------------- Update Information: Backport fixes from f17+ -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 30 2012 Mads Kiilerich - 1.0.1-7 - merge f17 1.0.1-6 - Backport fix for bug 816692 * Thu Jul 19 2012 Fedora Release Engineering - 1.0.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Feb 29 2012 Mads Kiilerich - 1.0.1-5 - Use new upstream tar with standard naming - Use _isa for subpackage dependencies * Tue Feb 28 2012 Mads Kiilerich - 1.0.1-4 - Include patch for sending invalid extra data * Tue Feb 28 2012 Mads Kiilerich - 1.0.1-3 - Install a freedesktop .desktop file and a high-res icon instead of relying on _NET_WM_ICON -------------------------------------------------------------------------------- ================================================================================ pass-1.4.1-1.el6 (FEDORA-EPEL-2012-13069) A password manager using standard Unix tools -------------------------------------------------------------------------------- Update Information: Update to 1.4.1 and fix the Requirement to gpg2 pass is a unix password manager -------------------------------------------------------------------------------- References: [ 1 ] Bug #855283 - Review Request: pass - A unix password manager using standard tools https://bugzilla.redhat.com/show_bug.cgi?id=855283 -------------------------------------------------------------------------------- ================================================================================ pencil-2.0.1-1.el6 (FEDORA-EPEL-2012-13061) A sketching and GUI prototyping tool -------------------------------------------------------------------------------- Update Information: Initial update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #832635 - Review Request: pencil - A sketching and GUI prototyping tool https://bugzilla.redhat.com/show_bug.cgi?id=832635 -------------------------------------------------------------------------------- ================================================================================ perl-LWP-Authen-Negotiate-0.08-1.el6 (FEDORA-EPEL-2012-13065) GSSAPI based Authentication Plugin for LWP -------------------------------------------------------------------------------- Update Information: First additions of perl-LWP-Authen-Negotiate to Fedora and EPEL. -------------------------------------------------------------------------------- ================================================================================ python-django-helpdesk-0.1.7b-3.el6 (FEDORA-EPEL-2012-13067) A Django powered ticket tracker for small enterprise -------------------------------------------------------------------------------- Update Information: A Django powered ticket tracker for small enterprise -------------------------------------------------------------------------------- References: [ 1 ] Bug #858025 - Review Request: python-django-helpdesk - A Django powered ticket tracker for small enterprise https://bugzilla.redhat.com/show_bug.cgi?id=858025 -------------------------------------------------------------------------------- ================================================================================ rubygem-puppet-lint-0.2.1-3.el6 (FEDORA-EPEL-2012-13064) Ensure your Puppet manifests conform with the Puppetlabs style guide -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #786249 - Review Request: rubygem-puppet-lint - Tool to verify the style of puppet manifests https://bugzilla.redhat.com/show_bug.cgi?id=786249 -------------------------------------------------------------------------------- From updates at fedoraproject.org Wed Oct 3 17:03:56 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 03 Oct 2012 17:03:56 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121003170356.53988209FD@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 164 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 86 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 59 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13038/openstack-swift-1.4.8-5.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12970/moodle-2.1.8-1.el6 27 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12829/python-django-horizon-2012.1.1-2.el6 34 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 352 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing autotest-framework-0.14.3-1.el6 fedmsg-0.5.2-1.el6 firehol-1.273-10.1.el6 hiera-1.0.0-3.el6 python-moksha-hub-1.0.4-1.el6 python-pyramid-1.2.7-5.el6 python-txzmq-0.5.2-1.el6 salt-0.10.3-1.el6 shellinabox-2.14-14.el6 sx-2.12-1.el6 Details about builds: ================================================================================ autotest-framework-0.14.3-1.el6 (FEDORA-EPEL-2012-13081) Framework for fully automated testing -------------------------------------------------------------------------------- Update Information: Autotest is a framework for fully automated testing -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.5.2-1.el6 (FEDORA-EPEL-2012-13075) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: New upstream with various enhancement and bugfixes. Misc bugfixes and enhancements. Rely on the latest python-moksha-hub. Bugfix to fedmsg.encoding Fix fedmsg-gateway. Enhancements to fedmsg.encoding. Convenient default config for end users. 0.3.8 new commands, options, and enhanced API. Unicode bugfix. repr enhancements. IRC colors, fedmsg2repr updates, and removed fedmsg-status threadsafety and licensing 0.3.1 for msg2repr updates and fedmsg-logger grepping. Bugfix to -logger and enhancement to -irc Require latest moksha. API enhancement. 0.2.5 with more realistic X509 capacity 0.2.4 with fix for disabled ssl 0.2.3 with upstream typo fixes Added deps on m2crypto and python-m2ext /var/log/fedmsg wasn't being created correctly. Require moksha >= 0.8.3. python-argparse fix for epel-6. Bugfix - Added a forgotten new requirement on python-requests. Fix to creation of /var/run/fedmsg. Remove unnecessary %%ghost on /var/run/fedmsg Nicer messages from fedmsg-irc. New fedmsg.text.msg2repr. bugfix to fedmsg.text. fedmsg.text updates for scm. thread safety bugfix for fedmsg-tail and fedmsg.text items from lmacken -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 3 2012 Ralph Bean - 0.5.2-1 - Allow timeout when connecting to a non-existant fedmsg-relay - fedmsg.text entries for new lookaside messages - fedmsg.text groundwork support for icons - Enhancements to the docs - Fixed regression in fedmsg-irc * Thu Sep 27 2012 Ralph Bean - 0.5.1-1 - Fixed links in meetbot reprs - fedmsg.text entries for pkgdb2branch and releng - unicode bugfix for fedmsg-tail --terse - Fix bug alongside python-moksha-hub-1.0.3-1 - New defaults fedora-infrastructure endpoints - Improved docs - Links to real diffs for mediawiki messages - Specifiable and longer default tcp timeout for fedmsg-irc - Improved config parsing for fedmsg-irc - Bugfix to git-hook; ignore pushed tags instead of crashing - Allow inner context to be destroyed and recreated inside a thread * Thu Sep 27 2012 Ralph Bean - 0.5.0-2 - Require python-pygments. * Wed Sep 19 2012 Ralph Bean - 0.5.0-1 - Depend on new Moksha - Massive docs improvement. - Minor API simplification. - Suppress some annoying warnings from fedmsg-tail. * Fri Aug 31 2012 Ralph Bean - 0.4.0-1 - Bugfix to fedmsg.encoding. * Fri Aug 31 2012 Ralph Bean - 0.3.9-1 - Bugfix to fedmsg-gateway. - to_json utility for sqlalchemy. - More convenient default config for end users. * Thu Aug 23 2012 Ralph Bean - 0.3.8-1 - fedmsg-gateway command, new! - Improved thread cleanup with weakref. - --terse option for fedmsg-tail - Meetbot text processing support. - Update to consumer API.. systematized enablement. * Fri Aug 17 2012 Ralph Bean - 0.3.6-1 - Expanded reprs. Support for fedoratagger-0.2.2-1 messages. - Unicode bugfix. * Tue Aug 14 2012 Ralph Bean - 0.3.5-1 - IRC colors - fedmsg2repr updates (Luke Macken) - Removed fedmsg-status and the heartbeat producer * Mon Aug 13 2012 Ralph Bean - 0.3.4-1 - Threadsafety bugfixes to fedmsg-tail - New fedmsg.text items from Luke Macken. * Sun Aug 12 2012 Ralph Bean - 0.3.3-1 - thread safety (for bodhi masher) * Wed Aug 8 2012 Ralph Bean - 0.3.2-1 - msg2repr updates for scm. * Wed Aug 8 2012 Ralph Bean - 0.3.1-1 - msg2repr updates - fedmsg-logger grepping. * Tue Aug 7 2012 Ralph Bean - 0.3.0-1 - Bugfix to fedmsg.text. * Tue Aug 7 2012 Ralph Bean - 0.2.9-1 - Upstream update including nicer message for fedmsg-irc. - fedmsg.text.msg2repr * Mon Aug 6 2012 Ralph Bean - 0.2.7-4 - Remove unnecessary %ghost on /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-3 - Hopefully fix to creation of /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-2 - Added a forgotten new requirement on python-requests. * Sun Aug 5 2012 Ralph Bean - 0.2.7-1 - Upstream bugfix to -logger and enhancement to -irc. * Mon Jul 30 2012 Ralph Bean - 0.2.6-2 - Require moksha >= 0.8.8 * Mon Jul 30 2012 Ralph Bean - 0.2.6-1 - Upstream bugfixes and API enhancements. * Thu Jul 19 2012 Fedora Release Engineering - 0.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jul 15 2012 Ralph Bean - 0.2.5-1 - Upstream crypto updates in preparation for a more realistic X509 setup. * Fri Jul 13 2012 Ralph Bean - 0.2.4-1 - Upstream bugfix for when ssl is disabled. * Wed Jul 11 2012 Ralph Bean - 0.2.3-1 - Upstream bump that fixes some typos. * Tue Jul 10 2012 Ralph Bean - 0.2.2-3 - Added deps on python-argparse for py < 2.7 (rhel6) * Sat Jul 7 2012 Ralph Bean - 0.2.2-2 - Added deps on m2crypto and python-m2ext * Sat Jul 7 2012 Ralph Bean - 0.2.2-1 - Update to fedmsg-irc to fix lineRate issues - fedmsg.crypto module - sign and validate messages * Mon Jun 11 2012 Ralph Bean - 0.2.1-2 - Require moksha >= 0.8.3 * Mon Jun 11 2012 Ralph Bean - 0.2.1-1 - Override producers and consumers entry-points in the hub. Should fix a collision that fedmsg-irc is having with fedoracommunity. * Mon Jun 11 2012 Ralph Bean - 0.2.0-4 - Introduce temporary hard dep on orbited. * Mon Jun 11 2012 Ralph Bean - 0.2.0-3 - /var/log/fedmsg wasn't being created correctly. -------------------------------------------------------------------------------- ================================================================================ firehol-1.273-10.1.el6 (FEDORA-EPEL-2012-13074) A powerful yet easy to use iptables frontend -------------------------------------------------------------------------------- Update Information: Updated the get-iana script to work. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Jussi Lehtola - 1.273-10.1 - Removed the special characters from the IANA script. * Tue Oct 2 2012 Jussi Lehtola - 1.273-10 - Updated get-iana.sh script (BZ #861799). * Thu Jul 19 2012 Fedora Release Engineering - 1.273-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Feb 8 2012 Kay Sievers - 1.273-8 - modutils are for Linux 2.4 and no longer provided; depend on kmod * Fri Jan 13 2012 Fedora Release Engineering - 1.273-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Feb 8 2011 Fedora Release Engineering - 1.273-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #861799 - get-iana.sh script out of date https://bugzilla.redhat.com/show_bug.cgi?id=861799 -------------------------------------------------------------------------------- ================================================================================ hiera-1.0.0-3.el6 (FEDORA-EPEL-2012-13032) A simple hierarchical database supporting plugin data sources -------------------------------------------------------------------------------- Update Information: First addition of hiera to fedora and epel. -------------------------------------------------------------------------------- References: [ 1 ] Bug #826520 - Review Request: hiera - A simple hierarchical database supporting plugin data sources https://bugzilla.redhat.com/show_bug.cgi?id=826520 -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.0.4-1.el6 (FEDORA-EPEL-2012-13071) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: Fix duplicate websocket message distribution. Enhancements to the consumer api. Conflict with old moksha. Upstream bugfixes. Initial packaging. -------------------------------------------------------------------------------- ================================================================================ python-pyramid-1.2.7-5.el6 (FEDORA-EPEL-2012-13080) The Pyramid web application framework, a Pylons project -------------------------------------------------------------------------------- Update Information: Added patch to fix requires version for python-paste-script when running on rhel Changed requires from python-webob to python-webob1.2 in rpm spec el6 build -------------------------------------------------------------------------------- References: [ 1 ] Bug #855706 - fix failing el6 build https://bugzilla.redhat.com/show_bug.cgi?id=855706 -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.5.2-1.el6 (FEDORA-EPEL-2012-13076) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: New upstream with new zmq device types. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Ralph Bean - 0.5.2-1 - Latest upstream with new socket types. - Remove old epgm-disabling patch. - Add new egpm-disabling patch. * Sat Jul 21 2012 Fedora Release Engineering - 0.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ salt-0.10.3-1.el6 (FEDORA-EPEL-2012-13079) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: updating to upstream version 0.10.3 and adding systemd rpm macros -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Clint Savage - 0.10.3-1 - Moved to upstream release 0.10.3 - Added systemd scriplets (RHBZ#850408) -------------------------------------------------------------------------------- References: [ 1 ] Bug #850408 - Introduce new systemd-rpm macros in salt spec file https://bugzilla.redhat.com/show_bug.cgi?id=850408 -------------------------------------------------------------------------------- ================================================================================ shellinabox-2.14-14.el6 (FEDORA-EPEL-2012-13070) Web based AJAX terminal emulator -------------------------------------------------------------------------------- Update Information: Implement CSS stylesheets and bugfixing -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 1 2012 Simone Caronni - 2.14-14 - Move user directory and data under /var/lib. * Wed Sep 26 2012 Joel Young - 2.14-13 - Fix variable expansions in init script and service file. * Tue Sep 25 2012 Simone Caronni - 2.14-12 - Really add WorkingDirectory to service files. - Remove postun user deletion leftovers. - Add static files to be customized (as referenced by the man page) in the doc directory. * Mon Sep 24 2012 Simone Caronni - 2.14-11 - Fix RHEL 5 rpm macro. * Thu Sep 13 2012 Simone Caronni - 2.14-10 - Fixes from (Joel Young ): Install supplied css files. Set menu item to turn off ssl as disabled by default. Do not remove user on uninstall. - Simplified spec file. - Split options in the daemon config file. -------------------------------------------------------------------------------- References: [ 1 ] Bug #856860 - css files not installed https://bugzilla.redhat.com/show_bug.cgi?id=856860 -------------------------------------------------------------------------------- ================================================================================ sx-2.12-1.el6 (FEDORA-EPEL-2012-13078) Tool to extract reports and run plug-ins against those extracted reports -------------------------------------------------------------------------------- Update Information: New upstream release to resolve bugs and add new features enhancements. No backward compatibility issues known. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 1 2012 Pierguido Lambri - 2.12-1 - Update to sx-2.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #862292 - Update to sx-2.12 https://bugzilla.redhat.com/show_bug.cgi?id=862292 -------------------------------------------------------------------------------- From updates at fedoraproject.org Wed Oct 3 17:03:57 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 03 Oct 2012 17:03:57 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121003170357.5774D20C6C@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 64 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 34 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 164 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 59 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 59 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13003/moodle-1.9.19-3.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing firehol-1.273-10.1.el5 hiera-1.0.0-3.el5 salt-0.10.3-1.el5 shellinabox-2.14-14.el5 Details about builds: ================================================================================ firehol-1.273-10.1.el5 (FEDORA-EPEL-2012-13072) A powerful yet easy to use iptables frontend -------------------------------------------------------------------------------- Update Information: Updated the get-iana script to work. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Jussi Lehtola - 1.273-10.1 - Removed the special characters from the IANA script. * Tue Oct 2 2012 Jussi Lehtola - 1.273-10 - Updated get-iana.sh script (BZ #861799). * Thu Jul 19 2012 Fedora Release Engineering - 1.273-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Feb 8 2012 Kay Sievers - 1.273-8 - modutils are for Linux 2.4 and no longer provided; depend on kmod * Fri Jan 13 2012 Fedora Release Engineering - 1.273-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Feb 8 2011 Fedora Release Engineering - 1.273-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #861799 - get-iana.sh script out of date https://bugzilla.redhat.com/show_bug.cgi?id=861799 -------------------------------------------------------------------------------- ================================================================================ hiera-1.0.0-3.el5 (FEDORA-EPEL-2012-13059) A simple hierarchical database supporting plugin data sources -------------------------------------------------------------------------------- Update Information: First addition of hiera to fedora and epel. -------------------------------------------------------------------------------- References: [ 1 ] Bug #826520 - Review Request: hiera - A simple hierarchical database supporting plugin data sources https://bugzilla.redhat.com/show_bug.cgi?id=826520 -------------------------------------------------------------------------------- ================================================================================ salt-0.10.3-1.el5 (FEDORA-EPEL-2012-13077) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: updating to upstream version 0.10.3 and adding systemd rpm macros -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Clint Savage - 0.10.3-1 - Moved to upstream release 0.10.3 - Added systemd scriplets (RHBZ#850408) -------------------------------------------------------------------------------- References: [ 1 ] Bug #850408 - Introduce new systemd-rpm macros in salt spec file https://bugzilla.redhat.com/show_bug.cgi?id=850408 -------------------------------------------------------------------------------- ================================================================================ shellinabox-2.14-14.el5 (FEDORA-EPEL-2012-13073) Web based AJAX terminal emulator -------------------------------------------------------------------------------- Update Information: Implement CSS stylesheets and bugfixing -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 1 2012 Simone Caronni - 2.14-14 - Move user directory and data under /var/lib. * Wed Sep 26 2012 Joel Young - 2.14-13 - Fix variable expansions in init script and service file. * Tue Sep 25 2012 Simone Caronni - 2.14-12 - Really add WorkingDirectory to service files. - Remove postun user deletion leftovers. - Add static files to be customized (as referenced by the man page) in the doc directory. * Mon Sep 24 2012 Simone Caronni - 2.14-11 - Fix RHEL 5 rpm macro. * Thu Sep 13 2012 Simone Caronni - 2.14-10 - Fixes from (Joel Young ): Install supplied css files. Set menu item to turn off ssl as disabled by default. Do not remove user on uninstall. - Simplified spec file. - Split options in the daemon config file. -------------------------------------------------------------------------------- References: [ 1 ] Bug #856860 - css files not installed https://bugzilla.redhat.com/show_bug.cgi?id=856860 -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Oct 6 21:26:20 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 06 Oct 2012 21:26:20 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121006212620.93B3D201FE@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 168 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 62 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 62 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13003/moodle-1.9.19-3.el5 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing innotop-1.9.0-3.el5 perl-No-Worries-0.6-1.el5 python-odict-1.5.0-4.el5 validns-0.6-1.el5 Details about builds: ================================================================================ innotop-1.9.0-3.el5 (FEDORA-EPEL-2012-13091) A MySQL and InnoDB monitor program -------------------------------------------------------------------------------- Update Information: Update to version 1.9.0 -------------------------------------------------------------------------------- ================================================================================ perl-No-Worries-0.6-1.el5 (FEDORA-EPEL-2012-13089) Perl coding without worries -------------------------------------------------------------------------------- Update Information: updating to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Massimo Paladin 0.6-1 - Updating to latest upstream version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #862977 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=862977 -------------------------------------------------------------------------------- ================================================================================ python-odict-1.5.0-4.el5 (FEDORA-EPEL-2012-13086) Ordered dictionary -------------------------------------------------------------------------------- Update Information: Version 1.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #862853 - Review Request: python-odict - Ordered dictionary https://bugzilla.redhat.com/show_bug.cgi?id=862853 -------------------------------------------------------------------------------- ================================================================================ validns-0.6-1.el5 (FEDORA-EPEL-2012-13087) DNS and DNSSEC zone file validator -------------------------------------------------------------------------------- Update Information: Fixed DNSSEC support, TYPEXX support -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Paul Wouters - 0.6-0 - Updated to 0.6, which incorporates all patches -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Oct 6 21:26:19 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 06 Oct 2012 21:26:19 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121006212619.8972A201FB@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 168 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 90 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 62 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13038/openstack-swift-1.4.8-5.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12970/moodle-2.1.8-1.el6 31 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12829/python-django-horizon-2012.1.1-2.el6 37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 356 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing dojo-1.8.0-1.el6 gofer-0.74-1.el6 innotop-1.9.0-3.el6 mom-0.3.0-1.el6 mysql-connector-python-1.0.7-1.el6 openstack-swift-plugin-swift3-1.0.0-0.20120711git.el6 perl-No-Worries-0.6-1.el6 php-ZendFramework-1.12.0-1.el6 python-keystoneclient-0.1.3.9-1.el6 python-odict-1.5.0-4.el6 python-warlock-0.4.0-2.el6 validns-0.6-1.el6 Details about builds: ================================================================================ dojo-1.8.0-1.el6 (FEDORA-EPEL-2012-13095) Modular JavaScript toolkit -------------------------------------------------------------------------------- Update Information: Update to Version 1.8.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 18 2012 Felix Kaechele - 1.8.0-1 - update to latest upstream * Wed Jul 18 2012 Fedora Release Engineering - 1.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 1.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gofer-0.74-1.el6 (FEDORA-EPEL-2012-13094) A lightweight, extensible python agent -------------------------------------------------------------------------------- Update Information: Update to gofer 0.74. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 3 2012 Jeff Ortel 0.74-1 - Make watchdog journal object configurable; watchdog singleton by URL only. (jortel at redhat.com) * Thu Sep 13 2012 Jeff Ortel 0.73-1 - Progress reporting enhancements. (jortel at redhat.com) - Add for debugging w/o running as root. (jortel at redhat.com) * Mon Aug 20 2012 Jeff Ortel 0.72-1 - Add unit tests: watchdog test. (jortel at redhat.com) - Add man page for goferd. (jortel at redhat.com) - Replace BlackList with python set. (jortel at redhat.com) - Add progress reporting; watchdog enhancements. (jortel at redhat.com) - remove f15 and add f18 to tito releaser. (jortel at redhat.com) * Tue Jul 31 2012 Jeff Ortel 0.71-1 - Port ruby-gofer to rubygem-qpid. (jortel at redhat.com) - Make /usr/share/gofer/plugins the primary plugin location. Based on fedora packaging guidelines referencing FHS standards. (jortel at redhat.com) - Discontinue {_libdir} macro for plugins. (jortel at redhat.com) * Tue Jun 12 2012 Jeff Ortel 0.70-1 - Refit mocks for reparent of Envelope & Options to (object). (jortel at redhat.com) * Fri Jun 8 2012 Jeff Ortel 0.69-1 - 829767 - fix simplejons 2.2+ issue (fedora 17). Envelope/Options rebased on object rather than dict. (jortel at redhat.com) - Add whiteboard. (jortel at redhat.com) - Fixed 'Undefined variable (s) in XBindings.__bindings(). (jortel at redhat.com) * Thu Apr 26 2012 Jeff Ortel 0.68-1 - Refit watchdog plugin; set journal location; skip directories in journal dir. (jortel at redhat.com) - Make the watchdog journal directory configurable. (jortel at redhat.com) - Add Broker.touch() and rename Topic.binding(). (jortel at redhat.com) - Better support for durable topic subscription. Queue bindings to specified exchanges. (jortel at redhat.com) * Fri Mar 16 2012 Jeff Ortel 0.67-1 - Add (trace) attribute to propagated exceptions. (jortel at redhat.com) - Add traceback info to propagated exceptions as: Exception.trace. (jortel at redhat.com) - Add support for __getitem__ in container and stub. (jortel at redhat.com) - Refactor to crypto (delegate) interface. (jortel at redhat.com) - Support multiple security decorators. (jortel at redhat.com) - perf: asynchronous ack(); tcp_nodelay. (jortel at redhat.com) - Rename 'delayed/trigger' policy property to match option. (jortel at redhat.com) - Rename 'delayed' option to: 'trigger'. (jortel at redhat.com) - option 'delayed' implies asynchronous RMI. (jortel at redhat.com) - fix for tito compat. (jortel at redhat.com) - bridge: clean debug prints; make gateway a thread. (jortel at redhat.com) - Add tcp bridge (experimental). (jortel at redhat.com) - Add support for delayed trigger asynchronous RMI. (jortel at redhat.com) - Add fedora releaser. (jortel at redhat.com) - support setting producer uuid; HMAC enhancements. (jortel at redhat.com) - rel-eng: rename redhat releaser. (jortel at redhat.com) -------------------------------------------------------------------------------- ================================================================================ innotop-1.9.0-3.el6 (FEDORA-EPEL-2012-13092) A MySQL and InnoDB monitor program -------------------------------------------------------------------------------- Update Information: Update to version 1.9.0. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Eduardo Echeverria 1.9.0-3 - Add BuildRequires perl_Time_HiRes * Fri Oct 5 2012 Eduardo Echeverria 1.9.0-2 - Add BuildRequires * Fri Sep 21 2012 Luis Bazan 1.9.0-1 - New Upstream version * Thu Jul 19 2012 Fedora Release Engineering - 1.8.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jul 10 2012 Luis Bazan - 1.8.1-4 - back to original state man3 and man1 * Tue Jul 10 2012 Luis Bazan - 1.8.1-3 - remove man3 * Tue Jul 10 2012 Luis Bazan - 1.8.1-2 - Change man3 and man1 * Mon Jul 9 2012 Luis Baz?n - 1.8.1-1 - New Upstream Version 1.8.1 * Sun Jun 17 2012 Petr Pisar - 1.6.0-10 - Perl 5.16 rebuild * Fri Jan 13 2012 Fedora Release Engineering - 1.6.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Jun 21 2011 Marcela Ma?l??ov? - 1.6.0-8 - Perl mass rebuild * Wed Feb 9 2011 Fedora Release Engineering - 1.6.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Tue Jun 1 2010 Marcela Maslanova - 1.6.0-6 - Mass rebuild with perl-5.12.0 * Fri Dec 4 2009 Stepan Kasal - 1.6.0-5 - rebuild against perl 5.10.1 -------------------------------------------------------------------------------- ================================================================================ mom-0.3.0-1.el6 (FEDORA-EPEL-2012-13090) Dynamically manage system resources on virtualization hosts -------------------------------------------------------------------------------- Update Information: Update to mom-0.3.0 which fixes a momd security issue and includes many features for ovirt integration. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Adam Litke - 0.3.0-1 - Upgrade to version 0.3.0 - Upstream fixes CVE-2012-4480 * Fri Jul 20 2012 Fedora Release Engineering - 0.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #863178 - CVE-2012-4480 mom: world-writable PID file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=863178 -------------------------------------------------------------------------------- ================================================================================ mysql-connector-python-1.0.7-1.el6 (FEDORA-EPEL-2012-13085) MySQL Connector for Python 2 -------------------------------------------------------------------------------- Update Information: Update to version 1.0.7 GA Changes in 1.0.7: * Fixed formatting of client errors changing numeric to string placeholders. (BUG#14548043) * Client and server errors have been regenerated using latest development release of MySQL v5.6.6. Changes in 1.0.6beta: * Fixed Python v3 code so it works with Python v3.3. (BUG#14524942) * Fixed MySQLCursorRaw.fetchall() to not raise when results are available. This was only a problem in the Python v3 code. (BUG#14517262, BUG#66465) * Changed name and version of distributions to align with other MySQL projects (WL#6450) * The version now includes the suffix 'b' for beta and 'a' for alpha followed by a number. This version is used in the source and built distributions. GA versions will have no suffix. * The RPM spec files have been updated to create packages which names are aligned with RPMs from other MySQL projects. * Fixed installation of version.py on OS X. (BUG#14483142) * version.py is now correctly installed on OS X in the mysql.connector package. Previously it was installed through data_files, and version.py ended up in the system wide package location of Python from where it could not be imported. * data_files is not used any longer in setup.py and is removed. Extra files like version.py are now copied in the custom Distutils commands. * Fixed SSL unit testing for source distributions. (BUG#14402737) * The SSL keys and certificates were missing and have been added to the source distribution. Now SSL testing works properly. * Additionally for the Windows platform, forward slashes had to be added to the option file creation so the MySQL server can pickup the needed SSL files. * Timeout for unit tests has been set to 10 seconds. Test cases can individually adjust it to be higher or lower. (BUG#14487502) * Fixed test cases in test_mysql_database.py which failed when using using YEAR(2) with MySQL v5.6.6 and greater. (BUG#14460680) * Changed how MySQL server errors are mapped to Python exceptions. We now use the SQLState (when available) to raise a better error. (WL#6412) * Incompatibility: some server errors are now raised with a different exception. * It is possible to override how errors are raised using the mysql.connector.custom_error_exception() function, defined in the mysql.connector.errors module. This can be useful for certain frameworks to align with other database drivers. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 3 2012 Remi Collet - 1.0.7-1 - version 1.0.7 GA - remove non GPL documentation - disable test_network and test_connection on EL-5 -------------------------------------------------------------------------------- ================================================================================ openstack-swift-plugin-swift3-1.0.0-0.20120711git.el6 (FEDORA-EPEL-2012-13083) The swift3 plugin for Openstack Swift -------------------------------------------------------------------------------- Update Information: New package for the swift3 plugin for Openstack Swift (previously part of openstack-swift package) -------------------------------------------------------------------------------- References: [ 1 ] Bug #831871 - Review Request: openstack-swift-plugin-swift3 - The swift3 plugin for Openstack Swift https://bugzilla.redhat.com/show_bug.cgi?id=831871 -------------------------------------------------------------------------------- ================================================================================ perl-No-Worries-0.6-1.el6 (FEDORA-EPEL-2012-13097) Perl coding without worries -------------------------------------------------------------------------------- Update Information: updating to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Massimo Paladin 0.6-1 - Updating to latest upstream version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #862977 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=862977 -------------------------------------------------------------------------------- ================================================================================ php-ZendFramework-1.12.0-1.el6 (FEDORA-EPEL-2012-13084) Leading open-source PHP framework -------------------------------------------------------------------------------- Update Information: Update to 1.12.0 Fixes CVE-2012-3363 and ZF2012-02 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Felix Kaechele - 1.12.0-1 - update to 1.12.0 - cleaned up and fixed dependencies - moved Gdata back into main package as it no longer has external deps - subpackaged more classes with external deps - added a "full" subpackage to install a full ZF - new modules: EventManager, Mobile * Fri Jul 20 2012 Fedora Release Engineering - 1.11.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #835560 - CVE-2012-3363 php-ZendFramework: File disclosure via XXE injection in Zend_XMLRPC (ZF2012-01) https://bugzilla.redhat.com/show_bug.cgi?id=835560 -------------------------------------------------------------------------------- ================================================================================ python-keystoneclient-0.1.3.9-1.el6 (FEDORA-EPEL-2012-13088) Python API and CLI for OpenStack Keystone -------------------------------------------------------------------------------- Update Information: * New upstream release 0.1.3 * Handle "503 Service Unavailable" exception (lp#1028799) * add --wrap option for long PKI tokens (lp#1053728) * remove deprecated Diablo options * add --os-token and --os-endpoint options to match http://wiki.openstack.org/UnifiedCLI/Authentication -------------------------------------------------------------------------------- ================================================================================ python-odict-1.5.0-4.el6 (FEDORA-EPEL-2012-13093) Ordered dictionary -------------------------------------------------------------------------------- Update Information: Version 1.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #862853 - Review Request: python-odict - Ordered dictionary https://bugzilla.redhat.com/show_bug.cgi?id=862853 -------------------------------------------------------------------------------- ================================================================================ python-warlock-0.4.0-2.el6 (FEDORA-EPEL-2012-13082) Python object model built on top of JSON schema -------------------------------------------------------------------------------- Update Information: New Python package to build self-validating python objects using JSON schemas. -------------------------------------------------------------------------------- References: [ 1 ] Bug #850750 - Review Request: python-warlock - Python object model built on top of JSON schema https://bugzilla.redhat.com/show_bug.cgi?id=850750 -------------------------------------------------------------------------------- ================================================================================ validns-0.6-1.el6 (FEDORA-EPEL-2012-13096) DNS and DNSSEC zone file validator -------------------------------------------------------------------------------- Update Information: Fixed DNSSEC support, TYPEXX support -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Paul Wouters - 0.6-0 - Updated to 0.6, which incorporates all patches -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 8 15:30:05 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 08 Oct 2012 15:30:05 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121008153005.7430B2090F@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 68 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 39 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 169 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 64 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 64 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13003/moodle-1.9.19-3.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing dspam-3.10.2-2.el5 munin-2.0.7-1.el5 Details about builds: ================================================================================ dspam-3.10.2-2.el5 (FEDORA-EPEL-2012-13104) A library and Mail Delivery Agent for Bayesian SPAM filtering -------------------------------------------------------------------------------- Update Information: Fixes a missing requires as well as patches the exim documentation -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 Nathanael Noblet - 3.10.2-2 - require perl(Mail::MboxParser) -------------------------------------------------------------------------------- References: [ 1 ] Bug #622502 - dspam_train requires Mail::MboxParser, but it isn't listed as a dependency https://bugzilla.redhat.com/show_bug.cgi?id=622502 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.7-1.el5 (FEDORA-EPEL-2012-13098) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Updated to 2.0.7 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 D. Johnson - 2.0.7-1 - Upstream to 2.0.7 - BZ# 850401 Use systemd_preun when available (f18) - BZ# 863490 [patch] http_load plugin uses wrong time command - BZ# 862469 Move asyncd init files to asyncd subpackage * Tue Sep 11 2012 D. Johnson - 2.0.6-3 - Upstream removed dists/redhat/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #850401 - Introduce new systemd-rpm macros in munin spec file https://bugzilla.redhat.com/show_bug.cgi?id=850401 [ 2 ] Bug #863490 - hhtp_load plugin uses wrong time command https://bugzilla.redhat.com/show_bug.cgi?id=863490 [ 3 ] Bug #862469 - /etc/init.d/munin-asyncd start gives "munin-asyncd was expected at @@LIBDIR@@/munin-asyncd" https://bugzilla.redhat.com/show_bug.cgi?id=862469 -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 8 15:30:04 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 08 Oct 2012 15:30:04 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121008153004.637C5208E6@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 169 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 91 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 64 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 32 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12829/python-django-horizon-2012.1.1-2.el6 39 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 357 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12970/moodle-2.1.8-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing clojure-1.4.0-3.el6 compton-0-0.1.20121007gitc7ca345.el6 dspam-3.10.2-2.el6 munin-2.0.7-1.el6 openslide-3.3.0-1.el6 trac-0.12.4-1.el6 Details about builds: ================================================================================ clojure-1.4.0-3.el6 (FEDORA-EPEL-2012-13100) A dynamic programming language that targets the Java Virtual Machine -------------------------------------------------------------------------------- Update Information: Exclude ppc64 as an unsupported plattform. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 Jochen Schmitt - 1:1.4.0-3 - Exclude ppc64 caused by unavaible dep?edencies -------------------------------------------------------------------------------- ================================================================================ compton-0-0.1.20121007gitc7ca345.el6 (FEDORA-EPEL-2012-13099) Compositor for X -------------------------------------------------------------------------------- Update Information: New Git snapshot, which gives a better user experience, especially with Fluxbox. Note: The "settrans" script has been renamed to "compton-trans". -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 Mario Bl?ttermann - 0.1.20121007gitc7ca345 - New Git snapshot - settrans has been renamed to compton-trans * Wed Jul 18 2012 Fedora Release Engineering - 0-0.2.20120603gitd52f7a0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ dspam-3.10.2-2.el6 (FEDORA-EPEL-2012-13101) A library and Mail Delivery Agent for Bayesian SPAM filtering -------------------------------------------------------------------------------- Update Information: Fixes a missing requires as well as patches the exim documentation -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 Nathanael Noblet - 3.10.2-2 - require perl(Mail::MboxParser) -------------------------------------------------------------------------------- References: [ 1 ] Bug #622502 - dspam_train requires Mail::MboxParser, but it isn't listed as a dependency https://bugzilla.redhat.com/show_bug.cgi?id=622502 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.7-1.el6 (FEDORA-EPEL-2012-13103) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Updated to 2.0.7 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 7 2012 D. Johnson - 2.0.7-1 - Upstream to 2.0.7 - BZ# 850401 Use systemd_preun when available (f18) - BZ# 863490 [patch] http_load plugin uses wrong time command - BZ# 862469 Move asyncd init files to asyncd subpackage * Tue Sep 11 2012 D. Johnson - 2.0.6-3 - Upstream removed dists/redhat/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #850401 - Introduce new systemd-rpm macros in munin spec file https://bugzilla.redhat.com/show_bug.cgi?id=850401 [ 2 ] Bug #863490 - hhtp_load plugin uses wrong time command https://bugzilla.redhat.com/show_bug.cgi?id=863490 [ 3 ] Bug #862469 - /etc/init.d/munin-asyncd start gives "munin-asyncd was expected at @@LIBDIR@@/munin-asyncd" https://bugzilla.redhat.com/show_bug.cgi?id=862469 -------------------------------------------------------------------------------- ================================================================================ openslide-3.3.0-1.el6 (FEDORA-EPEL-2012-13105) C library for reading virtual slides -------------------------------------------------------------------------------- Update Information: Version 3.3.0 adds support for Leica SCN files and preliminary support for MIRAX 2.2, adds standard properties for microns-per-pixel and objective power, and improves the command-line tools. -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 22 2012 Benjamin Gilbert - 3.3.0-1 - New upstream release + Support for Leica SCN format (requires libtiff 4) + Partial support for MIRAX 2.2 + Standard properties for microns-per-pixel and objective power + Improved reporting of open errors + Command-line tool improvements - Add versioned dependency on main package to subpackages * Fri Jul 20 2012 Fedora Release Engineering - 3.2.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #860706 - New version of openslide available https://bugzilla.redhat.com/show_bug.cgi?id=860706 -------------------------------------------------------------------------------- ================================================================================ trac-0.12.4-1.el6 (FEDORA-EPEL-2012-13102) Enhanced wiki and issue tracking system -------------------------------------------------------------------------------- Update Information: new maintenance release 0.12.4 fixed bugs: http://trac.edgewall.org/query?group=status&milestone=0.12.4 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 6 2012 Jose Pedro Oliveira - 0.12.4-1 - Update to 0.12.4, BZ 855518. - Dropped the patch trac-0.12.3-pidfile.patch (upstream #10566). http://trac.edgewall.org/ticket/10566 http://trac.edgewall.org/changeset/11084 -------------------------------------------------------------------------------- References: [ 1 ] Bug #855518 - trac: please update to version 0.12.4 https://bugzilla.redhat.com/show_bug.cgi?id=855518 -------------------------------------------------------------------------------- From nb at fedoraproject.org Mon Oct 8 15:56:21 2012 From: nb at fedoraproject.org (Nick Bebout) Date: Mon, 8 Oct 2012 10:56:21 -0500 Subject: EPEL-ANNOUNCE ZNC 1.0-alpha1 going to stable Message-ID: I'm pushing ZNC 1.0-alpha1 to stable. I've been using it on my server for a while now, and it's been working fine. It's a fairly big update, but is not supposed to require any manual configuration changes, per the developers, but you might want to check after updating to make sure everything is ok. _______________________________________________ epel-announce mailing list epel-announce at lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-announce From jeff at ocjtech.us Tue Oct 9 15:31:34 2012 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Tue, 9 Oct 2012 10:31:34 -0500 Subject: Asterisk 11 for Fedora 18 (and other future plans for Asterisk in Fedora/EPEL) Message-ID: Digium released the first release candidate for Asterisk 11 yesterday, with the final release due hopefully sometime this month. I'm therefore going to be updating the Asterisk package in Fedora 18 to the release candidate. Fedora 17 is going to stick with the 10.X series, Fedora 16 is sticking with the 1.8.X series. EPEL 6 will stick with the 1.8.X series for the time being as Digium designates is as a long term support release[1]. Digium plans on ending support for 1.8.X in 2015 while RHEL 6 support from Red Hat will continue until 2020[2] so at some point in 2015 Asterisk in EPEL 6 will need to switch to a newer version, probably version 13 if Digium's plans hold. [1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions [2] https://access.redhat.com/support/policy/updates/errata/ -- Jeff Ollie -------------- next part -------------- An HTML attachment was scrubbed... URL: From updates at fedoraproject.org Tue Oct 9 20:31:01 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 09 Oct 2012 20:31:01 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121009203101.7B83520E57@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 70 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 40 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 170 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 65 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 65 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing phpMyAdmin3-3.5.3-1.el5 Details about builds: ================================================================================ phpMyAdmin3-3.5.3-1.el5 (FEDORA-EPEL-2012-13114) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 3.5.3.0 (2012-10-08) =============================== - [interface] Browse mode "Show" button gives blank page if no results anymore - [interface] Copy Database Ajax feedback vanishes long before copying is done - [interface] GC-maxlifetime warning incorrectly displayed - [interface] Search fails with JS error when tooltips disabled - [interface] Event comments not saved - [edit] Can't enter date directly when editing inline - [interface] Inline query editor doesn't work from search results - [edit] BLOB download no longer works - [config] Error in generated configuration arrray - [GUI] Invalid HTML code in multi submits confirmation form - [interface] Designer sometimes places tables on the top menu - [core] Call to undefined function __() when config file has wrong permissions - [edit] Error searching table with many fields - [edit] Cannot copy a DB with table and views - [privileges] Incorrect updating of the list of users - [edit] cell edit date field with empty date fills in current date - [edit] current_date from function drop down fails on update - [compatibility] add support for Solaris and FreeBSD system load and memory display in server status - [import] Table import from XML file fails - [display] replace Highcharts with jqplot for Display chart - [edit] Pasting value doesn't clear null checkbox - [edit] Datepicker for date and datetime fields is broken - [security] Unspecified minor security fix by upstream, see PMASA-2012-6 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php) - [security] Unspecified minor security fix by upstream, see PMASA-2012-7 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Robert Scheck 3.5.3-1 - Upgrade to 3.5.3 -------------------------------------------------------------------------------- From updates at fedoraproject.org Tue Oct 9 20:31:02 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 09 Oct 2012 20:31:02 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121009203102.DA9A620EAB@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 170 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 93 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 65 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 40 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 358 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing datanommer-0.1.8-1.el6 distcc-3.1-4.el6 erlang-folsom-0.7.1-1.el6 erlang-riak_pb-1.2.0-1.el6 erlang-snappy-1.0.3-0.2.git80db168.el6 gitolite3-3.04-4.el6 ivykis-0.30.4-2.el6 php-getid3-1.9.3-1.el6 php-pecl-oauth-1.2.3-1.el6 phpMyAdmin-3.5.3-1.el6 seamonkey-2.12.1-2.el6 Details about builds: ================================================================================ datanommer-0.1.8-1.el6 (FEDORA-EPEL-2012-13106) A storage consumer for the Fedora Message Bus (fedmsg) -------------------------------------------------------------------------------- Update Information: More flexible db column types. New db table for compose messages. Initial import Rely on latest python-moksha-hub. -------------------------------------------------------------------------------- ================================================================================ distcc-3.1-4.el6 (FEDORA-EPEL-2012-13111) Distributed C/C++ compilation -------------------------------------------------------------------------------- Update Information: new package -------------------------------------------------------------------------------- ================================================================================ erlang-folsom-0.7.1-1.el6 (FEDORA-EPEL-2012-13107) Erlang-based metrics system -------------------------------------------------------------------------------- Update Information: - Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #853687 - Review Request: erlang-folsom - Erlang-based metrics system https://bugzilla.redhat.com/show_bug.cgi?id=853687 -------------------------------------------------------------------------------- ================================================================================ erlang-riak_pb-1.2.0-1.el6 (FEDORA-EPEL-2012-13110) Riak Protocol Buffers Messages -------------------------------------------------------------------------------- Update Information: - Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #854458 - Review Request: erlang-riak_pb - Riak Protocol Buffers Messages https://bugzilla.redhat.com/show_bug.cgi?id=854458 -------------------------------------------------------------------------------- ================================================================================ erlang-snappy-1.0.3-0.2.git80db168.el6 (FEDORA-EPEL-2012-13117) An Erlang NIF wrapper for Google's snappy library -------------------------------------------------------------------------------- Update Information: - Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #860001 - Review Request: erlang-snappy - An Erlang NIF wrapper for Google's snappy library https://bugzilla.redhat.com/show_bug.cgi?id=860001 -------------------------------------------------------------------------------- ================================================================================ gitolite3-3.04-4.el6 (FEDORA-EPEL-2012-13116) Highly flexible server for git directory version tracker -------------------------------------------------------------------------------- Update Information: Fix for path traversal vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Jon Ciesla - 3.04-4 - Patch for directory traversal bug. * Thu Jul 19 2012 Fedora Release Engineering - 3.04-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jun 28 2012 Petr Pisar - 3.04-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- ================================================================================ ivykis-0.30.4-2.el6 (FEDORA-EPEL-2012-13115) Library for asynchronous I/O readiness notification -------------------------------------------------------------------------------- Update Information: First EPEL 6 build -------------------------------------------------------------------------------- References: [ 1 ] Bug #863719 - Review Request: ivykis - Library for asynchronous I/O readiness notification https://bugzilla.redhat.com/show_bug.cgi?id=863719 -------------------------------------------------------------------------------- ================================================================================ php-getid3-1.9.3-1.el6 (FEDORA-EPEL-2012-13112) The PHP media file parser -------------------------------------------------------------------------------- Update Information: Initial release. Latest stable version. -------------------------------------------------------------------------------- ================================================================================ php-pecl-oauth-1.2.3-1.el6 (FEDORA-EPEL-2012-13113) PHP OAuth consumer extension -------------------------------------------------------------------------------- Update Information: - update to 1.2.3, bugfix, see http://pecl.php.net/package-changelog.php?package=oauth&release=1.2.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 F. Kooman - 1.2.3-1 - update to 1.2.3, bugfix, see http://pecl.php.net/package-changelog.php?package=oauth&release=1.2.3 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-3.5.3-1.el6 (FEDORA-EPEL-2012-13109) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 3.5.3.0 (2012-10-08) =============================== - [interface] Browse mode "Show" button gives blank page if no results anymore - [interface] Copy Database Ajax feedback vanishes long before copying is done - [interface] GC-maxlifetime warning incorrectly displayed - [interface] Search fails with JS error when tooltips disabled - [interface] Event comments not saved - [edit] Can't enter date directly when editing inline - [interface] Inline query editor doesn't work from search results - [edit] BLOB download no longer works - [config] Error in generated configuration arrray - [GUI] Invalid HTML code in multi submits confirmation form - [interface] Designer sometimes places tables on the top menu - [core] Call to undefined function __() when config file has wrong permissions - [edit] Error searching table with many fields - [edit] Cannot copy a DB with table and views - [privileges] Incorrect updating of the list of users - [edit] cell edit date field with empty date fills in current date - [edit] current_date from function drop down fails on update - [compatibility] add support for Solaris and FreeBSD system load and memory display in server status - [import] Table import from XML file fails - [display] replace Highcharts with jqplot for Display chart - [edit] Pasting value doesn't clear null checkbox - [edit] Datepicker for date and datetime fields is broken - [security] Unspecified minor security fix by upstream, see PMASA-2012-6 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php) - [security] Unspecified minor security fix by upstream, see PMASA-2012-7 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Robert Scheck 3.5.3-1 - Upgrade to 3.5.3 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.12.1-2.el6 (FEDORA-EPEL-2012-13108) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. -------------------------------------------------------------------------------- From buc at odusz.so-cdu.ru Wed Oct 10 11:44:24 2012 From: buc at odusz.so-cdu.ru (Dmitry Butskoy) Date: Wed, 10 Oct 2012 15:44:24 +0400 Subject: Seamonkey now in EPEL6 Message-ID: <50755F98.5020305@odu.neva.ru> Seamonkey (formerly known as Mozilla/Netscape Suite) is added to EPEL6 . Try it at updates-testing for now. It is the latest stable version 2.12.1, based on the shared sources with firefox-15/thunderbird-15. The current RHEL6's firefox/thunderbird have version of 10.0.x (ESR - extended support release), hence seamonkey can provide more recent things etc. Regards, Dmitry Butskoy http://www.fedoraproject.org/wiki/DmitryButskoy From updates at fedoraproject.org Wed Oct 10 18:02:12 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 10 Oct 2012 18:02:12 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121010180212.01077212D0@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 171 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 66 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 66 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing eurephia-1.1.0-2.el5 libpri-1.4.13-1.el5 Details about builds: ================================================================================ eurephia-1.1.0-2.el5 (FEDORA-EPEL-2012-13126) An advanced and flexible OpenVPN user authentication plug-in -------------------------------------------------------------------------------- Update Information: Release of eurephia v1.1 for EL5 -------------------------------------------------------------------------------- ================================================================================ libpri-1.4.13-1.el5 (FEDORA-EPEL-2012-13124) An implementation of Primary Rate ISDN -------------------------------------------------------------------------------- Update Information: The Asterisk Development Team has announced the release of libpri 1.4.13. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/libpri The release of libpri 1.4.13 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: * --- Outgoing BRI calls fail when using Asterisk 1.8 with HA8, HB8, and B410P cards. (Issue AST-598. Reported by Trey Blancher) * --- Implement handling a multi-channel RESTART request. (Closes issue PRI-93. Reported by Marcin Kowalczyk) * --- Removed MDL/TEI management configuration warning message. (Closes issue PRI-137. Reported by Bart Coninckx) * --- Allow passing compiler flags (CFLAGS, LDFLAGS) (Closes issue PRI-144. Reported by Tzafrir Cohen) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/libpri/ChangeLog-1.4.13 -------------------------------------------------------------------------------- From updates at fedoraproject.org Wed Oct 10 18:02:13 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 10 Oct 2012 18:02:13 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121010180213.52074212D9@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 171 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 94 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 66 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 359 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing erlang-lager-1.2.1-1.el6 erlang-poolboy-0.8.1-1.el6 eurephia-1.1.0-2.el6 fedmsg-0.5.4-4.el6 flann-1.7.1-1.el6 libcommuni-1.2.0-1.el6 libpri-1.4.13-1.el6 python-pyramid-1.2.7-6.el6 python-rdflib-3.2.3-1.el6 varnish-3.0.3-3.el6 Details about builds: ================================================================================ erlang-lager-1.2.1-1.el6 (FEDORA-EPEL-2012-13121) A logging framework for Erlang/OTP -------------------------------------------------------------------------------- Update Information: - Ver. 1.2.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Peter Lemenkov - 1.2.1-1 - Ver. 1.2.1 (fixes rhbz #854561) -------------------------------------------------------------------------------- References: [ 1 ] Bug #854561 - Upgrade erlang-lager to the version 1.2.1 https://bugzilla.redhat.com/show_bug.cgi?id=854561 -------------------------------------------------------------------------------- ================================================================================ erlang-poolboy-0.8.1-1.el6 (FEDORA-EPEL-2012-13125) A hunky Erlang worker pool factory -------------------------------------------------------------------------------- Update Information: - Ver. 0.8.1 (backwards API compatible) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Peter Lemenkov - 0.8.1-1 - Ver. 0.8.1 * Wed Jul 18 2012 Fedora Release Engineering - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ eurephia-1.1.0-2.el6 (FEDORA-EPEL-2012-13122) An advanced and flexible OpenVPN user authentication plug-in -------------------------------------------------------------------------------- Update Information: Release of eurephia v1.1 for EL5 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.5.4-4.el6 (FEDORA-EPEL-2012-13120) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: fedmsg.text enhancements and recursive merging of fedmsg.d/ New upstream with various enhancement and bugfixes. Misc bugfixes and enhancements. Rely on the latest python-moksha-hub. Bugfix to fedmsg.encoding Fix fedmsg-gateway. Enhancements to fedmsg.encoding. Convenient default config for end users. 0.3.8 new commands, options, and enhanced API. Unicode bugfix. repr enhancements. IRC colors, fedmsg2repr updates, and removed fedmsg-status threadsafety and licensing 0.3.1 for msg2repr updates and fedmsg-logger grepping. Bugfix to -logger and enhancement to -irc Require latest moksha. API enhancement. 0.2.5 with more realistic X509 capacity 0.2.4 with fix for disabled ssl 0.2.3 with upstream typo fixes Added deps on m2crypto and python-m2ext /var/log/fedmsg wasn't being created correctly. Require moksha >= 0.8.3. python-argparse fix for epel-6. Bugfix - Added a forgotten new requirement on python-requests. Fix to creation of /var/run/fedmsg. Remove unnecessary %%ghost on /var/run/fedmsg Nicer messages from fedmsg-irc. New fedmsg.text.msg2repr. bugfix to fedmsg.text. fedmsg.text updates for scm. thread safety bugfix for fedmsg-tail and fedmsg.text items from lmacken -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Ralph Bean - 0.5.4-4 - Disable those few tests that require network connectivity for koji. * Tue Oct 9 2012 Ralph Bean - 0.5.4-3 - BuildRequires on python-pygments. * Tue Oct 9 2012 Ralph Bean - 0.5.4-2 - BuildRequires on python-pygments. * Mon Oct 8 2012 Ralph Bean - 0.5.4-1 - New mediawiki, tagger, and git icons in fedmsg.text. - Create symlink of dev_certs in build section so tests can pass. - Re-enable the test suite in %check again. - fedmsg.text entries for tagger rank changes. - Updated default FI endpoints (for staging). - Remove full text from mediawiki messages to reduce spam. - Recursively merge dicts in /etc/fedmsg.d/ * Fri Oct 5 2012 Ralph Bean - 0.5.3-1 - Icons and fedmsg.text support for fedmsg-notify - Re-disabled the tests to get a quick release out for fedmsg-notify. * Thu Oct 4 2012 Luke Macken - 0.5.2-2 - Re-enable the test suite in %check which got accidently removed. * Wed Oct 3 2012 Ralph Bean - 0.5.2-1 - Allow timeout when connecting to a non-existant fedmsg-relay - fedmsg.text entries for new lookaside messages - fedmsg.text groundwork support for icons - Enhancements to the docs - Fixed regression in fedmsg-irc * Thu Sep 27 2012 Ralph Bean - 0.5.1-1 - Fixed links in meetbot reprs - fedmsg.text entries for pkgdb2branch and releng - unicode bugfix for fedmsg-tail --terse - Fix bug alongside python-moksha-hub-1.0.3-1 - New defaults fedora-infrastructure endpoints - Improved docs - Links to real diffs for mediawiki messages - Specifiable and longer default tcp timeout for fedmsg-irc - Improved config parsing for fedmsg-irc - Bugfix to git-hook; ignore pushed tags instead of crashing - Allow inner context to be destroyed and recreated inside a thread * Thu Sep 27 2012 Ralph Bean - 0.5.0-2 - Require python-pygments. * Wed Sep 19 2012 Ralph Bean - 0.5.0-1 - Depend on new Moksha - Massive docs improvement. - Minor API simplification. - Suppress some annoying warnings from fedmsg-tail. * Fri Aug 31 2012 Ralph Bean - 0.4.0-1 - Bugfix to fedmsg.encoding. * Fri Aug 31 2012 Ralph Bean - 0.3.9-1 - Bugfix to fedmsg-gateway. - to_json utility for sqlalchemy. - More convenient default config for end users. * Thu Aug 23 2012 Ralph Bean - 0.3.8-1 - fedmsg-gateway command, new! - Improved thread cleanup with weakref. - --terse option for fedmsg-tail - Meetbot text processing support. - Update to consumer API.. systematized enablement. * Fri Aug 17 2012 Ralph Bean - 0.3.6-1 - Expanded reprs. Support for fedoratagger-0.2.2-1 messages. - Unicode bugfix. * Tue Aug 14 2012 Ralph Bean - 0.3.5-1 - IRC colors - fedmsg2repr updates (Luke Macken) - Removed fedmsg-status and the heartbeat producer * Mon Aug 13 2012 Ralph Bean - 0.3.4-1 - Threadsafety bugfixes to fedmsg-tail - New fedmsg.text items from Luke Macken. * Sun Aug 12 2012 Ralph Bean - 0.3.3-1 - thread safety (for bodhi masher) * Wed Aug 8 2012 Ralph Bean - 0.3.2-1 - msg2repr updates for scm. * Wed Aug 8 2012 Ralph Bean - 0.3.1-1 - msg2repr updates - fedmsg-logger grepping. * Tue Aug 7 2012 Ralph Bean - 0.3.0-1 - Bugfix to fedmsg.text. * Tue Aug 7 2012 Ralph Bean - 0.2.9-1 - Upstream update including nicer message for fedmsg-irc. - fedmsg.text.msg2repr * Mon Aug 6 2012 Ralph Bean - 0.2.7-4 - Remove unnecessary %ghost on /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-3 - Hopefully fix to creation of /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-2 - Added a forgotten new requirement on python-requests. * Sun Aug 5 2012 Ralph Bean - 0.2.7-1 - Upstream bugfix to -logger and enhancement to -irc. * Mon Jul 30 2012 Ralph Bean - 0.2.6-2 - Require moksha >= 0.8.8 * Mon Jul 30 2012 Ralph Bean - 0.2.6-1 - Upstream bugfixes and API enhancements. * Thu Jul 19 2012 Fedora Release Engineering - 0.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jul 15 2012 Ralph Bean - 0.2.5-1 - Upstream crypto updates in preparation for a more realistic X509 setup. * Fri Jul 13 2012 Ralph Bean - 0.2.4-1 - Upstream bugfix for when ssl is disabled. * Wed Jul 11 2012 Ralph Bean - 0.2.3-1 - Upstream bump that fixes some typos. * Tue Jul 10 2012 Ralph Bean - 0.2.2-3 - Added deps on python-argparse for py < 2.7 (rhel6) * Sat Jul 7 2012 Ralph Bean - 0.2.2-2 - Added deps on m2crypto and python-m2ext * Sat Jul 7 2012 Ralph Bean - 0.2.2-1 - Update to fedmsg-irc to fix lineRate issues - fedmsg.crypto module - sign and validate messages * Mon Jun 11 2012 Ralph Bean - 0.2.1-2 - Require moksha >= 0.8.3 * Mon Jun 11 2012 Ralph Bean - 0.2.1-1 - Override producers and consumers entry-points in the hub. Should fix a collision that fedmsg-irc is having with fedoracommunity. * Mon Jun 11 2012 Ralph Bean - 0.2.0-4 - Introduce temporary hard dep on orbited. * Mon Jun 11 2012 Ralph Bean - 0.2.0-3 - /var/log/fedmsg wasn't being created correctly. -------------------------------------------------------------------------------- ================================================================================ flann-1.7.1-1.el6 (FEDORA-EPEL-2012-13127) Fast Library for Approximate Nearest Neighbors -------------------------------------------------------------------------------- Update Information: Enabled multi-thread support via Intel TBB. -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 28 2012 Rich Mattes - 1.7.1-1 - Enabled tbb support -------------------------------------------------------------------------------- ================================================================================ libcommuni-1.2.0-1.el6 (FEDORA-EPEL-2012-13129) Cross-platform IRC client library written with Qt 4 -------------------------------------------------------------------------------- Update Information: Libcommuni is a cross-platform IRC client library written with Qt 4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #846913 - Review Request: libcommuni - Communi is a cross-platform IRC client library written with Qt 4 https://bugzilla.redhat.com/show_bug.cgi?id=846913 -------------------------------------------------------------------------------- ================================================================================ libpri-1.4.13-1.el6 (FEDORA-EPEL-2012-13123) An implementation of Primary Rate ISDN -------------------------------------------------------------------------------- Update Information: The Asterisk Development Team has announced the release of libpri 1.4.13. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/libpri The release of libpri 1.4.13 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: * --- Outgoing BRI calls fail when using Asterisk 1.8 with HA8, HB8, and B410P cards. (Issue AST-598. Reported by Trey Blancher) * --- Implement handling a multi-channel RESTART request. (Closes issue PRI-93. Reported by Marcin Kowalczyk) * --- Removed MDL/TEI management configuration warning message. (Closes issue PRI-137. Reported by Bart Coninckx) * --- Allow passing compiler flags (CFLAGS, LDFLAGS) (Closes issue PRI-144. Reported by Tzafrir Cohen) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/libpri/ChangeLog-1.4.13 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Jeffrey Ollie - 1.4.13-1 - The Asterisk Development Team has announced the release of libpri 1.4.13. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/libpri - - The release of libpri 1.4.13 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Outgoing BRI calls fail when using Asterisk 1.8 with HA8, HB8, - and B410P cards. - (Issue AST-598. Reported by Trey Blancher) - - * --- Implement handling a multi-channel RESTART request. - (Closes issue PRI-93. Reported by Marcin Kowalczyk) - - * --- Removed MDL/TEI management configuration warning message. - (Closes issue PRI-137. Reported by Bart Coninckx) - - * --- Allow passing compiler flags (CFLAGS, LDFLAGS) - (Closes issue PRI-144. Reported by Tzafrir Cohen) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/libpri/ChangeLog-1.4.13 * Thu Jul 19 2012 Fedora Release Engineering - 1.4.12-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 1.4.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-pyramid-1.2.7-6.el6 (FEDORA-EPEL-2012-13119) The Pyramid web application framework, a Pylons project -------------------------------------------------------------------------------- Update Information: Updated requires for python-mako Added patch to fix requires version for python-paste-script when running on rhel Changed requires from python-webob to python-webob1.2 in rpm spec el6 build -------------------------------------------------------------------------------- References: [ 1 ] Bug #855706 - fix failing el6 build https://bugzilla.redhat.com/show_bug.cgi?id=855706 -------------------------------------------------------------------------------- ================================================================================ python-rdflib-3.2.3-1.el6 (FEDORA-EPEL-2012-13128) Python library for working with RDF -------------------------------------------------------------------------------- Update Information: Update to version 3.2.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Pierre-Yves Chibon - 3.2.3-1 - Update to 3.2.3 - One test is failing, so disabling them for now * Sat Jul 21 2012 Fedora Release Engineering - 3.2.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ varnish-3.0.3-3.el6 (FEDORA-EPEL-2012-13118) High-performance HTTP accelerator -------------------------------------------------------------------------------- Update Information: Upped the minimum number of threads from 1 to 5, closes #861493 Added a patch from phk, fixing ppc64 New upstream release. This is a bugfix release. Added a patch from phk, fixing ppc64 New upstream release. This is a bugfix release. Added a patch from phk, fixing ppc64 New upstream release. This is a bugfix release. Added a patch from phk, fixing ppc64 New upstream release. This is a bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Ingvar Hagelund - 3.0.3-3 - Upped the minimum number of threads from 1 to 5, closes #861493 * Tue Sep 18 2012 Ingvar Hagelund - 3.0.3-2 - Added a patch from phk, fixing upstream ppc64 bug #1194 * Tue Aug 21 2012 Ingvar Hagelund - 3.0.3-1 - New upstream release - Remove unneeded hacks for ppc - Remove hacks for rhel4, we no longer support that - Remove unneeded hacks for docs, since we use the pregenerated docs - Add new systemd scriptlets from f18+ - Added a patch switching off pcre jit on i386 and ppc to avoid upstream bug #1191 * Sun Jul 22 2012 Fedora Release Engineering - 3.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Mar 12 2012 Ingvar Hagelund - 3.0.2-2 - Added PrivateTmp=true to varnishd unit file, closing #782539 - Fixed comment typos in varnish unit file * Tue Mar 6 2012 Ingvar Hagelund - 3.0.2-1 - New upstream version 3.0.2 - Removed INSTALL as requested by rpmlint - Added a ld.so.conf.d fragment file listing libdir/varnish - Removed redundant doc/html/_sources - systemd support from fedora 17 - Stopped using macros for make and install, according to Fedora's packaging guidelines - Changes merged from upstream: - Added suse_version macro - Added comments on building from a git checkout - mkpasswd -> uuidgen for fewer dependencies - Fixed missing quotes around cflags for pcre - Removed unnecessary 32/64 bit parallell build hack as this is fixed upstream - Fixed typo in configure call, disable -> without - Added lib/libvgz/.libs to LD_LIBRARY_PATH in make check - Added section 3 manpages - Configure with --without-rst2man --without-rst2html - changelog entries - Removed unnecessary patch for system jemalloc, upstream now supports this * Fri Feb 10 2012 Petr Pisar - 2.1.5-4 - Rebuild against PCRE 8.30 * Sat Jan 14 2012 Fedora Release Engineering - 2.1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering - 2.1.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #861493 - Minimum thread count for varnish too low, causes hangs https://bugzilla.redhat.com/show_bug.cgi?id=861493 -------------------------------------------------------------------------------- From gregswift at gmail.com Wed Oct 10 18:13:41 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 10 Oct 2012 13:13:41 -0500 Subject: 'policy' for multiple versions of same software in EPEL Message-ID: So... I've paid attention to the conversations around this because i was a long time zabbix user, so it affected me in that I had to build my own 'latest' packages usually or download from the maintainer's personal repository. If I remember correctly it has also been discussed around lots of web apps like bugzilla as well. But now its something that is potentially going to affect me more as I jumped on as a co-maintainer of collectd in the recent pre-orphaning package spree and started trying to get rspec-puppet packaged [1] due to requirements @dayjob. So in the sidebar discussion about collectd the following was in the thread: >> One thing to work on is to create new EPEL-only collectd5 package, see >> https://bugzilla.redhat.com/show_bug.cgi?id=743894#c4 >> In c6 there's collectd5.spec contributed by eolamey - remaining issues >> could be worked around by adding explicit Conflicts: collectd so that >> file and module paths don't need to change. > This is something to avoid if at all possible, IMHO. > http://fedoraproject.org/wiki/Packaging:Conflicts But a few weeks ago in the Zabbix discussion on list [2] I saw: >> One of the options was to change the package name and host both >> releases in EPEL. I'm not sure how often this actually happens, or >> what the path to get there would be. > That's the approach we took. zabbix20 conflicts with zabbix. ..snip.. I've read through the Packaging:Conflicts wiki. I just don't feel like it adequately addresses the EPEL 'newer' version scenario. Maybe that is just cause I'm missing something (in which case can someone clarify for me, and maybe we can make it clearer in the wiki?) or because it just isn't defined. I'll concede that some examples listed of packages that perform each of the various 'solutions' described would be awesome and might resolve some of the lack of clarity. So the two scenarios I'm looking at: 1: collectd [3] - to make version 5 available in epel5/6 will have to submit collectd5 package. Most of the work is done, but right now the created package 'conflicts' due to duplicate library files and the perl-Collectd module needing to be renamed. I can usually package up software pretty readily, and I don't know how to do what is needed to do this without more guidance (more admin than dev). Because of what the software is, I'd imagine most people are running either version 4 or version 5. Some people might be running both environments from the server side (separate collectors), but aren't likely to have a monitored (client) system active in both. 2: rubygem-rspec (no associated bugzilla entry that I am aware of yet) - to make rspec-puppet available in epel 5/6 version 2 of rspec needs to be made available. I assume this means that the same general concept of rspec2 package needing to be initiated begins. With this one there appears to be way more impact as there are at least 3 packages that build on top of rspec currently. [4] Because this is more of a library set of packages, and most of those packages perform different functionality for rspec that may not always be for the same end use cases it makes conflicts a harder possibility. So i'd imagine either a) have to do a parallel installable rspec2 release of all of them that conflicts so that the 'gems' themselves don't need to be adjusted or b) adjust the entire rubygem so that it behaves as rspec2 and make the other gems use rspec2 rather than rspec. thoughts? thanks greg/xaeth [1] https://bugzilla.redhat.com/show_bug.cgi?id=787350 [2] http://www.redhat.com/archives/epel-devel-list/2012-September/msg00037.html [3] https://bugzilla.redhat.com/show_bug.cgi?id=743894 [4] although upon further review.. it appears that none are branched into epel and all are current with rspec2, which negates a lot of the conflicts and actually would open them up to epel.... From updates at fedoraproject.org Thu Oct 11 18:54:35 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 11 Oct 2012 18:54:35 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121011185435.9D29D21A9B@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 172 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 95 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 360 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing drupal7-feeds-2.0-0.5.alpha6.el6 erlang-bitcask-1.5.2-1.el6 erlang-eradius-0.8.7-1.el6 erlang-getopt-0.5.2-2.el6 erlang-gproc-0.2.13.3-1.el6 erlang-lfe-0.6.2-1.el6 erlang-neotoma-1.5.1-1.el6 erlang-poolboy-0.9.1-1.el6 erlang-riak_client-1.3.1-1.el6 erlang-sext-0.5.2-1.el6 euca2ools-2.1.1-2.el6 log4cxx-0.10.0-13.el6 perl-WWW-GoodData-1.7-2.el6 python-flask-wtf-0.8-1.el6 python-moksha-common-1.0.6-1.el6 python-moksha-hub-1.0.7-1.el6 python-moksha-wsgi-1.0.6-1.el6 python-txzmq-0.5.2-3.el6 python-wtforms-1.0.2-1.el6 Details about builds: ================================================================================ drupal7-feeds-2.0-0.5.alpha6.el6 (FEDORA-EPEL-2012-13138) An import and aggregation framework for Drupal -------------------------------------------------------------------------------- Update Information: Security fix release, https://drupal.org/node/1808832, http://drupal.org/node/1808282. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Peter Borsa - 2.0-0.5.alpha6 - Security fix * Wed Jul 18 2012 Fedora Release Engineering - 2.0-0.4.alpha5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ erlang-bitcask-1.5.2-1.el6 (FEDORA-EPEL-2012-13148) Eric Brewer-inspired key/value store -------------------------------------------------------------------------------- Update Information: * Ver. 1.5.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 1.5.2-1 - Ver. 1.5.2 (Bugfix release) * Wed Jul 18 2012 Fedora Release Engineering - 1.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865135 - erlang-bitcask-1.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=865135 -------------------------------------------------------------------------------- ================================================================================ erlang-eradius-0.8.7-1.el6 (FEDORA-EPEL-2012-13141) RADIUS authentication/accounting for erlang apps -------------------------------------------------------------------------------- Update Information: * Ver. 0.8.7 (More dictionaries) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.8.7-1 - Ver.0.8.7 (API compatible) * Wed Jul 18 2012 Fedora Release Engineering - 0.8.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 0.8.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865138 - erlang-eradius-0.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=865138 -------------------------------------------------------------------------------- ================================================================================ erlang-getopt-0.5.2-2.el6 (FEDORA-EPEL-2012-13149) Erlang module to parse command line arguments using the GNU getopt syntax -------------------------------------------------------------------------------- Update Information: - Ver. 0.5.2 - Rebuild with tests - Finally fixed tests on EL5 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.5.2-2 - Rebuild with tests - Finally fixed tests on EL5 * Thu Oct 11 2012 Peter Lemenkov - 0.5.2-1 - Ver. 0.5.2 * Wed Jul 18 2012 Fedora Release Engineering - 0.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865140 - erlang-getopt-0.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=865140 -------------------------------------------------------------------------------- ================================================================================ erlang-gproc-0.2.13.3-1.el6 (FEDORA-EPEL-2012-13137) Extended process registry for Erlang -------------------------------------------------------------------------------- Update Information: * Ver. 0.2.13.3 (bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.2.13.3-1 - Ver. 0.2.13.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #865141 - erlang-gproc-0.2.13.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=865141 -------------------------------------------------------------------------------- ================================================================================ erlang-lfe-0.6.2-1.el6 (FEDORA-EPEL-2012-13132) Lisp Flavoured Erlang -------------------------------------------------------------------------------- Update Information: * Ver. 0.6.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.6.2-1 - Ver. 0.6.2 (Backwards API/ABI compatible) * Wed Jul 18 2012 Fedora Release Engineering - 0.6.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 0.6.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Feb 8 2011 Fedora Release Engineering - 0.6.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865144 - erlang-lfe-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=865144 -------------------------------------------------------------------------------- ================================================================================ erlang-neotoma-1.5.1-1.el6 (FEDORA-EPEL-2012-13144) Erlang library and packrat parser-generator for parsing expression grammars -------------------------------------------------------------------------------- Update Information: - Ver. 1.5.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 1.5.1-1 - Ver. 1.5.1 * Wed Jul 18 2012 Fedora Release Engineering - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 1.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865148 - erlang-neotoma-1.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=865148 -------------------------------------------------------------------------------- ================================================================================ erlang-poolboy-0.9.1-1.el6 (FEDORA-EPEL-2012-13135) A hunky Erlang worker pool factory -------------------------------------------------------------------------------- Update Information: * Ver. 0.9.1 - Ver. 0.8.1 (backwards API compatible) - Ver. 0.8.1 (backwards API compatible) - Ver. 0.8.1 (backwards API compatible) - Ver. 0.8.1 (backwards API compatible) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.9.1-1 - Ver. 0.9.1 * Wed Oct 10 2012 Peter Lemenkov - 0.8.1-1 - Ver. 0.8.1 * Wed Jul 18 2012 Fedora Release Engineering - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865150 - erlang-poolboy-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=865150 -------------------------------------------------------------------------------- ================================================================================ erlang-riak_client-1.3.1-1.el6 (FEDORA-EPEL-2012-13143) Erlang client for Riak -------------------------------------------------------------------------------- Update Information: - Ver. 1.3.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Peter Lemenkov - 1.3.1-1 - Ver. 1.3.1 * Wed Sep 5 2012 Peter Lemenkov - 1.3.0-1 - Ver. 1.3.0 (API/ABI incompatible with previous one) * Wed Jul 18 2012 Fedora Release Engineering - 1.2.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #854460 - Upgrade erlang-riak_client to ver. 1.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=854460 -------------------------------------------------------------------------------- ================================================================================ erlang-sext-0.5.2-1.el6 (FEDORA-EPEL-2012-13150) Sortable Erlang Term Serialization -------------------------------------------------------------------------------- Update Information: - Ver. 0.5.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.5.2-1 - Ver. 0.5.2 (backwards API/ABI compatible) -------------------------------------------------------------------------------- References: [ 1 ] Bug #865155 - erlang-sext-0.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=865155 -------------------------------------------------------------------------------- ================================================================================ euca2ools-2.1.1-2.el6 (FEDORA-EPEL-2012-13133) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update merges the euca2ools-eustore package into the main euca2ools package. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Garrett Holmstrom - 2.1.1-2 - Combined the -eustore package into the main package [RH:865108] -------------------------------------------------------------------------------- References: [ 1 ] Bug #865108 - euca2ools-eustore package is unnecessary https://bugzilla.redhat.com/show_bug.cgi?id=865108 -------------------------------------------------------------------------------- ================================================================================ log4cxx-0.10.0-13.el6 (FEDORA-EPEL-2012-13146) A port to C++ of the Log4j project -------------------------------------------------------------------------------- Update Information: -Initial release for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #864815 - Please add log4cxx to EPEL 6 https://bugzilla.redhat.com/show_bug.cgi?id=864815 -------------------------------------------------------------------------------- ================================================================================ perl-WWW-GoodData-1.7-2.el6 (FEDORA-EPEL-2012-13131) Client library for GoodData REST-ful API -------------------------------------------------------------------------------- Update Information: Fixed misbehavior of auth handler with stock user agent -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Lubomir Rintel (GoodData) 1.7-2 - Fix the auth handler for clients that use stock LWP::UserAgent -------------------------------------------------------------------------------- ================================================================================ python-flask-wtf-0.8-1.el6 (FEDORA-EPEL-2012-13145) Simple integration of Flask and WTForms -------------------------------------------------------------------------------- Update Information: Updating python-wtforms and python-flask-wtf so that they work with python-flask-0.9 which is already in el6 stable -------------------------------------------------------------------------------- ================================================================================ python-moksha-common-1.0.6-1.el6 (FEDORA-EPEL-2012-13136) Common components for Moksha -------------------------------------------------------------------------------- Update Information: Slimmed down dependencies. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Ralph Bean - 1.0.6-1 - Bumped to 1.0.6. - Removed Requires on python-paste which has moved to python-moksha-wsgi. -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.0.7-1.el6 (FEDORA-EPEL-2012-13139) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: Support for zeromq3 Fix duplicate websocket message distribution. Enhancements to the consumer api. Conflict with old moksha. Upstream bugfixes. Initial packaging. -------------------------------------------------------------------------------- ================================================================================ python-moksha-wsgi-1.0.6-1.el6 (FEDORA-EPEL-2012-13134) WSGI components for Moksha -------------------------------------------------------------------------------- Update Information: Update to match the moksha.common api. Fix issue with moksha.extensions.js Fix tw2 resource archival. Conflict with old moksha. Include forgotten static resources. Upstream bugfixes. Initial packaging. -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.5.2-3.el6 (FEDORA-EPEL-2012-13142) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: Support for zeromq3 and older pyzmq New upstream with new zmq device types. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Ralph Bean - 0.5.2-3 - Patch to support older pyzmq on f17 and el6. - Fix changelog. * Wed Oct 10 2012 Ralph Bean - 0.5.2-2 - Added three patches to support zeromq3. * Tue Oct 2 2012 Ralph Bean - 0.5.2-1 - Latest upstream with new socket types. - Remove old epgm-disabling patch. - Add new egpm-disabling patch. * Sat Jul 21 2012 Fedora Release Engineering - 0.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-wtforms-1.0.2-1.el6 (FEDORA-EPEL-2012-13145) Forms validation and rendering library for python -------------------------------------------------------------------------------- Update Information: Updating python-wtforms and python-flask-wtf so that they work with python-flask-0.9 which is already in el6 stable -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 9 2012 Tim Flink - 1.0.2-1 - Upgraded to upstream 1.0.2 * Sat Jul 21 2012 Fedora Release Engineering - 0.6.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu Oct 11 18:54:36 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 11 Oct 2012 18:54:36 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121011185436.A6CFD21A9F@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6554/perl-RT-Authen-ExternalAuth-0.08-2.el5 42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 172 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing drupal7-feeds-2.0-0.5.alpha6.el5 erlang-getopt-0.5.2-2.el5 euca2ools-2.1.1-2.el5 Details about builds: ================================================================================ drupal7-feeds-2.0-0.5.alpha6.el5 (FEDORA-EPEL-2012-13130) An import and aggregation framework for Drupal -------------------------------------------------------------------------------- Update Information: Security fix release, https://drupal.org/node/1808832, http://drupal.org/node/1808282. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Peter Borsa - 2.0-0.5.alpha6 - Security fix * Wed Jul 18 2012 Fedora Release Engineering - 2.0-0.4.alpha5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ erlang-getopt-0.5.2-2.el5 (FEDORA-EPEL-2012-13140) Erlang module to parse command line arguments using the GNU getopt syntax -------------------------------------------------------------------------------- Update Information: - Ver. 0.5.2 - Rebuild with tests - Finally fixed tests on EL5 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 Peter Lemenkov - 0.5.2-2 - Rebuild with tests - Finally fixed tests on EL5 * Thu Oct 11 2012 Peter Lemenkov - 0.5.2-1 - Ver. 0.5.2 * Wed Jul 18 2012 Fedora Release Engineering - 0.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865140 - erlang-getopt-0.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=865140 -------------------------------------------------------------------------------- ================================================================================ euca2ools-2.1.1-2.el5 (FEDORA-EPEL-2012-13147) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update merges the euca2ools-eustore package into the main euca2ools package. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Garrett Holmstrom - 2.1.1-2 - Combined the -eustore package into the main package [RH:865108] -------------------------------------------------------------------------------- References: [ 1 ] Bug #865108 - euca2ools-eustore package is unnecessary https://bugzilla.redhat.com/show_bug.cgi?id=865108 -------------------------------------------------------------------------------- From updates at fedoraproject.org Fri Oct 12 19:56:32 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 12 Oct 2012 19:56:32 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121012195632.0EA8520B24@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 43 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 173 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 68 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 68 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13010/bacula-2.4.4-12.el5 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12949/phpldapadmin-1.2.2-3.gitbbedf1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing cobbler-2.4.0-beta2.el5 erlang-edown-0.3.1-1.el5 mapserver-5.6.8-1.el5 Details about builds: ================================================================================ cobbler-2.4.0-beta2.el5 (FEDORA-EPEL-2012-13152) Boot server configurator -------------------------------------------------------------------------------- Update Information: New release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 James Cammarata 2.4.0-beta2 - Modified spec version/release to be 2.4.0-beta2 (jimi at sngx.net) - fixing up a bad commit merge (jimi at sngx.net) * Thu Oct 11 2012 James Cammarata 2.4.0-beta1 - Beta Release 1 of 2.4.0 - BUGFIX - Issue #329 - Systems no longer allow an add with an image for a parent (jimi at sngx.net) - BUGFIX - Issue #327 - revert 5afcff7 and fix in a more sane way (jimi at sngx.net) - Removed some duplicates created by reapplying a patch (jimi at sngx.net) - BUGFIX - Issue #267 - old python-virtinst does not support --boot (jimi at sngx.net) - Revise install_post_puppet.py to use newer puppet syntax (stephen at esstec.co.uk) - Get rid of deprecated Puppet syntax so that cobbler works with Puppet 3.0 (stephen at esstec.co.uk) - Added ubuntu to dist check for named.conf location (daniel.givens at rackspace.com) - Expanded automatic determination of tftpboot path, isc dhcp and bind service names and config files based on distro. (daniel at givenstx.com) - Make the service name for DHCP and DNS restarts configurable for better portable between distros. (daniel.givens at rackspace.com) - Serial based on formatted date and revision number (alevy at mobitv.com) - Correct undefined variable name (jbd at jbdenis.net) - fix merge Issue #252 BUGFIX and #262 (daikame at gmail.com) - Add check for valid driver_type before executing qemu-img (jimi at sngx.net) - fix mistake remove import. (daikame at gmail.com) - move exec method to utils.py, and catch unexpected exception. (daikame at gmail.com) - not check driver type on create method. (daikame at gmail.com) - BUGFIX - Issue #305 - Incorrect Kickstart file when gPXE enabled (jimi at sngx.net) - BUGFIX - Issue #304 - Cobbler does not store values correctly for ksmeta Objects were getting flattened improperly, so it was losing escapes/quoting for values with spaces (jimi at sngx.net) - add vmdk and raw file create support. (daikame at gmail.com) - BUGFIX - Issue #267 - old python-virtinst does not support --boot (jimi at sngx.net) - Modified spec version/release to be 2.4.0-beta-1 (jimi at sngx.net) - Initial commit for mysql backend support (jimi at sngx.net) - BUGFIX - Issue #277 - move webroot to /srv/www for debian/ubuntu (jimi at sngx.net) - FEATURE - adding 'zonetype' variable for DNS zone rendering (jimi at sngx.net) - BUGFIX - Issue #278 - cobbler import fails for ubuntu images due to rsync args (jimi at sngx.net) - BUGFIX - Issue #285 - update cobbler man page for incorrect options (jimi at sngx.net) - BUGFIX - Issue #241 - adding distro with blank name via XMLRPC should not work (jimi at sngx.net) - BUGFIX - Issue #272 - allow anamon to log entries when building systems based on profiles (no corresponding system record) (jimi at sngx.net) - BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match preventing LV creation (jimi at sngx.net) - BUGFIX - Issue #287 - patch to allow templar to work without a config, which was breaking the tftpd.py script (jimi at sngx.net) - add qcow2 driver type (daikame at gmail.com) - fix koan qemu-machine-type param test. (daikame at gmail.com) - Only cosmetic cleanup - removed commands that were commented out, added spaces for more clear code (flaks at bnl.gov) - Modified sample.seed to make use kickstart_start and kickstart_done snippets for debian. As a result the following cobbler features work for debian: - prevent net boot looping - cobbler status reflects debian installations - preseed file is downloaded a nd saved on the installed system as /var/log/cobbler.seed Also made download_config_files_deb snippet, make use of late_command New post_run_deb snippet allows to execute post installation script. (flaks at bnl.gov) - Some changes for testing (jimi at sngx.net) - Minor fix for urlparse on older pythons (>2.5) (jimi at sngx.net) - FEATURE - Issue #253 - Use PEERDNS=no for DHCP interfaces when name servers are specified (jimi at sngx.net) - install-tree for debian/ubuntu modified to take tree= from meta data. http, ftp and nfs remote tree locations supported (flaks at bnl.gov) - add support of custom logical volume name (daikame at gmail.com) - Partial revert of 87acfc8b, and a minor change to bring the koan extra-args inline with the PXE args (jimi at sngx.net) - New default preseed, and a few minor changes to make ubuntu auto install work better (jimi at sngx.net) - Add support for qemu machine type to emulate (option --qemu-machine-type). (isaoshimizu at gmail.com) - Modern x86 kernels have 2048 char limit and this is needed to support configurations with kickstart+NIC kernel params. Otherwise koan refuses to accept the param list. (oliver at cpan.org) - Allow koan's -S option to work for SuSE breed. Also remove -S for breed=None, as I assume "Red Hat" is not a sane assumption for all Distros without a breed. (oliver at cpan.org) - Only add a udev net rule for an interface if the MAC is set. This fixes behaviour whereby a dummy udev rule at eth0 forces the first NIC to get eth1 post-install. (oliver at cpan.org) - Make the domainname setting be the full eth0 DNS Name, minus the first dotted part (and not the FQDN). (oliver at cpan.org) - BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match preventing LV creation (jimi at sngx.net) - Added back in the filesystem loader. (oliver at cpan.org) - BUGFIX - Issue #247 - Reposync does not work from the web interface (jimi at sngx.net) - BUGFIX - Issue #246 - CentOS 5.x install fence_tools to /sbin/ (jimi at sngx.net) - Fix post_report trigger typo (jimi at sngx.net) - Some fixes for koan running with an old virt-install (jimi at sngx.net) - Define pxe_menu_items variable when creating PXE files for systems (jthiltges2 at unl.edu) - Refactor PXE and GRUB menu item creation into a separate function (jthiltges2 at unl.edu) - django 1.4 and later have deprecated the old TEMPLATE_LOADERS and replaced them with a new app_directories.Loader (oliver at cpan.org) - Add support for UEFI boot to the subnet, but not for defined systems yet. (erinn.looneytriggs at gmail.com) - Fix redhat import whitelist for Fedora 17 (jimi at sngx.net) - Fix unittest on the case of haven't virt-install libs. (daikame at gmail.com) - os_version for debian should be similar to ubunty for virt-install to work changed tree in app.py so that I can use debian mirror different from cobbler server (flaks at bnl.gov) - fedora 17 changed the output of ifconfig command. This will make IFNAME set in snippets again (flaks at bnl.gov) - remove edit for now (flaks at bnl.gov) - Fixed snippets for bonded_bridge_slave and a few other fixes for koan/web GUI (jimi at sngx.net) - Initial support for bonded_bridge_slave type. TODO: modifying snippets to actually make it work... (jimi at sngx.net) - The webui_sessions directory belongs only to cobbler-web (chutzimir at gmail.com) - RPM: put cobbler*.conf files only in /etc/httpd/conf.d (cristian.ciupitu at yahoo.com) - better fix for pull request #228 (jorgen.maas at gmail.com) - make rpms failed because the misc/ directory containing the augeas lense could not be found. this simple diff fixes that. (jorgen.maas at gmail.com) - Ubuntu actually requires auto=true in kopts See http://serverfault.com/a/144290/39018 (ekirpichov at gmail.com) - Whitespace cleanup for the new openvz stuff (jimi at sngx.net) - Remove dead code (useless imports) (cristian.ciupitu at yahoo.com) - BUGFIX extra-args option problems (daikame at gmail.com) - FIX koan virt-install tests. (daikame at gmail.com) - added debian support to prevent net boot looping (flaks at bnl.gov) - README.openvz: - added (nvrhood at gmail.com) - scripts/ovz-install: - added support for "services" kickstart option - corrected repos and installation source processing (nvrhood at gmail.com) - cobbler.spec, setup.py: - added scripts/ovz-install (nvrhood at gmail.com) - koan/openvzcreate.py, scripts/ovz-install: - changes in copyright notice (nvrhood at gmail.com) - koan/app.py: - bug in koan: size of freespace on VG expressed as float with comma, but need fload with point (nvrhood at gmail.com) - koan/app.py: - added type "openvz" (nvrhood at gmail.com) - cobbler/collection.py: - openvz containers doesn't need to boot from PXE, so we prevent PXE-menu creation for such profiles. (nvrhood at gmail.com) - cobbler/item_profile.py, cobbler/utils.py: - added "openvz" virtualization type (nvrhood at gmail.com) - cobbler/item_system.py: - added openvz for virt_type (nvrhood at gmail.com) - [BUGFIX] template errors can hit an exception path that references an undefined variable (jimi at sngx.net) - If the call to int() fails, inum has no value, thus the reference to inum in the except clause causes an UnboundLocalError when it tries to reference inum. (joshua at azariah.com) - Add new ubuntu (alpha) version to codes.py (jorgen.maas at gmail.com) - Not all remove current ifcfg- post_install_network_config (me at n0ts.org) - Update systemctl script to resolve some issues (jimi at sngx.net) - More spec fixes (jimi at sngx.net) - Removing replicate_use_default_rsync_options setting and setting replicate_rsync_options to existing rsync default. Issue #58 (john at julienfamily.com) - Commit for RFE: Expose rsync options during replication. Issue #58 (john at julienfamily.com) - Yet more HTML/CSS fixes, cleaning up some overly large inputs caused by other CSS changes (jimi at sngx.net) - More HTML/CSS improvements for new weblayout (jimi at sngx.net) - CSS improvements for the tabbed layout (jimi at sngx.net) - Fix for settings edit using the new tab format (jimi at sngx.net) - Added a cancel button to replace the reset button (jimi at sngx.net) - Fix saving of multiselect fields (jimi at sngx.net) - Modification to generic_edit template to use tabs for categories plus some miscellaneous cleanup (jimi at sngx.net) - Adding an example line for redhat imports to the whitelist file (jimi at sngx.net) - Another minor fix for suse imports - fixing up name when using --available-as (already done in other import modules) - allowing multiple arch imports (also already done in other imports) (jimi at sngx.net) - Some fixups for suse using --available-as (jimi at sngx.net) - Fix for import when using --available-as - currently rsyncs full remote tree, changing that to only import files in a white list - some modifications to import modules to clean some things up and make available-as work better - fix in utils.py for path_tail, which was not working right and appending the full path (jimi at sngx.net) - Run the same sed command on the default distributed config file to ensure consistent indentation (jimi at sngx.net) - Add setting to enable/disable dynamic settings changes Adding cobblersettings.aug to distributed files, since we need a copy that doesn't insert tabs Added a "cobbler check" that checks if dynamic settings is enabled and prints a sed command to cleanup the settings file spacing/indents (jimi at sngx.net) - Change cli command "settings" to "setting" to match other commands (which are not plurarlized) (jimi at sngx.net) - Removing commented-out try/except block in config.py, didn't mean to commit this (jimi at sngx.net) - Fixed/improved CLI reporting for settings (jimi at sngx.net) - Added support for validating setting type when saving Also fixed up the augeas stuff to save lists and hashes correctly (jimi at sngx.net) - Fix for incorrect redirect when login times out when looking at a setting edit (jimi at sngx.net) - Dynamic settings edit support for the web GUI (jimi at sngx.net) - Added ability to write settings file via augeas (jimi at sngx.net) - Initial support for modifying settings live Changed settings do not survive a reboot and revert to what's in /etc/cobbler/settings TODO: * report --name show a single setting * validate settings based on type (string, list, bool, etc.) * web support for editing * persisting settings after change (jimi at sngx.net) - Branch for 2.4.0, updated spec and setup.py (jimi at sngx.net) -------------------------------------------------------------------------------- ================================================================================ erlang-edown-0.3.1-1.el5 (FEDORA-EPEL-2012-13162) EDoc extension for generating Github-flavored Markdown -------------------------------------------------------------------------------- Update Information: * Ver. 0.3.1 (fully API compatible bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Peter Lemenkov - 0.3.1-1 - Ver. 0.3.1 * Wed Jul 18 2012 Fedora Release Engineering - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865607 - erlang-edown-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=865607 -------------------------------------------------------------------------------- ================================================================================ mapserver-5.6.8-1.el5 (FEDORA-EPEL-2012-13159) Environment for building spatially-enabled internet applications -------------------------------------------------------------------------------- Update Information: Update to 5.6.8, for various fixes described at: http://trac.osgeo.org/mapserver/browser/tags/rel-5-6-8/mapserver/HISTORY.TXT -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Pavel Lis? - 5.6.8-1 - Update to 5.6.8, for various fixes described at: http://trac.osgeo.org/mapserver/browser/tags/rel-5-6-8/mapserver/HISTORY.TXT - Merged from 5.6.5-6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #597945 - Add support for mapserver 5 https://bugzilla.redhat.com/show_bug.cgi?id=597945 -------------------------------------------------------------------------------- From updates at fedoraproject.org Fri Oct 12 19:56:31 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 12 Oct 2012 19:56:31 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121012195631.0519A20B0A@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12946/phpldapadmin-1.2.2-3.gitbbedf1.el6 173 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 96 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 68 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 43 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 361 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing cobbler-2.4.0-beta2.el6 erlang-cluster_info-1.2.2-1.el6 erlang-edown-0.3.1-1.el6 haproxy-1.4.22-1.el6 libyubikey-1.9-1.el6 mapserver-6.0.3-4.el6 mongodb-2.2.0-6.el6 openstack-nova-2012.1.3-1.el6 php-pear-PHP-CodeSniffer-1.4.0-1.el6 php-phpunit-File-Iterator-1.3.3-1.el6 php-phpunit-PHP-Timer-1.0.4-1.el6 php-phpunit-PHP-TokenStream-1.1.5-1.el6 python-django-appconf-0.5-2.el6 python-django-compressor-1.2-3.el6 python-greenlet-0.3.1-11.el6 rubygem-wirble-0.1.3-1.el6 Details about builds: ================================================================================ cobbler-2.4.0-beta2.el6 (FEDORA-EPEL-2012-13155) Boot server configurator -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 James Cammarata 2.4.0-beta2 - Modified spec version/release to be 2.4.0-beta2 (jimi at sngx.net) - fixing up a bad commit merge (jimi at sngx.net) * Thu Oct 11 2012 James Cammarata 2.4.0-beta1 - Beta Release 1 of 2.4.0 - BUGFIX - Issue #329 - Systems no longer allow an add with an image for a parent (jimi at sngx.net) - BUGFIX - Issue #327 - revert 5afcff7 and fix in a more sane way (jimi at sngx.net) - Removed some duplicates created by reapplying a patch (jimi at sngx.net) - BUGFIX - Issue #267 - old python-virtinst does not support --boot (jimi at sngx.net) - Revise install_post_puppet.py to use newer puppet syntax (stephen at esstec.co.uk) - Get rid of deprecated Puppet syntax so that cobbler works with Puppet 3.0 (stephen at esstec.co.uk) - Added ubuntu to dist check for named.conf location (daniel.givens at rackspace.com) - Expanded automatic determination of tftpboot path, isc dhcp and bind service names and config files based on distro. (daniel at givenstx.com) - Make the service name for DHCP and DNS restarts configurable for better portable between distros. (daniel.givens at rackspace.com) - Serial based on formatted date and revision number (alevy at mobitv.com) - Correct undefined variable name (jbd at jbdenis.net) - fix merge Issue #252 BUGFIX and #262 (daikame at gmail.com) - Add check for valid driver_type before executing qemu-img (jimi at sngx.net) - fix mistake remove import. (daikame at gmail.com) - move exec method to utils.py, and catch unexpected exception. (daikame at gmail.com) - not check driver type on create method. (daikame at gmail.com) - BUGFIX - Issue #305 - Incorrect Kickstart file when gPXE enabled (jimi at sngx.net) - BUGFIX - Issue #304 - Cobbler does not store values correctly for ksmeta Objects were getting flattened improperly, so it was losing escapes/quoting for values with spaces (jimi at sngx.net) - add vmdk and raw file create support. (daikame at gmail.com) - BUGFIX - Issue #267 - old python-virtinst does not support --boot (jimi at sngx.net) - Modified spec version/release to be 2.4.0-beta-1 (jimi at sngx.net) - Initial commit for mysql backend support (jimi at sngx.net) - BUGFIX - Issue #277 - move webroot to /srv/www for debian/ubuntu (jimi at sngx.net) - FEATURE - adding 'zonetype' variable for DNS zone rendering (jimi at sngx.net) - BUGFIX - Issue #278 - cobbler import fails for ubuntu images due to rsync args (jimi at sngx.net) - BUGFIX - Issue #285 - update cobbler man page for incorrect options (jimi at sngx.net) - BUGFIX - Issue #241 - adding distro with blank name via XMLRPC should not work (jimi at sngx.net) - BUGFIX - Issue #272 - allow anamon to log entries when building systems based on profiles (no corresponding system record) (jimi at sngx.net) - BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match preventing LV creation (jimi at sngx.net) - BUGFIX - Issue #287 - patch to allow templar to work without a config, which was breaking the tftpd.py script (jimi at sngx.net) - add qcow2 driver type (daikame at gmail.com) - fix koan qemu-machine-type param test. (daikame at gmail.com) - Only cosmetic cleanup - removed commands that were commented out, added spaces for more clear code (flaks at bnl.gov) - Modified sample.seed to make use kickstart_start and kickstart_done snippets for debian. As a result the following cobbler features work for debian: - prevent net boot looping - cobbler status reflects debian installations - preseed file is downloaded a nd saved on the installed system as /var/log/cobbler.seed Also made download_config_files_deb snippet, make use of late_command New post_run_deb snippet allows to execute post installation script. (flaks at bnl.gov) - Some changes for testing (jimi at sngx.net) - Minor fix for urlparse on older pythons (>2.5) (jimi at sngx.net) - FEATURE - Issue #253 - Use PEERDNS=no for DHCP interfaces when name servers are specified (jimi at sngx.net) - install-tree for debian/ubuntu modified to take tree= from meta data. http, ftp and nfs remote tree locations supported (flaks at bnl.gov) - add support of custom logical volume name (daikame at gmail.com) - Partial revert of 87acfc8b, and a minor change to bring the koan extra-args inline with the PXE args (jimi at sngx.net) - New default preseed, and a few minor changes to make ubuntu auto install work better (jimi at sngx.net) - Add support for qemu machine type to emulate (option --qemu-machine-type). (isaoshimizu at gmail.com) - Modern x86 kernels have 2048 char limit and this is needed to support configurations with kickstart+NIC kernel params. Otherwise koan refuses to accept the param list. (oliver at cpan.org) - Allow koan's -S option to work for SuSE breed. Also remove -S for breed=None, as I assume "Red Hat" is not a sane assumption for all Distros without a breed. (oliver at cpan.org) - Only add a udev net rule for an interface if the MAC is set. This fixes behaviour whereby a dummy udev rule at eth0 forces the first NIC to get eth1 post-install. (oliver at cpan.org) - Make the domainname setting be the full eth0 DNS Name, minus the first dotted part (and not the FQDN). (oliver at cpan.org) - BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match preventing LV creation (jimi at sngx.net) - Added back in the filesystem loader. (oliver at cpan.org) - BUGFIX - Issue #247 - Reposync does not work from the web interface (jimi at sngx.net) - BUGFIX - Issue #246 - CentOS 5.x install fence_tools to /sbin/ (jimi at sngx.net) - Fix post_report trigger typo (jimi at sngx.net) - Some fixes for koan running with an old virt-install (jimi at sngx.net) - Define pxe_menu_items variable when creating PXE files for systems (jthiltges2 at unl.edu) - Refactor PXE and GRUB menu item creation into a separate function (jthiltges2 at unl.edu) - django 1.4 and later have deprecated the old TEMPLATE_LOADERS and replaced them with a new app_directories.Loader (oliver at cpan.org) - Add support for UEFI boot to the subnet, but not for defined systems yet. (erinn.looneytriggs at gmail.com) - Fix redhat import whitelist for Fedora 17 (jimi at sngx.net) - Fix unittest on the case of haven't virt-install libs. (daikame at gmail.com) - os_version for debian should be similar to ubunty for virt-install to work changed tree in app.py so that I can use debian mirror different from cobbler server (flaks at bnl.gov) - fedora 17 changed the output of ifconfig command. This will make IFNAME set in snippets again (flaks at bnl.gov) - remove edit for now (flaks at bnl.gov) - Fixed snippets for bonded_bridge_slave and a few other fixes for koan/web GUI (jimi at sngx.net) - Initial support for bonded_bridge_slave type. TODO: modifying snippets to actually make it work... (jimi at sngx.net) - The webui_sessions directory belongs only to cobbler-web (chutzimir at gmail.com) - RPM: put cobbler*.conf files only in /etc/httpd/conf.d (cristian.ciupitu at yahoo.com) - better fix for pull request #228 (jorgen.maas at gmail.com) - make rpms failed because the misc/ directory containing the augeas lense could not be found. this simple diff fixes that. (jorgen.maas at gmail.com) - Ubuntu actually requires auto=true in kopts See http://serverfault.com/a/144290/39018 (ekirpichov at gmail.com) - Whitespace cleanup for the new openvz stuff (jimi at sngx.net) - Remove dead code (useless imports) (cristian.ciupitu at yahoo.com) - BUGFIX extra-args option problems (daikame at gmail.com) - FIX koan virt-install tests. (daikame at gmail.com) - added debian support to prevent net boot looping (flaks at bnl.gov) - README.openvz: - added (nvrhood at gmail.com) - scripts/ovz-install: - added support for "services" kickstart option - corrected repos and installation source processing (nvrhood at gmail.com) - cobbler.spec, setup.py: - added scripts/ovz-install (nvrhood at gmail.com) - koan/openvzcreate.py, scripts/ovz-install: - changes in copyright notice (nvrhood at gmail.com) - koan/app.py: - bug in koan: size of freespace on VG expressed as float with comma, but need fload with point (nvrhood at gmail.com) - koan/app.py: - added type "openvz" (nvrhood at gmail.com) - cobbler/collection.py: - openvz containers doesn't need to boot from PXE, so we prevent PXE-menu creation for such profiles. (nvrhood at gmail.com) - cobbler/item_profile.py, cobbler/utils.py: - added "openvz" virtualization type (nvrhood at gmail.com) - cobbler/item_system.py: - added openvz for virt_type (nvrhood at gmail.com) - [BUGFIX] template errors can hit an exception path that references an undefined variable (jimi at sngx.net) - If the call to int() fails, inum has no value, thus the reference to inum in the except clause causes an UnboundLocalError when it tries to reference inum. (joshua at azariah.com) - Add new ubuntu (alpha) version to codes.py (jorgen.maas at gmail.com) - Not all remove current ifcfg- post_install_network_config (me at n0ts.org) - Update systemctl script to resolve some issues (jimi at sngx.net) - More spec fixes (jimi at sngx.net) - Removing replicate_use_default_rsync_options setting and setting replicate_rsync_options to existing rsync default. Issue #58 (john at julienfamily.com) - Commit for RFE: Expose rsync options during replication. Issue #58 (john at julienfamily.com) - Yet more HTML/CSS fixes, cleaning up some overly large inputs caused by other CSS changes (jimi at sngx.net) - More HTML/CSS improvements for new weblayout (jimi at sngx.net) - CSS improvements for the tabbed layout (jimi at sngx.net) - Fix for settings edit using the new tab format (jimi at sngx.net) - Added a cancel button to replace the reset button (jimi at sngx.net) - Fix saving of multiselect fields (jimi at sngx.net) - Modification to generic_edit template to use tabs for categories plus some miscellaneous cleanup (jimi at sngx.net) - Adding an example line for redhat imports to the whitelist file (jimi at sngx.net) - Another minor fix for suse imports - fixing up name when using --available-as (already done in other import modules) - allowing multiple arch imports (also already done in other imports) (jimi at sngx.net) - Some fixups for suse using --available-as (jimi at sngx.net) - Fix for import when using --available-as - currently rsyncs full remote tree, changing that to only import files in a white list - some modifications to import modules to clean some things up and make available-as work better - fix in utils.py for path_tail, which was not working right and appending the full path (jimi at sngx.net) - Run the same sed command on the default distributed config file to ensure consistent indentation (jimi at sngx.net) - Add setting to enable/disable dynamic settings changes Adding cobblersettings.aug to distributed files, since we need a copy that doesn't insert tabs Added a "cobbler check" that checks if dynamic settings is enabled and prints a sed command to cleanup the settings file spacing/indents (jimi at sngx.net) - Change cli command "settings" to "setting" to match other commands (which are not plurarlized) (jimi at sngx.net) - Removing commented-out try/except block in config.py, didn't mean to commit this (jimi at sngx.net) - Fixed/improved CLI reporting for settings (jimi at sngx.net) - Added support for validating setting type when saving Also fixed up the augeas stuff to save lists and hashes correctly (jimi at sngx.net) - Fix for incorrect redirect when login times out when looking at a setting edit (jimi at sngx.net) - Dynamic settings edit support for the web GUI (jimi at sngx.net) - Added ability to write settings file via augeas (jimi at sngx.net) - Initial support for modifying settings live Changed settings do not survive a reboot and revert to what's in /etc/cobbler/settings TODO: * report --name show a single setting * validate settings based on type (string, list, bool, etc.) * web support for editing * persisting settings after change (jimi at sngx.net) - Branch for 2.4.0, updated spec and setup.py (jimi at sngx.net) -------------------------------------------------------------------------------- ================================================================================ erlang-cluster_info-1.2.2-1.el6 (FEDORA-EPEL-2012-13168) Cluster info/postmortem inspector for Erlang applications -------------------------------------------------------------------------------- Update Information: * Ver. 1.2.2 (backwards API compatible) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Peter Lemenkov - 1.2.2-1 - Ver. 1.2.2 - Switched upstream to Basho * Wed Jul 18 2012 Fedora Release Engineering - 0.1.0-0.5.20101229gitd077716 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 0.1.0-0.4.20101229gitd077716 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865606 - erlang-cluster_info-0.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=865606 -------------------------------------------------------------------------------- ================================================================================ erlang-edown-0.3.1-1.el6 (FEDORA-EPEL-2012-13165) EDoc extension for generating Github-flavored Markdown -------------------------------------------------------------------------------- Update Information: * Ver. 0.3.1 (fully API compatible bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Peter Lemenkov - 0.3.1-1 - Ver. 0.3.1 * Wed Jul 18 2012 Fedora Release Engineering - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865607 - erlang-edown-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=865607 -------------------------------------------------------------------------------- ================================================================================ haproxy-1.4.22-1.el6 (FEDORA-EPEL-2012-13151) HA-Proxy is a TCP/HTTP reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information: Upstream security update Update to upstream 1.4.20 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Robin Lee - 1.4.22-1 - Update to 1.4.22 (CVE-2012-2942, #824544, #824545) - Use linux2628 build target - No separate x86_64 build target for halog - halog build honors rpmbuild optflags - Specfile cleanup * Tue Apr 3 2012 Jeremy Hinegardner - 1.4.20-1 - Update to 1.4.20 -------------------------------------------------------------------------------- References: [ 1 ] Bug #824542 - CVE-2012-2942 haproxy: trash buffer overflow flaw can lead to arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=824542 -------------------------------------------------------------------------------- ================================================================================ libyubikey-1.9-1.el6 (FEDORA-EPEL-2012-13153) C library for decrypting and parsing Yubikey One-time passwords -------------------------------------------------------------------------------- Update Information: New upstream release 1.9 with memory leak and rpath fixes, gnulib update -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 1 2012 - Maxim Burgerhout - 1.9-1 - New upstream release 1.9 with memory leak and rpath fixes, gnulib update * Thu Jul 19 2012 Fedora Release Engineering - 1.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mapserver-6.0.3-4.el6 (FEDORA-EPEL-2012-13160) Environment for building spatially-enabled internet applications -------------------------------------------------------------------------------- Update Information: Initial working version for el6 -------------------------------------------------------------------------------- ================================================================================ mongodb-2.2.0-6.el6 (FEDORA-EPEL-2012-13166) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Update to 2.2.0 Update init script to use a pidfile -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Troy Dawson - 2.2.0-6 - full flag patch to get 32 bit builds to work * Tue Oct 2 2012 Troy Dawson - 2.2.0-5 - shared libraries patch - Fix up minor %files issues * Fri Sep 28 2012 Troy Dawson - 2.2.0-4 - Fix spec files problems * Fri Sep 28 2012 Troy Dawson - 2.2.0-3 - Updated patch to use system libraries - Update init script to use a pidfile * Thu Sep 27 2012 Troy Dawson - 2.2.0-2 - Added patch to use system libraries * Wed Sep 19 2012 Troy Dawson - 2.2.0-1 - Updated to 2.2.0 - Updated patches that were still needed - use v8 instead of spider_monkey due to bundled library issues -------------------------------------------------------------------------------- ================================================================================ openstack-nova-2012.1.3-1.el6 (FEDORA-EPEL-2012-13158) OpenStack Compute (nova) -------------------------------------------------------------------------------- Update Information: - Restore libvirt block storage connections on reboot - Fix libvirt volume attachment error logging - Ensure instances with deleted floating IPs can be deleted - Ensure can contact floating IP after instance snapshot - Fix tenant usage time accounting - Ensure correct disk definitions are used on volume attach/detach - Improve concurrency of long running tasks - Fix unmounting of LXC containers in the presence of symlinks - Fix external lock corruption in the presence of SELinux - Allow snapshotting images that are deleted in glance - Ensure the correct fixed IP is deallocated when deleting VMs -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Nikola Dipanov - 2012.1.3-1 - Restore libvirt block storage connections on reboot - Fix libvirt volume attachment error logging - Ensure instances with deleted floating IPs can be deleted - Ensure can contact floating IP after instance snapshot - Fix tenant usage time accounting - Ensure correct disk definitions are used on volume attach/detach - Improve concurrency of long running tasks - Fix unmounting of LXC containers in the presence of symlinks - Fix external lock corruption in the presence of SELinux - Allow snapshotting images that are deleted in glance - Ensure the correct fixed IP is deallocated when deleting VMs -------------------------------------------------------------------------------- ================================================================================ php-pear-PHP-CodeSniffer-1.4.0-1.el6 (FEDORA-EPEL-2012-13156) PHP coding standards enforcement tool -------------------------------------------------------------------------------- Update Information: upstream 1.4.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Christof Damian - 1.4.0-1 - upstream 1.4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #860615 - php-pear-PHP-CodeSniffer-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=860615 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-File-Iterator-1.3.3-1.el6 (FEDORA-EPEL-2012-13169) FilterIterator implementation that filters files based on a list of suffixes -------------------------------------------------------------------------------- Update Information: upstream 1.3.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Christof Damian - 1.3.3-1 - upstream 1.3.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #863786 - php-phpunit-File-Iterator-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=863786 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHP-Timer-1.0.4-1.el6 (FEDORA-EPEL-2012-13163) PHP Utility class for timing -------------------------------------------------------------------------------- Update Information: upstream 1.0.4 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Christof Damian - 1.0.4-1 - upstream 1.0.4 * Sat Jul 21 2012 Fedora Release Engineering - 1.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 1.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #860616 - php-phpunit-PHP-Timer-1.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=860616 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHP-TokenStream-1.1.5-1.el6 (FEDORA-EPEL-2012-13167) Wrapper around PHP tokenizer extension -------------------------------------------------------------------------------- Update Information: upstream 1.1.5 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Christof Damian - 1.1.5-1 - upstream 1.1.5 * Sat Jul 21 2012 Fedora Release Engineering - 1.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #860381 - php-phpunit-PHP-TokenStream-1.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=860381 -------------------------------------------------------------------------------- ================================================================================ python-django-appconf-0.5-2.el6 (FEDORA-EPEL-2012-13161) A helper class for handling configuration defaults of packaged apps gracefully -------------------------------------------------------------------------------- Update Information: Initial packaging for el6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #856099 - Review Request: python-django-appconf - A helper class for handling configuration defaults of packaged apps gracefully https://bugzilla.redhat.com/show_bug.cgi?id=856099 -------------------------------------------------------------------------------- ================================================================================ python-django-compressor-1.2-3.el6 (FEDORA-EPEL-2012-13154) Compresses linked and inline JavaScript or CSS into single cached files -------------------------------------------------------------------------------- Update Information: Initial build for el6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #856111 - Review Request: python-django-compressor - Compresses linked and inline JavaScript or CSS into single cached files https://bugzilla.redhat.com/show_bug.cgi?id=856111 -------------------------------------------------------------------------------- ================================================================================ python-greenlet-0.3.1-11.el6 (FEDORA-EPEL-2012-13164) Lightweight in-process concurrent programming -------------------------------------------------------------------------------- Update Information: - Support ppc64 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 11 2012 P?draig Brady

- 0.3.1-11 - Add support for ppc64 * Sat Jul 21 2012 Fedora Release Engineering - 0.3.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.3.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Nov 25 2011 Dan Hor?k - 0.3.1-8 - disable tests also for s390(x) * Thu Nov 17 2011 P?draig Brady

- 0.3.1-7 - Fix %check quoting in the previous comment which when left with a single percent sign, pulled in "unset DISPLAY\n" into the changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #865579 - python-greenlet segfaults on ppc64 https://bugzilla.redhat.com/show_bug.cgi?id=865579 -------------------------------------------------------------------------------- ================================================================================ rubygem-wirble-0.1.3-1.el6 (FEDORA-EPEL-2012-13157) Handful of common Irb features, made easy -------------------------------------------------------------------------------- Update Information: First build of Wirble for EPEL. -------------------------------------------------------------------------------- From kevin at scrye.com Fri Oct 12 21:53:53 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Fri, 12 Oct 2012 15:53:53 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: Message-ID: <20121012155353.4400ceef@jelerak.scrye.com> On Wed, 10 Oct 2012 13:13:41 -0500 Greg Swift wrote: > So... I've paid attention to the conversations around this because i > was a long time zabbix user, so it affected me in that I had to build > my own 'latest' packages usually or download from the maintainer's > personal repository. If I remember correctly it has also been > discussed around lots of web apps like bugzilla as well. Yeah. There's a lot of apps out there that have a different release cycle that RHEL has, so we have to try and adjust to that. Keeping in mind that most people who are using RHEL don't like things changing very much. ...snip... > So the two scenarios I'm looking at: > > 1: collectd [3] - to make version 5 available in epel5/6 will have to > submit collectd5 package. Most of the work is done, but right now the > created package 'conflicts' due to duplicate library files and the > perl-Collectd module needing to be renamed. I can usually package up > software pretty readily, and I don't know how to do what is needed to > do this without more guidance (more admin than dev). Because of what > the software is, I'd imagine most people are running either version 4 > or version 5. Some people might be running both environments from the > server side (separate collectors), but aren't likely to have a > monitored (client) system active in both. Right. I think this may be something we want to ask the Fedora Packaging folks (who live on the packaging list) about. The main problem with conflicts is that it's something that is detected by yum at the 'test' stage. It means you have chosen, downloaded a bunch of stuff and then yum tells you, "WOAH, these confict, fix it and try again". This is not very friendly. If you do this in the installer it's even worse. In this case I guess your reasoning makes sense to me, people are unlikely to want to run both at the same time on clients. However, on servers they might... what parts of them would conflict? > 2: rubygem-rspec (no associated bugzilla entry that I am aware of yet) > - to make rspec-puppet available in epel 5/6 version 2 of rspec needs > to be made available. I assume this means that the same general > concept of rspec2 package needing to be initiated begins. With this > one there appears to be way more impact as there are at least 3 > packages that build on top of rspec currently. [4] Because this is > more of a library set of packages, and most of those packages perform > different functionality for rspec that may not always be for the same > end use cases it makes conflicts a harder possibility. So i'd imagine > either a) have to do a parallel installable rspec2 release of all of > them that conflicts so that the 'gems' themselves don't need to be > adjusted or b) adjust the entire rubygem so that it behaves as rspec2 > and make the other gems use rspec2 rather than rspec. Well, this is a reasoning for rspec2 to be completely parallel installable. Can't those things that wish continue to use rspec1? Or would that lead to mixing them both since they are in the same stack? kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From gregswift at gmail.com Sat Oct 13 03:35:03 2012 From: gregswift at gmail.com (Greg Swift) Date: Fri, 12 Oct 2012 22:35:03 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121012155353.4400ceef@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> Message-ID: On Fri, Oct 12, 2012 at 4:53 PM, Kevin Fenzi wrote: > On Wed, 10 Oct 2012 13:13:41 -0500 > Greg Swift wrote: > >> So... I've paid attention to the conversations around this because i >> was a long time zabbix user, so it affected me in that I had to build >> my own 'latest' packages usually or download from the maintainer's >> personal repository. If I remember correctly it has also been >> discussed around lots of web apps like bugzilla as well. > > Yeah. > > There's a lot of apps out there that have a different release cycle > that RHEL has, so we have to try and adjust to that. Keeping in mind > that most people who are using RHEL don't like things changing very > much. I'm all for that. Technically its one of the benefits of them being different package namespaces that conflict, you won't get a change you don't force with intent :) > ...snip... > >> So the two scenarios I'm looking at: >> >> 1: collectd [3] - to make version 5 available in epel5/6 will have to >> submit collectd5 package. Most of the work is done, but right now the >> created package 'conflicts' due to duplicate library files and the >> perl-Collectd module needing to be renamed. I can usually package up >> software pretty readily, and I don't know how to do what is needed to >> do this without more guidance (more admin than dev). Because of what >> the software is, I'd imagine most people are running either version 4 >> or version 5. Some people might be running both environments from the >> server side (separate collectors), but aren't likely to have a >> monitored (client) system active in both. > > Right. I think this may be something we want to ask the Fedora > Packaging folks (who live on the packaging list) about. good plan > The main problem with conflicts is that it's something that is detected > by yum at the 'test' stage. It means you have chosen, downloaded a > bunch of stuff and then yum tells you, "WOAH, these confict, fix it and > try again". This is not very friendly. If you do this in the installer > it's even worse. that is unfortunate > In this case I guess your reasoning makes sense to me, people are > unlikely to want to run both at the same time on clients. However, on > servers they might... what parts of them would conflict? hmm... still tough to justify running simultaneous on the same server. Maybe I've just always had machines available (both virtual and physical) . That being said, i wonder if we make the packages support --prefix if the customer can override and make it work? I just don't think we should spend a lot of time and resources trying to make something work for the sub1% that are doing something uncommon and special in the first place. However, If one of the people that wants that wants to chip in and provide use case, testing, and preferably patches that would be awesome. >> 2: rubygem-rspec (no associated bugzilla entry that I am aware of yet) >> - to make rspec-puppet available in epel 5/6 version 2 of rspec needs >> to be made available. I assume this means that the same general >> concept of rspec2 package needing to be initiated begins. With this >> one there appears to be way more impact as there are at least 3 >> packages that build on top of rspec currently. [4] Because this is >> more of a library set of packages, and most of those packages perform >> different functionality for rspec that may not always be for the same >> end use cases it makes conflicts a harder possibility. So i'd imagine >> either a) have to do a parallel installable rspec2 release of all of >> them that conflicts so that the 'gems' themselves don't need to be >> adjusted or b) adjust the entire rubygem so that it behaves as rspec2 >> and make the other gems use rspec2 rather than rspec. > > Well, this is a reasoning for rspec2 to be completely parallel > installable. Can't those things that wish continue to use rspec1? > Or would that lead to mixing them both since they are in the same > stack? They are decidedly incompatible versions, but definitely the same stack and namespace. since they run on the same version of ruby, its not like we get a separation that way. For any EPEL users that use rubygem-rspec (which has nothing built against it.. see footnote in previous message), the rubygem-rspec2 would be a conflict and non-obsolete so they could keep on keeping on, even update if there was one (which I don't believe there is or ever will be based on rspec state). With this example, i don't see why you'd want both versions. However, I know that is not always going to hold true. I guess maybe a series of scenarios being documented with suggestions on handling would be best? From updates at fedoraproject.org Mon Oct 15 18:01:52 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 15 Oct 2012 18:01:52 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121015180152.BDAF5208D8@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 176 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing jglobus-2.0.4-9.20121013git597e3ac.el5 mozilla-https-everywhere-3.0.1-1.el5 ssmtp-2.61-19.el5 Details about builds: ================================================================================ jglobus-2.0.4-9.20121013git597e3ac.el5 (FEDORA-EPEL-2012-13185) Globus Java client libraries -------------------------------------------------------------------------------- Update Information: Updated version with bugfixes and efficiency improvements. First build for EPEL since there is no longer a spring framework dependency. -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.1-1.el5 (FEDORA-EPEL-2012-13174) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Russell Golden - 3.0.0-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ ssmtp-2.61-19.el5 (FEDORA-EPEL-2012-13182) Extremely simple MTA to get mail off the system to a Mailhub -------------------------------------------------------------------------------- Update Information: This version adds to sSMTP the ability to validate the TLS servers it connects to. It also enables use of separate files for client key and certificate files. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Manuel "lonely wolf" Wolfshant - 2.61-19 - Optional separation of TLS client key and certificate files - Add patch enabling verification of TLS server ( #864894 ) - Correct %description and the source in order to reflect that sSMTP expands aliases which are read from a plain text file -------------------------------------------------------------------------------- References: [ 1 ] Bug #864894 - ssmtp: Does not validate server certificates when using TLS connection https://bugzilla.redhat.com/show_bug.cgi?id=864894 -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 15 18:01:54 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 15 Oct 2012 18:01:54 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121015180154.922802090F@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 176 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 99 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 364 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing cdlabelgen-4.2.0-1.el6 icecast-2.3.3-1.el6 jglobus-2.0.4-9.20121013git597e3ac.el6 mozilla-https-everywhere-3.0.1-1.el6 pencil-2.0.2-1.el6 pytest-2.2.4-4.el6 python-django-federated-login-0.3.1-1.el6 python-django-horizon-2012.1.3-1.el6 python-gerrit-0.0.1-2.gita7ffd76.el6 python-py-1.4.9-8.el6 python-zmq-2.2.0-4.el6 ssmtp-2.61-19.el6 sticky-notes-0.3.09062012.4-8.el6 zeromq3-3.2.0-0.3.20121009git1ef63bc.el6 zziplib-0.13.62-1.el6 Details about builds: ================================================================================ cdlabelgen-4.2.0-1.el6 (FEDORA-EPEL-2012-13173) Generates frontcards and traycards for inserting in CD jewelcases -------------------------------------------------------------------------------- Update Information: CD and DVD front- and traycard generator. -------------------------------------------------------------------------------- References: [ 1 ] Bug #857740 - cdlabelgen: add EPEL-6 branch https://bugzilla.redhat.com/show_bug.cgi?id=857740 -------------------------------------------------------------------------------- ================================================================================ icecast-2.3.3-1.el6 (FEDORA-EPEL-2012-13176) ShoutCast compatible streaming media server -------------------------------------------------------------------------------- Update Information: New upstream release, fixing CVE bug. -------------------------------------------------------------------------------- References: [ 1 ] Bug #831180 - Icecast 2.3.3 available https://bugzilla.redhat.com/show_bug.cgi?id=831180 [ 2 ] Bug #797184 - Apply useful upstream patches https://bugzilla.redhat.com/show_bug.cgi?id=797184 [ 3 ] Bug #768176 - CVE-2011-4612 icecast2: Newline injection in error.log [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=768176 [ 4 ] Bug #768175 - CVE-2011-4612 icecast2: Newline injection in error.log [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=768175 -------------------------------------------------------------------------------- ================================================================================ jglobus-2.0.4-9.20121013git597e3ac.el6 (FEDORA-EPEL-2012-13179) Globus Java client libraries -------------------------------------------------------------------------------- Update Information: Updated version with bugfixes and efficiency improvements. First build for EPEL since there is no longer a spring framework dependency. -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.1-1.el6 (FEDORA-EPEL-2012-13170) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Russell Golden - 3.0.0-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ pencil-2.0.2-1.el6 (FEDORA-EPEL-2012-13184) A sketching and GUI prototyping tool -------------------------------------------------------------------------------- Update Information: Update new release 2.0.2 from upstream for xulrunner 16.0.1 compatibility. Initial update. -------------------------------------------------------------------------------- ================================================================================ pytest-2.2.4-4.el6 (FEDORA-EPEL-2012-13171) Simple powerful testing with Python -------------------------------------------------------------------------------- Update Information: New packages: The py lib is a Python development support library featuring the following tools and modules: * py.path: uniform local and svn path objects * py.apipkg: explicit API control and lazy-importing * py.iniconfig: easy parsing of .ini files * py.code: dynamic code generation and introspection * py.path: uniform local and svn path objects py.test provides simple, yet powerful testing for Python. -------------------------------------------------------------------------------- ================================================================================ python-django-federated-login-0.3.1-1.el6 (FEDORA-EPEL-2012-13178) Provides federated logins to django projects -------------------------------------------------------------------------------- Update Information: Provides federated logins to django projects -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Luis Bazan - 0.3.1-1 - New Upstream Version -------------------------------------------------------------------------------- ================================================================================ python-django-horizon-2012.1.3-1.el6 (FEDORA-EPEL-2012-13180) Django application for talking to Openstack -------------------------------------------------------------------------------- Update Information: This is a bugfix update to latest Essex stable release -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Matthias Runge - 2012.1.3-1 - update to essex stable release 2012.1.3 -------------------------------------------------------------------------------- ================================================================================ python-gerrit-0.0.1-2.gita7ffd76.el6 (FEDORA-EPEL-2012-13183) Python interface to Gerrit -------------------------------------------------------------------------------- Update Information: First package release. -------------------------------------------------------------------------------- ================================================================================ python-py-1.4.9-8.el6 (FEDORA-EPEL-2012-13171) Library with cross-python path, ini-parsing, io, code, log facilities -------------------------------------------------------------------------------- Update Information: New packages: The py lib is a Python development support library featuring the following tools and modules: * py.path: uniform local and svn path objects * py.apipkg: explicit API control and lazy-importing * py.iniconfig: easy parsing of .ini files * py.code: dynamic code generation and introspection * py.path: uniform local and svn path objects py.test provides simple, yet powerful testing for Python. -------------------------------------------------------------------------------- ================================================================================ python-zmq-2.2.0-4.el6 (FEDORA-EPEL-2012-13177) Software library for fast, message-based applications -------------------------------------------------------------------------------- Update Information: Initial import of zeromq version 3.X.X and rebuild python-zmq against it -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Thomas Spura - 2.2.0-4 - move to BR zeromq3 * Fri Aug 3 2012 David Malcolm - 2.2.0-3 - remove rhel logic from with_python3 conditional * Sat Jul 21 2012 Fedora Release Engineering - 2.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Apr 26 2012 Thomas Spura - 2.2.0-1 - update to 2.2.0 * Wed Mar 7 2012 Thomas Spura - 2.1.11-1 - update to new version * Sat Jan 14 2012 Fedora Release Engineering - 2.1.9-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #864937 - Review Request: zeromq3 - Software library for fast, message-based applications https://bugzilla.redhat.com/show_bug.cgi?id=864937 -------------------------------------------------------------------------------- ================================================================================ ssmtp-2.61-19.el6 (FEDORA-EPEL-2012-13172) Extremely simple MTA to get mail off the system to a Mailhub -------------------------------------------------------------------------------- Update Information: This version adds to sSMTP the ability to validate the TLS servers it connects to. It also enables use of separate files for client key and certificate files. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Manuel "lonely wolf" Wolfshant - 2.61-19 - Optional separation of TLS client key and certificate files - Add patch enabling verification of TLS server ( #864894 ) - Correct %description and the source in order to reflect that sSMTP expands aliases which are read from a plain text file -------------------------------------------------------------------------------- References: [ 1 ] Bug #864894 - ssmtp: Does not validate server certificates when using TLS connection https://bugzilla.redhat.com/show_bug.cgi?id=864894 -------------------------------------------------------------------------------- ================================================================================ sticky-notes-0.3.09062012.4-8.el6 (FEDORA-EPEL-2012-13181) Sticky notes is a free and open source paste-bin application -------------------------------------------------------------------------------- Update Information: Fix hostname issue in rss URLs when reverse proxy is used. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Athmane Madjoudj 0.3.09062012.4-8 - Fix hostname issue in rss URLs when reverse proxy is used. -------------------------------------------------------------------------------- ================================================================================ zeromq3-3.2.0-0.3.20121009git1ef63bc.el6 (FEDORA-EPEL-2012-13177) Software library for fast, message-based applications -------------------------------------------------------------------------------- Update Information: Initial import of zeromq version 3.X.X and rebuild python-zmq against it -------------------------------------------------------------------------------- References: [ 1 ] Bug #864937 - Review Request: zeromq3 - Software library for fast, message-based applications https://bugzilla.redhat.com/show_bug.cgi?id=864937 -------------------------------------------------------------------------------- ================================================================================ zziplib-0.13.62-1.el6 (FEDORA-EPEL-2012-13175) Lightweight library to easily extract data from zip files -------------------------------------------------------------------------------- Update Information: This is the initial EPEL release of the package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #861927 - zziplib: Could we have an EL6 branch? https://bugzilla.redhat.com/show_bug.cgi?id=861927 -------------------------------------------------------------------------------- From tdawson at redhat.com Mon Oct 15 14:40:56 2012 From: tdawson at redhat.com (Troy Dawson) Date: Mon, 15 Oct 2012 09:40:56 -0500 Subject: EPEL-ANNOUNCE mongodb 2.2.0 in EPEL 6 testing Message-ID: <507C2078.5020609@redhat.com> mongodb 2.2.0 is in epel-testing for EPEL 6. Due to concerns about updating from 2.0.x to 2.2.x these will probably remain in testing until 2.2.1 is out and packaged. So, if you are running EPEL 6, you can test mongodb 2.2 by using the testing repositories. But it won't go into those main repo's until at least mongo 2.2.1. Thank You Troy Dawson _______________________________________________ epel-announce mailing list epel-announce at lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-announce From updates at fedoraproject.org Tue Oct 16 18:06:02 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 16 Oct 2012 18:06:02 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121016180602.4037820934@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 47 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 177 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing icecast-2.3.3-1.el5 Details about builds: ================================================================================ icecast-2.3.3-1.el5 (FEDORA-EPEL-2012-13192) ShoutCast compatible streaming media server -------------------------------------------------------------------------------- Update Information: Upgrade to new upstream release fixing CVE. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Andreas Thienemann - 2.3.3-1 - Upgrade to new upstream release 2.3.3, fixing #831180, #797184, #768176 and #768175. -------------------------------------------------------------------------------- References: [ 1 ] Bug #831180 - Icecast 2.3.3 available https://bugzilla.redhat.com/show_bug.cgi?id=831180 [ 2 ] Bug #797184 - Apply useful upstream patches https://bugzilla.redhat.com/show_bug.cgi?id=797184 [ 3 ] Bug #768176 - CVE-2011-4612 icecast2: Newline injection in error.log [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=768176 [ 4 ] Bug #768175 - CVE-2011-4612 icecast2: Newline injection in error.log [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=768175 -------------------------------------------------------------------------------- From updates at fedoraproject.org Tue Oct 16 18:06:04 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 16 Oct 2012 18:06:04 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121016180604.5CD1920934@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 177 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 100 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 365 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 47 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing Django14-1.4.1-2.el6 datalog-2.3-1.el6 fedora-review-0.3.1-1.el6 openstack-keystone-2012.1.3-1.el6 seamonkey-2.13.1-1.el6 shinken-1.0.1-5.el6 tachyon-0.99-0.2.b2.el6 Details about builds: ================================================================================ Django14-1.4.1-2.el6 (FEDORA-EPEL-2012-13193) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #864481 - Review Request: Django14 - A high-level Python Web framework https://bugzilla.redhat.com/show_bug.cgi?id=864481 -------------------------------------------------------------------------------- ================================================================================ datalog-2.3-1.el6 (FEDORA-EPEL-2012-13190) A Lightweight Deductive Database using Datalog -------------------------------------------------------------------------------- Update Information: New datalog package -------------------------------------------------------------------------------- References: [ 1 ] Bug #720857 - Review Request: datalog - A Lightweight Deductive Database using Datalog https://bugzilla.redhat.com/show_bug.cgi?id=720857 -------------------------------------------------------------------------------- ================================================================================ fedora-review-0.3.1-1.el6 (FEDORA-EPEL-2012-13188) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information: Bugfix release including renewed support for EL6 and fix of global shell plugins -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 25 2012 Stanislav Ochotnicky - 0.3.1-1 - Update to lastest upstream (0.3.1) - Fix loading of system-wide plugins - Add back suport for EL6 * Mon Sep 24 2012 Stanislav Ochotnicky - 0.3.0-1 - Update to lastest upstream (0.3.0) - Remove no longer needed build workarounds * Thu Aug 9 2012 Stanislav Ochotnicky - 0.2.2-1 - Update to lastest upstream (0.2.2) - Add koji-download-scratch script * Thu Jul 19 2012 Fedora Release Engineering - 0.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jul 11 2012 Stanislav Ochotnicky - 0.2.0-1 - Update to latest release (0.2.0) * Fri Feb 24 2012 Stanislav Ochotnicky - 0.1.3-1 - Update to latest bugfix release -------------------------------------------------------------------------------- ================================================================================ openstack-keystone-2012.1.3-1.el6 (FEDORA-EPEL-2012-13187) OpenStack Identity Service -------------------------------------------------------------------------------- Update Information: update to stable essex release 2012.1.3 * return roles from authenticate in ldap backend (lp#1035428) * utf-8 encode user keys in memcache (lp#1056373) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Alan Pevec 2012.1.3-1 - updated to stable essex release 2012.1.3 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.13.1-1.el6 (FEDORA-EPEL-2012-13189) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. -------------------------------------------------------------------------------- ================================================================================ shinken-1.0.1-5.el6 (FEDORA-EPEL-2012-13186) Python Monitoring tool -------------------------------------------------------------------------------- Update Information: Shinken for EPEL6. -------------------------------------------------------------------------------- References: [ 1 ] Bug #705108 - Review Request: shinken - python monitoring tool https://bugzilla.redhat.com/show_bug.cgi?id=705108 -------------------------------------------------------------------------------- ================================================================================ tachyon-0.99-0.2.b2.el6 (FEDORA-EPEL-2012-13191) Parallel / Multiprocessor Ray Tracing System -------------------------------------------------------------------------------- Update Information: Parallel / Multiprocessor Ray Tracing System -------------------------------------------------------------------------------- From kevin at scrye.com Wed Oct 17 17:04:24 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 17 Oct 2012 11:04:24 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> Message-ID: <20121017110424.3af0622e@jelerak.scrye.com> On Fri, 12 Oct 2012 22:35:03 -0500 Greg Swift wrote: > > I'm all for that. Technically its one of the benefits of them being > different package namespaces that conflict, you won't get a change you > don't force with intent :) Right. It would be something end users would have to specifically do... 'yum remove foo' 'yum install foo2' ...snip... > > Right. I think this may be something we want to ask the Fedora > > Packaging folks (who live on the packaging list) about. > > good plan Can you post over there about this and look for feedback? > > The main problem with conflicts is that it's something that is > > detected by yum at the 'test' stage. It means you have chosen, > > downloaded a bunch of stuff and then yum tells you, "WOAH, these > > confict, fix it and try again". This is not very friendly. If you > > do this in the installer it's even worse. > > that is unfortunate yes, it sure is. ;( > hmm... still tough to justify running simultaneous on the same server. > Maybe I've just always had machines available (both virtual and > physical) . That being said, i wonder if we make the packages support > --prefix if the customer can override and make it work? > > I just don't think we should spend a lot of time and resources trying > to make something work for the sub1% that are doing something uncommon > and special in the first place. True. I do see your point... > However, If one of the people that wants that wants to chip in and > provide use case, testing, and preferably patches that would be > awesome. yeah. ...snip... > They are decidedly incompatible versions, but definitely the same > stack and namespace. since they run on the same version of ruby, its > not like we get a separation that way. > > For any EPEL users that use rubygem-rspec (which has nothing built > against it.. see footnote in previous message), the rubygem-rspec2 > would be a conflict and non-obsolete so they could keep on keeping on, > even update if there was one (which I don't believe there is or ever > will be based on rspec state). > > With this example, i don't see why you'd want both versions. However, > I know that is not always going to hold true. > > I guess maybe a series of scenarios being documented with suggestions > on handling would be best? yeah. That would at least help us see what all the combos do/are. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From gregswift at gmail.com Wed Oct 17 17:57:31 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 17 Oct 2012 12:57:31 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121017110424.3af0622e@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> Message-ID: > ...snip... > >> > Right. I think this may be something we want to ask the Fedora >> > Packaging folks (who live on the packaging list) about. >> >> good plan > > Can you post over there about this and look for feedback? I am going to. my procrastination excuse was that I was hoping to hear from at least one more person before I did in case there was more feedback. -greg From jdehnert at dehnert.com Wed Oct 17 23:04:53 2012 From: jdehnert at dehnert.com (James P Dehnert Sr) Date: Wed, 17 Oct 2012 16:04:53 -0700 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again References: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> Message-ID: <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> Thanks, James "Zeke" Dehnert -- mailto:jdehnert at dehnert.com James "Zeke" Dehnert Phone: 707 588 8554 -= Eschew Obfuscation =- "Life is racing. Everything else is just waiting" I just installed the peel repo on a RedHat Ent 6.1 system using the following command? su -c 'rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm' Now when I query yum I get the following error message... Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again The repo file seem good to me? [epel] name=Extra Packages for Enterprise Linux 6 - $basearch #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 But now this is breaking a number of package installed in puppet. I Googled this error, but the consensus seems to be to just disable the repo, which doesn?t really address the problem. Does anyone have a clue as to why this is happening? Thanks, James "Zeke" Dehnert -- James "Zeke" Dehnert Phone:(707) 588 8554 Cell: (707) 479 8542 -=# Eschew Obfuscation #=- mailto:jdehnert at dehnert.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin at scrye.com Wed Oct 17 23:16:47 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 17 Oct 2012 17:16:47 -0600 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again In-Reply-To: <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> References: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> Message-ID: <20121017171647.41c8629b@jelerak.scrye.com> On Wed, 17 Oct 2012 16:04:53 -0700 James P Dehnert Sr wrote: > I just installed the peel repo on a RedHat Ent 6.1 system using the > following command? > > su -c 'rpm -Uvh > http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm' > > Now when I query yum I get the following error message... > > Error: Cannot retrieve repository metadata (repomd.xml) for > repository: epel. Please verify its path and try again > > The repo file seem good to me? > > [epel] > name=Extra Packages for Enterprise Linux 6 - $basearch > #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch > mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch > failovermethod=priority > enabled=1 > gpgcheck=1 > gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 > > But now this is breaking a number of package installed in puppet. I > Googled this error, but the consensus seems to be to just disable the > repo, which doesn?t really address the problem. > > Does anyone have a clue as to why this is happening? Do a: URLGRABBER_DEBUG=1 yum check-update and see if that tells you what the problem is. It could be any of: - The date/time on your system is way off, so they metalink is invalid. - You are behind a proxy and can't download the metalink. - Your dns is not working right. etc. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From jdehnert at dehnert.com Thu Oct 18 00:33:07 2012 From: jdehnert at dehnert.com (James P Dehnert Sr) Date: Wed, 17 Oct 2012 17:33:07 -0700 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again In-Reply-To: <20121017171647.41c8629b@jelerak.scrye.com> References: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> <20121017171647.41c8629b@jelerak.scrye.com> Message-ID: <7DB855EC-02EC-449F-ABF0-6C7AB7170528@dehnert.com> The time is OK. It was on UTC, and I swigged it to local time with no difference. I ran the debug command, which puts out a lot of data, but this at the end seems to be the telling part? 2012-10-17 19:26:26,940 attempt 1/10: https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 INFO:urlgrabber:attempt 1/10: https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 2012-10-17 19:26:26,940 opening local file "/var/cache/yum/x86_64/6Server/epel/metalink.xml.tmp" with mode wb INFO:urlgrabber:opening local file "/var/cache/yum/x86_64/6Server/epel/metalink.xml.tmp" with mode wb * About to connect() to mirrors.fedoraproject.org port 443 (#0) * Trying 152.19.134.146... * connected * Connected to mirrors.fedoraproject.org (152.19.134.146) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * Peer's certificate issuer is not recognized: 'CN=GeoTrust SSL CA,O="GeoTrust, Inc.",C=US' * NSS error -8179 * Closing connection #0 * Peer certificate cannot be authenticated with known CA certificates 2012-10-17 19:26:27,125 exception: [Errno 14] Peer cert cannot be verified or peer cert invalid INFO:urlgrabber:exception: [Errno 14] Peer cert cannot be verified or peer cert invalid 2012-10-17 19:26:27,125 retrycode (14) not in list [-1, 2, 4, 5, 6, 7], re-raising INFO:urlgrabber:retrycode (14) not in list [-1, 2, 4, 5, 6, 7], re-raising Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again Based on this it seems that I could benefit from an updated set of time in /etc/pki/tls/certs, in particular the ca-bundle.crt ca-bundle.trust.crt files, or am I all wrong on this? Thanks, James "Zeke" Dehnert -- mailto:jdehnert at dehnert.com James "Zeke" Dehnert Phone: 707 588 8554 -= Eschew Obfuscation =- "Life is racing. Everything else is just waiting" On Oct 17, 2012, at 4:16 PM, Kevin Fenzi wrote: > On Wed, 17 Oct 2012 16:04:53 -0700 > James P Dehnert Sr wrote: > >> I just installed the peel repo on a RedHat Ent 6.1 system using the >> following command? >> >> su -c 'rpm -Uvh >> http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm' >> >> Now when I query yum I get the following error message... >> >> Error: Cannot retrieve repository metadata (repomd.xml) for >> repository: epel. Please verify its path and try again >> >> The repo file seem good to me? >> >> [epel] >> name=Extra Packages for Enterprise Linux 6 - $basearch >> #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch >> mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch >> failovermethod=priority >> enabled=1 >> gpgcheck=1 >> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 >> >> But now this is breaking a number of package installed in puppet. I >> Googled this error, but the consensus seems to be to just disable the >> repo, which doesn?t really address the problem. >> >> Does anyone have a clue as to why this is happening? > > Do a: > > URLGRABBER_DEBUG=1 yum check-update > > and see if that tells you what the problem is. > > It could be any of: > > - The date/time on your system is way off, so they metalink is invalid. > - You are behind a proxy and can't download the metalink. > - Your dns is not working right. > etc. > > kevin > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list From jpazdziora at redhat.com Thu Oct 18 07:48:22 2012 From: jpazdziora at redhat.com (Jan Pazdziora) Date: Thu, 18 Oct 2012 09:48:22 +0200 Subject: Bugfixes in EPEL via rebases to latest upstream? Message-ID: <20121018074822.GA3893@redhat.com> Hello, this is a followup to my FESCo ticket https://fedorahosted.org/fesco/ticket/959 where I've been advised to ask on epel-devel-list. I feel there is an issue with the way cobbler package in EPEL gets maintained. Since the upgrade to cobbler 2.2, any bugzillas reported against cobbler (many of which are SELinux-related issues) are addressed by rebasing to latest upstream version. While upstream-first is great, it means new issues are introduced to EPEL with these rebases. >From the ticket: The bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=838898 is a typical example of the problem. The way I read it, maintainer plans to keep rebasing the package (when cobbler includes a new feature it will most likely break with SELinux enabled) while not attempting to integrate with the rest of the RHEL + EPEL distribution properly (What we DO recommend is that you disable SELinux unless you are comfortable writing policy). He furthermore recommends EPEL users to clean up the mess (how about submitting some patches to either Dan/Fedora or myself to fix the issue instead). Is the maintainer's policy correct and running without enforcing SELinux is generally accepted, or should the standard approach in EPEL be to pick stable upstream version and stay with it, fixing issues by (ideally) submitting fix to upstream while releasing patched package with the same version and bumped-up release? Thank you for any clarification, -- Jan Pazdziora | adelton at #satellite*, #brno Principal Software Engineer, Satellite Engineering, Red Hat From a.badger at gmail.com Thu Oct 18 08:39:23 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Thu, 18 Oct 2012 01:39:23 -0700 Subject: Bugfixes in EPEL via rebases to latest upstream? In-Reply-To: <20121018074822.GA3893@redhat.com> References: <20121018074822.GA3893@redhat.com> Message-ID: <20121018083922.GJ2974@unaka.lan> On Thu, Oct 18, 2012 at 09:48:22AM +0200, Jan Pazdziora wrote: > > Hello, > > this is a followup to my FESCo ticket > > https://fedorahosted.org/fesco/ticket/959 > > where I've been advised to ask on epel-devel-list. > > I feel there is an issue with the way cobbler package in EPEL gets > maintained. Since the upgrade to cobbler 2.2, any bugzillas reported > against cobbler (many of which are SELinux-related issues) are > addressed by rebasing to latest upstream version. IMHO, when we setup EPEL, this portion was left up to the maintainer of a package to decide. Although making backports to support backwards compat was desirable, maintainers had the option to upgrade to fix issues. This is not the same as either RHEL or Fedora and is the product of us being a volunteer effort (thus, sometimes having to sacrifice backwards compat for better maintainability) but trying to target enterprise linux (where backwards compat should not be surrendered without some reason). The ticket, however seems to have more to it than this general question: > >From the ticket: The bugzilla > > https://bugzilla.redhat.com/show_bug.cgi?id=838898 > > is a typical example of the problem. The way I read it, maintainer > plans to keep rebasing the package (when cobbler includes a new > feature it will most likely break with SELinux enabled) while not > attempting to integrate with the rest of the RHEL + EPEL distribution > properly (What we DO recommend is that you disable SELinux unless you > are comfortable writing policy). He furthermore recommends EPEL users > to clean up the mess (how about submitting some patches to either > Dan/Fedora or myself to fix the issue instead). > From reading the bug report, upstream does not have a fix in code that they can give us. Thus, upgrading is not going to fix this problem. However, they do have a workaround that we can implement in packaging (removing the authn_pam.py module). I would say that as EPEL packagers, we should be addressing bugs in packaging where we can so we should be rmeoving that module in our package. Telling users to disable SELinux is forcing users to change a supported feature in the baseos. Instead, we should be applying the workaround to our packaging to enable it to work with the system as it exists. Note that the maintainer does not have the responsibility to fix RHEL packages. However, I did point out in the bug report that there appears to be a fix to the python package that has ben applied to Fedora 17. If you'd like to test that that patch would work and then work to get it applied in a RHEL6 update, we'd eventually not need to apply a workaround here. > Is the maintainer's policy correct and running without enforcing > SELinux is generally accepted, > No. > or should the standard approach > in EPEL be to pick stable upstream version and stay with it, fixing > issues by (ideally) submitting fix to upstream while releasing > patched package with the same version and bumped-up release? > Also no. These two options are not diametrically opposed. I hope I explained above why I don't believe either of them to be true. Let me summarize as best I can: * Gratuitous backwards incompatible upgrades: prohibit * Compatible upgrades to fix bugs: allowable * Backwards incompatible upgrades to fix bugs known to effect EPEL users: avoid if possible but allowable. * Requiring common RHEL configurations to be changed in order to run: to be avoided if possible but allowable if there's no other way. * Disabling features to support common RHEL configurations: allowable (encouraged if it solves the previous issue). -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From jpazdziora at redhat.com Thu Oct 18 09:46:08 2012 From: jpazdziora at redhat.com (Jan Pazdziora) Date: Thu, 18 Oct 2012 11:46:08 +0200 Subject: Bugfixes in EPEL via rebases to latest upstream? In-Reply-To: <20121018083922.GJ2974@unaka.lan> References: <20121018074822.GA3893@redhat.com> <20121018083922.GJ2974@unaka.lan> Message-ID: <20121018094607.GC29835@redhat.com> On Thu, Oct 18, 2012 at 01:39:23AM -0700, Toshio Kuratomi wrote: > > I would say that as EPEL packagers, we should be > addressing bugs in packaging where we can so we should be rmeoving that > module in our package. Telling users to disable SELinux is forcing users to > change a supported feature in the baseos. Instead, we should be applying the > workaround to our packaging to enable it to work with the system as it > exists. [...] > > Is the maintainer's policy correct and running without enforcing > > SELinux is generally accepted, > > > No. > > > or should the standard approach > > in EPEL be to pick stable upstream version and stay with it, fixing > > issues by (ideally) submitting fix to upstream while releasing > > patched package with the same version and bumped-up release? > > > Also no. > > These two options are not diametrically opposed. In general case they are not. In the context of this package and this bugzilla thou, you confirmed above that in the case upstream does not have the fix (and it will not have the fix because of stated upstream's policy), the primary path to resolution should have been fixing the packaging and rebuilding the same version of upstream .tar.gz with bumped up release and with the packaging fix. Am I reading it right? Of course, nothing stops the maintainer to do compatible rebase but in that case I'd expect that care would be taken to test that especially things that were broken in the past (SELinux enforcing) don't get broken with the upgrade. > I hope I explained above > why I don't believe either of them to be true. Let me summarize as best > I can: > > * Gratuitous backwards incompatible upgrades: prohibit > * Compatible upgrades to fix bugs: allowable > * Backwards incompatible upgrades to fix bugs known to effect EPEL users: > avoid if possible but allowable. That "if possible" alternative in this case is respin the package with the extra directory or with the missing module. > * Requiring common RHEL configurations to be changed in order to run: to be > avoided if possible but allowable if there's no other way. Again, the other way here was to fix the packaging. > * Disabling features to support common RHEL configurations: allowable > (encouraged if it solves the previous issue). Nod. Thank you, -- Jan Pazdziora | adelton at #satellite*, #brno Principal Software Engineer, Satellite Engineering, Red Hat From jdehnert at mac.com Wed Oct 17 23:01:58 2012 From: jdehnert at mac.com (James Dehnert) Date: Wed, 17 Oct 2012 16:01:58 -0700 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again Message-ID: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> I just installed the peel repo on a RedHat Ent 6.1 system using the following command? su -c 'rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm' Now when I query yum I get the following error message... Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again The repo file seem good to me? [epel] name=Extra Packages for Enterprise Linux 6 - $basearch #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 But now this is breaking a number of package installed in puppet. I Googled this error, but the consensus seems to be to just disable the repo, which doesn?t really address the problem. Does anyone have a clue as to why this is happening? Thanks, James "Zeke" Dehnert -- James "Zeke" Dehnert Phone:(707) 588 8554 Cell: (707) 479 8542 -=# Eschew Obfuscation #=- mailto:jdehnert at dehnert.com From a.badger at gmail.com Thu Oct 18 15:38:29 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Thu, 18 Oct 2012 08:38:29 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> Message-ID: <20121018153829.GL2974@unaka.lan> On Wed, Oct 17, 2012 at 12:57:31PM -0500, Greg Swift wrote: > > ...snip... > > > >> > Right. I think this may be something we want to ask the Fedora > >> > Packaging folks (who live on the packaging list) about. > >> > >> good plan > > > > Can you post over there about this and look for feedback? > > I am going to. my procrastination excuse was that I was hoping to > hear from at least one more person before I did in case there was more > feedback. > There are quite a few reasons to avoid Conflicts. Some of them are listed on the Conflicts wiki page but there are others as well. For instance, in Fedora, we need to make the effort to be porting software forward to newer versions of their dependencies rather than maintaining extra packages for backwards compatibility. But EPEL doesn't need to play by the same rules if they don't want to. There's a basic question of cost and benefit. For Fedora, with its shorter time to EOL, the costs of a no-Conflicts policy are less than in EPEL where your base platform is going to be available for years. Just bear in mind that you're going to be maintaining those compat packages for years as well. So the costs of allowing Conflicts are also higher. For your two initial examples, I think that you'd want to be careful about allowing conflicts but might be able to justify it in one of the cases. You need to ask yourself: "Would any user want to install both versions of this package at the same time?" For an application, this may be no. For a library, this is almost always going to be yes. To me that rules rubygem-rspec right out as a good case for Conflicts. Collectd is also libraries but the case could be made that they'd be coupled to whatever version of collectd is running on the system. So you might be able to make the case there. (But do think about things like -- what if a user has some boxes running collectd5 and others collectd4. If these libraries were parallel installable would they enable the user to query information from both sets of boxes?) -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From kevin at scrye.com Thu Oct 18 15:45:22 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Thu, 18 Oct 2012 09:45:22 -0600 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again In-Reply-To: <7DB855EC-02EC-449F-ABF0-6C7AB7170528@dehnert.com> References: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> <20121017171647.41c8629b@jelerak.scrye.com> <7DB855EC-02EC-449F-ABF0-6C7AB7170528@dehnert.com> Message-ID: <20121018094522.50f6ca1b@jelerak.scrye.com> On Wed, 17 Oct 2012 17:33:07 -0700 James P Dehnert Sr wrote: ...snip... > Based on this it seems that I could benefit from an updated set of > time in /etc/pki/tls/certs, in particular the ca-bundle.crt > ca-bundle.trust.crt files, or am I all wrong on this? yeah. Perhaps 6.1's versions were too old to have geotrust in them? That would be somewhat surprising to me, but I suppose it's possible. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From a.badger at gmail.com Thu Oct 18 15:49:15 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Thu, 18 Oct 2012 08:49:15 -0700 Subject: Bugfixes in EPEL via rebases to latest upstream? In-Reply-To: <20121018094607.GC29835@redhat.com> References: <20121018074822.GA3893@redhat.com> <20121018083922.GJ2974@unaka.lan> <20121018094607.GC29835@redhat.com> Message-ID: <20121018154915.GM2974@unaka.lan> On Thu, Oct 18, 2012 at 11:46:08AM +0200, Jan Pazdziora wrote: > > In general case they are not. In the context of this package and this > bugzilla thou, you confirmed above that in the case upstream does not > have the fix (and it will not have the fix because of stated upstream's > policy), the primary path to resolution should have been fixing the > packaging and rebuilding the same version of upstream .tar.gz with > bumped up release and with the packaging fix. Am I reading it right? > The bugzilla entry doesn't give me history before the bug. If the maintainer rebased to a new upstream version to fix a different bug, then it's something that's within their discretion to do. If they knew about the incompatibility with SELinux in the new version and the workaround, they probably should have performed the workaround in packaging but they likely didn't think about the workaround as being a possibility at first (It doesn't directly speak to the core issue: python wants to execute a file in a temp dir so it's not obvious that this is something we could do in packaging). > Of course, nothing stops the maintainer to do compatible rebase but > in that case I'd expect that care would be taken to test that > especially things that were broken in the past (SELinux enforcing) > don't get broken with the upgrade. > I don't agree with this but I'm not sure that you didn't make a typo here :-) I would agree with "I'd expect that care would be taken to test that especially things which had been fixed in the past (SELinux enforcing) don't get re-broken with the upgrade." > > I hope I explained above > > why I don't believe either of them to be true. Let me summarize as best > > I can: > > > > * Gratuitous backwards incompatible upgrades: prohibit > > * Compatible upgrades to fix bugs: allowable > > * Backwards incompatible upgrades to fix bugs known to effect EPEL users: > > avoid if possible but allowable. > > That "if possible" alternative in this case is respin the package with > the extra directory or with the missing module. > AFAICS, the opposite here as well. In the package, remove the optional module in our package. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From updates at fedoraproject.org Thu Oct 18 17:31:02 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 18 Oct 2012 17:31:02 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121018173102.633FE21159@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 179 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 74 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 74 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing 389-ds-base-1.2.10.14-2.el5 GraphicsMagick-1.3.17-1.el5 drupal7-7.16-1.el5 latex2rtf-2.3.1-1.el5 nagios-plugins-lcgdm-0.9.3-1.el5 perl-Net-STOMP-Client-1.8-1.el5 spandsp-0.0.6-0.8.pre21.el5 Details about builds: ================================================================================ 389-ds-base-1.2.10.14-2.el5 (FEDORA-EPEL-2012-13203) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL issues with modrdn with attribute uniqueness and referential integrity rebase to 1.2.10.11 to pick up several crash + security fixes crash bug with multiple transactions and range searches Ticket #331 - transaction errors with db 4.3 and db 4.2 Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash fix cos crash - address some valgrind issues - fix kernel version checking fix tombstone crash - fix TLS - fix defaultNamingContext The 1.2.10.0 release - a couple of bug fixes coverity fixes - valgrind issues - schema repl - ruv tombstone - nsMatchingRule - account policy fixes - entryrdn improvements Ticket #272 - add tombstonenumsubordinates to schema the 389-ds-base 1.2.10.a7 release - several bug fixes - fixes for systemd fix shutdown crash - fix systemd dirsrv.target - entryusn fix - csn improvements Bug fixes for setup -u, coverity, modrdn 100% cpu, entryusn, referint txn fix config del/add mods - memberof is transaction aware resource limits for simple paged results slapi_rwlock - transactions - account usability - bug fixes Fix for managed entry Fixed source tarball fix transaction support in ldbm_delete Ticket #294 - 389 DS Segfaults during replica install in FreeIPA typo in previous patch Trac Ticket 396 - Account Usability Control Not Working -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Rich Megginson - 1.2.10.14-2 - Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl -------------------------------------------------------------------------------- References: [ 1 ] Bug #860608 - CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=860608 -------------------------------------------------------------------------------- ================================================================================ GraphicsMagick-1.3.17-1.el5 (FEDORA-EPEL-2012-13200) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: New bugfix release, fixes regression with sub-8-bit palette png images. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Rex Dieter - 1.3.17-1 - GraphicsMagick-1.3.17 (#866377) - GraphicsMagick 1.3.13 update breaks some PNGs (#788246) - --enable-quantum-library-names on f19+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #788246 - GraphicsMagick 1.3.13 update breaks some PNGs https://bugzilla.redhat.com/show_bug.cgi?id=788246 -------------------------------------------------------------------------------- ================================================================================ drupal7-7.16-1.el5 (FEDORA-EPEL-2012-13195) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Fixes SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure - http://drupal.org/node/1815904 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Orion Poplawski - 7.16-1 - New upstream - SA-CORE-2012-003 security update -------------------------------------------------------------------------------- ================================================================================ latex2rtf-2.3.1-1.el5 (FEDORA-EPEL-2012-13208) LaTeX to RTF converter that handles equations, figures, and cross-references -------------------------------------------------------------------------------- Update Information: Update to newest stable release. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jussi Lehtola - 2.3.1-1 - Update to 2.3.1. * Tue Oct 16 2012 Jussi Lehtola - 2.3.0-2 - Fixed build in EPEL. * Tue Oct 16 2012 Jussi Lehtola - 2.3.0-1 - Update to 2.3.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #863015 - latex2rtf-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=863015 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-lcgdm-0.9.3-1.el5 (FEDORA-EPEL-2012-13212) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information: - Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Ricardo Rocha - 0.9.3-1 - Update for new upstream release * Wed Sep 12 2012 Ricardo Rocha - 0.9.2-1 - Added runtime dep on python ldap for dpm-head package -------------------------------------------------------------------------------- ================================================================================ perl-Net-STOMP-Client-1.8-1.el5 (FEDORA-EPEL-2012-13199) STOMP object oriented client module -------------------------------------------------------------------------------- Update Information: updating to latest upstream 1.8 -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #867297 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=867297 -------------------------------------------------------------------------------- ================================================================================ spandsp-0.0.6-0.8.pre21.el5 (FEDORA-EPEL-2012-13219) A DSP library for telephony -------------------------------------------------------------------------------- Update Information: Update to 0.0.6pre21 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Jeffrey Ollie - 0.0.6-0.8.pre21 - Update to 0.0.6pre21 * Sat Jul 21 2012 Fedora Release Engineering - 0.0.6-0.7.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.0.6-0.6.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 27 2011 Rex Dieter 0.0.6-0.5.pre18 - use of brackets confuses autotools (#691039) * Wed Feb 9 2011 Jeffrey C. Ollie - 0.0.6-0.4.pre18 - 0.0.6pre18 * Wed Feb 9 2011 Fedora Release Engineering - 0.0.6-0.3.pre17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Aug 1 2010 Jeffrey C. Ollie - 0.0.6-0.2.pre17 - Update to 0.0.6pre17 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866127 - SpanDSP is over 3 years old - Update request https://bugzilla.redhat.com/show_bug.cgi?id=866127 -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu Oct 18 17:31:00 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 18 Oct 2012 17:31:00 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121018173100.B8E9721170@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 179 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 102 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 74 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 367 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing Coin2-2.5.0-16.el6 Django-1.3.4-1.el6 Django14-1.4.2-1.el6 GraphicsMagick-1.3.17-1.el6 SIMVoleon-2.0.1-13.el6 ScrollZ-2.2.2-2.el6 SoQt-1.5.0-7.el6 abook-0.6.0-0.9.pre2.el6 dojo-1.8.1-1.el6 drupal7-7.16-1.el6 latex2rtf-2.3.1-1.el6 libspnav-0.2.2-4.el6 nagios-plugins-lcgdm-0.9.3-1.el6 perl-Net-STOMP-Client-1.8-1.el6 python-tox-1.4.2-6.el6 sdcv-0.4.2-8.el6 spacenavd-0.5-4.el6 spandsp-0.0.6-0.8.pre21.el6 spnavcfg-0.2.1-3.el6 zipios++-0.1.5.9-8.el6 Details about builds: ================================================================================ Coin2-2.5.0-16.el6 (FEDORA-EPEL-2012-13211) High-level 3D visualization library -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- ================================================================================ Django-1.3.4-1.el6 (FEDORA-EPEL-2012-13202) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: Security releases issued - Host header poisoning - Documentation of HttpOnly cookie option -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Matthias Runge - 1.3.4-1 - security release https://www.djangoproject.com/weblog/2012/oct/17/security/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #865164 - CVE-2012-4520 Django: Host header poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=865164 -------------------------------------------------------------------------------- ================================================================================ Django14-1.4.2-1.el6 (FEDORA-EPEL-2012-13202) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: Security releases issued - Host header poisoning - Documentation of HttpOnly cookie option -------------------------------------------------------------------------------- References: [ 1 ] Bug #865164 - CVE-2012-4520 Django: Host header poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=865164 -------------------------------------------------------------------------------- ================================================================================ GraphicsMagick-1.3.17-1.el6 (FEDORA-EPEL-2012-13194) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: New upstream stable bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Rex Dieter - 1.3.17-1 - GraphicsMagick-1.3.17 (#866377) - GraphicsMagick 1.3.13 update breaks some PNGs (#788246) - --enable-quantum-library-names on f19+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #788246 - GraphicsMagick 1.3.13 update breaks some PNGs https://bugzilla.redhat.com/show_bug.cgi?id=788246 -------------------------------------------------------------------------------- ================================================================================ SIMVoleon-2.0.1-13.el6 (FEDORA-EPEL-2012-13215) Volume rendering library for Coin -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- ================================================================================ ScrollZ-2.2.2-2.el6 (FEDORA-EPEL-2012-13205) Advanced IRC client based on ircII code -------------------------------------------------------------------------------- Update Information: ScrollZ IRC client -------------------------------------------------------------------------------- References: [ 1 ] Bug #867334 - Review Request: ScrollZ - ScrollZ IRC client https://bugzilla.redhat.com/show_bug.cgi?id=867334 -------------------------------------------------------------------------------- ================================================================================ SoQt-1.5.0-7.el6 (FEDORA-EPEL-2012-13206) High-level 3D visualization library -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- ================================================================================ abook-0.6.0-0.9.pre2.el6 (FEDORA-EPEL-2012-13204) Text-based addressbook program for mutt -------------------------------------------------------------------------------- Update Information: Text-based addressbook program for mutt. -------------------------------------------------------------------------------- ================================================================================ dojo-1.8.1-1.el6 (FEDORA-EPEL-2012-13201) Modular JavaScript toolkit -------------------------------------------------------------------------------- Update Information: Update to latest upstream Update to Version 1.8.0 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 17 2012 Felix Kaechele - 1.8.1-1 - update to latest upstream * Tue Sep 18 2012 Felix Kaechele - 1.8.0-1 - update to latest upstream * Wed Jul 18 2012 Fedora Release Engineering - 1.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering - 1.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ drupal7-7.16-1.el6 (FEDORA-EPEL-2012-13218) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Fixes SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure - http://drupal.org/node/1815904 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Orion Poplawski - 7.16-1 - New upstream - SA-CORE-2012-003 security update -------------------------------------------------------------------------------- ================================================================================ latex2rtf-2.3.1-1.el6 (FEDORA-EPEL-2012-13213) LaTeX to RTF converter that handles equations, figures, and cross-references -------------------------------------------------------------------------------- Update Information: Update to newest stable release. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jussi Lehtola - 2.3.1-1 - Update to 2.3.1. * Tue Oct 16 2012 Jussi Lehtola - 2.3.0-2 - Fixed build in EPEL. * Tue Oct 16 2012 Jussi Lehtola - 2.3.0-1 - Update to 2.3.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #863015 - latex2rtf-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=863015 -------------------------------------------------------------------------------- ================================================================================ libspnav-0.2.2-4.el6 (FEDORA-EPEL-2012-13210) Open source alternative to 3DConnextion drivers -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-lcgdm-0.9.3-1.el6 (FEDORA-EPEL-2012-13198) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information: - Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Ricardo Rocha - 0.9.3-1 - Update for new upstream release * Wed Sep 12 2012 Ricardo Rocha - 0.9.2-1 - Added runtime dep on python ldap for dpm-head package -------------------------------------------------------------------------------- ================================================================================ perl-Net-STOMP-Client-1.8-1.el6 (FEDORA-EPEL-2012-13197) STOMP object oriented client module -------------------------------------------------------------------------------- Update Information: updating to latest upstream 1.8 -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #867297 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=867297 -------------------------------------------------------------------------------- ================================================================================ python-tox-1.4.2-6.el6 (FEDORA-EPEL-2012-13196) Virtualenv-based automation of test activities -------------------------------------------------------------------------------- Update Information: Initial import for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #864464 - Review Request: python-tox - virtualenv-based automation of test activities https://bugzilla.redhat.com/show_bug.cgi?id=864464 -------------------------------------------------------------------------------- ================================================================================ sdcv-0.4.2-8.el6 (FEDORA-EPEL-2012-13216) Console version of StarDict program -------------------------------------------------------------------------------- Update Information: New branch -------------------------------------------------------------------------------- References: [ 1 ] Bug #666455 - Review Request: sdcv - Console version of StarDict program https://bugzilla.redhat.com/show_bug.cgi?id=666455 -------------------------------------------------------------------------------- ================================================================================ spacenavd-0.5-4.el6 (FEDORA-EPEL-2012-13209) A free, compatible alternative for 3Dconnexion's input drivers -------------------------------------------------------------------------------- Update Information: Build of updated SRPM for new el6 branch Updates: Added SysV init scripts for el6 builds -------------------------------------------------------------------------------- ================================================================================ spandsp-0.0.6-0.8.pre21.el6 (FEDORA-EPEL-2012-13214) A DSP library for telephony -------------------------------------------------------------------------------- Update Information: Update to 0.0.6pre21 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Jeffrey Ollie - 0.0.6-0.8.pre21 - Update to 0.0.6pre21 * Sat Jul 21 2012 Fedora Release Engineering - 0.0.6-0.7.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.0.6-0.6.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 27 2011 Rex Dieter 0.0.6-0.5.pre18 - use of brackets confuses autotools (#691039) * Wed Feb 9 2011 Jeffrey C. Ollie - 0.0.6-0.4.pre18 - 0.0.6pre18 * Wed Feb 9 2011 Fedora Release Engineering - 0.0.6-0.3.pre17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Aug 1 2010 Jeffrey C. Ollie - 0.0.6-0.2.pre17 - Update to 0.0.6pre17 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866127 - SpanDSP is over 3 years old - Update request https://bugzilla.redhat.com/show_bug.cgi?id=866127 -------------------------------------------------------------------------------- ================================================================================ spnavcfg-0.2.1-3.el6 (FEDORA-EPEL-2012-13217) Spacenav daemon interactive configuration program -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- ================================================================================ zipios++-0.1.5.9-8.el6 (FEDORA-EPEL-2012-13207) C++ library for reading and writing Zip files -------------------------------------------------------------------------------- Update Information: Build of unchanged SRPM for new el6 branch -------------------------------------------------------------------------------- From updates at fedoraproject.org Fri Oct 19 13:07:09 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 19 Oct 2012 13:07:09 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121019130709.27E9620B43@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 180 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 75 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 75 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6588/dokuwiki-0-0.12.20120125.b.el5 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing python-bugzilla-0.7.0-2.el5 Details about builds: ================================================================================ python-bugzilla-0.7.0-2.el5 (FEDORA-EPEL-2012-13225) A python library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Fix another 2.4 incompatibility (bz #854979) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Cole Robinson - 0.7.0-2 - Fix another 2.4 incompatibility (bz #854979) -------------------------------------------------------------------------------- References: [ 1 ] Bug #854979 - Python-2.4 incompatible syntax https://bugzilla.redhat.com/show_bug.cgi?id=854979 -------------------------------------------------------------------------------- From updates at fedoraproject.org Fri Oct 19 13:07:11 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 19 Oct 2012 13:07:11 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121019130711.57D94202CE@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 180 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 102 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 75 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13222/xlockmore-5.40-3.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 368 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing bibutils-4.15-4.el6 cmdtest-0.3-3.el6 genbackupdata-1.6-2.el6 obnam-1.2-1.el6 openstack-swift-1.7.4-2.el6 openstack-swift-plugin-swift3-1.0.0-0.20120711git.el6 pesign-0.99-5.el6 pesign-0.99-6.el6 python-cliapp-1.20120630-1.el6 python-coverage-test-runner-1.8-1.el6 python-larch-1.20121006-1.el6 python-pivy-0.5.0-5.hg609.el6 python-pycxx-6.2.4-4.el6 python-swiftclient-1.2.0-2.el6 python-tracing-0.6-2.el6 python-ttystatus-0.19-1.el6 summain-0.14-2.el6 xlockmore-5.40-3.el6 Details about builds: ================================================================================ bibutils-4.15-4.el6 (FEDORA-EPEL-2012-13226) Bibliography conversion tools -------------------------------------------------------------------------------- Update Information: Bibliography conversion tools -------------------------------------------------------------------------------- References: [ 1 ] Bug #861922 - Review Request: bibutils - Bibliography conversion https://bugzilla.redhat.com/show_bug.cgi?id=861922 -------------------------------------------------------------------------------- ================================================================================ cmdtest-0.3-3.el6 (FEDORA-EPEL-2012-13221) Black-box testing for Unix command line tools -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ genbackupdata-1.6-2.el6 (FEDORA-EPEL-2012-13221) A program to generate test data for testing backup software -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ obnam-1.2-1.el6 (FEDORA-EPEL-2012-13221) An easy, secure backup program -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ openstack-swift-1.7.4-2.el6 (FEDORA-EPEL-2012-13083) OpenStack Object Storage (swift) -------------------------------------------------------------------------------- Update Information: * New package for the swift3 plugin for Openstack Swift (previously part of openstack-swift package) * New package for Openstack Swift client library and CLI (previously part of openstack-swift package) * Update Openstack Swift to 1.7.4 (Folsom) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Derek Higgins - 1.7.4-2 - removing reference to tmpfiles.d/openstack-swift.conf in packaging - adding python-swiftclient as a BuildRequires -------------------------------------------------------------------------------- References: [ 1 ] Bug #831871 - Review Request: openstack-swift-plugin-swift3 - The swift3 plugin for Openstack Swift https://bugzilla.redhat.com/show_bug.cgi?id=831871 -------------------------------------------------------------------------------- ================================================================================ openstack-swift-plugin-swift3-1.0.0-0.20120711git.el6 (FEDORA-EPEL-2012-13083) The swift3 plugin for Openstack Swift -------------------------------------------------------------------------------- Update Information: * New package for the swift3 plugin for Openstack Swift (previously part of openstack-swift package) * New package for Openstack Swift client library and CLI (previously part of openstack-swift package) * Update Openstack Swift to 1.7.4 (Folsom) -------------------------------------------------------------------------------- References: [ 1 ] Bug #831871 - Review Request: openstack-swift-plugin-swift3 - The swift3 plugin for Openstack Swift https://bugzilla.redhat.com/show_bug.cgi?id=831871 -------------------------------------------------------------------------------- ================================================================================ pesign-0.99-5.el6 (FEDORA-EPEL-2012-13220) Signing utility for UEFI binaries -------------------------------------------------------------------------------- Update Information: This is the pesign PE signing tool. -------------------------------------------------------------------------------- ================================================================================ pesign-0.99-6.el6 (FEDORA-EPEL-2012-13224) Signing utility for UEFI binaries -------------------------------------------------------------------------------- Update Information: Automatically select daemon as signer when using rpm macros. -------------------------------------------------------------------------------- ================================================================================ python-cliapp-1.20120630-1.el6 (FEDORA-EPEL-2012-13221) Python framework for Unix command line programs -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ python-coverage-test-runner-1.8-1.el6 (FEDORA-EPEL-2012-13221) Python module for enforcing code coverage completeness -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ python-larch-1.20121006-1.el6 (FEDORA-EPEL-2012-13221) Python B-tree library -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ python-pivy-0.5.0-5.hg609.el6 (FEDORA-EPEL-2012-13223) Python binding for Coin -------------------------------------------------------------------------------- Update Information: Rebuild of existing package for new el6 branch. Added ExcludeArch: for ppc architectures; otherwise unchanged. -------------------------------------------------------------------------------- ================================================================================ python-pycxx-6.2.4-4.el6 (FEDORA-EPEL-2012-13227) Write Python extensions in C++ -------------------------------------------------------------------------------- Update Information: New build of existing package for el6 branch. Minor changes of python macros to with el6. -------------------------------------------------------------------------------- ================================================================================ python-swiftclient-1.2.0-2.el6 (FEDORA-EPEL-2012-13083) Python API and CLI for OpenStack Swift -------------------------------------------------------------------------------- Update Information: * New package for the swift3 plugin for Openstack Swift (previously part of openstack-swift package) * New package for Openstack Swift client library and CLI (previously part of openstack-swift package) * Update Openstack Swift to 1.7.4 (Folsom) -------------------------------------------------------------------------------- References: [ 1 ] Bug #831871 - Review Request: openstack-swift-plugin-swift3 - The swift3 plugin for Openstack Swift https://bugzilla.redhat.com/show_bug.cgi?id=831871 -------------------------------------------------------------------------------- ================================================================================ python-tracing-0.6-2.el6 (FEDORA-EPEL-2012-13221) Python debug logging helper -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ python-ttystatus-0.19-1.el6 (FEDORA-EPEL-2012-13221) Progress and status updates on terminals for Python -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ summain-0.14-2.el6 (FEDORA-EPEL-2012-13221) File manifest generator -------------------------------------------------------------------------------- Update Information: Initial release of the Obnam backup tool and dependencies for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #827810 - Review Request: obnam - An easy, secure backup program https://bugzilla.redhat.com/show_bug.cgi?id=827810 -------------------------------------------------------------------------------- ================================================================================ xlockmore-5.40-3.el6 (FEDORA-EPEL-2012-13222) Screen lock and screen saver -------------------------------------------------------------------------------- Update Information: fixed "CVE-2012-4524 xlockmore: Screensaver crash (screen lock bypass) when 'dclock' mode used" -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Adrian Reber - 5.40-3 - fixed "CVE-2012-4524 xlockmore: Screensaver crash (screen lock bypass) when 'dclock' mode used" (#867908) * Thu Oct 18 2012 Adrian Reber - 5.40-2 - removed esound-devel BR * Sun Oct 14 2012 Adrian Reber - 5.40-1 - updated to 5.40 * Sun Jul 22 2012 Fedora Release Engineering - 5.38-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Mar 25 2012 Adrian Reber - 5.38-1 - updated to 5.38 - removed buildroot and clean section * Sat Jan 14 2012 Fedora Release Engineering - 5.34-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson - 5.34-2 - Rebuild for new libpng * Tue Jun 7 2011 Adrian Reber - 5.34-1 - updated to 5.34 - fixed "Desktop file should not include extension..." (#701699) - fixed "...missing Requires" (#701699); added R: gnome-icon-theme-legacy -------------------------------------------------------------------------------- References: [ 1 ] Bug #867908 - CVE-2012-4524 xlockmore: Screensaver crash (screen lock bypass) when 'dclock' mode used https://bugzilla.redhat.com/show_bug.cgi?id=867908 -------------------------------------------------------------------------------- From stahnma at puppetlabs.com Fri Oct 19 23:04:24 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Fri, 19 Oct 2012 16:04:24 -0700 Subject: Fixing Puppet in Fedora/EPEL Message-ID: Puppet in the Fedora/EPEL ecosystem is a bit wonky currently. I'd really like to fix it. Problems: * Fedora 17 (and higher) ships with Ruby 1.9.x and Puppet 2.7.x. 2.7.x is not 100% compatible with 1.9.3. The number of issues in this space continues to grow. * EPEL 5/6 still have Puppet 2.6.x in stable. This version of Puppet isn't maintained any more, other than security fixes. * Puppet 3.0.x is out and is the fully supported branch from Puppet Labs and supports Ruby 1.9.3+ fully. * People wanting to have to Fedora clients (agents) check into a RHEL master have to either replace all Puppet software with items provided by yum.puppetlabs.com or replace Fedora ruby/puppet with the ones from RHEL/EPEL. My proposal would be the following: * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. * Move EPEL 5 to the latest 2.7.x branch. This is the last branch of Puppet that supports Ruby 1.8.5, and works with 3.0 masters. This would cause some backward-incompatible changes as documented here[1]. However, this would provide the longest life of Puppet on RHEL/Fedora ecosystems and allow users of Puppet to continue to develop solutions around it on RHEL/EPEL/Fedora, such as the Red Hat Openstack work. We would obviously want to allow testing for some time before pushing the changes everywhere. Puppet Labs release engineering is more than willing to do a majority of this work to make this happen. [1] http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#Important-Deprecations Michael Stahnke stahnma on freenode Puppet Labs Software Delivery From skvidal at fedoraproject.org Fri Oct 19 23:05:08 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Fri, 19 Oct 2012 19:05:08 -0400 (EDT) Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, 19 Oct 2012, Michael Stahnke wrote: > Puppet in the Fedora/EPEL ecosystem is a bit wonky currently. > > I'd really like to fix it. > > Problems: > * Fedora 17 (and higher) ships with Ruby 1.9.x and Puppet 2.7.x. 2.7.x is not > 100% compatible with 1.9.3. The number of issues in this space continues to > grow. > * EPEL 5/6 still have Puppet 2.6.x in stable. This version of Puppet > isn't maintained any more, other than security fixes. Isn't 'not maintained anymore other than security fixes' Exactly what epel (and rhel for that matter) all about? also - if I have a puppet master on rhel5 and my clients on rhel6 - how well does that work? -sv From stahnma at puppetlabs.com Fri Oct 19 23:12:06 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Fri, 19 Oct 2012 16:12:06 -0700 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, Oct 19, 2012 at 4:05 PM, Seth Vidal wrote: > > > > On Fri, 19 Oct 2012, Michael Stahnke wrote: > >> Puppet in the Fedora/EPEL ecosystem is a bit wonky currently. >> >> I'd really like to fix it. >> >> Problems: >> * Fedora 17 (and higher) ships with Ruby 1.9.x and Puppet 2.7.x. 2.7.x is >> not >> 100% compatible with 1.9.3. The number of issues in this space continues >> to >> grow. >> * EPEL 5/6 still have Puppet 2.6.x in stable. This version of Puppet >> isn't maintained any more, other than security fixes. > > > > > Isn't 'not maintained anymore other than security fixes' Exactly what epel > (and rhel for that matter) all about? Yes, and no. You'd never be able to have Fedora clients (or many other distributions/OSes) connecting to that master. > > also - if I have a puppet master on rhel5 and my clients on rhel6 - how well > does that work? Right, in this world you'd want to put a master on EL6 or newer. I (we) completely realize this isn't totally awesome either. This is a problem when you have a distributed application that is trying to support the widest variety of host populations we can. This request was brought to us by community members, Red Hat employees, and business partners as well. I am happy to discuss other soutions/ideas too though. I am not 100% convinced my proposal is the best. > > -sv > > -- > devel mailing list > devel at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel From skvidal at fedoraproject.org Fri Oct 19 23:22:52 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Fri, 19 Oct 2012 19:22:52 -0400 (EDT) Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, 19 Oct 2012, Michael Stahnke wrote: > I (we) completely realize this isn't totally awesome either. This is > a problem when you have a distributed application that is trying to > support the widest variety of host populations we can. > > This request was brought to us by community members, Red Hat > employees, and business partners as well. > > I am happy to discuss other soutions/ideas too though. I am not 100% > convinced my proposal is the best. > I'm less worried about the people requesting the newness b/c they clearly want change. I'm worried about the people who run rhel b/c they fear change. Perhaps they aren't likely to run epel, except it feels like they will run epel..... b/c it is pushed so hard by all the el6's. I agree it is a suboptimal solution. Hey, since you work for puppetlabs - I have a new idea - make them maintain backward compat with 2.6 :) That solves the problem for everyone, right? -sv From stahnma at puppetlabs.com Fri Oct 19 23:29:57 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Fri, 19 Oct 2012 16:29:57 -0700 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, Oct 19, 2012 at 4:22 PM, Seth Vidal wrote: > > > > On Fri, 19 Oct 2012, Michael Stahnke wrote: > >> I (we) completely realize this isn't totally awesome either. This is >> a problem when you have a distributed application that is trying to >> support the widest variety of host populations we can. >> >> This request was brought to us by community members, Red Hat >> employees, and business partners as well. >> >> I am happy to discuss other soutions/ideas too though. I am not 100% >> convinced my proposal is the best. >> > > I'm less worried about the people requesting the newness b/c they clearly > want change. I'm worried about the people who run rhel b/c they fear change. I'm more worried about people with hybrid environments where RHEL is at the core for Puppet. (and somewhat how RHEL 7 could shake out) Do you consider it ok to not be able to have Fedora agents check into a RHEL master? > > Perhaps they aren't likely to run epel, except it feels like they will run > epel..... b/c it is pushed so hard by all the el6's. > > I agree it is a suboptimal solution. Hey, since you work for puppetlabs - I > have a new idea - make them maintain backward compat with 2.6 :) > Well, yes and no. We are trying very hard with the 3 series to not break compatibility. 2.6 and even 2.7 had some ambiguous behavior that is now better defined which does help that. > That solves the problem for everyone, right? > > > -sv > > -- > devel mailing list > devel at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel From skvidal at fedoraproject.org Fri Oct 19 23:31:57 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Fri, 19 Oct 2012 19:31:57 -0400 (EDT) Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, 19 Oct 2012, Michael Stahnke wrote: > On Fri, Oct 19, 2012 at 4:22 PM, Seth Vidal wrote: >> >> >> >> On Fri, 19 Oct 2012, Michael Stahnke wrote: >> >>> I (we) completely realize this isn't totally awesome either. This is >>> a problem when you have a distributed application that is trying to >>> support the widest variety of host populations we can. >>> >>> This request was brought to us by community members, Red Hat >>> employees, and business partners as well. >>> >>> I am happy to discuss other soutions/ideas too though. I am not 100% >>> convinced my proposal is the best. >>> >> >> I'm less worried about the people requesting the newness b/c they clearly >> want change. I'm worried about the people who run rhel b/c they fear change. > I'm more worried about people with hybrid environments where RHEL is > at the core for Puppet. (and somewhat how RHEL 7 could shake out) > > Do you consider it ok to not be able to have Fedora agents check into > a RHEL master? > There is a reason I want to move to a clientless configmgmt infrastructure. I do not want to be hogtied like this again. -sv From skvidal at fedoraproject.org Fri Oct 19 23:45:57 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Fri, 19 Oct 2012 19:45:57 -0400 (EDT) Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: <20121019233633.GB23267@disco.bu.edu> References: <20121019233633.GB23267@disco.bu.edu> Message-ID: On Fri, 19 Oct 2012, Matthew Miller wrote: > On Fri, Oct 19, 2012 at 07:31:57PM -0400, Seth Vidal wrote: >> There is a reason I want to move to a clientless configmgmt >> infrastructure. >> I do not want to be hogtied like this again. > > Yeah, but we're not going to make _you_ use Puppet. :) > Damned if some folks don't seem to try. ;) -sv From ktdreyer at ktdreyer.com Fri Oct 19 23:59:54 2012 From: ktdreyer at ktdreyer.com (Ken Dreyer) Date: Fri, 19 Oct 2012 17:59:54 -0600 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, Oct 19, 2012 at 5:04 PM, Michael Stahnke wrote: > My proposal would be the following: > * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. > * Move EPEL 5 to the latest 2.7.x branch. This is the last branch of > Puppet that supports Ruby 1.8.5, and works with 3.0 masters. The last big Puppet move in EPEL (0.25 to 2.6) went well, so I welcome this change. - Ken From a.badger at gmail.com Sat Oct 20 00:00:51 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Fri, 19 Oct 2012 17:00:51 -0700 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: <20121019233528.GA23267@disco.bu.edu> References: <20121019233528.GA23267@disco.bu.edu> Message-ID: <20121020000051.GQ2974@unaka.lan> On Fri, Oct 19, 2012 at 07:35:28PM -0400, Matthew Miller wrote: > On Fri, Oct 19, 2012 at 04:04:24PM -0700, Michael Stahnke wrote: > > * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. > > Speaking for my previous job, it would really be unfortunate to have a > non-compatible update of puppet in EPEL. Unless accompanied by very loud > trumpets and fireworks beforehand, the day that update went out would be a > very sad and busy day for a number of sysadmins. > > I'm not opposed to putting puppet 3 in, but it'd really be helpful if it > went in as "puppet3" or something, and left the stable version as is, > happily getting security-only updates. > Having a parallel installable package makes sense to me. If it can't be parallel installed -- perhaps the question of whether to allow conflicts in epel that was recently raised would be a good thing to look at here as well? https://www.redhat.com/archives/epel-devel-list/2012-October/msg00015.html -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From skvidal at fedoraproject.org Sat Oct 20 00:02:45 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Fri, 19 Oct 2012 20:02:45 -0400 (EDT) Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, 19 Oct 2012, Ken Dreyer wrote: > On Fri, Oct 19, 2012 at 5:04 PM, Michael Stahnke wrote: >> My proposal would be the following: >> * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. >> * Move EPEL 5 to the latest 2.7.x branch. This is the last branch of >> Puppet that supports Ruby 1.8.5, and works with 3.0 masters. > > The last big Puppet move in EPEL (0.25 to 2.6) went well, so I welcome > this change. > It did? Istr a number of things on our systems going completely sideways. Maybe that was a different transition. -sv From stahnma at puppetlabs.com Sat Oct 20 00:07:16 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Fri, 19 Oct 2012 17:07:16 -0700 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: On Fri, Oct 19, 2012 at 5:02 PM, Seth Vidal wrote: > > > > On Fri, 19 Oct 2012, Ken Dreyer wrote: > >> On Fri, Oct 19, 2012 at 5:04 PM, Michael Stahnke >> wrote: >>> >>> My proposal would be the following: >>> * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. >>> * Move EPEL 5 to the latest 2.7.x branch. This is the last branch of >>> Puppet that supports Ruby 1.8.5, and works with 3.0 masters. >> >> >> The last big Puppet move in EPEL (0.25 to 2.6) went well, so I welcome >> this change. >> > > > It did? Istr a number of things on our systems going completely sideways. > Maybe that was a different transition. As a note, I was able to upgrade from 2.6 to 2.7 with minor changes. >From 2.7 to 3.0 with _NONE_ on my infrastructure. > -sv > > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list From inode0 at gmail.com Sat Oct 20 00:26:44 2012 From: inode0 at gmail.com (inode0) Date: Fri, 19 Oct 2012 19:26:44 -0500 Subject: RHEL6 Workstation vs. EPEL6 Conflict Check and a few resulting questions Message-ID: This week I took a few minutes and compared packages on a RHEL6 Workstation install with EPEL packages available to it. Here is what I found. IDENTICAL VERSIONS a2ps-0:4.14-10.1.el6.i686 a2ps-0:4.14-10.1.el6.x86_64 emacs-a2ps-0:4.14-10.1.el6.x86_64 emacs-a2ps-el-0:4.14-10.1.el6.x86_64 html2ps-0:1.0-0.4.b5.el6.noarch libart_lgpl-0:2.3.20-5.1.el6.i686 libart_lgpl-0:2.3.20-5.1.el6.x86_64 libart_lgpl-devel-0:2.3.20-5.1.el6.i686 libart_lgpl-devel-0:2.3.20-5.1.el6.x86_64 lzop-0:1.02-0.9.rc1.el6.x86_64 perl-B-Keywords-0:1.09-3.1.el6.noarch perl-Class-Accessor-0:0.31-6.1.el6.noarch perl-Class-Data-Inheritable-0:0.08-3.1.el6.noarch perl-Class-Trigger-0:0.13-2.1.el6.noarch perl-Devel-Cycle-0:1.10-3.1.el6.noarch perl-Email-Date-Format-0:1.002-5.el6.noarch perl-Exception-Class-0:1.29-1.1.el6.noarch perl-File-Copy-Recursive-0:0.38-4.el6.noarch perl-Font-AFM-0:1.20-3.1.el6.noarch perl-HTML-Format-0:2.04-11.1.el6.noarch perl-Locale-PO-0:0.21-2.1.el6.noarch perl-MIME-Lite-0:3.027-2.el6.noarch perl-MIME-Types-0:1.28-2.el6.noarch perl-Module-Find-0:0.08-3.el6.noarch perl-Net-SMTP-SSL-0:1.01-4.el6.noarch perl-PadWalker-0:1.9-1.el6.x86_64 perl-Perl-Critic-0:1.105-2.el6.noarch perl-Pod-Spell-0:1.01-6.1.el6.noarch perl-String-Format-0:1.15-2.1.el6.noarch perl-Syntax-Highlight-Engine-Kate-0:0.04-5.1.el6.noarch perl-Test-Memory-Cycle-0:1.04-7.1.el6.noarch perl-Test-Perl-Critic-0:1.01-7.1.el6.noarch perl-UNIVERSAL-can-0:1.15-1.el6.noarch perl-UNIVERSAL-isa-0:1.03-1.el6.noarch perl-XML-TokeParser-0:0.05-2.1.el6.noarch perl-XML-Writer-0:0.606-6.el6.noarch ruby-shadow-0:1.4.1-13.el6.x86_64 scons-0:2.0.1-1.el6.noarch xhtml2ps-0:1.0-0.4.b5.el6.noarch I was surprised to find so many packages in EPEL with the same version as the same package in RHEL. While this doesn't cause any problems in cases where the RHEL package is already installed in other cases, a new install or something pulled in by another dependency, will grab the EPEL package in a more or less default configuration which doesn't seem to be a good thing to be happening. Why are there all these packages in EPEL with an identical version to packages in RHEL? HIGHER VERSION IN EPEL koan-0:2.2.3-2.el6.noarch (koan-0:2.0.7-21.el6sat.noarch) libesmtp-0:1.0.4-16.el6.i686 (libesmtp-0:1.0.4-15.el6.i686) libesmtp-0:1.0.4-16.el6.x86_64 (libesmtp-0:1.0.4-15.el6.x86_64) libmnl-0:1.0.3-4.el6.i686 (libmnl-0:1.0.2-3.el6.i686) libmnl-0:1.0.3-4.el6.x86_64 (libmnl-0:1.0.2-3.el6.x86_64) libmnl-devel-0:1.0.3-4.el6.i686 (libmnl-devel-0:1.0.2-3.el6.i686) libmnl-devel-0:1.0.3-4.el6.x86_64 (libmnl-devel-0:1.0.2-3.el6.x86_64) libnfnetlink-0:1.0.0-3.el6.i686 (libnfnetlink-0:1.0.0-1.el6.i686) libnfnetlink-0:1.0.0-3.el6.x86_64 (libnfnetlink-0:1.0.0-1.el6.x86_64) libnfnetlink-devel-0:1.0.0-3.el6.i686 (libnfnetlink-devel-0:1.0.0-1.el6.i686) libnfnetlink-devel-0:1.0.0-3.el6.x86_64 (libnfnetlink-devel-0:1.0.0-1.el6.x86_64) python-mako-0:0.5.0-5.el6.noarch (python-mako-0:0.3.4-1.el6.noarch) python-zope-interface-0:3.7.0-2.el6.x86_64 (python-zope-interface-0:3.5.2-2.1.el6.x86_64) Some of these have been corrected and the rest now have bugs filed against them. The only one that I'm curious about really is koan which conflicts with the same package in the rhn-tools channel. While my gut thinks that should be considered part of base RHEL I don't know if it ever has been?! HIGHER VERSION IN RHEL biosdevname-0:0.3.11-1.el6.x86_64 (biosdevname-0:0.3.4-1.el6.x86_64) febootstrap-0:3.12-1.el6.x86_64 (febootstrap-0:2.7-1.el6.x86_64) ht2html-0:2.0-10.1.el6.noarch (ht2html-0:2.0-10.el6.noarch) jabberpy-0:0.5-0.21.el6sat.noarch (jabberpy-0:0.5-0.21.el6.noarch) osutil-0:2.0.1-1.el6.x86_64 (osutil-0:1.3.1-3.el6.1.x86_64) perl-Class-MethodMaker-0:2.16-4.el6.x86_64 (perl-Class-MethodMaker-0:2.15-2.el6.x86_64) perl-Config-Simple-0:4.59-5.1.el6.noarch (perl-Config-Simple-0:4.59-5.el6.noarch) perl-File-pushd-0:1.00-3.1.el6.noarch (perl-File-pushd-0:1.00-0.3.1.el6.noarch) perl-IO-Tty-0:1.08-4.el6.x86_64 (perl-IO-Tty-0:1.08-3.el6.x86_64) perl-IPC-Run-0:0.84-2.el6.noarch (perl-IPC-Run-0:0.84-1.el6.noarch) perl-Term-ProgressBar-0:2.09-10.el6.noarch (perl-Term-ProgressBar-0:2.09-8.el6.noarch) perl-Test-Spelling-0:0.11-7.el6.noarch (perl-Test-Spelling-0:0.11-5.1.el6.noarch) pexpect-0:2.3-6.el6.noarch (pexpect-0:2.3-5.el6.noarch) php-tidy-0:5.3.3-14.el6_3.x86_64 (php-tidy-0:5.3.3-1.el6.x86_64) pki-symkey-0:9.0.3-24.el6.x86_64 (pki-symkey-0:1.3.2-3.el6.1.x86_64) PyPAM-0:0.5.0-12.el6.x86_64 (PyPAM-0:0.5.0-11.el6.x86_64) python-krbV-0:1.0.90-3.el6.x86_64 (python-krbV-0:1.0.90-1.el6.x86_64) python-netaddr-0:0.7.5-4.el6.noarch (python-netaddr-0:0.7.5-1.el6.noarch) python-suds-0:0.4.1-3.el6.noarch (python-suds-0:0.4.1-1.el6.noarch) python-urwid-0:0.9.9.1-4.el6.x86_64 (python-urwid-0:0.9.9.1-1.el6.x86_64) rhn-custom-info-0:5.4.14-1.el6sat.noarch (rhn-custom-info-0:5.4.5-1.el6.noarch) rhnpush-0:5.5.42-7.el6sat.noarch (rhnpush-0:0.4.5-2.el6.noarch) scl-utils-0:20120423-2.el6.x86_64 (scl-utils-0:20120229-1.el6.x86_64) scl-utils-build-0:20120423-2.el6.x86_64 (scl-utils-build-0:20120229-1.el6.x86_64) wordnet-0:3.0-14.el6.i686 (wordnet-0:3.0-13.el6.i686) wordnet-0:3.0-14.el6.x86_64 (wordnet-0:3.0-13.el6.x86_64) wordnet-devel-0:3.0-14.el6.i686 (wordnet-devel-0:3.0-13.el6.i686) wordnet-devel-0:3.0-14.el6.x86_64 (wordnet-devel-0:3.0-13.el6.x86_64) xerces-c-0:3.0.1-20.el6.i686 (xerces-c-0:3.0.1-0.20.1.el6.i686) xerces-c-0:3.0.1-20.el6.x86_64 (xerces-c-0:3.0.1-0.20.1.el6.x86_64) xerces-c-devel-0:3.0.1-20.el6.i686 (xerces-c-devel-0:3.0.1-0.20.1.el6.i686) xerces-c-devel-0:3.0.1-20.el6.x86_64 (xerces-c-devel-0:3.0.1-0.20.1.el6.x86_64) xerces-c-doc-0:3.0.1-20.el6.noarch (xerces-c-doc-0:3.0.1-0.20.1.el6.noarch) This last group is harmless as far as I'm can tell. John From mattdm at fedoraproject.org Fri Oct 19 23:35:28 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Fri, 19 Oct 2012 19:35:28 -0400 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: <20121019233528.GA23267@disco.bu.edu> On Fri, Oct 19, 2012 at 04:04:24PM -0700, Michael Stahnke wrote: > * Move EPEL 6, Fedora >= 17 to use Puppet 3.0. Speaking for my previous job, it would really be unfortunate to have a non-compatible update of puppet in EPEL. Unless accompanied by very loud trumpets and fireworks beforehand, the day that update went out would be a very sad and busy day for a number of sysadmins. I'm not opposed to putting puppet 3 in, but it'd really be helpful if it went in as "puppet3" or something, and left the stable version as is, happily getting security-only updates. (I agree that we need to find a better solution to this long term. But that's what we've got.) The same _probably_ goes for F17. And, technically, it's getting _really late_ for big changes for F18 -- the change deadline is the 26th, so we should hurry with that if possible. > Puppet Labs release engineering is more than willing to do a majority of > this work to make this happen. That is awesome. I very much support getting puppet into better shape in Fedora, and your participation is great. -- Matthew Miller ??? Fedora Cloud Architect ??? From mattdm at fedoraproject.org Fri Oct 19 23:36:33 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Fri, 19 Oct 2012 19:36:33 -0400 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: <20121019233633.GB23267@disco.bu.edu> On Fri, Oct 19, 2012 at 07:31:57PM -0400, Seth Vidal wrote: > There is a reason I want to move to a clientless configmgmt > infrastructure. > I do not want to be hogtied like this again. Yeah, but we're not going to make _you_ use Puppet. :) -- Matthew Miller ??? Fedora Cloud Architect ??? From stijn at sandcat.nl Sat Oct 20 12:05:42 2012 From: stijn at sandcat.nl (Stijn Hoop) Date: Sat, 20 Oct 2012 14:05:42 +0200 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: Message-ID: <20121020140542.0ed39331@tangaloor.kzp.sandcat.nl> Hi, On Fri, 19 Oct 2012 16:29:57 -0700 Michael Stahnke wrote: > On Fri, Oct 19, 2012 at 4:22 PM, > Seth Vidal wrote: > > I'm less worried about the people requesting the newness b/c they > > clearly want change. I'm worried about the people who run rhel b/c > > they fear change. > > I'm more worried about people with hybrid environments where RHEL is > at the core for Puppet. (and somewhat how RHEL 7 could shake out) > > Do you consider it ok to not be able to have Fedora agents check into > a RHEL master? FWIW, we have exactly this (Fedora clients, CentOS master). And yes, we need to use our local mirror of yum.puppetlabs.com right now. This is nothing more than anecdata, as we are fine with the setup now. Of course, having puppet3 in EPEL would make life a tiny bit easier. Regards, --Stijn From smooge at gmail.com Sat Oct 20 16:51:58 2012 From: smooge at gmail.com (Stephen John Smoogen) Date: Sat, 20 Oct 2012 10:51:58 -0600 Subject: RHEL6 Workstation vs. EPEL6 Conflict Check and a few resulting questions In-Reply-To: References: Message-ID: On 19 October 2012 18:26, inode0 wrote: > koan-0:2.2.3-2.el6.noarch (koan-0:2.0.7-21.el6sat.noarch) > Some of these have been corrected and the rest now have bugs filed > against them. The only one that I'm curious about really is koan which > conflicts with the same package in the rhn-tools channel. While my gut > thinks that should be considered part of base RHEL I don't know if it > ever has been?! The tools has never been and in the past the group running it wanted to push newer stuff into EPEL so it could be tested as the people testing stuff never used Fedora for it. I don't know if that is still valid but that was the previous case. [ -- Stephen J Smoogen. "Don't derail a useful feature for the 99% because you're not in it." Linus Torvalds "Years ago my mother used to say to me,... Elwood, you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant. You may quote me." ?James Stewart as Elwood P. Dowd From kevin at scrye.com Sat Oct 20 17:00:01 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Sat, 20 Oct 2012 11:00:01 -0600 Subject: RHEL6 Workstation vs. EPEL6 Conflict Check and a few resulting questions In-Reply-To: References: Message-ID: <20121020110001.4a223a37@jelerak.scrye.com> On Fri, 19 Oct 2012 19:26:44 -0500 inode0 wrote: > This week I took a few minutes and compared packages on a RHEL6 > Workstation install with EPEL packages available to it. Here is what I > found. Excellent. Thanks for working on it. > IDENTICAL VERSIONS ...snip... > I was surprised to find so many packages in EPEL with the same version > as the same package in RHEL. While this doesn't cause any problems in > cases where the RHEL package is already installed in other cases, a > new install or something pulled in by another dependency, will grab > the EPEL package in a more or less default configuration which doesn't > seem to be a good thing to be happening. > > Why are there all these packages in EPEL with an identical version to > packages in RHEL? I suspect almost all of these were added into EPEL because RHEL did not ship them on all arches. The current guidelines for this have us requiring a _lower_ version, but in the past before we had this hashed out the advise was 'the same version'. I'm not really sure how to fix these now. We could unpush them and push out older versions, but then anyone who had the others installed would never ever see updates. > HIGHER VERSION IN EPEL ...snip... > Some of these have been corrected and the rest now have bugs filed > against them. The only one that I'm curious about really is koan which > conflicts with the same package in the rhn-tools channel. While my gut > thinks that should be considered part of base RHEL I don't know if it > ever has been?! Historically it has not been. It's been: base, optional, ha and cluster. > HIGHER VERSION IN RHEL ...snip... > This last group is harmless as far as I'm can tell. Likely they are from when something was in EPEL only and was added later in a newer RHEL minor release. It would be good to clean them up. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From updates at fedoraproject.org Sat Oct 20 19:49:57 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 20 Oct 2012 19:49:57 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121020194957.1649C20907@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 181 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 76 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing dokuwiki-0-0.14.20121013.el5 eurephia-1.1.0-4.el5 mosh-1.2.3-1.el5 munin-2.0.7-3.el5 php-pecl-geoip-1.0.8-2.el5 stompclt-0.5-2.el5 wsl-0.1.8-3.el5 Details about builds: ================================================================================ dokuwiki-0-0.14.20121013.el5 (FEDORA-EPEL-2012-13244) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information: upgrade to latest upstream Update to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Andrew Colin Kissa - 0-0.14.20121013 - Latest upstream - Fix Bugzilla bugs #844726, #840255, #795487, #741384, #840686, #835145 * Thu Aug 2 2012 Andrew Colin Kissa - 0-0.13.20120125.b - Latest upstream - Fix Bugzilla bugs #844726, #840255, #795487, #741384, #840686, #835145 * Wed Jul 18 2012 Fedora Release Engineering - 0-0.12.20110525.a - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #741384 - CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file https://bugzilla.redhat.com/show_bug.cgi?id=741384 [ 2 ] Bug #840686 - CVE-2012-0283 dokuwiki: XSS flaw in tpl_mediaFileList() https://bugzilla.redhat.com/show_bug.cgi?id=840686 [ 3 ] Bug #835145 - CVE-2012-3354 dokuwiki: Full path disclosure with PHP error level enabled https://bugzilla.redhat.com/show_bug.cgi?id=835145 -------------------------------------------------------------------------------- ================================================================================ eurephia-1.1.0-4.el5 (FEDORA-EPEL-2012-13233) An advanced and flexible OpenVPN user authentication plug-in -------------------------------------------------------------------------------- Update Information: Updated against upstream eurephia-1.1.0, with additional fixes. Release of eurephia v1.1 for EL5 -------------------------------------------------------------------------------- ================================================================================ mosh-1.2.3-1.el5 (FEDORA-EPEL-2012-13241) Mobile shell that supports roaming and intelligent local echo -------------------------------------------------------------------------------- Update Information: Update to mosh 1.2.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 19 2012 Alexander Chernyakhovsky - 1.2.3-1 - Update to mosh 1.2.3 * Fri Jul 20 2012 Fedora Release Engineering - 1.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ munin-2.0.7-3.el5 (FEDORA-EPEL-2012-13237) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Remove #!env, apply upstream patch, minor spec fixes. Updated to 2.0.7 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 19 2012 D. Johnson - 2.0.7-3 - BZ# 859956 Minor fedora/rhel build macro fixes - BZ# 861148 Upstream 1213, Incorrect child count in worker threads for GraphOld.pm and HTMLOld.pm * Sun Oct 14 2012 D. Johnson - 2.0.7-2 - Do not use 'env' for #! lines. - Require: perl-Taint-Runtime to prevent warnings * Sun Oct 7 2012 D. Johnson - 2.0.7-1 - Upstream to 2.0.7 - BZ# 850401 Use systemd_preun when available (f18) - BZ# 863490 [patch] http_load plugin uses wrong time command - BZ# 862469 Move asyncd init files to asyncd subpackage * Tue Sep 11 2012 D. Johnson - 2.0.6-3 - Upstream removed dists/redhat/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #859956 - Minor fedora/rhel build macro fixes https://bugzilla.redhat.com/show_bug.cgi?id=859956 [ 2 ] Bug #861148 - munin cron reports [ERROR] Ran out of children: No child processes https://bugzilla.redhat.com/show_bug.cgi?id=861148 [ 3 ] Bug #867503 - Munin uses perl -T, but doesn't require the perl-Taint-Runtime package https://bugzilla.redhat.com/show_bug.cgi?id=867503 [ 4 ] Bug #867437 - Munin shebang error (perl -w: No such file or directory) https://bugzilla.redhat.com/show_bug.cgi?id=867437 [ 5 ] Bug #850401 - Introduce new systemd-rpm macros in munin spec file https://bugzilla.redhat.com/show_bug.cgi?id=850401 [ 6 ] Bug #863490 - hhtp_load plugin uses wrong time command https://bugzilla.redhat.com/show_bug.cgi?id=863490 [ 7 ] Bug #862469 - /etc/init.d/munin-asyncd start gives "munin-asyncd was expected at @@LIBDIR@@/munin-asyncd" https://bugzilla.redhat.com/show_bug.cgi?id=862469 -------------------------------------------------------------------------------- ================================================================================ php-pecl-geoip-1.0.8-2.el5 (FEDORA-EPEL-2012-13242) Extension to map IP addresses to geographic places -------------------------------------------------------------------------------- Update Information: upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 21 2012 Fedora Release Engineering - 1.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.0.8-1 - update to 1.0.8 for php 5.4 * Sat Jan 14 2012 Fedora Release Engineering - 1.0.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sat Oct 15 2011 Remi Collet - 1.0.7-7 - fix segfault when build with latest GeoIP (#746417) - run test suite during build - add patch for tests, https://bugs.php.net/bug.php?id=59804 - add filter to avoid private-shared-object-provides geoip.so * Fri Jul 15 2011 Andrew Colin Kissa - 1.0.7-6 - Fix bugzilla #715693 * Wed Feb 9 2011 Fedora Release Engineering - 1.0.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jul 26 2009 Fedora Release Engineering - 1.0.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ stompclt-0.5-2.el5 (FEDORA-EPEL-2012-13243) Versatile STOMP client -------------------------------------------------------------------------------- Update Information: first build -------------------------------------------------------------------------------- References: [ 1 ] Bug #853124 - Review Request: stompclt - Versatile STOMP client https://bugzilla.redhat.com/show_bug.cgi?id=853124 -------------------------------------------------------------------------------- ================================================================================ wsl-0.1.8-3.el5 (FEDORA-EPEL-2012-13239) Wsman Shell Command Line "whistle" -------------------------------------------------------------------------------- Update Information: Introducing the wsl package (aka "whistle"). wsl is a shell based client for wsman. -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Oct 20 19:49:58 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 20 Oct 2012 19:49:58 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121020194958.C5C8C20907@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 181 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 104 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13222/xlockmore-5.40-3.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 369 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing cabal-rpm-0.6.4-1.el6 dokuwiki-0-0.14.20121013.el6 eurephia-1.1.0-4.el6 mosh-1.2.3-1.el6 munin-2.0.7-3.el6 mysql-utilities-1.1.0-1.el6 pesign-0.99-7.el6 php-pecl-geoip-1.0.8-2.el6 python-py9p-1.0.2-1.el6 python-pyvfs-0.2.5-1.el6 python-testtools-0.9.19-1.el6 stompclt-0.5-2.el6 wsl-0.1.8-2.el6 Details about builds: ================================================================================ cabal-rpm-0.6.4-1.el6 (FEDORA-EPEL-2012-13228) RPM package creator for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: Support tarballs, add manpage and cabal-rpm-diff script -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 25 2012 Jens Petersen - 0.6.4-1 - add cabal-rpm-diff wrapper script - fix generated manpage * Mon Sep 24 2012 Jens Petersen - 0.6.3-1 - can now handle tarball - new manpage - obsoletes cabal2spec -------------------------------------------------------------------------------- ================================================================================ dokuwiki-0-0.14.20121013.el6 (FEDORA-EPEL-2012-13232) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information: upgrade to latest release Upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Andrew Colin Kissa - 0-0.14.20121013 - Latest upstream - Fix Bugzilla bugs #844726, #840255, #795487, #741384, #840686, #835145 * Thu Aug 2 2012 Andrew Colin Kissa - 0-0.13.20120125.b - Latest upstream - Fix Bugzilla bugs #844726, #840255, #795487, #741384, #840686, #835145 * Wed Jul 18 2012 Fedora Release Engineering - 0-0.12.20110525.a - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #741384 - CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file https://bugzilla.redhat.com/show_bug.cgi?id=741384 [ 2 ] Bug #840686 - CVE-2012-0283 dokuwiki: XSS flaw in tpl_mediaFileList() https://bugzilla.redhat.com/show_bug.cgi?id=840686 [ 3 ] Bug #835145 - CVE-2012-3354 dokuwiki: Full path disclosure with PHP error level enabled https://bugzilla.redhat.com/show_bug.cgi?id=835145 [ 4 ] Bug #717146 - CVE-2011-2510 dokuwiki: XSS in DokuWiki's RSS embedding mechanism https://bugzilla.redhat.com/show_bug.cgi?id=717146 -------------------------------------------------------------------------------- ================================================================================ eurephia-1.1.0-4.el6 (FEDORA-EPEL-2012-13235) An advanced and flexible OpenVPN user authentication plug-in -------------------------------------------------------------------------------- Update Information: Updated against upstream eurephia-1.1.0, with additional fixes. Release of eurephia v1.1 for EL5 -------------------------------------------------------------------------------- ================================================================================ mosh-1.2.3-1.el6 (FEDORA-EPEL-2012-13240) Mobile shell that supports roaming and intelligent local echo -------------------------------------------------------------------------------- Update Information: Update to mosh 1.2.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 19 2012 Alexander Chernyakhovsky - 1.2.3-1 - Update to mosh 1.2.3 * Fri Jul 20 2012 Fedora Release Engineering - 1.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ munin-2.0.7-3.el6 (FEDORA-EPEL-2012-13246) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Remove #!env, apply upstream patch, minor spec fixes. Updated to 2.0.7 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 19 2012 D. Johnson - 2.0.7-3 - BZ# 859956 Minor fedora/rhel build macro fixes - BZ# 861148 Upstream 1213, Incorrect child count in worker threads for GraphOld.pm and HTMLOld.pm * Sun Oct 14 2012 D. Johnson - 2.0.7-2 - Do not use 'env' for #! lines. - Require: perl-Taint-Runtime to prevent warnings * Sun Oct 7 2012 D. Johnson - 2.0.7-1 - Upstream to 2.0.7 - BZ# 850401 Use systemd_preun when available (f18) - BZ# 863490 [patch] http_load plugin uses wrong time command - BZ# 862469 Move asyncd init files to asyncd subpackage * Tue Sep 11 2012 D. Johnson - 2.0.6-3 - Upstream removed dists/redhat/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #859956 - Minor fedora/rhel build macro fixes https://bugzilla.redhat.com/show_bug.cgi?id=859956 [ 2 ] Bug #861148 - munin cron reports [ERROR] Ran out of children: No child processes https://bugzilla.redhat.com/show_bug.cgi?id=861148 [ 3 ] Bug #867503 - Munin uses perl -T, but doesn't require the perl-Taint-Runtime package https://bugzilla.redhat.com/show_bug.cgi?id=867503 [ 4 ] Bug #867437 - Munin shebang error (perl -w: No such file or directory) https://bugzilla.redhat.com/show_bug.cgi?id=867437 [ 5 ] Bug #850401 - Introduce new systemd-rpm macros in munin spec file https://bugzilla.redhat.com/show_bug.cgi?id=850401 [ 6 ] Bug #863490 - hhtp_load plugin uses wrong time command https://bugzilla.redhat.com/show_bug.cgi?id=863490 [ 7 ] Bug #862469 - /etc/init.d/munin-asyncd start gives "munin-asyncd was expected at @@LIBDIR@@/munin-asyncd" https://bugzilla.redhat.com/show_bug.cgi?id=862469 -------------------------------------------------------------------------------- ================================================================================ mysql-utilities-1.1.0-1.el6 (FEDORA-EPEL-2012-13247) MySQL Utilities -------------------------------------------------------------------------------- Update Information: New version without the new mysqluc command. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Remi Collet - 1.1.0-1 - update to 1.1.0 - new command mysqluc removed (broken) -------------------------------------------------------------------------------- ================================================================================ pesign-0.99-7.el6 (FEDORA-EPEL-2012-13229) Signing utility for UEFI binaries -------------------------------------------------------------------------------- Update Information: Add setfacl for kojibuilder and PIN input via stdin. This is the pesign PE signing tool. Automatically select daemon as signer when using rpm macros. -------------------------------------------------------------------------------- ================================================================================ php-pecl-geoip-1.0.8-2.el6 (FEDORA-EPEL-2012-13234) Extension to map IP addresses to geographic places -------------------------------------------------------------------------------- Update Information: upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 21 2012 Fedora Release Engineering - 1.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.0.8-1 - update to 1.0.8 for php 5.4 * Sat Jan 14 2012 Fedora Release Engineering - 1.0.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sat Oct 15 2011 Remi Collet - 1.0.7-7 - fix segfault when build with latest GeoIP (#746417) - run test suite during build - add patch for tests, https://bugs.php.net/bug.php?id=59804 - add filter to avoid private-shared-object-provides geoip.so * Fri Jul 15 2011 Andrew Colin Kissa - 1.0.7-6 - Fix bugzilla #715693 * Wed Feb 9 2011 Fedora Release Engineering - 1.0.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-py9p-1.0.2-1.el6 (FEDORA-EPEL-2012-13245) Pure Python implementation of 9P protocol (Plan9) -------------------------------------------------------------------------------- Update Information: New package build python-py9p 1.0.2-1 -------------------------------------------------------------------------------- ================================================================================ python-pyvfs-0.2.5-1.el6 (FEDORA-EPEL-2012-13230) Simple python VFS library -------------------------------------------------------------------------------- Update Information: New package build python-pyvfs 0.2.5-1 -------------------------------------------------------------------------------- ================================================================================ python-testtools-0.9.19-1.el6 (FEDORA-EPEL-2012-13231) Extensions to the Python unit testing framework -------------------------------------------------------------------------------- Update Information: * Better discover support and Python3.x improvements * Python 3 builds now enabled for Fedora releases -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Michel Salim - 0.9.19-1 - Update to 0.9.19 - On Fedora, also build for Python 3.x -------------------------------------------------------------------------------- ================================================================================ stompclt-0.5-2.el6 (FEDORA-EPEL-2012-13238) Versatile STOMP client -------------------------------------------------------------------------------- Update Information: first build -------------------------------------------------------------------------------- References: [ 1 ] Bug #853124 - Review Request: stompclt - Versatile STOMP client https://bugzilla.redhat.com/show_bug.cgi?id=853124 -------------------------------------------------------------------------------- ================================================================================ wsl-0.1.8-2.el6 (FEDORA-EPEL-2012-13236) Wsman Shell Command Line "whistle" -------------------------------------------------------------------------------- Update Information: Introducing wsl package (aka "whistle"). A Shell based client for wsman. -------------------------------------------------------------------------------- From orion at cora.nwra.com Mon Oct 22 15:12:14 2012 From: orion at cora.nwra.com (Orion Poplawski) Date: Mon, 22 Oct 2012 09:12:14 -0600 Subject: Fwd: abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into dist-6E-epel-testing-candidate by orion In-Reply-To: <20121022150826.37D9B20969@bastion01.phx2.fedoraproject.org> References: <20121022150826.37D9B20969@bastion01.phx2.fedoraproject.org> Message-ID: <5085624E.1070506@cora.nwra.com> Has anyone else seen this? I don't seem to be able to issue an update because it isn't in updates-candidates. -------- Original Message -------- Subject: abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into dist-6E-epel-testing-candidate by orion Date: Mon, 22 Oct 2012 15:08:26 +0000 (UTC) From: Fedora Koji Build System To: ausil at fedoraproject.org, voronov at fedoraproject.org, torwangjl at fedoraproject.org, alagunambi at fedoraproject.org, urkle at fedoraproject.org, orion at fedoraproject.org Package: abi-compliance-checker NVR: abi-compliance-checker-1.98.4-1.el6 User: orion Status: failed Tag Operation: tagged Into Tag: dist-6E-epel-testing-candidate abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into dist-6E-epel-testing-candidate by orion Operation failed with the error: : policy violation (tag): not covered by policy From dennis at ausil.us Mon Oct 22 16:27:05 2012 From: dennis at ausil.us (Dennis Gilmore) Date: Mon, 22 Oct 2012 11:27:05 -0500 Subject: abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into dist-6E-epel-testing-candidate by orion In-Reply-To: <5085624E.1070506@cora.nwra.com> References: <20121022150826.37D9B20969@bastion01.phx2.fedoraproject.org> <5085624E.1070506@cora.nwra.com> Message-ID: <20121022112705.27ce2244@adria.ausil.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I was making some changes in koji this morning, you an now tag the package in "koji tag-pkg dist-6E-epel-testing-candidate abi-compliance-checker-1.98.4-1.el6" then you will be able to create the update Sorry for the inconvenience Dennis El Mon, 22 Oct 2012 09:12:14 -0600 Orion Poplawski escribi?: > Has anyone else seen this? I don't seem to be able to issue an > update because it isn't in updates-candidates. > > > -------- Original Message -------- > Subject: abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged > into dist-6E-epel-testing-candidate by orion > Date: Mon, 22 Oct 2012 15:08:26 +0000 (UTC) > From: Fedora Koji Build System > To: ausil at fedoraproject.org, voronov at fedoraproject.org, > torwangjl at fedoraproject.org, alagunambi at fedoraproject.org, > urkle at fedoraproject.org, orion at fedoraproject.org > > Package: abi-compliance-checker > NVR: abi-compliance-checker-1.98.4-1.el6 > User: orion > Status: failed > Tag Operation: tagged > Into Tag: dist-6E-epel-testing-candidate > > abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into > dist-6E-epel-testing-candidate by orion > Operation failed with the error: > : policy violation (tag): not > covered by policy > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlCFc94ACgkQkSxm47BaWfffeACgj/rY7niSEplyXp5r/pqBekd/ uhcAn3pd+ZtekesolXZ1sr0dfIAfYkNq =uZtw -----END PGP SIGNATURE----- From orion at cora.nwra.com Mon Oct 22 18:11:54 2012 From: orion at cora.nwra.com (Orion Poplawski) Date: Mon, 22 Oct 2012 12:11:54 -0600 Subject: abi-compliance-checker-1.98.4-1.el6 unsuccessfully tagged into dist-6E-epel-testing-candidate by orion In-Reply-To: <20121022112705.27ce2244@adria.ausil.us> References: <20121022150826.37D9B20969@bastion01.phx2.fedoraproject.org> <5085624E.1070506@cora.nwra.com> <20121022112705.27ce2244@adria.ausil.us> Message-ID: <50858C6A.5070709@cora.nwra.com> On 10/22/2012 10:27 AM, Dennis Gilmore wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I was making some changes in koji this morning, you an now tag the > package in "koji tag-pkg dist-6E-epel-testing-candidate > abi-compliance-checker-1.98.4-1.el6" > > then you will be able to create the update Thanks, all set. -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder Office FAX: 303-415-9702 3380 Mitchell Lane orion at nwra.com Boulder, CO 80301 http://www.nwra.com From ktdreyer at ktdreyer.com Mon Oct 22 18:25:22 2012 From: ktdreyer at ktdreyer.com (Ken Dreyer) Date: Mon, 22 Oct 2012 12:25:22 -0600 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: <20121019233528.GA23267@disco.bu.edu> References: <20121019233528.GA23267@disco.bu.edu> Message-ID: On Fri, Oct 19, 2012 at 5:35 PM, Matthew Miller wrote: > I'm not opposed to putting puppet 3 in, but it'd really be helpful if it > went in as "puppet3" or something, and left the stable version as is, > happily getting security-only updates. My biggest concern is that 2.6 will not get security updates for the lifetime of EPEL 5 and 6. To me it seems better to bite the bullet now, get version 3 into updates-testing, set the karma requirement very high just as the maintainers did for the 0.25 -> 2.6 transition. This is the main problem I see with parallel-installable packages, particularly in EPEL - it seems to give users an assumption that the old packages are fine. - Ken From gregswift at gmail.com Mon Oct 22 18:41:36 2012 From: gregswift at gmail.com (Greg Swift) Date: Mon, 22 Oct 2012 13:41:36 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121018153829.GL2974@unaka.lan> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> Message-ID: On Thu, Oct 18, 2012 at 10:38 AM, Toshio Kuratomi wrote: > On Wed, Oct 17, 2012 at 12:57:31PM -0500, Greg Swift wrote: >> > ...snip... >> > >> >> > Right. I think this may be something we want to ask the Fedora >> >> > Packaging folks (who live on the packaging list) about. >> >> >> >> good plan >> > >> > Can you post over there about this and look for feedback? >> >> I am going to. my procrastination excuse was that I was hoping to >> hear from at least one more person before I did in case there was more >> feedback. >> > There are quite a few reasons to avoid Conflicts. Some of them are listed > on the Conflicts wiki page but there are others as well. For instance, in > Fedora, we need to make the effort to be porting software forward to newer > versions of their dependencies rather than maintaining extra packages for > backwards compatibility. But EPEL doesn't need to play by the same rules if > they don't want to. Ya. That's where it gets interesting. I completely agree with all of the points towards Fedora, but EPEL is definitely a different beast. Its that weird limbo between rolling release and very long term support but not being paid to care about it. (Although I guess most contributors are kinda paid because they are likely doing it for their dayjob, but that likely rarely includes caring about other people's long term needs). The EPEL philosophy provides a basic set of guidelines. http://fedoraproject.org/wiki/History_and_Philosophy_of_EPEL#Philosophy 1: Never replace or interfere with RHEL packages 2: Packages should be supported for the life of related RHEL project 3: No manual update process or procedures 4: During 'stable' EPEL cycle package shouldn't update in a way that changes user experience or does more than just bugfixes. A few thoughts on these: 1: That has become complicated.. i know there is a very long thread about the scenario where Red Hat buys and commercializes a tool that was already in EPEL. 2: Nice concept, and we can keep them around but 'supported' depends on your definition... see below 3: This is great for 'no suprises' but what about the people where an upgrade is not a surprise? 4: Makes sense. Seems to me that how people seem to want to use EPEL should also be considered. I just watched one of the PuppetConf presentations while I was writing this and heard something along the lines of 'use FPM because getting up to date software in something like EPEL is too hard'. How does that help when the only thing stopping that new version being available is a poor upgrade path for the software in packaging policy (including recommended methods)? > There's a basic question of cost and benefit. For Fedora, with its shorter > time to EOL, the costs of a no-Conflicts policy are less than in EPEL where > your base platform is going to be available for years. Just bear in mind > that you're going to be maintaining those compat packages for years as well. > So the costs of allowing Conflicts are also higher. The cost of maintaining the compat packages can be huge, but the reality is that for most of the ones we are talking about replacing the likelyhood of an update diminishes every month as most of the new packages are for software that has been/will be left in dust by upstream. If there is a valid upstream release for security reasons, that older package can still be updated. Some examples of last update dates from upstream for existing packages in EPEL: rspec 1.3 - Apr 2011 collectd 4 - Mar 2011 django 1.3 - Oct 2012 (security update, 1.4 is current stable branch) zabbix 1.6 (rhel5) - Mar 2010 zabbix 1.8 (rhel6) - Aug 2012 (likely last non-security update, 2.0 branch is current stable branch) bugzilla 3.4 - Feb 2012 (security update, branch has since closed) mediawiki116 1.16 - May 2011 (1.17 release was discontinued Jun 2012) mediawiki119 1.19 - Sep 2012 (based on current average release cycle I give this until mid-2013) The mediawiki are the only ones that are named including the version. I didn't want to browse the entire list of packages, so these are just the ones that popped out at me. The ones that are within the 2012 year don't seem to bad right now. But what about in 2017 (rhel5) or 2020 (rhel6) when non-extended lifecycle of that release ends? > For your two initial examples, I think that you'd want to be careful about > allowing conflicts but might be able to justify it in one of the cases. You > need to ask yourself: "Would any user want to install both versions of this > package at the same time?" For an application, this may be no. For > a library, this is almost always going to be yes. To me that rules > rubygem-rspec right out as a good case for Conflicts. Collectd is also > libraries but the case could be made that they'd be coupled to whatever > version of collectd is running on the system. So you might be able to make > the case there. (But do think about things like -- what if a user has some > boxes running collectd5 and others collectd4. If these libraries were > parallel installable would they enable the user to query information from > both sets of boxes?) So... I agree with the concept of compat packages. Except when it requires the package maintainer to patch the code (aren't we against non-upstream accepted patches?) and create a non-standard installation of the software. In ruby (or python, or perl), if anyone that wants to package or deploy software that uses the newer version has to edit that module from including 'module' to 'moduleVERSION' have we made a usable package? For collectd, I'd imagine that if you have both 4 and 5, you have servers for both 4 and 5 as collectors, and you'd just run your bits on each. Having both on one box would enable you to query both systems, but what is the incentive to try and maintain this use case for the packagers? Since I started writing this there has been another thread about bringing Puppet current. And well... Here are two options as I see it (not including continuing on in this inconsistent manner) - New EPEL package requirement... package name _must_ contain version number based on upstream's abi/api compatability policy. Okay.. move past the initial 'bleh' reaction and think about it. Then.. take the recommendation one of my co-workers provided: - A new EPEL repository path. EPEL-rolling (or current or whatever). You can enable this repository if you want to stay with current packages. And if you have stuph you don't want rolling forward you still have several choices: 1: Manage your own local repo collection 2: Set excludes on those packages 3: Just leave the rolling repo disabled except for when you need to do an update. I've a few other thoughts on this but don't want to over load this already full post. -greg From cmadams at hiwaay.net Mon Oct 22 19:07:27 2012 From: cmadams at hiwaay.net (Chris Adams) Date: Mon, 22 Oct 2012 14:07:27 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> Message-ID: <20121022190727.GE10693@hiwaay.net> Once upon a time, Greg Swift said: > Some examples of last update dates from upstream for existing packages in EPEL: Another one for the list that I ran across recently is Bacula. EPEL 5 has Bacula 2.4.4, which is from January 2009 and is long EOL. As I understand it, 2.x clients aren't even supported by newer versions of the server (3.0, which is also EOL, 5.0, and 5.2 clients are supposed to work with newer/current servers). RHEL 6 includes Bacula 5.0, which of course complicates things. I guess EPEL shouldn't have a newer version than later RHEL releases (especially in this case, since I don't know if a newer Bacula client is expected to work with an older server). Internally, I'm packing 5.2 from Fedora as bacula52. I can't parallel install the different versions (although I don't think that would make much sense with this software). -- Chris Adams Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. From a.badger at gmail.com Mon Oct 22 19:53:51 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Mon, 22 Oct 2012 12:53:51 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> Message-ID: <20121022195351.GS2974@unaka.lan> On Mon, Oct 22, 2012 at 01:41:36PM -0500, Greg Swift wrote: > On Thu, Oct 18, 2012 at 10:38 AM, Toshio Kuratomi wrote: > > > For your two initial examples, I think that you'd want to be careful about > > allowing conflicts but might be able to justify it in one of the cases. You > > need to ask yourself: "Would any user want to install both versions of this > > package at the same time?" For an application, this may be no. For > > a library, this is almost always going to be yes. To me that rules > > rubygem-rspec right out as a good case for Conflicts. Collectd is also > > libraries but the case could be made that they'd be coupled to whatever > > version of collectd is running on the system. So you might be able to make > > the case there. (But do think about things like -- what if a user has some > > boxes running collectd5 and others collectd4. If these libraries were > > parallel installable would they enable the user to query information from > > both sets of boxes?) > > So... I agree with the concept of compat packages. Except when it > requires the package maintainer to patch the code (aren't we against > non-upstream accepted patches?) and create a non-standard installation > of the software. In ruby (or python, or perl), if anyone that wants > to package or deploy software that uses the newer version has to edit > that module from including 'module' to 'moduleVERSION' have we made a > usable package? > Unfortunately, there's not a lot you can do about that (although many upstreams have worked on this problem off-and-on in various ways and it might be possible to work out something depending on the language you're dealing with. For instance, with python you're able to specify the version you want in one place in your application and then that's the version that will be used anywhere the library is imported). If you replace a library with a new library that is incompatible, then you inconvenience anyone that is using the library that EPEL shipped with. If you don't update then you inconvenience anyone that is using or wants to use a newer version of the library. The current policy of EPEL is geared towards people who have deployed based on what's currently in EPEL rather than those who want to deploy something new. As for non-upstream patches... we are against them but not as much as other things. Non-upstream patches aren't a guideline in the Fedora packaging guideline, for instance. Keeping non-upstream patches to a minimum allows a package maintainer to do more work with their limited time. But there are things about packaging that sometimes require patching even if the upstream won't accept them. For instance, a patch to run against an older version of a language even though the upstream doesn't care about that version anymore. Figuring out how to utilize a different version of a library is just a short step away from that. > Here are two options as I see it (not including continuing on in this > inconsistent manner) > > - New EPEL package requirement... package name _must_ contain version > number based on upstream's abi/api compatability policy. > > Okay.. move past the initial 'bleh' reaction and think about it. > Yep. Debian (which releases on a timeframe that's more like RHEL than Fedora) applies something like this to their C libraries. > Then.. take the recommendation one of my co-workers provided: > > - A new EPEL repository path. EPEL-rolling (or current or whatever). > You can enable this repository if you want to stay with current > packages. > I think a lot of people like this but no one is prepared to become the guy who's responsible for maintaining it. A new repository has both setup costs and long term maintainance costs. You can take a look at past list discussions for some ideas of those costs and then see if you can come up with a plan for how to meet the manpower requirements to make this work. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From updates at fedoraproject.org Mon Oct 22 20:56:33 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 22 Oct 2012 20:56:33 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121022205633.64DBB2077A@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 53 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 183 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 78 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.15-3.el5 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing joda-time-1.5.2-9.tzdata2008e.el5 mozilla-https-everywhere-3.0.2-1.el5 nagios-plugins-lcgdm-0.9.4-1.el5 pdns-2.9.22-5.el5 php-pecl-lzf-1.6.2-1.el5 viewvc-1.1.15-3.el5 Details about builds: ================================================================================ joda-time-1.5.2-9.tzdata2008e.el5 (FEDORA-EPEL-2012-13265) Java date and time API -------------------------------------------------------------------------------- Update Information: try to resolved broken dependencies. -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.2-1.el5 (FEDORA-EPEL-2012-13261) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 21 2012 Russell Golden - 3.0.1-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-lcgdm-0.9.4-1.el5 (FEDORA-EPEL-2012-13257) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information: Update for new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Ricardo Rocha - 0.9.4-1 - Update for new upstream release * Tue Oct 16 2012 Ricardo Rocha - 0.9.3-1 - Update for new upstream release * Wed Sep 12 2012 Ricardo Rocha - 0.9.2-1 - Added runtime dep on python ldap for dpm-head package -------------------------------------------------------------------------------- ================================================================================ pdns-2.9.22-5.el5 (FEDORA-EPEL-2012-13256) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Morten Stevens - 2.9.22-5 - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- References: [ 1 ] Bug #646510 - PowerDNS configuration is world-readable while it can contain passwords https://bugzilla.redhat.com/show_bug.cgi?id=646510 -------------------------------------------------------------------------------- ================================================================================ php-pecl-lzf-1.6.2-1.el5 (FEDORA-EPEL-2012-13260) Extension to handle LZF de/compression -------------------------------------------------------------------------------- Update Information: new upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Andrew Colin Kissa - 1.6.2-1 - Upgrade to latest upstream - Fix bugzilla #838309 #680230 * Sat Jul 21 2012 Fedora Release Engineering - 1.5.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.5.2-9 - rebuild against PHP 5.4, with upstream patch - add filter to avoid private-shared-object-provides - add minimal %check * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Jul 15 2011 Andrew Colin Kissa - 1.5.2-7 - Fix bugzilla #715791 * Wed Feb 9 2011 Fedora Release Engineering - 1.5.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jul 26 2009 Fedora Release Engineering - 1.5.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #838309 - php-pecl-lzf-1.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=838309 [ 2 ] Bug #680230 - php-pecl-lzf contains a bundled liblzf. https://bugzilla.redhat.com/show_bug.cgi?id=680230 -------------------------------------------------------------------------------- ================================================================================ viewvc-1.1.15-3.el5 (FEDORA-EPEL-2012-13249) Browser interface for CVS and SVN version control repositories -------------------------------------------------------------------------------- Update Information: Patch CVE-2012-4533. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Bojan Smojver - 1.1.15-3 - patch CVE-2012-4533, bug #868606 * Sun Jul 22 2012 Fedora Release Engineering - 1.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #868606 - CVE-2012-4533 viewvc 1.1.5 lib/viewvc.py XSS https://bugzilla.redhat.com/show_bug.cgi?id=868606 -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 22 20:56:35 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 22 Oct 2012 20:56:35 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121022205635.698EA208A7@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 183 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 106 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.15-3.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 53 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 371 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing Django14-1.4.2-2.el6 abi-compliance-checker-1.98.4-1.el6 libesedb-20120102-3.el6 mozilla-https-everywhere-3.0.2-1.el6 nagios-plugins-lcgdm-0.9.4-1.el6 pdns-2.9.22.6-2.el6 perl-MD5-2.03-14.el6 php-channel-theseer-1.3-1.el6 php-pecl-lzf-1.6.2-1.el6 php-zmq-0.6.0-7.20120613git516bd6f.el6 python-keystoneclient-0.1.3.27-1.el6 viewvc-1.1.15-3.el6 zabbix-1.8.15-2.el6 Details about builds: ================================================================================ Django14-1.4.2-2.el6 (FEDORA-EPEL-2012-13248) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: Handle conflicts in a saner way, support older dependent packages New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #864481 - Review Request: Django14 - A high-level Python Web framework https://bugzilla.redhat.com/show_bug.cgi?id=864481 -------------------------------------------------------------------------------- ================================================================================ abi-compliance-checker-1.98.4-1.el6 (FEDORA-EPEL-2012-13255) An ABI Compliance Checker -------------------------------------------------------------------------------- Update Information: Update to 1.98.4 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 21 2012 Richard Shaw - 1.98.4-1 - Update to latest upstream release. * Wed Jul 18 2012 Fedora Release Engineering - 1.98.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libesedb-20120102-3.el6 (FEDORA-EPEL-2012-13264) Library to access the Extensible Storage Engine (ESE) Database File (EDB) format -------------------------------------------------------------------------------- Update Information: Adding new package to Fedora. Description: Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format. ESEDB is used in may different applications like Windows Search, Windows Mail, Exchange, Active Directory, etc. -------------------------------------------------------------------------------- References: [ 1 ] Bug #822718 - Review Request: libesedb - Library to access the Extensible Storage Engine (ESE) Database File (EDB) format https://bugzilla.redhat.com/show_bug.cgi?id=822718 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.2-1.el6 (FEDORA-EPEL-2012-13252) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 21 2012 Russell Golden - 3.0.1-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-lcgdm-0.9.4-1.el6 (FEDORA-EPEL-2012-13254) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information: Update for new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Ricardo Rocha - 0.9.4-1 - Update for new upstream release * Tue Oct 16 2012 Ricardo Rocha - 0.9.3-1 - Update for new upstream release * Wed Sep 12 2012 Ricardo Rocha - 0.9.2-1 - Added runtime dep on python ldap for dpm-head package -------------------------------------------------------------------------------- ================================================================================ pdns-2.9.22.6-2.el6 (FEDORA-EPEL-2012-13250) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Morten Stevens - 2.9.22.6-2 - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- References: [ 1 ] Bug #646510 - PowerDNS configuration is world-readable while it can contain passwords https://bugzilla.redhat.com/show_bug.cgi?id=646510 -------------------------------------------------------------------------------- ================================================================================ perl-MD5-2.03-14.el6 (FEDORA-EPEL-2012-13259) Perl interface to the MD5 Message-Digest Algorithm -------------------------------------------------------------------------------- Update Information: This package is needed in EL-6 branch. This module (MD5.pm) is just a thin wrapper around the Digest::MD5 module. It is provided so that legacy code that rely on the old interface continue to work with the speed benefit of the new module. -------------------------------------------------------------------------------- ================================================================================ php-channel-theseer-1.3-1.el6 (FEDORA-EPEL-2012-13263) Adds theseer channel to PEAR -------------------------------------------------------------------------------- Update Information: This package adds the pear.netpirates.net (theseer) channel which allows PEAR packages from this channel to be installed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #866370 - Review Request: php-channel-theseer - Adds theseer channel to PEAR https://bugzilla.redhat.com/show_bug.cgi?id=866370 -------------------------------------------------------------------------------- ================================================================================ php-pecl-lzf-1.6.2-1.el6 (FEDORA-EPEL-2012-13253) Extension to handle LZF de/compression -------------------------------------------------------------------------------- Update Information: latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Andrew Colin Kissa - 1.6.2-1 - Upgrade to latest upstream - Fix bugzilla #838309 #680230 * Sat Jul 21 2012 Fedora Release Engineering - 1.5.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.5.2-9 - rebuild against PHP 5.4, with upstream patch - add filter to avoid private-shared-object-provides - add minimal %check * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Jul 15 2011 Andrew Colin Kissa - 1.5.2-7 - Fix bugzilla #715791 * Wed Feb 9 2011 Fedora Release Engineering - 1.5.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #838309 - php-pecl-lzf-1.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=838309 [ 2 ] Bug #680230 - php-pecl-lzf contains a bundled liblzf. https://bugzilla.redhat.com/show_bug.cgi?id=680230 -------------------------------------------------------------------------------- ================================================================================ php-zmq-0.6.0-7.20120613git516bd6f.el6 (FEDORA-EPEL-2012-13258) PHP 0MQ/zmq/zeromq extension -------------------------------------------------------------------------------- Update Information: Rebuild against zeromq3. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Ralph Bean - 0.6.0-7.20120613git516bd6f - Rebuilt against zeromq3. * Sat Jul 21 2012 Fedora Release Engineering - 0.6.0-6.20120613git516bd6f - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-keystoneclient-0.1.3.27-1.el6 (FEDORA-EPEL-2012-13088) Python API and CLI for OpenStack Keystone -------------------------------------------------------------------------------- Update Information: * New upstream release 0.1.3 * Change underscores in new cert options to dashes (lp#1040162) * Handle "503 Service Unavailable" exception (lp#1028799) * add --wrap option for long PKI tokens (lp#1053728) * remove deprecated Diablo options * add --os-token and --os-endpoint options to match http://wiki.openstack.org/UnifiedCLI/Authentication * Allow empty description for tenants (lp#1025929) * Documentation updates * change default wrap for tokens from 78 characters to 0 (lp#1061514) * bootstrap a keystone user in one cmd * Useful message when missing catalog (lp#949904) -------------------------------------------------------------------------------- ================================================================================ viewvc-1.1.15-3.el6 (FEDORA-EPEL-2012-13262) Browser interface for CVS and SVN version control repositories -------------------------------------------------------------------------------- Update Information: Patch CVE-2012-4533. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Bojan Smojver - 1.1.15-3 - patch CVE-2012-4533, bug #868606 * Sun Jul 22 2012 Fedora Release Engineering - 1.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #868606 - CVE-2012-4533 viewvc 1.1.5 lib/viewvc.py XSS https://bugzilla.redhat.com/show_bug.cgi?id=868606 -------------------------------------------------------------------------------- ================================================================================ zabbix-1.8.15-2.el6 (FEDORA-EPEL-2012-13251) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: The init scripts now include files in /etc/sysconfig, if present, adressing BZ 851009. This is handy to run a service in a specific Cgroup. Updating creates no extra usermod output, adressing BZ 810870 The docs package was obsoleted, since it only contained a README, also found in the main package. The web sub-package no longer contains .orig files, which were leftovers from patching. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 20 2012 Volker Fr?hlich - 1.8.15-2 - Include sysconfig file in init script (BZ 851009) - No extra output from usermod (BZ 810870) - Remove defattr, no longer necessary since EL4 - Obsolete docs subpackage - Really remove .orig files in frontend left from patching -------------------------------------------------------------------------------- References: [ 1 ] Bug #851009 - Add sysconfig options file to init script. https://bugzilla.redhat.com/show_bug.cgi?id=851009 [ 2 ] Bug #810870 - Upgrading from 1.8.10 to 1.8.11 prints extra usermod output https://bugzilla.redhat.com/show_bug.cgi?id=810870 -------------------------------------------------------------------------------- From gregswift at gmail.com Tue Oct 23 14:45:21 2012 From: gregswift at gmail.com (Greg Swift) Date: Tue, 23 Oct 2012 09:45:21 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121022195351.GS2974@unaka.lan> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> Message-ID: On Mon, Oct 22, 2012 at 2:53 PM, Toshio Kuratomi wrote: > On Mon, Oct 22, 2012 at 01:41:36PM -0500, Greg Swift wrote: >> On Thu, Oct 18, 2012 at 10:38 AM, Toshio Kuratomi wrote: >> >> > For your two initial examples, I think that you'd want to be careful about >> > allowing conflicts but might be able to justify it in one of the cases. You >> > need to ask yourself: "Would any user want to install both versions of this >> > package at the same time?" For an application, this may be no. For >> > a library, this is almost always going to be yes. To me that rules >> > rubygem-rspec right out as a good case for Conflicts. Collectd is also >> > libraries but the case could be made that they'd be coupled to whatever >> > version of collectd is running on the system. So you might be able to make >> > the case there. (But do think about things like -- what if a user has some >> > boxes running collectd5 and others collectd4. If these libraries were >> > parallel installable would they enable the user to query information from >> > both sets of boxes?) >> >> So... I agree with the concept of compat packages. Except when it >> requires the package maintainer to patch the code (aren't we against >> non-upstream accepted patches?) and create a non-standard installation >> of the software. In ruby (or python, or perl), if anyone that wants >> to package or deploy software that uses the newer version has to edit >> that module from including 'module' to 'moduleVERSION' have we made a >> usable package? >> > Unfortunately, there's not a lot you can do about that (although many > upstreams have worked on this problem off-and-on in various ways and it > might be possible to work out something depending on the language you're > dealing with. For instance, with python you're able to specify the version > you want in one place in your application and then that's the version that > will be used anywhere the library is imported). > > If you replace a library with a new library that is incompatible, then you > inconvenience anyone that is using the library that EPEL shipped with. If > you don't update then you inconvenience anyone that is using or wants to use > a newer version of the library. > > The current policy of EPEL is geared towards people who have deployed based > on what's currently in EPEL rather than those who want to deploy something > new. > > As for non-upstream patches... we are against them but not as much as other > things. Non-upstream patches aren't a guideline in the Fedora packaging > guideline, for instance. Keeping non-upstream patches to a minimum allows > a package maintainer to do more work with their limited time. But there are > things about packaging that sometimes require patching even if the upstream > won't accept them. For instance, a patch to run against an older version of > a language even though the upstream doesn't care about that version anymore. > Figuring out how to utilize a different version of a library is just a short > step away from that. Okay... I took its mention in the guidelines as more of a strong recommendation, especially due to the 'If you think that your package should be exempt from part of the Guidelines, please bring the issue to the Fedora Packaging Committee'. Thanks for explaining that. https://fedoraproject.org/wiki/Packaging:Guidelines#All_patches_should_have_an_upstream_bug_link_or_comment >> Here are two options as I see it (not including continuing on in this >> inconsistent manner) >> >> - New EPEL package requirement... package name _must_ contain version >> number based on upstream's abi/api compatability policy. >> >> Okay.. move past the initial 'bleh' reaction and think about it. >> > Yep. Debian (which releases on a timeframe that's more like RHEL than > Fedora) applies something like this to their C libraries. I can see leaving the number off for the initial version, although in the long run for EPEL i think it'd be better to just number them all (ugly, I know... but considering RHEL support has gone from 7 years to 13 years, new packages are just a reality we are going to have to deal with). >> Then.. take the recommendation one of my co-workers provided: >> >> - A new EPEL repository path. EPEL-rolling (or current or whatever). >> You can enable this repository if you want to stay with current >> packages. >> > I think a lot of people like this but no one is prepared to become the guy > who's responsible for maintaining it. A new repository has both setup costs > and long term maintainance costs. You can take a look at past list > discussions for some ideas of those costs and then see if you can come up > with a plan for how to meet the manpower requirements to make this work. Do you have any thread names or search phrases to recommend? I found several threads back in 2007, which all appear to be early EPEL. Unfortunately, the audience and use of EPEL was much smaller then. Its good to see that there was discussion about how to ensure this happens in the future. The repository directory structure does look like it can still handle the additional repository. The question then becomes how would it fit into the koji/bodhi work flow. Is there a good reference for that? I've read the existing workflow document on Bodhi's wiki. It seems to me that there would have to be an additional package state, which may not directly plug into how bodhi currently works. NEW ---> PENDING --> TESTING --> STABLE --> OBSOLETE \--UNSTABLE--/------------/ With an UNSTABLE package also being able to push into STABLE if the STABLE package is no longer considered safe to run (that unsupported, or no available patch for security issue, or whatever.. would define a list) Or the UNSTABLE package would just live in UNSTABLE unless it gets sent to OBSOLETE. -greg From mattdm at fedoraproject.org Mon Oct 22 18:30:01 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Mon, 22 Oct 2012 14:30:01 -0400 Subject: Fixing Puppet in Fedora/EPEL In-Reply-To: References: <20121019233528.GA23267@disco.bu.edu> Message-ID: <20121022183000.GA32341@disco.bu.edu> On Mon, Oct 22, 2012 at 12:25:22PM -0600, Ken Dreyer wrote: > > I'm not opposed to putting puppet 3 in, but it'd really be helpful if it > > went in as "puppet3" or something, and left the stable version as is, > > happily getting security-only updates. > My biggest concern is that 2.6 will not get security updates for the > lifetime of EPEL 5 and 6. To me it seems better to bite the bullet As I understand it, Puppet Labs is still providing security updates for the 2.6 series. > This is the main problem I see with parallel-installable packages, > particularly in EPEL - it seems to give users an assumption that the > old packages are fine. We should cross that bridge when the old packages aren't fine anymore. -- Matthew Miller ??? Fedora Cloud Architect ??? From kevin at scrye.com Tue Oct 23 15:43:11 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Tue, 23 Oct 2012 09:43:11 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> Message-ID: <20121023094311.560c522e@jelerak.scrye.com> On Tue, 23 Oct 2012 09:45:21 -0500 Greg Swift wrote: ...snip... > Do you have any thread names or search phrases to recommend? I found > several threads back in 2007, which all appear to be early EPEL. > Unfortunately, the audience and use of EPEL was much smaller then. > > Its good to see that there was discussion about how to ensure this > happens in the future. The repository directory structure does look > like it can still handle the additional repository. > > The question then becomes how would it fit into the koji/bodhi work > flow. Is there a good reference for that? I've read the existing > workflow document on Bodhi's wiki. It seems to me that there would > have to be an additional package state, which may not directly plug > into how bodhi currently works. > > NEW ---> PENDING --> TESTING --> STABLE --> OBSOLETE > \--UNSTABLE--/------------/ > > With an UNSTABLE package also being able to push into STABLE if the > STABLE package is no longer considered safe to run (that unsupported, > or no available patch for security issue, or whatever.. would define a > list) > > Or the UNSTABLE package would just live in UNSTABLE unless it gets > sent to OBSOLETE. Right. If you allow crossing the unstable/stable streams here it becomes very complicated. This is where the start of all the work is... make git repos understand an unstable, make bodhi and mash and other compose tools understand it, have some way to report bugs about it (how do you set it in bugzilla?). Lots of complicated questions and then lots of actual work. ;) Even if you don't allow them to cross (ie, it's a completely seperate branch), it has still a bunch of work around the tools to get them working with it. Also, there will be problems where 'stable' stuff gets ignored or shoved down because people are more interested in the unstable part, etc. Personally, I don't have the time or desire to do all this work. If a group of folks wanted to write up a complete plan here and offer to do the work, I would be happy to provide feedback and get talked into helping them out, but it would have to be a pretty good plan. :) kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From a.badger at gmail.com Tue Oct 23 17:17:39 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Tue, 23 Oct 2012 10:17:39 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> Message-ID: <20121023171739.GT2974@unaka.lan> On Tue, Oct 23, 2012 at 09:45:21AM -0500, Greg Swift wrote: > On Mon, Oct 22, 2012 at 2:53 PM, Toshio Kuratomi wrote: > > As for non-upstream patches... we are against them but not as much as other > > things. Non-upstream patches aren't a guideline in the Fedora packaging > > guideline, for instance. Keeping non-upstream patches to a minimum allows > > a package maintainer to do more work with their limited time. But there are > > things about packaging that sometimes require patching even if the upstream > > won't accept them. For instance, a patch to run against an older version of > > a language even though the upstream doesn't care about that version anymore. > > Figuring out how to utilize a different version of a library is just a short > > step away from that. > > Okay... I took its mention in the guidelines as more of a strong > recommendation, especially due to the 'If you think that your package > should be exempt from part of the Guidelines, please bring the issue > to the Fedora Packaging Committee'. Thanks for explaining that. > > https://fedoraproject.org/wiki/Packaging:Guidelines#All_patches_should_have_an_upstream_bug_link_or_comment > Ah -- yeah, that's a SHOULD guideline. Shoulds are best practices that we mention in the guidelines but it's a sign there's a lot more leeway as to what's acceptable. It usually means that there's good reasons to follow it and good reasons not to. When reviewing a package or looking at an existing package there can be valid reasons that the spec file doesn't conform to what the guideline says you should do. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From a.badger at gmail.com Tue Oct 23 17:27:44 2012 From: a.badger at gmail.com (Toshio Kuratomi) Date: Tue, 23 Oct 2012 10:27:44 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> Message-ID: <20121023172744.GU2974@unaka.lan> On Tue, Oct 23, 2012 at 09:45:21AM -0500, Greg Swift wrote: > > Do you have any thread names or search phrases to recommend? I found > several threads back in 2007, which all appear to be early EPEL. > Unfortunately, the audience and use of EPEL was much smaller then. > Here's one of the most informative posts from a past thread: https://www.redhat.com/archives/epel-devel-list/2012-May/msg00164.html I see that Kevin has replied to this post as well with some of the higher level design considerations as well. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From updates at fedoraproject.org Wed Oct 24 14:31:36 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 24 Oct 2012 14:31:36 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121024143136.1B043201DF@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 185 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 107 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.15-3.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 55 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 373 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing bullet-2.81-1.el6 datalog-2.3-2.el6 fedmsg-0.5.5-1.el6 hokuyoaist-3.0.1-1.20120729git69df78b.el6 jemalloc-3.1.0-1.el6 ldns-1.6.14-1.el6 libccd-1.4-1.el6 lttng-tools-2.0.4-2.el6 pcl-1.6.0-3.el6 php-phpunit-PHPUnit-3.6.12-2.el6 php-voms-admin-0.6.5-1.el6 unicode-ucd-6.2.0-3.el6 Details about builds: ================================================================================ bullet-2.81-1.el6 (FEDORA-EPEL-2012-13273) 3D Collision Detection and Rigid Body Dynamics Library -------------------------------------------------------------------------------- Update Information: Update to release 2.81 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 13 2012 Rich Mattes - 2.81-1 - Update to version 2.81 -------------------------------------------------------------------------------- ================================================================================ datalog-2.3-2.el6 (FEDORA-EPEL-2012-13274) A Lightweight Deductive Database using Datalog -------------------------------------------------------------------------------- Update Information: Removed lua(api) requirement in SPEC file. New datalog package -------------------------------------------------------------------------------- References: [ 1 ] Bug #720857 - Review Request: datalog - A Lightweight Deductive Database using Datalog https://bugzilla.redhat.com/show_bug.cgi?id=720857 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.5.5-1.el6 (FEDORA-EPEL-2012-13276) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: Simplified and enhanced fedmsg.text module fedmsg.text enhancements and recursive merging of fedmsg.d/ New upstream with various enhancement and bugfixes. Misc bugfixes and enhancements. Rely on the latest python-moksha-hub. Bugfix to fedmsg.encoding Fix fedmsg-gateway. Enhancements to fedmsg.encoding. Convenient default config for end users. 0.3.8 new commands, options, and enhanced API. Unicode bugfix. repr enhancements. IRC colors, fedmsg2repr updates, and removed fedmsg-status threadsafety and licensing 0.3.1 for msg2repr updates and fedmsg-logger grepping. Bugfix to -logger and enhancement to -irc Require latest moksha. API enhancement. 0.2.5 with more realistic X509 capacity 0.2.4 with fix for disabled ssl 0.2.3 with upstream typo fixes Added deps on m2crypto and python-m2ext /var/log/fedmsg wasn't being created correctly. Require moksha >= 0.8.3. python-argparse fix for epel-6. Bugfix - Added a forgotten new requirement on python-requests. Fix to creation of /var/run/fedmsg. Remove unnecessary %%ghost on /var/run/fedmsg Nicer messages from fedmsg-irc. New fedmsg.text.msg2repr. bugfix to fedmsg.text. fedmsg.text updates for scm. thread safety bugfix for fedmsg-tail and fedmsg.text items from lmacken -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Ralph Bean - 0.5.5-1 - Lots of work on enhancing and simplifying fedmsg.text from Luke Macken. - Remove test_text.py since it now depends on test_hub.py * Tue Oct 9 2012 Ralph Bean - 0.5.4-4 - Disable those few tests that require network connectivity for koji. * Tue Oct 9 2012 Ralph Bean - 0.5.4-3 - BuildRequires on python-pygments. * Tue Oct 9 2012 Ralph Bean - 0.5.4-2 - BuildRequires on python-pygments. * Mon Oct 8 2012 Ralph Bean - 0.5.4-1 - New mediawiki, tagger, and git icons in fedmsg.text. - Create symlink of dev_certs in build section so tests can pass. - Re-enable the test suite in %check again. - fedmsg.text entries for tagger rank changes. - Updated default FI endpoints (for staging). - Remove full text from mediawiki messages to reduce spam. - Recursively merge dicts in /etc/fedmsg.d/ * Fri Oct 5 2012 Ralph Bean - 0.5.3-1 - Icons and fedmsg.text support for fedmsg-notify - Re-disabled the tests to get a quick release out for fedmsg-notify. * Thu Oct 4 2012 Luke Macken - 0.5.2-2 - Re-enable the test suite in %check which got accidently removed. * Wed Oct 3 2012 Ralph Bean - 0.5.2-1 - Allow timeout when connecting to a non-existant fedmsg-relay - fedmsg.text entries for new lookaside messages - fedmsg.text groundwork support for icons - Enhancements to the docs - Fixed regression in fedmsg-irc * Thu Sep 27 2012 Ralph Bean - 0.5.1-1 - Fixed links in meetbot reprs - fedmsg.text entries for pkgdb2branch and releng - unicode bugfix for fedmsg-tail --terse - Fix bug alongside python-moksha-hub-1.0.3-1 - New defaults fedora-infrastructure endpoints - Improved docs - Links to real diffs for mediawiki messages - Specifiable and longer default tcp timeout for fedmsg-irc - Improved config parsing for fedmsg-irc - Bugfix to git-hook; ignore pushed tags instead of crashing - Allow inner context to be destroyed and recreated inside a thread * Thu Sep 27 2012 Ralph Bean - 0.5.0-2 - Require python-pygments. * Wed Sep 19 2012 Ralph Bean - 0.5.0-1 - Depend on new Moksha - Massive docs improvement. - Minor API simplification. - Suppress some annoying warnings from fedmsg-tail. * Fri Aug 31 2012 Ralph Bean - 0.4.0-1 - Bugfix to fedmsg.encoding. * Fri Aug 31 2012 Ralph Bean - 0.3.9-1 - Bugfix to fedmsg-gateway. - to_json utility for sqlalchemy. - More convenient default config for end users. * Thu Aug 23 2012 Ralph Bean - 0.3.8-1 - fedmsg-gateway command, new! - Improved thread cleanup with weakref. - --terse option for fedmsg-tail - Meetbot text processing support. - Update to consumer API.. systematized enablement. * Fri Aug 17 2012 Ralph Bean - 0.3.6-1 - Expanded reprs. Support for fedoratagger-0.2.2-1 messages. - Unicode bugfix. * Tue Aug 14 2012 Ralph Bean - 0.3.5-1 - IRC colors - fedmsg2repr updates (Luke Macken) - Removed fedmsg-status and the heartbeat producer * Mon Aug 13 2012 Ralph Bean - 0.3.4-1 - Threadsafety bugfixes to fedmsg-tail - New fedmsg.text items from Luke Macken. * Sun Aug 12 2012 Ralph Bean - 0.3.3-1 - thread safety (for bodhi masher) * Wed Aug 8 2012 Ralph Bean - 0.3.2-1 - msg2repr updates for scm. * Wed Aug 8 2012 Ralph Bean - 0.3.1-1 - msg2repr updates - fedmsg-logger grepping. * Tue Aug 7 2012 Ralph Bean - 0.3.0-1 - Bugfix to fedmsg.text. * Tue Aug 7 2012 Ralph Bean - 0.2.9-1 - Upstream update including nicer message for fedmsg-irc. - fedmsg.text.msg2repr * Mon Aug 6 2012 Ralph Bean - 0.2.7-4 - Remove unnecessary %ghost on /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-3 - Hopefully fix to creation of /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-2 - Added a forgotten new requirement on python-requests. * Sun Aug 5 2012 Ralph Bean - 0.2.7-1 - Upstream bugfix to -logger and enhancement to -irc. * Mon Jul 30 2012 Ralph Bean - 0.2.6-2 - Require moksha >= 0.8.8 * Mon Jul 30 2012 Ralph Bean - 0.2.6-1 - Upstream bugfixes and API enhancements. * Thu Jul 19 2012 Fedora Release Engineering - 0.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jul 15 2012 Ralph Bean - 0.2.5-1 - Upstream crypto updates in preparation for a more realistic X509 setup. * Fri Jul 13 2012 Ralph Bean - 0.2.4-1 - Upstream bugfix for when ssl is disabled. * Wed Jul 11 2012 Ralph Bean - 0.2.3-1 - Upstream bump that fixes some typos. * Tue Jul 10 2012 Ralph Bean - 0.2.2-3 - Added deps on python-argparse for py < 2.7 (rhel6) * Sat Jul 7 2012 Ralph Bean - 0.2.2-2 - Added deps on m2crypto and python-m2ext * Sat Jul 7 2012 Ralph Bean - 0.2.2-1 - Update to fedmsg-irc to fix lineRate issues - fedmsg.crypto module - sign and validate messages * Mon Jun 11 2012 Ralph Bean - 0.2.1-2 - Require moksha >= 0.8.3 * Mon Jun 11 2012 Ralph Bean - 0.2.1-1 - Override producers and consumers entry-points in the hub. Should fix a collision that fedmsg-irc is having with fedoracommunity. * Mon Jun 11 2012 Ralph Bean - 0.2.0-4 - Introduce temporary hard dep on orbited. * Mon Jun 11 2012 Ralph Bean - 0.2.0-3 - /var/log/fedmsg wasn't being created correctly. -------------------------------------------------------------------------------- ================================================================================ hokuyoaist-3.0.1-1.20120729git69df78b.el6 (FEDORA-EPEL-2012-13268) Hokuyo Laser SCIP driver -------------------------------------------------------------------------------- Update Information: Initial import of flexiport and hokuyo_aist -------------------------------------------------------------------------------- ================================================================================ jemalloc-3.1.0-1.el6 (FEDORA-EPEL-2012-13272) General-purpose scalable concurrent malloc implementation -------------------------------------------------------------------------------- Update Information: New upstream release. Some new features, and bugfixes. See the upstream changelog for details. http://www.canonware.com/jemalloc/ChangeLog.html -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Ingvar Hagelund - 3.1.0-1 - New upstream release - Removed ptmalloc_lock_all patch, it is merged upstream * Thu Jul 19 2012 Fedora Release Engineering - 3.0.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ ldns-1.6.14-1.el6 (FEDORA-EPEL-2012-13278) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information: Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Paul Wouters - 1.6.14-1 - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation -------------------------------------------------------------------------------- ================================================================================ libccd-1.4-1.el6 (FEDORA-EPEL-2012-13271) Library for collision detection between convex shapes -------------------------------------------------------------------------------- Update Information: Initial import of libccd -------------------------------------------------------------------------------- ================================================================================ lttng-tools-2.0.4-2.el6 (FEDORA-EPEL-2012-13279) LTTng control and utility programs -------------------------------------------------------------------------------- Update Information: Add the control tools for the LTTng tracer -------------------------------------------------------------------------------- References: [ 1 ] Bug #834481 - Review Request: lttng-tools - LTTng control and utility programs https://bugzilla.redhat.com/show_bug.cgi?id=834481 -------------------------------------------------------------------------------- ================================================================================ pcl-1.6.0-3.el6 (FEDORA-EPEL-2012-13266) Library for point cloud processing -------------------------------------------------------------------------------- Update Information: Rebuild for new flann -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-3.6.12-2.el6 (FEDORA-EPEL-2012-13277) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: Update to 3.6.12 and fix compatibility with some recent extensions: File_Iterator, PHP_Invoker, PHP_Timer, PHP_Tokenstream and Text_Template. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Remi Collet - 3.6.12-2 - fix compatibility with some recent extensions: File_Iterator PHP_Invoker, PHP_Timer, PHP_Tokenstream, Text_Template (#869367) * Sat Aug 4 2012 Remi Collet - 3.6.12-1 - Version 3.6.12 (stable) - API 3.6.0 (stable) -------------------------------------------------------------------------------- References: [ 1 ] Bug #869367 - Missing dependency on php-phpunit-File-Iterator >= 1.3.0 and <= 1.3.2/upgrade to 3.6.12 https://bugzilla.redhat.com/show_bug.cgi?id=869367 -------------------------------------------------------------------------------- ================================================================================ php-voms-admin-0.6.5-1.el6 (FEDORA-EPEL-2012-13269) Web based interface to control VOMS parameters written in PHP -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Mattias Ellert - 0.6.5-1 - Update to released version 0.6.5 * Sat Jul 21 2012 Fedora Release Engineering - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ unicode-ucd-6.2.0-3.el6 (FEDORA-EPEL-2012-13275) Unicode Character Database -------------------------------------------------------------------------------- Update Information: Update to Unicode 6.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Jens Petersen - 6.2.0-3 - do not use macro in comment * Wed Oct 24 2012 Jens Petersen - 6.2.0-2 - update to latest copyright file from the website * Wed Sep 26 2012 Jens Petersen - 6.2.0-1 - update to Unicode 6.2 * Sun Jul 22 2012 Fedora Release Engineering - 6.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Mar 2 2012 Jens Petersen - 6.1.0-1 - update to Unicode 6.1 * Sat Jan 14 2012 Fedora Release Engineering - 6.0.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Nov 30 2011 Jens Petersen - 6.0.0-3 - do not duplicate ReadMe.txt in doc files -------------------------------------------------------------------------------- From updates at fedoraproject.org Wed Oct 24 14:31:37 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Wed, 24 Oct 2012 14:31:37 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121024143137.E8C81207EA@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 55 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12767/pcp-3.6.6-1.el5 185 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13114/phpMyAdmin3-3.5.3-1.el5 80 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13130/drupal7-feeds-2.0-0.5.alpha6.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.15-3.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing jemalloc-3.1.0-1.el5 ldns-1.6.14-1.el5 php-voms-admin-0.6.5-1.el5 Details about builds: ================================================================================ jemalloc-3.1.0-1.el5 (FEDORA-EPEL-2012-13270) General-purpose scalable concurrent malloc implementation -------------------------------------------------------------------------------- Update Information: New upstream release. Some new features, and bugfixes. See the upstream changelog for details. http://www.canonware.com/jemalloc/ChangeLog.html -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Ingvar Hagelund - 3.1.0-1 - New upstream release - Removed ptmalloc_lock_all patch, it is merged upstream * Thu Jul 19 2012 Fedora Release Engineering - 3.0.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ ldns-1.6.14-1.el5 (FEDORA-EPEL-2012-13267) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information: Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Paul Wouters - 1.6.14-1 - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation -------------------------------------------------------------------------------- ================================================================================ php-voms-admin-0.6.5-1.el5 (FEDORA-EPEL-2012-13280) Web based interface to control VOMS parameters written in PHP -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Mattias Ellert - 0.6.5-1 - Update to released version 0.6.5 * Sat Jul 21 2012 Fedora Release Engineering - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- From gregswift at gmail.com Wed Oct 24 16:25:10 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 11:25:10 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121023172744.GU2974@unaka.lan> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023172744.GU2974@unaka.lan> Message-ID: On Tue, Oct 23, 2012 at 12:27 PM, Toshio Kuratomi wrote: > On Tue, Oct 23, 2012 at 09:45:21AM -0500, Greg Swift wrote: >> >> Do you have any thread names or search phrases to recommend? I found >> several threads back in 2007, which all appear to be early EPEL. >> Unfortunately, the audience and use of EPEL was much smaller then. >> > Here's one of the most informative posts from a past thread: > https://www.redhat.com/archives/epel-devel-list/2012-May/msg00164.html thanks.. i remember trying to keep up with that thread initially, but didn't recall it getting to a discussion about repos. > I see that Kevin has replied to this post as well with some of the higher > level design considerations as well. (from that thread:) > A partial list of what we would need to do to add a repo: > > * Patch bodhi to know about the new repo, what requirements it would > have. If it would have a updates-testing version and how to promote > to updates. > > * Add a koji tag for the builds. > > * Modify the fedora git processing scripts to allow branches to be made > for this repo. > > * Update mash and such to create the repo(s). > > * Process all the packages that would need to be added. > > * Add components to bugzilla for the new repo/channels/packages. If an additional repo is decided to be the way to go, what would it take to develop a mostly 'complete' list along with a list of existing howtos or subject matter experts that can be referenced by the poor soul(s) who volunteer to do the work? > And I'm sure there's other issues... it would not be at all easy, and I > would prefer to avoid it. understandably. although at this point I'm wondering a few things: 1: since multiple bits have brought this up and no one has come up with a better solution, is this the way we need to go? 2: would a single EPEL-supplemental/rolling/fubar meet the needs of both of these paths? 3: is it possible to do the numbered packages in the same git repositories without creating a whole separate package path? is it reasonable? -greg From gregswift at gmail.com Wed Oct 24 16:30:53 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 11:30:53 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121023094311.560c522e@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> Message-ID: On Tue, Oct 23, 2012 at 10:43 AM, Kevin Fenzi wrote: > ...snip... >> NEW ---> PENDING --> TESTING --> STABLE --> OBSOLETE >> \--UNSTABLE--/------------/ >> >> With an UNSTABLE package also being able to push into STABLE if the >> STABLE package is no longer considered safe to run (that unsupported, >> or no available patch for security issue, or whatever.. would define a >> list) >> >> Or the UNSTABLE package would just live in UNSTABLE unless it gets >> sent to OBSOLETE. > > Right. If you allow crossing the unstable/stable streams here it > becomes very complicated. > > This is where the start of all the work is... make git repos understand > an unstable, make bodhi and mash and other compose tools understand it, > have some way to report bugs about it (how do you set it in bugzilla?). > > Lots of complicated questions and then lots of actual work. ;) > > Even if you don't allow them to cross (ie, it's a completely seperate > branch), it has still a bunch of work around the tools to get them > working with it. Also, there will be problems where 'stable' stuff gets > ignored or shoved down because people are more interested in the > unstable part, etc. Between thinking about it more, reading the RHEL/EPEL conflict post again, and this post I'm inclined to go with the separate branch path. > Personally, I don't have the time or desire to do all this work. If a > group of folks wanted to write up a complete plan here and offer to do > the work, I would be happy to provide feedback and get talked into > helping them out, but it would have to be a pretty good plan. :) I have some cycles to work on this, but i would much rather have help, especially people that have more experience in these tools than I. This falls into the 'i either do it privately to benefit myself/company, or try and make it work in EPEL to benefit others that have expressed the need' category. Personally, I prefer to work upstream on it, but unless others are gonna hop on board its going to be much easier in the short term for me to go the private route. -greg From stahnma at puppetlabs.com Wed Oct 24 16:51:45 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Wed, 24 Oct 2012 09:51:45 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> Message-ID: On Wed, Oct 24, 2012 at 9:30 AM, Greg Swift wrote: > On Tue, Oct 23, 2012 at 10:43 AM, Kevin Fenzi wrote: >> ...snip... >>> NEW ---> PENDING --> TESTING --> STABLE --> OBSOLETE >>> \--UNSTABLE--/------------/ >>> >>> With an UNSTABLE package also being able to push into STABLE if the >>> STABLE package is no longer considered safe to run (that unsupported, >>> or no available patch for security issue, or whatever.. would define a >>> list) >>> >>> Or the UNSTABLE package would just live in UNSTABLE unless it gets >>> sent to OBSOLETE. >> >> Right. If you allow crossing the unstable/stable streams here it >> becomes very complicated. >> >> This is where the start of all the work is... make git repos understand >> an unstable, make bodhi and mash and other compose tools understand it, >> have some way to report bugs about it (how do you set it in bugzilla?). >> >> Lots of complicated questions and then lots of actual work. ;) >> >> Even if you don't allow them to cross (ie, it's a completely seperate >> branch), it has still a bunch of work around the tools to get them >> working with it. Also, there will be problems where 'stable' stuff gets >> ignored or shoved down because people are more interested in the >> unstable part, etc. > > Between thinking about it more, reading the RHEL/EPEL conflict post > again, and this post I'm inclined to go with the separate branch path. > >> Personally, I don't have the time or desire to do all this work. If a >> group of folks wanted to write up a complete plan here and offer to do >> the work, I would be happy to provide feedback and get talked into >> helping them out, but it would have to be a pretty good plan. :) > > I have some cycles to work on this, but i would much rather have help, > especially people that have more experience in these tools than I. > This falls into the 'i either do it privately to benefit > myself/company, or try and make it work in EPEL to benefit others that > have expressed the need' category. Personally, I prefer to work > upstream on it, but unless others are gonna hop on board its going to > be much easier in the short term for me to go the private route. > I think users of the EL ecosystem would really like a repo with updated software etc, but if getting EPEL off the ground is any indication, you'll have very low participation from a development and infrastructure side, a *lot* of infrastructure needs. It took months (possibly years) to even find broken deps in EPEL due to lack of time/focus from the EPEL community, and that's a pretty simple task. Also, people who change jobs etc who were at one time very able to help out suddenly can have a lot less time. (Ask me how I know :) ) If you could get 10-12 people willing to do the infrastructure work (like a SIG etc) it might be viable setup. Outside of that private repos (or even public but not on Fedora properties) might be the way to go. > -greg > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list From ktdreyer at ktdreyer.com Wed Oct 24 19:08:01 2012 From: ktdreyer at ktdreyer.com (Ken Dreyer) Date: Wed, 24 Oct 2012 13:08:01 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121012155353.4400ceef@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> Message-ID: On Fri, Oct 12, 2012 at 3:53 PM, Kevin Fenzi wrote: > On Wed, 10 Oct 2012 13:13:41 -0500 > Greg Swift wrote: > >> So... I've paid attention to the conversations around this because i >> was a long time zabbix user, so it affected me in that I had to build >> my own 'latest' packages usually or download from the maintainer's >> personal repository. If I remember correctly it has also been >> discussed around lots of web apps like bugzilla as well. > > Yeah. > > There's a lot of apps out there that have a different release cycle > that RHEL has, so we have to try and adjust to that. Keeping in mind > that most people who are using RHEL don't like things changing very > much. Here's an alternative proposal I've been mentally kicking around... Red Hat itself sometimes rebases software between minor point releases (eg 6.0 to 6.1). Could we allow EPEL maintainers to push "non-backwards-compatible updates" at specific dates that match RHEL's minor point release schedule? As Greg points out, EPEL is essentially a rolling release today anyway. This would just provide a bit more structure to the rolling. Also, I'm hoping this would not require as much infrastructure work on EPEL's side. - Ken From kevin at scrye.com Wed Oct 24 19:41:53 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 24 Oct 2012 13:41:53 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023172744.GU2974@unaka.lan> Message-ID: <20121024134153.012d1096@jelerak.scrye.com> On Wed, 24 Oct 2012 11:25:10 -0500 Greg Swift wrote: > If an additional repo is decided to be the way to go, what would it > take to develop a mostly 'complete' list along with a list of existing > howtos or subject matter experts that can be referenced by the poor > soul(s) who volunteer to do the work? Hard to say until we had such a list. ;) > > And I'm sure there's other issues... it would not be at all easy, > > and I would prefer to avoid it. > > understandably. although at this point I'm wondering a few things: > > 1: since multiple bits have brought this up and no one has come up > with a better solution, is this the way we need to go? I'm still not sure. ;) > 2: would a single EPEL-supplemental/rolling/fubar meet the needs of > both of these paths? I don't know. I'd love to hear from those that have cases not handled by current EPEL. > 3: is it possible to do the numbered packages in the same git > repositories without creating a whole separate package path? is it > reasonable? I don't know. I guess it would need to be 'epel6-rolling' and 'epel5-rolling' as seperate branches in git. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From kevin at scrye.com Wed Oct 24 19:40:04 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 24 Oct 2012 13:40:04 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> Message-ID: <20121024134004.3813564c@jelerak.scrye.com> On Wed, 24 Oct 2012 11:30:53 -0500 Greg Swift wrote: > > Between thinking about it more, reading the RHEL/EPEL conflict post > again, and this post I'm inclined to go with the separate branch path. I'm still leary of the seperate branch. ;) Even aside from more work I worry that we will run into several possible problems: - New unstable branch is too unstable. Ie, people will enable that and yum upgrade and it breaks them and they will be unhappy. Even if the expectation of the branch is that it will be not stable. - Old branch gets forgotten about... ie, maintainer pushes new and ignores bugs/security issues on old branch because they now don't have the same incentive to make it work. ;( - Extra confusion around tools and branch changes... > I have some cycles to work on this, but i would much rather have help, > especially people that have more experience in these tools than I. > This falls into the 'i either do it privately to benefit > myself/company, or try and make it work in EPEL to benefit others that > have expressed the need' category. Personally, I prefer to work > upstream on it, but unless others are gonna hop on board its going to > be much easier in the short term for me to go the private route. Perhaps it would help if you could spell out exactly what things you need for yourself/company and we could try and figure out a better way to get them... if it's just a few packages that must be newer, perhaps a side repo would be best. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From gregswift at gmail.com Wed Oct 24 20:57:43 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 15:57:43 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> Message-ID: On Wed, Oct 24, 2012 at 11:51 AM, Michael Stahnke wrote: > On Wed, Oct 24, 2012 at 9:30 AM, Greg Swift wrote: >> On Tue, Oct 23, 2012 at 10:43 AM, Kevin Fenzi wrote: >>> ...snip... >>>> NEW ---> PENDING --> TESTING --> STABLE --> OBSOLETE >>>> \--UNSTABLE--/------------/ >>>> >>>> With an UNSTABLE package also being able to push into STABLE if the >>>> STABLE package is no longer considered safe to run (that unsupported, >>>> or no available patch for security issue, or whatever.. would define a >>>> list) >>>> >>>> Or the UNSTABLE package would just live in UNSTABLE unless it gets >>>> sent to OBSOLETE. >>> >>> Right. If you allow crossing the unstable/stable streams here it >>> becomes very complicated. >>> >>> This is where the start of all the work is... make git repos understand >>> an unstable, make bodhi and mash and other compose tools understand it, >>> have some way to report bugs about it (how do you set it in bugzilla?). >>> >>> Lots of complicated questions and then lots of actual work. ;) >>> >>> Even if you don't allow them to cross (ie, it's a completely seperate >>> branch), it has still a bunch of work around the tools to get them >>> working with it. Also, there will be problems where 'stable' stuff gets >>> ignored or shoved down because people are more interested in the >>> unstable part, etc. >> >> Between thinking about it more, reading the RHEL/EPEL conflict post >> again, and this post I'm inclined to go with the separate branch path. >> >>> Personally, I don't have the time or desire to do all this work. If a >>> group of folks wanted to write up a complete plan here and offer to do >>> the work, I would be happy to provide feedback and get talked into >>> helping them out, but it would have to be a pretty good plan. :) >> >> I have some cycles to work on this, but i would much rather have help, >> especially people that have more experience in these tools than I. >> This falls into the 'i either do it privately to benefit >> myself/company, or try and make it work in EPEL to benefit others that >> have expressed the need' category. Personally, I prefer to work >> upstream on it, but unless others are gonna hop on board its going to >> be much easier in the short term for me to go the private route. >> > I think users of the EL ecosystem would really like a repo with > updated software etc, but if getting EPEL off the ground is any > indication, you'll have very low participation from a development and > infrastructure side, a *lot* of infrastructure needs. It took months > (possibly years) to even find broken deps in EPEL due to lack of > time/focus from the EPEL community, and that's a pretty simple task. > > Also, people who change jobs etc who were at one time very able to > help out suddenly can have a lot less time. (Ask me how I know :) ) yea... i'm well aware of that pitfall.. i've suffered from it as well > If you could get 10-12 people willing to do the infrastructure work > (like a SIG etc) it might be viable setup. Outside of that private > repos (or even public but not on Fedora properties) might be the way > to go. So.. just spent like 30m digging through the wiki and somehow did not stumble across the 'how to start a sig' page. anyone got a pointer? From gregswift at gmail.com Wed Oct 24 21:04:49 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 16:04:49 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121024134153.012d1096@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023172744.GU2974@unaka.lan> <20121024134153.012d1096@jelerak.scrye.com> Message-ID: On Wed, Oct 24, 2012 at 2:41 PM, Kevin Fenzi wrote: > On Wed, 24 Oct 2012 11:25:10 -0500 > Greg Swift wrote: > >> If an additional repo is decided to be the way to go, what would it >> take to develop a mostly 'complete' list along with a list of existing >> howtos or subject matter experts that can be referenced by the poor >> soul(s) who volunteer to do the work? > > Hard to say until we had such a list. ;) Fun ;) So that was partially intended as "who not already responding do i need to poke and prod to try and find this out?" And if you are one of those wonderful people, consider yourself poked and prodded :) >> > And I'm sure there's other issues... it would not be at all easy, >> > and I would prefer to avoid it. >> >> understandably. although at this point I'm wondering a few things: >> >> 1: since multiple bits have brought this up and no one has come up >> with a better solution, is this the way we need to go? > > I'm still not sure. ;) > >> 2: would a single EPEL-supplemental/rolling/fubar meet the needs of >> both of these paths? > > I don't know. I'd love to hear from those that have cases not handled > by current EPEL. me too >> 3: is it possible to do the numbered packages in the same git >> repositories without creating a whole separate package path? is it >> reasonable? > > I don't know. I guess it would need to be 'epel6-rolling' and > 'epel5-rolling' as seperate branches in git. so ... *insert tongue in cheek* i've now decided we should use REPEL as the name. maybe that would resolve the 'i used it and through it was stable' issue *remove tongue from cheek* From gregswift at gmail.com Wed Oct 24 21:05:33 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 16:05:33 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> Message-ID: On Wed, Oct 24, 2012 at 2:08 PM, Ken Dreyer wrote: > On Fri, Oct 12, 2012 at 3:53 PM, Kevin Fenzi wrote: >> On Wed, 10 Oct 2012 13:13:41 -0500 >> Greg Swift wrote: >> >>> So... I've paid attention to the conversations around this because i >>> was a long time zabbix user, so it affected me in that I had to build >>> my own 'latest' packages usually or download from the maintainer's >>> personal repository. If I remember correctly it has also been >>> discussed around lots of web apps like bugzilla as well. >> >> Yeah. >> >> There's a lot of apps out there that have a different release cycle >> that RHEL has, so we have to try and adjust to that. Keeping in mind >> that most people who are using RHEL don't like things changing very >> much. > > Here's an alternative proposal I've been mentally kicking around... > > Red Hat itself sometimes rebases software between minor point releases > (eg 6.0 to 6.1). Could we allow EPEL maintainers to push > "non-backwards-compatible updates" at specific dates that match RHEL's > minor point release schedule? > > As Greg points out, EPEL is essentially a rolling release today > anyway. This would just provide a bit more structure to the rolling. > Also, I'm hoping this would not require as much infrastructure work on > EPEL's side. i can get behind this concept. From gregswift at gmail.com Wed Oct 24 21:23:28 2012 From: gregswift at gmail.com (Greg Swift) Date: Wed, 24 Oct 2012 16:23:28 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121024134004.3813564c@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> <20121024134004.3813564c@jelerak.scrye.com> Message-ID: On Wed, Oct 24, 2012 at 2:40 PM, Kevin Fenzi wrote: > On Wed, 24 Oct 2012 11:30:53 -0500 > Greg Swift wrote: > >> >> Between thinking about it more, reading the RHEL/EPEL conflict post >> again, and this post I'm inclined to go with the separate branch path. > > I'm still leary of the seperate branch. ;) > > Even aside from more work I worry that we will run into several > possible problems: > > - New unstable branch is too unstable. Ie, people will enable that and > yum upgrade and it breaks them and they will be unhappy. Even if the > expectation of the branch is that it will be not stable. So... going back to my REPEL name recommendation ;) Okay... seriously though. Fedora has the same issue. Fedora is not stable. Doesn't claim to be. But people still install it and expect it to be. I don't see us actually changing what Fedora is just because of that. (lots of talk on occasion and i guess maybe there is a action item I haven't heard of...) > - Old branch gets forgotten about... ie, maintainer pushes new and > ignores bugs/security issues on old branch because they now don't > have the same incentive to make it work. ;( That is a problem. However, its already the case from what I've observed. The old packages stagnate and the users move to an internal/separate repository or start a separate package path, or in a few cases just update the package. > - Extra confusion around tools and branch changes... To me the biggest set of confusion around this whole thing is that it is inconsistent and not set forth in a policy. Right now the policy ends up being 'well.. don't break the customer, otherwise figure it out'. If the policy was: EPEL is a slow moving, safe to upgrade, but not always safe from a security standpoint after X amount of time repository. REPEL is a faster moving repository that may include updates that require manual intervention. Use at your own risk, but you'll probably have more secure updates since its staying current. or going to Ken's suggestion: EPEL is a slower moving repository. In line with RHEL dot releases new packages maybe released that require manual intervention to work post install, however this is due to the need to keep software secure and current. As long as a release branch is receiving updates from upstream, that package will be able to update safely. Once upstream has EOL'd the tool it will be updated based on an assessment of the tool's newer releases. To stay aware of these potential updates we do X, Y, and Z to notify users. You can protect yourself from the change by placing the package in your exclude list per these instructions. >> I have some cycles to work on this, but i would much rather have help, >> especially people that have more experience in these tools than I. >> This falls into the 'i either do it privately to benefit >> myself/company, or try and make it work in EPEL to benefit others that >> have expressed the need' category. Personally, I prefer to work >> upstream on it, but unless others are gonna hop on board its going to >> be much easier in the short term for me to go the private route. > > Perhaps it would help if you could spell out exactly what things you > need for yourself/company and we could try and figure out a better way > to get them... if it's just a few packages that must be newer, perhaps > a side repo would be best. So what got me going on this _this time_ was wanting to have rspec-puppet and collectd5 in EPEL. Which led to the need for rspec to be updated to rspec2 (for EPEL5/6). Combine that with my past interest in bugzilla, zabbix, puppet, and a few other projects. Because of that I thought it would be nice to try and address the obvious overall issue rather than just get my two packages taken care of. -greg From mattdm at fedoraproject.org Thu Oct 25 00:44:31 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Wed, 24 Oct 2012 20:44:31 -0400 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> Message-ID: <20121025004431.GA25812@disco.bu.edu> On Wed, Oct 24, 2012 at 01:08:01PM -0600, Ken Dreyer wrote: > Red Hat itself sometimes rebases software between minor point releases > (eg 6.0 to 6.1). Could we allow EPEL maintainers to push > "non-backwards-compatible updates" at specific dates that match RHEL's > minor point release schedule? +1 in theory, modulo the realities of getting it working. -- Matthew Miller ??? Fedora Cloud Architect ??? From volker27 at gmx.at Fri Oct 26 08:15:03 2012 From: volker27 at gmx.at (Volker Froehlich) Date: Fri, 26 Oct 2012 10:15:03 +0200 Subject: Reviewer for Zabbix 2.0 in EPEL 6 Message-ID: <1351239303.8492.152.camel@desktop.fritz.box> Hello, I'm looking for a reviewer for zabbix20: https://bugzilla.redhat.com/show_bug.cgi?id=867159 Zabbix is a monitoring system, utilizing up to 3 different daemons and one of 2 or 3 different database backends. The specfile is meant to be the same for Fedora and EPEL 6. There's more information in the README.fedora, included in the package. Regards, Volker Fr?hlich From stahnma at puppetlabs.com Fri Oct 26 17:03:33 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Fri, 26 Oct 2012 10:03:33 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121025004431.GA25812@disco.bu.edu> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> Message-ID: ---------- Forwarded message ---------- From: Matthew Miller Date: Wed, Oct 24, 2012 at 5:44 PM Subject: Re: 'policy' for multiple versions of same software in EPEL To: EPEL development disccusion On Wed, Oct 24, 2012 at 01:08:01PM -0600, Ken Dreyer wrote: > Red Hat itself sometimes rebases software between minor point releases > (eg 6.0 to 6.1). Could we allow EPEL maintainers to push > "non-backwards-compatible updates" at specific dates that match RHEL's > minor point release schedule? +1 in theory, modulo the realities of getting it working. This becomes difficult in reality. Or at least was when RHEL would bump, but other EL variants hadn't updated yet. I specifically remember this being a problem with libevent in the past. Would EPEL allow breaking changes when RHEL moves or when other EL variants move? Is there an open-window timeframe etc? In general, I'm in favor of being able to update, as a volunteer maintaining anything for 10 years is pretty unreasonable, but expectations for the users need to be set accordingly. -- Matthew Miller ??? Fedora Cloud Architect ??? _______________________________________________ epel-devel-list mailing list epel-devel-list at redhat.com https://www.redhat.com/mailman/listinfo/epel-devel-list From mattdm at fedoraproject.org Fri Oct 26 17:14:45 2012 From: mattdm at fedoraproject.org (Matthew Miller) Date: Fri, 26 Oct 2012 13:14:45 -0400 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> Message-ID: <20121026171445.GA6890@disco.bu.edu> I didn't say everything attributed to me below. I don't necessarily disagree or agree right now, just wanted to note that only the first line ("+1 in theory..." is actually my words.) On Fri, Oct 26, 2012 at 10:03:33AM -0700, Michael Stahnke wrote: > ---------- Forwarded message ---------- > From: Matthew Miller > Date: Wed, Oct 24, 2012 at 5:44 PM > Subject: Re: 'policy' for multiple versions of same software in EPEL > To: EPEL development disccusion > > > On Wed, Oct 24, 2012 at 01:08:01PM -0600, Ken Dreyer wrote: > > Red Hat itself sometimes rebases software between minor point releases > > (eg 6.0 to 6.1). Could we allow EPEL maintainers to push > > "non-backwards-compatible updates" at specific dates that match RHEL's > > minor point release schedule? > > +1 in theory, modulo the realities of getting it working. > > This becomes difficult in reality. Or at least was when RHEL would > bump, but other EL variants hadn't updated yet. I specifically > remember this being a problem with libevent in the past. Would EPEL > allow breaking changes when RHEL moves or when other EL variants move? > Is there an open-window timeframe etc? > > In general, I'm in favor of being able to update, as a volunteer > maintaining anything for 10 years is pretty unreasonable, but > expectations for the users need to be set accordingly. > > > > -- > Matthew Miller ??? Fedora Cloud Architect ??? > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list -- Matthew Miller ??? Fedora Cloud Architect ??? From gregswift at gmail.com Fri Oct 26 18:02:30 2012 From: gregswift at gmail.com (Greg Swift) Date: Fri, 26 Oct 2012 13:02:30 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> Message-ID: On Fri, Oct 26, 2012 at 12:03 PM, Michael Stahnke wrote: >> ---------- Forwarded message ---------- >> From: Matthew Miller >>> On Wed, Oct 24, 2012 at 01:08:01PM -0600, Ken Dreyer wrote: >>> Red Hat itself sometimes rebases software between minor point releases >>> (eg 6.0 to 6.1). Could we allow EPEL maintainers to push >>> "non-backwards-compatible updates" at specific dates that match RHEL's >>> minor point release schedule? > >> +1 in theory, modulo the realities of getting it working. > > This becomes difficult in reality. Or at least was when RHEL would > bump, but other EL variants hadn't updated yet. I specifically > remember this being a problem with libevent in the past. Would EPEL > allow breaking changes when RHEL moves or when other EL variants move? > Is there an open-window timeframe etc? And it also just occurred to me that the RHEL stops doing this kind of update mid lifecycle. And its later in the lifecycle that the maintainers are going to want to upgade, so that throws another wrench in the works. > In general, I'm in favor of being able to update, as a volunteer > maintaining anything for 10 years is pretty unreasonable, but > expectations for the users need to be set accordingly. +1 - greg (message indenting updated to reflect matt miller's e-mail ;) From updates at fedoraproject.org Fri Oct 26 18:40:16 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 26 Oct 2012 18:40:16 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121026184016.A3D3B20D37@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 187 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.17-1.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13283/pcp-3.6.9-1.el5 82 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing dmlite-0.4.2-2.el5 dmlite-plugins-adapter-0.4.0-2.el5 dmlite-plugins-librarian-0.4.0-1.el5 dmlite-plugins-memcache-0.4.0-1.el5 dmlite-plugins-mysql-0.4.1-1.el5 dmlite-plugins-s3-0.4.0-1.el5 drupal7-feeds-2.0-0.6.alpha7.el5 ginfo-0.2.4-1.el5 jna-3.5.0-1.el5 lcgdm-1.8.4-1.el5 mimedefang-2.73-3.el5 pcp-3.6.9-1.el5 php-pear-Mail-Mime-1.4.0-2.el5 php-voms-admin-0.6.5-2.el5 salt-0.10.4-1.el5 ucarp-1.5.2-3.1.el5 viewvc-1.1.17-1.el5 zanata-util-0.2.9-1.el5 Details about builds: ================================================================================ dmlite-0.4.2-2.el5 (FEDORA-EPEL-2012-13293) Common libraries for grid data management and storage -------------------------------------------------------------------------------- Update Information: Fixed bugs: - #869568 - dmlite-libs should own /usr/lib(64)/dmlite * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Ricardo Rocha - 0.4.2-2 - #869568 - dmlite-libs should own /usr/lib(64)/dmlite * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) * Sat Sep 22 2012 Remi Collet - 0.3.0-2 - rebuild against libmemcached.so.11 without SASL -------------------------------------------------------------------------------- References: [ 1 ] Bug #869568 - dmlite-libs should own /usr/lib(64)/dmlite https://bugzilla.redhat.com/show_bug.cgi?id=869568 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-adapter-0.4.0-2.el5 (FEDORA-EPEL-2012-13289) Adapter plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the adapter plug-in for dmlite. This plug-in provides both a name-space and pool management implementation which fallback to forwarding calls to the old DPNS and DPM daemons. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860607 - Review Request: dmlite-plugins-adapter - Adapter plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860607 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-librarian-0.4.0-1.el5 (FEDORA-EPEL-2012-13284) Librarian plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the librarian plug-in for dmlite. This plug-in handles the necessary logic to hop between difference replicas when accessing a file managed by the grid. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860293 - Review Request: dmlite-plugins-librarian - Librarian plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860293 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-memcache-0.4.0-1.el5 (FEDORA-EPEL-2012-13292) Memcached plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the memcached plug-in for dmlite. It provides a memcached based implementation of the NS interface. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860581 - Review Request: dmlite-plugins-memcache - Memcached plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860581 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-mysql-0.4.1-1.el5 (FEDORA-EPEL-2012-13302) MySQL plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the MySQL plug-in for dmlite. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860600 - Review Request: dmlite-plugins-mysql - MySQL plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860600 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-s3-0.4.0-1.el5 (FEDORA-EPEL-2012-13298) S3 plugin for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the S3 plugin for dmlite. It provides access to data stored in a S3 cloud provider from the DPM namespace. -------------------------------------------------------------------------------- References: [ 1 ] Bug #867801 - Review Request: dmlite-plugins-s3 - S3 plugin for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=867801 -------------------------------------------------------------------------------- ================================================================================ drupal7-feeds-2.0-0.6.alpha7.el5 (FEDORA-EPEL-2012-13315) An import and aggregation framework for Drupal -------------------------------------------------------------------------------- Update Information: Update to latest upstream release for a bug fix Security fix release, https://drupal.org/node/1808832, http://drupal.org/node/1808282. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jared Smith - 2.0-0.5.alpha7 - Bug fix update for Drupal issue #1807920: Imported nodes have NULL format. * Wed Oct 10 2012 Peter Borsa - 2.0-0.5.alpha6 - Security fix * Wed Jul 18 2012 Fedora Release Engineering - 2.0-0.4.alpha5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #869917 - drupal7-feeds-2.0-alpha7 is available https://bugzilla.redhat.com/show_bug.cgi?id=869917 -------------------------------------------------------------------------------- ================================================================================ ginfo-0.2.4-1.el5 (FEDORA-EPEL-2012-13308) A versatile tool for discovering Grid services -------------------------------------------------------------------------------- Update Information: New upstream release New upstream release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Laurence Field - 0.2.4-1 - Added -b --bind option. -------------------------------------------------------------------------------- ================================================================================ jna-3.5.0-1.el5 (FEDORA-EPEL-2012-13313) Pure Java access to native libraries -------------------------------------------------------------------------------- Update Information: update to 3.5.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Fedora Release Engineering - 3.4.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ lcgdm-1.8.4-1.el5 (FEDORA-EPEL-2012-13318) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information: Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 3 2012 Ricardo Rocha - 1.8.4-1 - Update for new upstream release * Fri Aug 3 2012 David Malcolm - 1.8.3.1-5 - rebuild for https://fedoraproject.org/wiki/Features/Python_3.3 * Thu Jul 19 2012 Fedora Release Engineering - 1.8.3.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 11 2012 Petr Pisar - 1.8.3.1-3 - Perl 5.16 rebuild -------------------------------------------------------------------------------- ================================================================================ mimedefang-2.73-3.el5 (FEDORA-EPEL-2012-13314) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information: Re-enabled embedded perl feature (thanks to Alexander Dalloz) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Robert Scheck 2.73-3 - Re-enabled embedded perl feature (thanks to Alexander Dalloz) * Fri Jul 20 2012 Fedora Release Engineering - 2.73-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ pcp-3.6.9-1.el5 (FEDORA-EPEL-2012-13283) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Update to latest PCP sources, and resolve these bugzillas: - Fix pmcd sigsegv in NUMA/CPU indom setup (BZ 858384) - Fix sar2pcp uninitialised perl variable warning (BZ 859117) - Fix pcp.py and pmcollectl with older python versions (BZ 852234) - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. new upstream release new upstream release - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. new upstream release - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Nathan Scott - 3.6.9-1 - Update to latest PCP sources. - Fix pmcd sigsegv in NUMA/CPU indom setup (BZ 858384) - Fix sar2pcp uninitialised perl variable warning (BZ 859117) - Fix pcp.py and pmcollectl with older python versions (BZ 852234) * Fri Sep 14 2012 Nathan Scott - 3.6.8-1 - Update to latest PCP sources. * Wed Sep 5 2012 Nathan Scott - 3.6.6-1.1 - Move configure step from prep to build section of spec (BZ 854128) * Tue Aug 28 2012 Mark Goodwin - 3.6.6-1 - Update to latest PCP sources, see installed CHANGELOG for details. - Introduces new python-pcp and pcp-testsuite sub-packages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #858384 - pmcd segv during linux-pmda query https://bugzilla.redhat.com/show_bug.cgi?id=858384 [ 2 ] Bug #859117 - sar2pcp warnings: use of uninitialized value .... line 171 https://bugzilla.redhat.com/show_bug.cgi?id=859117 [ 3 ] Bug #852234 - pcp 3.6.6-1 pcp.py fails to compile with python2.4 in epel5 https://bugzilla.redhat.com/show_bug.cgi?id=852234 [ 4 ] Bug #841306 - libpcp additional decoder hardening https://bugzilla.redhat.com/show_bug.cgi?id=841306 -------------------------------------------------------------------------------- ================================================================================ php-pear-Mail-Mime-1.4.0-2.el5 (FEDORA-EPEL-2012-13288) Classes to create and decode mime messages -------------------------------------------------------------------------------- Update Information: also provides php-pear(Mail_mimeDecode) -------------------------------------------------------------------------------- References: [ 1 ] Bug #741363 - Add provides Mail_mimeDecode for the benefit https://bugzilla.redhat.com/show_bug.cgi?id=741363 -------------------------------------------------------------------------------- ================================================================================ php-voms-admin-0.6.5-2.el5 (FEDORA-EPEL-2012-13280) Web based interface to control VOMS parameters written in PHP -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Mattias Ellert - 0.6.5-2 - Minor fixes to post installation script - Add missing package dependencies * Tue Oct 23 2012 Mattias Ellert - 0.6.5-1 - Update to released version 0.6.5 * Sat Jul 21 2012 Fedora Release Engineering - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ salt-0.10.4-1.el5 (FEDORA-EPEL-2012-13311) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Updating to upstream version 0.10.4 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Clint Savage - 0.10.4-1 - Moved to upstream release 0.10.4 - Patched jcollie/systemd-service-status (SALT at GH#2335) (RHBZ#869669) -------------------------------------------------------------------------------- ================================================================================ ucarp-1.5.2-3.1.el5 (FEDORA-EPEL-2012-13316) Common Address Redundancy Protocol (CARP) for Unix -------------------------------------------------------------------------------- Update Information: Fix for crash if interface is down. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jon Ciesla - 1.5.2-3.1 - Patch for crash. * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering - 1.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #693762 - ucarp died when ifdown, leaving address active https://bugzilla.redhat.com/show_bug.cgi?id=693762 -------------------------------------------------------------------------------- ================================================================================ viewvc-1.1.17-1.el5 (FEDORA-EPEL-2012-13249) Browser interface for CVS and SVN version control repositories -------------------------------------------------------------------------------- Update Information: Patch CVE-2012-4533. Version 1.1.16 - security fix: escape "extra" diff info to avoid XSS attack (issue #515) - add 'binary_mime_types' configuration option and handling (issue #510) - fix 'select for diffs' persistence across log pages (issue #512) - remove lock status and filesize check on directories in remote SVN views - fix bogus 'Annotation of' page title for non-annotated view (issue #514) Version 1.1.17 (released 25-Oct-2012) - fix exception caused by uninitialized variable usage (issue #516) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Bojan Smojver - 1.1.17-1 - bump up to 1.1.17 * Thu Oct 25 2012 Bojan Smojver - 1.1.16-1 - bump up to 1.1.16 - drop patch for CVE-2012-4533, part of the release * Mon Oct 22 2012 Bojan Smojver - 1.1.15-3 - patch CVE-2012-4533, bug #868606 * Sun Jul 22 2012 Fedora Release Engineering - 1.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #868606 - CVE-2012-4533 viewvc: lib/viewvc.py XSS https://bugzilla.redhat.com/show_bug.cgi?id=868606 -------------------------------------------------------------------------------- ================================================================================ zanata-util-0.2.9-1.el5 (FEDORA-EPEL-2012-13319) Helper scripts for using Zanata -------------------------------------------------------------------------------- Update Information: Fixed RHBZ 852951,870259,870261 Maven client support up to 1.8.0-SNAPSHOT -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Ding-Yi Chen - 0.2.9-1 - Resolves: Bug 852951 - Failed to parse .../language/list - Resolves: Bug 870259 - [zanata_zanata_xml_make] should be able do handle traling / in URL - Resolves: Bug 870261 - [zanata_zanata_xml_make] Fail to download project zanata.xml - Maven support up to 1.8.0-SNAPSHOT - More comprehensive locale.txt * Sun Jul 22 2012 Fedora Release Engineering - 0.2.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 19 2012 Petr Pisar - 0.2.8-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #852951 - Failed to parse .../language/list https://bugzilla.redhat.com/show_bug.cgi?id=852951 [ 2 ] Bug #870259 - [zanata_zanata_xml_make] should be able do handle traling / in URL https://bugzilla.redhat.com/show_bug.cgi?id=870259 [ 3 ] Bug #870261 - [zanata_zanata_xml_make] Fail to download project zanata.xml https://bugzilla.redhat.com/show_bug.cgi?id=870261 -------------------------------------------------------------------------------- From updates at fedoraproject.org Fri Oct 26 18:40:18 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Fri, 26 Oct 2012 18:40:18 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121026184018.3942520D45@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 187 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13290/exim-4.72-3.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13294/pcp-3.6.9-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.17-1.el6 110 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 375 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing ReviewBoard-1.6.13-1.el6 ansible-0.8-1.el6 distcc-3.2rc1-1.el6 dmlite-0.4.2-2.el6 dmlite-plugins-adapter-0.4.0-2.el6 dmlite-plugins-librarian-0.4.0-1.el6 dmlite-plugins-memcache-0.4.0-1.el6 dmlite-plugins-mysql-0.4.1-1.el6 dmlite-plugins-s3-0.4.0-1.el6 drupal7-feeds-2.0-0.6.alpha7.el6 exim-4.72-3.el6 fedmsg-0.5.6-1.el6 fedora-review-0.3.1-2.el6 ghc-blaze-markup-0.5.1.1-1.el6 ghc-rpm-macros-0.15.9-2.el6 ginfo-0.2.4-1.el6 lcgdm-1.8.4-1.el6 mimedefang-2.73-3.el6 pcp-3.6.9-1.el6 php-voms-admin-0.6.5-2.el6 python-djblets-0.6.24-1.el6 python-rosinstall-0.6.19-2.el6 salt-0.10.4-1.el6 ucarp-1.5.2-3.1.el6 viewvc-1.1.17-1.el6 zanata-util-0.2.9-1.el6 Details about builds: ================================================================================ ReviewBoard-1.6.13-1.el6 (FEDORA-EPEL-2012-13307) Web-based code review tool -------------------------------------------------------------------------------- Update Information: * Wed Oct 24 2012 Stephen Gallagher - 1.6.13-1 - New upstream release 1.6.13 - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.13/ - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.12/ - New Features: * Added support for incremental diff expansion * Replaced our old Report Bug and Bugs links in the top-right with Support * Added support for Clear Case snapshot views - Performance Improvements: * We no longer perform syntax highlighting for very large files - Hosting Service Changes * Fedora Hosted has been switched to use cgit instead of GitWeb - Web API Changes: * The FileDiffComment resource was showing all comments for all files in a diffset. Now it?s taking into account the requested FileDiff * Passing ?shipit=0 to the ReviewRequests resource now returns all review requests that do not have a Ship It - Bug Fixes: * General: * Fixed a regression where users could see other users' unpublished replies * Diff upload API errors now serialize the revision correctly * Fixed linking to bug numbers when they contain a # * The headers shown on the diffs in e-mails are no longer broken * The diff viewer no longer allows expansion to a function/class unless that function/class is defined within the collapsed region * Fixed validation of bug tracker URLs * Linked URLs with parenthesis in the URL no longer generate broken links * Fixed problems with collapsing SVN keywords * Changes to new files in parent diffs are no longer styled wrong * Fix JavaScript errors when publishing reviews with screenshot comments * The alt text for images in the dashboard now show the expected text and not Python representations of objects * Clear Case: * Filenames on Clear Case are now displayed in a more readable format * Fixed some issues with handling paths on Clear Case on Windows * Git: * Fixed Git diffs with deleted binary files * Extended data in Git diffs (such as the author, description, etc.) is no longer lost when uploading a diff * The Binary files have changed parts in a Git diff are no longer lost when uploading a diff * Mercurial: * Fixed support for hg git diffs with spaces in the path * Subversion: * Fixed parsing of SVN diffs with property changes * Fixed display of SVN diffs with changes in $Keyword$ formatting -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Stephen Gallagher - 1.6.13-1 - New upstream release 1.6.13 - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.13/ - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.12/ - New Features: * Added support for incremental diff expansion * Replaced our old Report Bug and Bugs links in the top-right with Support * Added support for Clear Case snapshot views - Performance Improvements: * We no longer perform syntax highlighting for very large files - Hosting Service Changes * Fedora Hosted has been switched to use cgit instead of GitWeb - Web API Changes: * The FileDiffComment resource was showing all comments for all files in a diffset. Now it?s taking into account the requested FileDiff * Passing ?shipit=0 to the ReviewRequests resource now returns all review requests that do not have a Ship It - Bug Fixes: * General: * Fixed a regression where users could see other users' unpublished replies * Diff upload API errors now serialize the revision correctly * Fixed linking to bug numbers when they contain a # * The headers shown on the diffs in e-mails are no longer broken * The diff viewer no longer allows expansion to a function/class unless that function/class is defined within the collapsed region * Fixed validation of bug tracker URLs * Linked URLs with parenthesis in the URL no longer generate broken links * Fixed problems with collapsing SVN keywords * Changes to new files in parent diffs are no longer styled wrong * Fix JavaScript errors when publishing reviews with screenshot comments * The alt text for images in the dashboard now show the expected text and not Python representations of objects * Clear Case: * Filenames on Clear Case are now displayed in a more readable format * Fixed some issues with handling paths on Clear Case on Windows * Git: * Fixed Git diffs with deleted binary files * Extended data in Git diffs (such as the author, description, etc.) is no longer lost when uploading a diff * The Binary files have changed parts in a Git diff are no longer lost when uploading a diff * Mercurial: * Fixed support for hg git diffs with spaces in the path * Subversion: * Fixed parsing of SVN diffs with property changes * Fixed display of SVN diffs with changes in $Keyword$ formatting -------------------------------------------------------------------------------- References: [ 1 ] Bug #865753 - Consider to update to 1.6.13 https://bugzilla.redhat.com/show_bug.cgi?id=865753 -------------------------------------------------------------------------------- ================================================================================ ansible-0.8-1.el6 (FEDORA-EPEL-2012-13304) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to Ansible-0.8 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 19 2012 Michael DeHaan - 0.8-0 - Release of 0.8 -------------------------------------------------------------------------------- ================================================================================ distcc-3.2rc1-1.el6 (FEDORA-EPEL-2012-13299) Distributed C/C++ compilation -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Jon Ciesla - 3.2rc1-1 - Latest upstream, BZ 870200. -------------------------------------------------------------------------------- References: [ 1 ] Bug #870200 - Please upgrade to 3.2 https://bugzilla.redhat.com/show_bug.cgi?id=870200 -------------------------------------------------------------------------------- ================================================================================ dmlite-0.4.2-2.el6 (FEDORA-EPEL-2012-13295) Common libraries for grid data management and storage -------------------------------------------------------------------------------- Update Information: Fixed bugs: - #869568 - dmlite-libs should own /usr/lib(64)/dmlite * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Ricardo Rocha - 0.4.2-2 - #869568 - dmlite-libs should own /usr/lib(64)/dmlite * Mon Sep 24 2012 Ricardo Rocha - 0.4.2-1 - update for new upstream release - dropped plugin packages (moved to separate individual packages) * Sat Sep 22 2012 Remi Collet - 0.3.0-2 - rebuild against libmemcached.so.11 without SASL -------------------------------------------------------------------------------- References: [ 1 ] Bug #869568 - dmlite-libs should own /usr/lib(64)/dmlite https://bugzilla.redhat.com/show_bug.cgi?id=869568 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-adapter-0.4.0-2.el6 (FEDORA-EPEL-2012-13285) Adapter plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the adapter plug-in for dmlite. This plug-in provides both a name-space and pool management implementation which fallback to forwarding calls to the old DPNS and DPM daemons. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860607 - Review Request: dmlite-plugins-adapter - Adapter plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860607 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-librarian-0.4.0-1.el6 (FEDORA-EPEL-2012-13281) Librarian plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the librarian plug-in for dmlite. This plug-in handles the necessary logic to hop between difference replicas when accessing a file managed by the grid. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860293 - Review Request: dmlite-plugins-librarian - Librarian plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860293 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-memcache-0.4.0-1.el6 (FEDORA-EPEL-2012-13300) Memcached plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the memcached plug-in for dmlite. It provides a memcached based implementation of the NS interface. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860581 - Review Request: dmlite-plugins-memcache - Memcached plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860581 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-mysql-0.4.1-1.el6 (FEDORA-EPEL-2012-13309) MySQL plug-in for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the MySQL plug-in for dmlite. -------------------------------------------------------------------------------- References: [ 1 ] Bug #860600 - Review Request: dmlite-plugins-mysql - MySQL plug-in for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860600 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-s3-0.4.0-1.el6 (FEDORA-EPEL-2012-13296) S3 plugin for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the S3 plugin for dmlite. It provides access to data stored in a S3 cloud provider from the DPM namespace. -------------------------------------------------------------------------------- References: [ 1 ] Bug #867801 - Review Request: dmlite-plugins-s3 - S3 plugin for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=867801 -------------------------------------------------------------------------------- ================================================================================ drupal7-feeds-2.0-0.6.alpha7.el6 (FEDORA-EPEL-2012-13306) An import and aggregation framework for Drupal -------------------------------------------------------------------------------- Update Information: Update to latest upstream release for a serious bug fix Security fix release, https://drupal.org/node/1808832, http://drupal.org/node/1808282. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jared Smith - 2.0-0.5.alpha7 - Bug fix update for Drupal issue #1807920: Imported nodes have NULL format. * Wed Oct 10 2012 Peter Borsa - 2.0-0.5.alpha6 - Security fix * Wed Jul 18 2012 Fedora Release Engineering - 2.0-0.4.alpha5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #869917 - drupal7-feeds-2.0-alpha7 is available https://bugzilla.redhat.com/show_bug.cgi?id=869917 -------------------------------------------------------------------------------- ================================================================================ exim-4.72-3.el6 (FEDORA-EPEL-2012-13290) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information: This update protect DKIM DNS decoding from remote exploit, CVE-2012-5671. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jaroslav ?karvada - 4.72-3 - Backported fix for CVE-2012-5671 Resolves: CVE-2012-5671 -------------------------------------------------------------------------------- References: [ 1 ] Bug #870348 - CVE-2012-5671 exim: Heap-buffer overflow in DNS decode logic used for DKIM [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=870348 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.5.6-1.el6 (FEDORA-EPEL-2012-13287) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: Enhanced fedmsg.text and a new fedmsg-collectd Simplified and enhanced fedmsg.text module fedmsg.text enhancements and recursive merging of fedmsg.d/ New upstream with various enhancement and bugfixes. Misc bugfixes and enhancements. Rely on the latest python-moksha-hub. Bugfix to fedmsg.encoding Fix fedmsg-gateway. Enhancements to fedmsg.encoding. Convenient default config for end users. 0.3.8 new commands, options, and enhanced API. Unicode bugfix. repr enhancements. IRC colors, fedmsg2repr updates, and removed fedmsg-status threadsafety and licensing 0.3.1 for msg2repr updates and fedmsg-logger grepping. Bugfix to -logger and enhancement to -irc Require latest moksha. API enhancement. 0.2.5 with more realistic X509 capacity 0.2.4 with fix for disabled ssl 0.2.3 with upstream typo fixes Added deps on m2crypto and python-m2ext /var/log/fedmsg wasn't being created correctly. Require moksha >= 0.8.3. python-argparse fix for epel-6. Bugfix - Added a forgotten new requirement on python-requests. Fix to creation of /var/run/fedmsg. Remove unnecessary %%ghost on /var/run/fedmsg Nicer messages from fedmsg-irc. New fedmsg.text.msg2repr. bugfix to fedmsg.text. fedmsg.text updates for scm. thread safety bugfix for fedmsg-tail and fedmsg.text items from lmacken -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Ralph Bean - 0.5.6-1 - More fedmsg.text enhancements. - New fedmsg-collectd command. - Reenabled test_text.py * Tue Oct 23 2012 Ralph Bean - 0.5.5-1 - Lots of work on enhancing and simplifying fedmsg.text from Luke Macken. - Remove test_text.py since it now depends on test_hub.py * Tue Oct 9 2012 Ralph Bean - 0.5.4-4 - Disable those few tests that require network connectivity for koji. * Tue Oct 9 2012 Ralph Bean - 0.5.4-3 - BuildRequires on python-pygments. * Tue Oct 9 2012 Ralph Bean - 0.5.4-2 - BuildRequires on python-pygments. * Mon Oct 8 2012 Ralph Bean - 0.5.4-1 - New mediawiki, tagger, and git icons in fedmsg.text. - Create symlink of dev_certs in build section so tests can pass. - Re-enable the test suite in %check again. - fedmsg.text entries for tagger rank changes. - Updated default FI endpoints (for staging). - Remove full text from mediawiki messages to reduce spam. - Recursively merge dicts in /etc/fedmsg.d/ * Fri Oct 5 2012 Ralph Bean - 0.5.3-1 - Icons and fedmsg.text support for fedmsg-notify - Re-disabled the tests to get a quick release out for fedmsg-notify. * Thu Oct 4 2012 Luke Macken - 0.5.2-2 - Re-enable the test suite in %check which got accidently removed. * Wed Oct 3 2012 Ralph Bean - 0.5.2-1 - Allow timeout when connecting to a non-existant fedmsg-relay - fedmsg.text entries for new lookaside messages - fedmsg.text groundwork support for icons - Enhancements to the docs - Fixed regression in fedmsg-irc * Thu Sep 27 2012 Ralph Bean - 0.5.1-1 - Fixed links in meetbot reprs - fedmsg.text entries for pkgdb2branch and releng - unicode bugfix for fedmsg-tail --terse - Fix bug alongside python-moksha-hub-1.0.3-1 - New defaults fedora-infrastructure endpoints - Improved docs - Links to real diffs for mediawiki messages - Specifiable and longer default tcp timeout for fedmsg-irc - Improved config parsing for fedmsg-irc - Bugfix to git-hook; ignore pushed tags instead of crashing - Allow inner context to be destroyed and recreated inside a thread * Thu Sep 27 2012 Ralph Bean - 0.5.0-2 - Require python-pygments. * Wed Sep 19 2012 Ralph Bean - 0.5.0-1 - Depend on new Moksha - Massive docs improvement. - Minor API simplification. - Suppress some annoying warnings from fedmsg-tail. * Fri Aug 31 2012 Ralph Bean - 0.4.0-1 - Bugfix to fedmsg.encoding. * Fri Aug 31 2012 Ralph Bean - 0.3.9-1 - Bugfix to fedmsg-gateway. - to_json utility for sqlalchemy. - More convenient default config for end users. * Thu Aug 23 2012 Ralph Bean - 0.3.8-1 - fedmsg-gateway command, new! - Improved thread cleanup with weakref. - --terse option for fedmsg-tail - Meetbot text processing support. - Update to consumer API.. systematized enablement. * Fri Aug 17 2012 Ralph Bean - 0.3.6-1 - Expanded reprs. Support for fedoratagger-0.2.2-1 messages. - Unicode bugfix. * Tue Aug 14 2012 Ralph Bean - 0.3.5-1 - IRC colors - fedmsg2repr updates (Luke Macken) - Removed fedmsg-status and the heartbeat producer * Mon Aug 13 2012 Ralph Bean - 0.3.4-1 - Threadsafety bugfixes to fedmsg-tail - New fedmsg.text items from Luke Macken. * Sun Aug 12 2012 Ralph Bean - 0.3.3-1 - thread safety (for bodhi masher) * Wed Aug 8 2012 Ralph Bean - 0.3.2-1 - msg2repr updates for scm. * Wed Aug 8 2012 Ralph Bean - 0.3.1-1 - msg2repr updates - fedmsg-logger grepping. * Tue Aug 7 2012 Ralph Bean - 0.3.0-1 - Bugfix to fedmsg.text. * Tue Aug 7 2012 Ralph Bean - 0.2.9-1 - Upstream update including nicer message for fedmsg-irc. - fedmsg.text.msg2repr * Mon Aug 6 2012 Ralph Bean - 0.2.7-4 - Remove unnecessary %ghost on /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-3 - Hopefully fix to creation of /var/run/fedmsg. * Mon Aug 6 2012 Ralph Bean - 0.2.7-2 - Added a forgotten new requirement on python-requests. * Sun Aug 5 2012 Ralph Bean - 0.2.7-1 - Upstream bugfix to -logger and enhancement to -irc. * Mon Jul 30 2012 Ralph Bean - 0.2.6-2 - Require moksha >= 0.8.8 * Mon Jul 30 2012 Ralph Bean - 0.2.6-1 - Upstream bugfixes and API enhancements. * Thu Jul 19 2012 Fedora Release Engineering - 0.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jul 15 2012 Ralph Bean - 0.2.5-1 - Upstream crypto updates in preparation for a more realistic X509 setup. * Fri Jul 13 2012 Ralph Bean - 0.2.4-1 - Upstream bugfix for when ssl is disabled. * Wed Jul 11 2012 Ralph Bean - 0.2.3-1 - Upstream bump that fixes some typos. * Tue Jul 10 2012 Ralph Bean - 0.2.2-3 - Added deps on python-argparse for py < 2.7 (rhel6) * Sat Jul 7 2012 Ralph Bean - 0.2.2-2 - Added deps on m2crypto and python-m2ext * Sat Jul 7 2012 Ralph Bean - 0.2.2-1 - Update to fedmsg-irc to fix lineRate issues - fedmsg.crypto module - sign and validate messages * Mon Jun 11 2012 Ralph Bean - 0.2.1-2 - Require moksha >= 0.8.3 * Mon Jun 11 2012 Ralph Bean - 0.2.1-1 - Override producers and consumers entry-points in the hub. Should fix a collision that fedmsg-irc is having with fedoracommunity. * Mon Jun 11 2012 Ralph Bean - 0.2.0-4 - Introduce temporary hard dep on orbited. * Mon Jun 11 2012 Ralph Bean - 0.2.0-3 - /var/log/fedmsg wasn't being created correctly. -------------------------------------------------------------------------------- ================================================================================ fedora-review-0.3.1-2.el6 (FEDORA-EPEL-2012-13317) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information: Create compatibility symlinks to load shell scripts Bugfix release including renewed support for EL6 and fix of global shell plugins Bugfix release including renewed support for EL6 and fix of global shell plugins -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Stanislav Ochotnicky - 0.3.1-2 - Add symlink to scripts directory so they are loaded * Tue Sep 25 2012 Stanislav Ochotnicky - 0.3.1-1 - Update to lastest upstream (0.3.1) - Fix loading of system-wide plugins - Add back suport for EL6 * Mon Sep 24 2012 Stanislav Ochotnicky - 0.3.0-1 - Update to lastest upstream (0.3.0) - Remove no longer needed build workarounds * Thu Aug 9 2012 Stanislav Ochotnicky - 0.2.2-1 - Update to lastest upstream (0.2.2) - Add koji-download-scratch script * Thu Jul 19 2012 Fedora Release Engineering - 0.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jul 11 2012 Stanislav Ochotnicky - 0.2.0-1 - Update to latest release (0.2.0) * Fri Feb 24 2012 Stanislav Ochotnicky - 0.1.3-1 - Update to latest bugfix release -------------------------------------------------------------------------------- ================================================================================ ghc-blaze-markup-0.5.1.1-1.el6 (FEDORA-EPEL-2012-13291) A blazingly fast markup combinator library for Haskell -------------------------------------------------------------------------------- Update Information: Blazing fast markup combinators library -------------------------------------------------------------------------------- References: [ 1 ] Bug #855710 - Review Request: ghc-blaze-markup - Blazingly fast markup combinator library https://bugzilla.redhat.com/show_bug.cgi?id=855710 -------------------------------------------------------------------------------- ================================================================================ ghc-rpm-macros-0.15.9-2.el6 (FEDORA-EPEL-2012-13303) Macros for building packages for GHC -------------------------------------------------------------------------------- Update Information: Rebase to 0.15.9 from F17 branch: - require hscolour and generate hoogle - no longer build redundant HS*.o ghci files - %ghc_binlib_package renamed to %ghc_lib_subpackage - better support for multiple lib subpackaging and meta-packages - add cabal-tweak-dep-ver script -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jens Petersen - 0.15.9-2 - BR redhat-rpm-config instead of ghc-rpm-macros - no longer set without_hscolour in macros.ghc for bootstrapping * Tue Oct 9 2012 Jens Petersen - 0.15.9-1 - "cabal haddock" needs --html option with --hoogle to output html * Thu Sep 20 2012 Jens Petersen - 0.15.8-1 - ghc-rpm-macros now requires hscolour so packages no longer need to BR it - this can be disabled for bootstrapping by setting without_hscolour - make haddock build hoogle files - ghc_lib_build no longer builds redundant ghci .o library files * Wed Jul 11 2012 Jens Petersen - 0.15.7-1 - let ghc_bin_install take an arg to disable implicit stripping for subpackages - fix doc handling of subpackages for ghc_without_shared - without ghc_exclude_docdir include doc dir also for subpackages - rename ghc_binlib_package to ghc_lib_subpackage - add ghc_lib_build_without_haddock - no longer drop into package dirs when subpackaging with ghc_lib_build and ghc_lib_install * Fri Jun 22 2012 Jens Petersen - 0.15.6.1-1 - cabal-tweak-dep-ver: be careful only to match complete dep name and do not match beyond "," * Fri Jun 22 2012 Jens Petersen - 0.15.6-1 - cabal-tweak-dep-ver: new script to tweak depends version bounds in .cabal from ghc-rpm-macros-0.95.5 - ghc-dep.sh: only use buildroot package.conf.d if it exists - ghc-deps.sh: look in buildroot package.conf.d for program deps - add a meta-package option to ghc_devel_package and use in ghc_devel_requires - allow ghc_description, ghc_devel_description, ghc_devel_post_postun to take args - support meta packages like haskell-platform without base lib files - add shell variable cabal_configure_extra_options to cabal_configure for local configuration - do not provide prof when without_prof set -------------------------------------------------------------------------------- ================================================================================ ginfo-0.2.4-1.el6 (FEDORA-EPEL-2012-13310) A versatile tool for discovering Grid services -------------------------------------------------------------------------------- Update Information: New upstream release New upstream release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Laurence Field - 0.2.4-1 - Added -b --bind option. -------------------------------------------------------------------------------- ================================================================================ lcgdm-1.8.4-1.el6 (FEDORA-EPEL-2012-13286) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information: Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 3 2012 Ricardo Rocha - 1.8.4-1 - Update for new upstream release * Fri Aug 3 2012 David Malcolm - 1.8.3.1-5 - rebuild for https://fedoraproject.org/wiki/Features/Python_3.3 * Thu Jul 19 2012 Fedora Release Engineering - 1.8.3.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 11 2012 Petr Pisar - 1.8.3.1-3 - Perl 5.16 rebuild -------------------------------------------------------------------------------- ================================================================================ mimedefang-2.73-3.el6 (FEDORA-EPEL-2012-13301) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information: Re-enabled embedded perl feature (thanks to Alexander Dalloz) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Robert Scheck 2.73-3 - Re-enabled embedded perl feature (thanks to Alexander Dalloz) * Fri Jul 20 2012 Fedora Release Engineering - 2.73-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ pcp-3.6.9-1.el6 (FEDORA-EPEL-2012-13294) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Update to latest PCP sources, and resolve these bugzillas: - Fix pmcd sigsegv in NUMA/CPU indom setup (BZ 858384) - Fix sar2pcp uninitialised perl variable warning (BZ 859117) - Fix pcp.py and pmcollectl with older python versions (BZ 852234) - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. new upstream release new upstream release - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. new upstream release - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. - Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). - Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) - Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. - Fix potential buffer overflow in pmlogger host name handling. - Reworked the configure --prefix handling to be more like the rest of the open source world. - Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Nathan Scott - 3.6.9-1 - Update to latest PCP sources. - Fix pmcd sigsegv in NUMA/CPU indom setup (BZ 858384) - Fix sar2pcp uninitialised perl variable warning (BZ 859117) - Fix pcp.py and pmcollectl with older python versions (BZ 852234) * Fri Sep 14 2012 Nathan Scott - 3.6.8-1 - Update to latest PCP sources. * Wed Sep 5 2012 Nathan Scott - 3.6.6-1.1 - Move configure step from prep to build section of spec (BZ 854128) * Tue Aug 28 2012 Mark Goodwin - 3.6.6-1 - Update to latest PCP sources, see installed CHANGELOG for details. - Introduces new python-pcp and pcp-testsuite sub-packages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #858384 - pmcd segv during linux-pmda query https://bugzilla.redhat.com/show_bug.cgi?id=858384 [ 2 ] Bug #859117 - sar2pcp warnings: use of uninitialized value .... line 171 https://bugzilla.redhat.com/show_bug.cgi?id=859117 [ 3 ] Bug #852234 - pcp 3.6.6-1 pcp.py fails to compile with python2.4 in epel5 https://bugzilla.redhat.com/show_bug.cgi?id=852234 [ 4 ] Bug #841306 - libpcp additional decoder hardening https://bugzilla.redhat.com/show_bug.cgi?id=841306 -------------------------------------------------------------------------------- ================================================================================ php-voms-admin-0.6.5-2.el6 (FEDORA-EPEL-2012-13269) Web based interface to control VOMS parameters written in PHP -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Mattias Ellert - 0.6.5-2 - Minor fixes to post installation script - Add missing package dependencies * Tue Oct 23 2012 Mattias Ellert - 0.6.5-1 - Update to released version 0.6.5 * Sat Jul 21 2012 Fedora Release Engineering - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-djblets-0.6.24-1.el6 (FEDORA-EPEL-2012-13307) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information: * Wed Oct 24 2012 Stephen Gallagher - 1.6.13-1 - New upstream release 1.6.13 - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.13/ - http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.12/ - New Features: * Added support for incremental diff expansion * Replaced our old Report Bug and Bugs links in the top-right with Support * Added support for Clear Case snapshot views - Performance Improvements: * We no longer perform syntax highlighting for very large files - Hosting Service Changes * Fedora Hosted has been switched to use cgit instead of GitWeb - Web API Changes: * The FileDiffComment resource was showing all comments for all files in a diffset. Now it?s taking into account the requested FileDiff * Passing ?shipit=0 to the ReviewRequests resource now returns all review requests that do not have a Ship It - Bug Fixes: * General: * Fixed a regression where users could see other users' unpublished replies * Diff upload API errors now serialize the revision correctly * Fixed linking to bug numbers when they contain a # * The headers shown on the diffs in e-mails are no longer broken * The diff viewer no longer allows expansion to a function/class unless that function/class is defined within the collapsed region * Fixed validation of bug tracker URLs * Linked URLs with parenthesis in the URL no longer generate broken links * Fixed problems with collapsing SVN keywords * Changes to new files in parent diffs are no longer styled wrong * Fix JavaScript errors when publishing reviews with screenshot comments * The alt text for images in the dashboard now show the expected text and not Python representations of objects * Clear Case: * Filenames on Clear Case are now displayed in a more readable format * Fixed some issues with handling paths on Clear Case on Windows * Git: * Fixed Git diffs with deleted binary files * Extended data in Git diffs (such as the author, description, etc.) is no longer lost when uploading a diff * The Binary files have changed parts in a Git diff are no longer lost when uploading a diff * Mercurial: * Fixed support for hg git diffs with spaces in the path * Subversion: * Fixed parsing of SVN diffs with property changes * Fixed display of SVN diffs with changes in $Keyword$ formatting -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Stephen Gallagher - 0.6.24-1 - New upstream release 0.6.24 - Drop upstreamed patches - Include tests in djblets directory - Include README - djblets.feedview: * We now use the latest upstream of feedparser instead of an older bundled version - General: * We now require Django 1.3.3 - djblets.util: * Added djblets.util.humanize - djblets.webapi: * Added an Item-Content-Type header to web API responses for list resources -------------------------------------------------------------------------------- References: [ 1 ] Bug #865753 - Consider to update to 1.6.13 https://bugzilla.redhat.com/show_bug.cgi?id=865753 -------------------------------------------------------------------------------- ================================================================================ python-rosinstall-0.6.19-2.el6 (FEDORA-EPEL-2012-13312) ROS installation utilities -------------------------------------------------------------------------------- Update Information: Initial import of python-rosinstall -------------------------------------------------------------------------------- References: [ 1 ] Bug #829126 - Review Request: python-rosinstall - ROS installation utilities https://bugzilla.redhat.com/show_bug.cgi?id=829126 -------------------------------------------------------------------------------- ================================================================================ salt-0.10.4-1.el6 (FEDORA-EPEL-2012-13282) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Updating to upstream version 0.10.4 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 24 2012 Clint Savage - 0.10.4-1 - Moved to upstream release 0.10.4 - Patched jcollie/systemd-service-status (SALT at GH#2335) (RHBZ#869669) -------------------------------------------------------------------------------- ================================================================================ ucarp-1.5.2-3.1.el6 (FEDORA-EPEL-2012-13305) Common Address Redundancy Protocol (CARP) for Unix -------------------------------------------------------------------------------- Update Information: Fix for crash if interface is down. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 25 2012 Jon Ciesla - 1.5.2-3.1 - Patch for crash. * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering - 1.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #693762 - ucarp died when ifdown, leaving address active https://bugzilla.redhat.com/show_bug.cgi?id=693762 -------------------------------------------------------------------------------- ================================================================================ viewvc-1.1.17-1.el6 (FEDORA-EPEL-2012-13262) Browser interface for CVS and SVN version control repositories -------------------------------------------------------------------------------- Update Information: Patch CVE-2012-4533. Version 1.1.16 - security fix: escape "extra" diff info to avoid XSS attack (issue #515) - add 'binary_mime_types' configuration option and handling (issue #510) - fix 'select for diffs' persistence across log pages (issue #512) - remove lock status and filesize check on directories in remote SVN views - fix bogus 'Annotation of' page title for non-annotated view (issue #514) Version 1.1.17 (released 25-Oct-2012) - fix exception caused by uninitialized variable usage (issue #516) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Bojan Smojver - 1.1.17-1 - bump up to 1.1.17 * Thu Oct 25 2012 Bojan Smojver - 1.1.16-1 - bump up to 1.1.16 - drop patch for CVE-2012-4533, part of the release * Mon Oct 22 2012 Bojan Smojver - 1.1.15-3 - patch CVE-2012-4533, bug #868606 * Sun Jul 22 2012 Fedora Release Engineering - 1.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #868606 - CVE-2012-4533 viewvc: lib/viewvc.py XSS https://bugzilla.redhat.com/show_bug.cgi?id=868606 -------------------------------------------------------------------------------- ================================================================================ zanata-util-0.2.9-1.el6 (FEDORA-EPEL-2012-13297) Helper scripts for using Zanata -------------------------------------------------------------------------------- Update Information: Fixed RHBZ 852951,870259,870261 Maven client support up to 1.8.0-SNAPSHOT -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Ding-Yi Chen - 0.2.9-1 - Resolves: Bug 852951 - Failed to parse .../language/list - Resolves: Bug 870259 - [zanata_zanata_xml_make] should be able do handle traling / in URL - Resolves: Bug 870261 - [zanata_zanata_xml_make] Fail to download project zanata.xml - Maven support up to 1.8.0-SNAPSHOT - More comprehensive locale.txt * Sun Jul 22 2012 Fedora Release Engineering - 0.2.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 19 2012 Petr Pisar - 0.2.8-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #852951 - Failed to parse .../language/list https://bugzilla.redhat.com/show_bug.cgi?id=852951 [ 2 ] Bug #870259 - [zanata_zanata_xml_make] should be able do handle traling / in URL https://bugzilla.redhat.com/show_bug.cgi?id=870259 [ 3 ] Bug #870261 - [zanata_zanata_xml_make] Fail to download project zanata.xml https://bugzilla.redhat.com/show_bug.cgi?id=870261 -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Oct 27 19:03:42 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 27 Oct 2012 19:03:42 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121027190342.5150020DCC@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 188 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13294/pcp-3.6.9-1.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.17-1.el6 111 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 376 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing gsmartcontrol-0.8.7-1.el6 ldns-1.6.15-1.el6 pdns-3.1-1.el6 python-rospkg-1.0.10-1.el6 python-vcstools-0.1.24-1.20121026gitba30262.el6 Details about builds: ================================================================================ gsmartcontrol-0.8.7-1.el6 (FEDORA-EPEL-2012-13325) Graphical user interface for smartctl -------------------------------------------------------------------------------- Update Information: Bug fixes and additional hardware support. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Eric Smith 0.8.7-1 - Update to latest upstream. - Dropped patches 1 and 2. * Thu Jul 19 2012 Fedora Release Engineering - 0.8.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Feb 10 2012 Petr Pisar - 0.8.6-6 - Rebuild against PCRE 8.30 * Mon Jan 16 2012 Eric Smith 0.8.6-5 - Patch to compile with GCC 4.7. * Fri Jan 13 2012 Fedora Release Engineering - 0.8.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #870590 - gsmartcontrol need update to 0.8.7 https://bugzilla.redhat.com/show_bug.cgi?id=870590 -------------------------------------------------------------------------------- ================================================================================ ldns-1.6.15-1.el6 (FEDORA-EPEL-2012-13322) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information: Updates from source code audit, ldns-dane support Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Paul Wouters - 1.6.15-1 - Updated to 1.6.15, as 1.6.14 accidentally broke ABI (We never released 1.6.14) * Tue Oct 23 2012 Paul Wouters - 1.6.14-1 - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation -------------------------------------------------------------------------------- ================================================================================ pdns-3.1-1.el6 (FEDORA-EPEL-2012-13320) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to latest upstream release 3.1 - DNSSEC improvements - several bugs fixed since 2.9.22 - Added condrestart option - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Morten Stevens - 3.1-1 - Update to latest upstream release 3.1 - DNSSEC improvements - several bugs fixed since 2.9.22 - Added condrestart option * Sat Oct 20 2012 Morten Stevens - 2.9.22.6-2 - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- References: [ 1 ] Bug #646510 - PowerDNS configuration is world-readable while it can contain passwords https://bugzilla.redhat.com/show_bug.cgi?id=646510 -------------------------------------------------------------------------------- ================================================================================ python-rospkg-1.0.10-1.el6 (FEDORA-EPEL-2012-13324) Utilities for ROS package, stack, and distribution information -------------------------------------------------------------------------------- Update Information: Update to release 1.0.10 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Rich Mattes - 1.0.10-1 - Update to version 1.0.10 -------------------------------------------------------------------------------- ================================================================================ python-vcstools-0.1.24-1.20121026gitba30262.el6 (FEDORA-EPEL-2012-13321) Version Control System tools for Python -------------------------------------------------------------------------------- Update Information: Update to release 0.1.24 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Rich Mattes - 0.1.24-1.20121026gitba30262 - Update to release 0.1.24 -------------------------------------------------------------------------------- From updates at fedoraproject.org Sat Oct 27 19:03:43 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Sat, 27 Oct 2012 19:03:43 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121027190343.BA78E20D6A@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 188 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.17-1.el5 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13283/pcp-3.6.9-1.el5 83 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing ldns-1.6.15-1.el5 Details about builds: ================================================================================ ldns-1.6.15-1.el5 (FEDORA-EPEL-2012-13323) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information: Updates from source code audit, ldns-dane support Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Paul Wouters - 1.6.15-1 - Updated to 1.6.15, as 1.6.14 accidentally broke ABI (We never released 1.6.14) * Tue Oct 23 2012 Paul Wouters - 1.6.14-1 - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation -------------------------------------------------------------------------------- From kevin at scrye.com Mon Oct 29 18:39:12 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Mon, 29 Oct 2012 12:39:12 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> Message-ID: <20121029123912.7f136551@jelerak.scrye.com> On Wed, 24 Oct 2012 15:57:43 -0500 Greg Swift wrote: ...snip... > So.. just spent like 30m digging through the wiki and somehow did not > stumble across the 'how to start a sig' page. anyone got a pointer? Just announce you exist and start meeting and working on things. ;) There is not a formal process. Although in this case I don't know if SIG is really the right thing to call a group working on a specific subset of EPEL stuff. Might be more productive to try and get regular EPEL meetings going again, etc. (I've tried, but can't seem to find a time when many people are able to attend). kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From updates at fedoraproject.org Mon Oct 29 18:40:20 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 29 Oct 2012 18:40:20 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121029184020.CF9E420CE6@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 190 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.17-1.el5 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13283/pcp-3.6.9-1.el5 85 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing ejabberd-2.1.11-6.el5 moodle-1.9.19-4.el5 php-pecl-geoip-1.0.8-3.el5 php-pecl-lzf-1.6.2-2.el5 Details about builds: ================================================================================ ejabberd-2.1.11-6.el5 (FEDORA-EPEL-2012-13340) A distributed, fault-tolerant Jabber/XMPP server -------------------------------------------------------------------------------- Update Information: * Fixed vcard image fetching from LDAP directory server. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Peter Lemenkov - 2.1.11-6 - Fixed rhbz #846856 * Mon Sep 10 2012 Peter Lemenkov - 2.1.11-5 - Cherry-picked three new patches from upstream trunk * Wed Jul 18 2012 Fedora Release Engineering - 2.1.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #846856 - mod_vcard_ldap displaying jpegPhoto image is broken https://bugzilla.redhat.com/show_bug.cgi?id=846856 -------------------------------------------------------------------------------- ================================================================================ moodle-1.9.19-4.el5 (FEDORA-EPEL-2012-13337) A Course Management System -------------------------------------------------------------------------------- Update Information: Fix broken dependency. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 29 2012 Jon Ciesla - 1.9.19-4 - Requires fix. -------------------------------------------------------------------------------- ================================================================================ php-pecl-geoip-1.0.8-3.el5 (FEDORA-EPEL-2012-13329) Extension to map IP addresses to geographic places -------------------------------------------------------------------------------- Update Information: Fix Zend API version checks upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Andrew Colin Kissa - 1.0.8-3 - Fix php spec file macros * Sat Jul 21 2012 Fedora Release Engineering - 1.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.0.8-1 - update to 1.0.8 for php 5.4 * Sat Jan 14 2012 Fedora Release Engineering - 1.0.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sat Oct 15 2011 Remi Collet - 1.0.7-7 - fix segfault when build with latest GeoIP (#746417) - run test suite during build - add patch for tests, https://bugs.php.net/bug.php?id=59804 - add filter to avoid private-shared-object-provides geoip.so * Fri Jul 15 2011 Andrew Colin Kissa - 1.0.7-6 - Fix bugzilla #715693 * Wed Feb 9 2011 Fedora Release Engineering - 1.0.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jul 26 2009 Fedora Release Engineering - 1.0.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-pecl-lzf-1.6.2-2.el5 (FEDORA-EPEL-2012-13328) Extension to handle LZF de/compression -------------------------------------------------------------------------------- Update Information: Fix Zend API version checks new upstream -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Andrew Colin Kissa - 1.6.2-2 - Fix php spec macros - Fix Zend API version checks * Sat Oct 20 2012 Andrew Colin Kissa - 1.6.2-1 - Upgrade to latest upstream - Fix bugzilla #838309 #680230 * Sat Jul 21 2012 Fedora Release Engineering - 1.5.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.5.2-9 - rebuild against PHP 5.4, with upstream patch - add filter to avoid private-shared-object-provides - add minimal %check * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Jul 15 2011 Andrew Colin Kissa - 1.5.2-7 - Fix bugzilla #715791 * Wed Feb 9 2011 Fedora Release Engineering - 1.5.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jul 26 2009 Fedora Release Engineering - 1.5.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #838309 - php-pecl-lzf-1.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=838309 [ 2 ] Bug #680230 - php-pecl-lzf contains a bundled liblzf. https://bugzilla.redhat.com/show_bug.cgi?id=680230 -------------------------------------------------------------------------------- From updates at fedoraproject.org Mon Oct 29 18:40:22 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Mon, 29 Oct 2012 18:40:22 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121029184022.6C0F220D0F@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 190 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13294/pcp-3.6.9-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13339/exim-4.72-4.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.17-1.el6 113 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 378 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing argtable-2.13-2.el6 cminpack-1.3.0-1.el6 ejabberd-2.1.11-6.el6 exim-4.72-4.el6 leveldb-1.7.0-2.el6 nginx-1.0.15-3.el6 pdns-3.1-2.el6 php-pecl-geoip-1.0.8-3.el6 php-pecl-lzf-1.6.2-2.el6 pytest-2.3.2-1.el6 python-py-1.4.11-1.el6 python-txzmq-0.6.1-2.el6 python-webpy-0.37-2.el6 smstools-3.1.15-2.el6 Details about builds: ================================================================================ argtable-2.13-2.el6 (FEDORA-EPEL-2012-13332) Cross platform C library for parsing GNU style command line arguments -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #870649 - Review Request: argtable - Cross platform C library for parsing GNU style command line arguments https://bugzilla.redhat.com/show_bug.cgi?id=870649 -------------------------------------------------------------------------------- ================================================================================ cminpack-1.3.0-1.el6 (FEDORA-EPEL-2012-13326) Solver for nonlinear equations and nonlinear least squares problems -------------------------------------------------------------------------------- Update Information: Update to latest upstream release: 1.3.0 Correct error where libraries were installed to wrong place on non-x86 64 bit architectures -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 27 2012 Rich Mattes - 1.3.0-1 - Update to release 1.3.0 -------------------------------------------------------------------------------- ================================================================================ ejabberd-2.1.11-6.el6 (FEDORA-EPEL-2012-13327) A distributed, fault-tolerant Jabber/XMPP server -------------------------------------------------------------------------------- Update Information: * Fixed vcard image fetching from LDAP directory server. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Peter Lemenkov - 2.1.11-6 - Fixed rhbz #846856 * Mon Sep 10 2012 Peter Lemenkov - 2.1.11-5 - Cherry-picked three new patches from upstream trunk * Wed Jul 18 2012 Fedora Release Engineering - 2.1.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #846856 - mod_vcard_ldap displaying jpegPhoto image is broken https://bugzilla.redhat.com/show_bug.cgi?id=846856 -------------------------------------------------------------------------------- ================================================================================ exim-4.72-4.el6 (FEDORA-EPEL-2012-13339) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information: This is an update that fixes CVE-2011-1407. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Jaroslav ?karvada - 4.72-4 - The wrongly named CVE-2011-1407 patch was renamed to CVE-2011-1764 - Added fix for CVE-2011-1407 Resolves: CVE-2011-1407 -------------------------------------------------------------------------------- References: [ 1 ] Bug #705448 - CVE-2011-1407 CVE-2011-1764 exim various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=705448 -------------------------------------------------------------------------------- ================================================================================ leveldb-1.7.0-2.el6 (FEDORA-EPEL-2012-13338) A fast and lightweight key/value database library by Google -------------------------------------------------------------------------------- Update Information: * Ver. 1.7.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #840172 - levelbd fails to pass the test on EL6 for x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=840172 -------------------------------------------------------------------------------- ================================================================================ nginx-1.0.15-3.el6 (FEDORA-EPEL-2012-13330) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: Numerous bug fixes -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Jamie Nguyen - 1.0.15-3 - add nginx man page (#870738) - link to official documentation not the community wiki (#870733) - default.conf: add "default_server" to the "listen" directive (#842738) -------------------------------------------------------------------------------- References: [ 1 ] Bug #870738 - nginx package missing man page for main binary https://bugzilla.redhat.com/show_bug.cgi?id=870738 [ 2 ] Bug #870733 - Config comments should link to official documentation, not community wiki https://bugzilla.redhat.com/show_bug.cgi?id=870733 [ 3 ] Bug #842738 - default.conf is no longer the default server when conf.d includes a.conf https://bugzilla.redhat.com/show_bug.cgi?id=842738 -------------------------------------------------------------------------------- ================================================================================ pdns-3.1-2.el6 (FEDORA-EPEL-2012-13320) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to latest upstream release 3.1 - DNSSEC improvements - several bugs fixed since 2.9.22 - Added condrestart option - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend - Spec improvements -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Morten Stevens - 3.1-2 - Spec improvements * Fri Oct 26 2012 Morten Stevens - 3.1-1 - Update to latest upstream release 3.1 - DNSSEC improvements - several bugs fixed since 2.9.22 - Added condrestart option * Sat Oct 20 2012 Morten Stevens - 2.9.22.6-2 - Fixed permissions of pdns.conf file (rhbz#646510) - Set bind as default backend -------------------------------------------------------------------------------- References: [ 1 ] Bug #646510 - PowerDNS configuration is world-readable while it can contain passwords https://bugzilla.redhat.com/show_bug.cgi?id=646510 -------------------------------------------------------------------------------- ================================================================================ php-pecl-geoip-1.0.8-3.el6 (FEDORA-EPEL-2012-13335) Extension to map IP addresses to geographic places -------------------------------------------------------------------------------- Update Information: Fix Zend API version checks upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Andrew Colin Kissa - 1.0.8-3 - Fix php spec file macros * Sat Jul 21 2012 Fedora Release Engineering - 1.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.0.8-1 - update to 1.0.8 for php 5.4 * Sat Jan 14 2012 Fedora Release Engineering - 1.0.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sat Oct 15 2011 Remi Collet - 1.0.7-7 - fix segfault when build with latest GeoIP (#746417) - run test suite during build - add patch for tests, https://bugs.php.net/bug.php?id=59804 - add filter to avoid private-shared-object-provides geoip.so * Fri Jul 15 2011 Andrew Colin Kissa - 1.0.7-6 - Fix bugzilla #715693 * Wed Feb 9 2011 Fedora Release Engineering - 1.0.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-pecl-lzf-1.6.2-2.el6 (FEDORA-EPEL-2012-13333) Extension to handle LZF de/compression -------------------------------------------------------------------------------- Update Information: Fix Zend API version checks latest upstream -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Andrew Colin Kissa - 1.6.2-2 - Fix php spec macros - Fix Zend API version checks * Sat Oct 20 2012 Andrew Colin Kissa - 1.6.2-1 - Upgrade to latest upstream - Fix bugzilla #838309 #680230 * Sat Jul 21 2012 Fedora Release Engineering - 1.5.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 19 2012 Remi Collet - 1.5.2-9 - rebuild against PHP 5.4, with upstream patch - add filter to avoid private-shared-object-provides - add minimal %check * Sat Jan 14 2012 Fedora Release Engineering - 1.5.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Jul 15 2011 Andrew Colin Kissa - 1.5.2-7 - Fix bugzilla #715791 * Wed Feb 9 2011 Fedora Release Engineering - 1.5.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #838309 - php-pecl-lzf-1.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=838309 [ 2 ] Bug #680230 - php-pecl-lzf contains a bundled liblzf. https://bugzilla.redhat.com/show_bug.cgi?id=680230 -------------------------------------------------------------------------------- ================================================================================ pytest-2.3.2-1.el6 (FEDORA-EPEL-2012-13171) Simple powerful testing with Python -------------------------------------------------------------------------------- Update Information: New packages: The py lib is a Python development support library featuring the following tools and modules: * py.path: uniform local and svn path objects * py.apipkg: explicit API control and lazy-importing * py.iniconfig: easy parsing of .ini files * py.code: dynamic code generation and introspection * py.path: uniform local and svn path objects py.test provides simple, yet powerful testing for Python. -------------------------------------------------------------------------------- ================================================================================ python-py-1.4.11-1.el6 (FEDORA-EPEL-2012-13171) Library with cross-python path, ini-parsing, io, code, log facilities -------------------------------------------------------------------------------- Update Information: New packages: The py lib is a Python development support library featuring the following tools and modules: * py.path: uniform local and svn path objects * py.apipkg: explicit API control and lazy-importing * py.iniconfig: easy parsing of .ini files * py.code: dynamic code generation and introspection * py.path: uniform local and svn path objects py.test provides simple, yet powerful testing for Python. -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.6.1-2.el6 (FEDORA-EPEL-2012-13331) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: Upstream support for zeromq3 Support for zeromq3 and older pyzmq New upstream with new zmq device types. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 29 2012 Ralph Bean - 0.6.1-2 - Patch (again) to support older pyzmq on f17 and el6. * Mon Oct 29 2012 Ralph Bean - 0.6.1-1 - Upstream integrates zeromq3 support. Dropping patches. * Wed Oct 10 2012 Ralph Bean - 0.5.2-3 - Patch to support older pyzmq on f17 and el6. - Fix changelog. * Wed Oct 10 2012 Ralph Bean - 0.5.2-2 - Added three patches to support zeromq3. * Tue Oct 2 2012 Ralph Bean - 0.5.2-1 - Latest upstream with new socket types. - Remove old epgm-disabling patch. - Add new egpm-disabling patch. * Sat Jul 21 2012 Fedora Release Engineering - 0.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-webpy-0.37-2.el6 (FEDORA-EPEL-2012-13336) A simple web framework for Python -------------------------------------------------------------------------------- Update Information: Initial push of python-webpy for EPEL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #870658 - Build python-webpy for EL6 https://bugzilla.redhat.com/show_bug.cgi?id=870658 -------------------------------------------------------------------------------- ================================================================================ smstools-3.1.15-2.el6 (FEDORA-EPEL-2012-13334) Tools to send and receive short messages through GSM modems or mobile phones -------------------------------------------------------------------------------- Update Information: update to 3.1.15 (this is a fix for RHBZ#863661) -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 27 2012 Patrick C. F. Ernzer 3.1.15-2 - fixing fedpkg lint warnings * Sat Oct 27 2012 Patrick C. F. Ernzer 3.1.15-1 - latest upstream (fixes RHBZ#863661, patch from 3.1.14-4 no longer needed) * Sat Oct 6 2012 Daniele Vigano 3.1.14-4 - Fixed segfault of outgoing file checker (BZ#863661) * Sat Jan 14 2012 Fedora Release Engineering - 3.1.14-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Feb 9 2011 Fedora Release Engineering - 3.1.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #863661 - smstools outgoing file checker segfault https://bugzilla.redhat.com/show_bug.cgi?id=863661 [ 2 ] Bug #866157 - smstools-3.1.15.tar.gz'>smstools3-3.1.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=866157 -------------------------------------------------------------------------------- From kevin at scrye.com Mon Oct 29 18:44:16 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Mon, 29 Oct 2012 12:44:16 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121017110424.3af0622e@jelerak.scrye.com> <20121018153829.GL2974@unaka.lan> <20121022195351.GS2974@unaka.lan> <20121023094311.560c522e@jelerak.scrye.com> <20121024134004.3813564c@jelerak.scrye.com> Message-ID: <20121029124416.692fb7cf@jelerak.scrye.com> On Wed, 24 Oct 2012 16:23:28 -0500 Greg Swift wrote: ...snip... > So... going back to my REPEL name recommendation ;) > > Okay... seriously though. Fedora has the same issue. Fedora is not > stable. Doesn't claim to be. But people still install it and expect > it to be. I don't see us actually changing what Fedora is just > because of that. (lots of talk on occasion and i guess maybe there is > a action item I haven't heard of...) Sure. > > - Old branch gets forgotten about... ie, maintainer pushes new and > > ignores bugs/security issues on old branch because they now don't > > have the same incentive to make it work. ;( > > That is a problem. However, its already the case from what I've > observed. The old packages stagnate and the users move to an > internal/separate repository or start a separate package path, or in a > few cases just update the package. Perhaps, but I suspect many also just continue blindly using the old packages. ;( > > - Extra confusion around tools and branch changes... > > To me the biggest set of confusion around this whole thing is that it > is inconsistent and not set forth in a policy. Right now the policy > ends up being 'well.. don't break the customer, otherwise figure it > out'. > > If the policy was: > > EPEL is a slow moving, safe to upgrade, but not always safe from a > security standpoint after X amount of time repository. Yeah, I dislike that, because how is someone to know? check the other repo for a newer version? But that might be due to features, not security... > REPEL is a faster moving repository that may include updates that > require manual intervention. Use at your own risk, but you'll > probably have more secure updates since its staying current. > > or going to Ken's suggestion: > > EPEL is a slower moving repository. In line with RHEL dot releases > new packages maybe released that require manual intervention to work > post install, however this is due to the need to keep software secure > and current. As long as a release branch is receiving updates from > upstream, that package will be able to update safely. Once upstream > has EOL'd the tool it will be updated based on an assessment of the > tool's newer releases. To stay aware of these potential updates we do > X, Y, and Z to notify users. You can protect yourself from the change > by placing the package in your exclude list per these instructions. Yeah, I like that better personally. But it also has it's issues. ;) kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From kevin at scrye.com Mon Oct 29 18:52:01 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Mon, 29 Oct 2012 12:52:01 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> Message-ID: <20121029125201.1bc08d69@jelerak.scrye.com> This plan has also come up before. ;) Pros: - Gives us a 6monthish time to retire/update things if needed. - Gives us a clear place we can tell users: "Things might break here, please do lots more testing, etc" - lets us do incompatible upgrades if we need to. Cons: - We never know when exactly a point release is going to appear until it does. RH never announces them in advance. So, might lead to scrambling. It's pretty unlikely we could push those updates the same day as the point release... so when would we? would they go through testing as usual? - Do we want for CentOS/SL/whatever to release their version? If not, it could lead to breakage for users who use epel with those until they do. - Once we push those incompatible ones that require the new point release, does that just leave people who are on an older one out in the cold? Or they get the updates and it breaks them even though they didn't apply the point release? kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From dmitry at athabascau.ca Mon Oct 29 19:36:01 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Mon, 29 Oct 2012 13:36:01 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121029125201.1bc08d69@jelerak.scrye.com> References: <20121029125201.1bc08d69@jelerak.scrye.com> Message-ID: <2405693.baFL09seDM@dimon2.pc.athabascau.ca> Note1: I do *not* use CentOS nor am I it's advocate. Take that into account reading below [rough] ideas. I am however RHEL subscriber in the office and Fedora user at home. Note2: I may be missing certain aspects of inter-distribution relations thus please don't throw heavy objects my way if I start sounding like heritic around here ;) On October 29, 2012 12:52:01 Kevin Fenzi wrote: > Cons: > > - We never know when exactly a point release is going to appear until > it does. RH never announces them in advance. So, might lead to > scrambling. It's pretty unlikely we could push those updates the same > day as the point release... so when would we? would they go through > testing as usual? Maybe aligning more with CenOS schedule? They end up trailing RHEL as well so whatever time they get before pushing "the latest" may be enough for EPEL? > - Do we want for CentOS/SL/whatever to release their version? If not, > it could lead to breakage for users who use epel with those until > they do. question from the different dimension: would it not make sense to merge CentOS[-extras] community with EPEL as two essentially are trying to compliment (augument) RHEL with more software? Was that ever considered in the past? Not trying to insigate, but rather suggest alternative approaches to above model. > - Once we push those incompatible ones that require the new point > release, does that just leave people who are on an older one out in > the cold? Or they get the updates and it breaks them even though they > didn't apply the point release? -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- From ktdreyer at ktdreyer.com Mon Oct 29 19:39:26 2012 From: ktdreyer at ktdreyer.com (Ken Dreyer) Date: Mon, 29 Oct 2012 13:39:26 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121029125201.1bc08d69@jelerak.scrye.com> References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> <20121029125201.1bc08d69@jelerak.scrye.com> Message-ID: On Mon, Oct 29, 2012 at 12:52 PM, Kevin Fenzi wrote: > This plan has also come up before. ;) I didn't realize this had been brought up before. Do you have a link to the discussion? I've browsed through the EPEL archives and I didn't see something like this. On Mon, Oct 29, 2012 at 12:52 PM, Kevin Fenzi wrote:> > - We never know when exactly a point release is going to appear until > it does. RH never announces them in advance. So, might lead to > scrambling. It's pretty unlikely we could push those updates the same > day as the point release... so when would we? would they go through > testing as usual? We could publish a policy that the "EPEL flag day" is two weeks after the day that RHEL ships a point release. Pros: * A maintainer can push an "incompatible update" into epel-testing on the day that RHEL ships, and then have their package hit epel-stable two weeks later on the agreed-upon flag day. (Of course, if a maintainer wanted to get their update into updates-testing sooner, that's fine too.) * Easy to remember: "two weeks" is the same time as Bodhi testing. * CentOS and SL are important, but we can't really affect the release schedules for these projects, so it's yet another one-way street. I think we have to just make a best effort. A consistent two week gap would these projects some leeway while not compromising on consistency. Cons: * We would need some coordination to ensure that the signing process happens on the day of RHEL's point release, and two weeks afterward. I'm not involved with the sigining task... hopefully this is not a huge deal? * Technically we would have two release days (RHEL + EPEL) instead of one (RHEL). > - Once we push those incompatible ones that require the new point > release, does that just leave people who are on an older one out in > the cold? Or they get the updates and it breaks them even though they > didn't apply the point release? I'm having trouble picturing a scenario where this problem could happen in RHEL+EPEL. Can you explain more? (I'm not envisioning that these new packages would have dependencies on the redhat-release package version number; only that we would try to hit the dates on the calendar.) - Ken From jdehnert at dehnert.com Mon Oct 29 19:41:40 2012 From: jdehnert at dehnert.com (James P Dehnert Sr) Date: Mon, 29 Oct 2012 12:41:40 -0700 Subject: Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again In-Reply-To: <20121018094522.50f6ca1b@jelerak.scrye.com> References: <19F44368-93A7-49BA-AB7C-A6827C7F1DEA@mac.com> <959EA069-AEDE-41DA-8D06-13379ABDC43F@dehnert.com> <20121017171647.41c8629b@jelerak.scrye.com> <7DB855EC-02EC-449F-ABF0-6C7AB7170528@dehnert.com> <20121018094522.50f6ca1b@jelerak.scrye.com> Message-ID: <86676FDD-3DC7-4DA0-83B9-94F42BFB1ECE@dehnert.com> FYI, I pulled the perl script mk-ca-bundle.pl from the cURL repo on Github. after running that on the problem host and installing the ca-bundle.crt it generates, everything is working like a champ now. On Oct 18, 2012, at 8:45 AM, Kevin Fenzi wrote: > On Wed, 17 Oct 2012 17:33:07 -0700 > James P Dehnert Sr wrote: > > ...snip... > >> Based on this it seems that I could benefit from an updated set of >> time in /etc/pki/tls/certs, in particular the ca-bundle.crt >> ca-bundle.trust.crt files, or am I all wrong on this? > > yeah. Perhaps 6.1's versions were too old to have geotrust in them? > > That would be somewhat surprising to me, but I suppose it's possible. > > kevin > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list Thanks, James "Zeke" Dehnert -- mailto:jdehnert at dehnert.com James "Zeke" Dehnert Phone: 707 588 8554 -= Eschew Obfuscation =- "Life is racing. Everything else is just waiting" -------------- next part -------------- An HTML attachment was scrubbed... URL: From cmadams at hiwaay.net Mon Oct 29 19:52:59 2012 From: cmadams at hiwaay.net (Chris Adams) Date: Mon, 29 Oct 2012 14:52:59 -0500 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <2405693.baFL09seDM@dimon2.pc.athabascau.ca> References: <20121029125201.1bc08d69@jelerak.scrye.com> <2405693.baFL09seDM@dimon2.pc.athabascau.ca> Message-ID: <20121029195259.GC28195@hiwaay.net> Once upon a time, Dmitry Makovey said: > Maybe aligning more with CenOS schedule? They end up trailing RHEL as well so > whatever time they get before pushing "the latest" may be enough for EPEL? CentOS has had some pretty long delays sometimes in the past, so I don't see that as a valid policy. -- Chris Adams Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. From stahnma at puppetlabs.com Mon Oct 29 20:02:05 2012 From: stahnma at puppetlabs.com (Michael Stahnke) Date: Mon, 29 Oct 2012 13:02:05 -0700 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <20121029195259.GC28195@hiwaay.net> References: <20121029125201.1bc08d69@jelerak.scrye.com> <2405693.baFL09seDM@dimon2.pc.athabascau.ca> <20121029195259.GC28195@hiwaay.net> Message-ID: On Mon, Oct 29, 2012 at 12:52 PM, Chris Adams wrote: > Once upon a time, Dmitry Makovey said: >> Maybe aligning more with CenOS schedule? They end up trailing RHEL as well so >> whatever time they get before pushing "the latest" may be enough for EPEL? > > CentOS has had some pretty long delays sometimes in the past, so I don't > see that as a valid policy. > They've certainly worked to shorten that timeline. We could probably engage their core team and find out future plans as well, if so desired. > -- > Chris Adams > Systems and Network Administrator - HiWAAY Internet Services > I don't speak for anybody but myself - that's enough trouble. > > _______________________________________________ > epel-devel-list mailing list > epel-devel-list at redhat.com > https://www.redhat.com/mailman/listinfo/epel-devel-list From skvidal at fedoraproject.org Mon Oct 29 20:06:59 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Mon, 29 Oct 2012 16:06:59 -0400 (EDT) Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121029125201.1bc08d69@jelerak.scrye.com> <2405693.baFL09seDM@dimon2.pc.athabascau.ca> <20121029195259.GC28195@hiwaay.net> Message-ID: On Mon, 29 Oct 2012, Michael Stahnke wrote: > On Mon, Oct 29, 2012 at 12:52 PM, Chris Adams wrote: >> Once upon a time, Dmitry Makovey said: >>> Maybe aligning more with CenOS schedule? They end up trailing RHEL as well so >>> whatever time they get before pushing "the latest" may be enough for EPEL? >> >> CentOS has had some pretty long delays sometimes in the past, so I don't >> see that as a valid policy. >> > They've certainly worked to shorten that timeline. We could probably > engage their core team and find out future plans as well, if so > desired. > > I do not recommend synchronizing with any specific distribution. -sv From dmitry at athabascau.ca Mon Oct 29 21:33:41 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Mon, 29 Oct 2012 15:33:41 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: Message-ID: <3866652.HIqFxQbFY0@dimon2.pc.athabascau.ca> On October 29, 2012 16:06:59 Seth Vidal wrote: > On Mon, 29 Oct 2012, Michael Stahnke wrote: > > On Mon, Oct 29, 2012 at 12:52 PM, Chris Adams wrote: > >> Once upon a time, Dmitry Makovey said: > >>> Maybe aligning more with CenOS schedule? They end up trailing RHEL as > >>> well so whatever time they get before pushing "the latest" may be > >>> enough for EPEL?>> > >> CentOS has had some pretty long delays sometimes in the past, so I don't > >> see that as a valid policy. > > > > They've certainly worked to shorten that timeline. We could probably > > engage their core team and find out future plans as well, if so > > desired. > > I do not recommend synchronizing with any specific distribution. Seth, with all due respect, my understanding of EPEL is precisely bridge between releases of specific distributions (unless I got it wrong). It's aim is to bring "latest goodness" from current Fedora over to slower-paced RHEL/CentOS/SL. Why would you recommend against synchronization with any distribution? My reasons for bringing CenOS up: both groups (CentOS & EPEL) seem to suffer from the lack of man-power. Both groups target the same platform: RHEL and both are going through the same pains. Synchronizing work of such groups does sound "logical" as Mr. Spock would suggest. P.S. not stirring things up but rather genuinely interested. -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- From skvidal at fedoraproject.org Mon Oct 29 21:35:14 2012 From: skvidal at fedoraproject.org (Seth Vidal) Date: Mon, 29 Oct 2012 17:35:14 -0400 (EDT) Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: <3866652.HIqFxQbFY0@dimon2.pc.athabascau.ca> References: <3866652.HIqFxQbFY0@dimon2.pc.athabascau.ca> Message-ID: On Mon, 29 Oct 2012, Dmitry Makovey wrote: > Seth, with all due respect, my understanding of EPEL is precisely bridge > between releases of specific distributions (unless I got it wrong). It's aim > is to bring "latest goodness" from current Fedora over to slower-paced > RHEL/CentOS/SL. Not really. It's just building those pkgs which are not already in rhel for it and do so in a way which complies with fedora packaging policies. > Why would you recommend against synchronization with any distribution? B/c there are many distros built on that base - and tying to one is implicitly blessing ONE distro. And I think fedora officially blessing a rebuild of rhel is going to go over like a lead balloon. -sv From dmitry at athabascau.ca Mon Oct 29 22:22:57 2012 From: dmitry at athabascau.ca (Dmitry Makovey) Date: Mon, 29 Oct 2012 16:22:57 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <3866652.HIqFxQbFY0@dimon2.pc.athabascau.ca> Message-ID: <1769515.b8mqu0CtWv@dimon2.pc.athabascau.ca> On October 29, 2012 17:35:14 Seth Vidal wrote: > > Why would you recommend against synchronization with any distribution? > > B/c there are many distros built on that base - and tying to one is > implicitly blessing ONE distro. hmm. OK, makes sense. > And I think fedora officially blessing a rebuild of rhel is going to go > over like a lead balloon. I'm not suggesting that Fedora donates to/blesses CenOS builds, but rather having CentOS-Extras closer to EPEL. I imagine for some, who use CentOS-Extra and EPEL repos against RHEL* installs cross-listed packages would prove "difficult". Anyway, I'm bidding for the cause I have limited interest in: my selfish goal was to find ways for EPEL to get more man-power to carry on. "Poaching" on the CeonOS side seemed reasonable. And I imagine situation could be viewed in reverse from CentOS side where they get some extra help (read: cross- polination) from EPEL. I'll stop there :) -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330 -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- From updates at fedoraproject.org Tue Oct 30 22:32:31 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 30 Oct 2012 22:32:31 +0000 Subject: Fedora EPEL 6 updates-testing report Message-ID: <20121030223231.4732820B46@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 6 Security updates need testing: Age URL 192 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13202/Django-1.3.4-1.el6,Django14-1.4.2-1.el6 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13218/drupal7-7.16-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13294/pcp-3.6.9-1.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13232/dokuwiki-0-0.14.20121013.el6 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13339/exim-4.72-4.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13262/viewvc-1.1.17-1.el6 114 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13351/mcrypt-2.6.8-10.el6 380 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing R-2.15.2-1.el6 dmlite-plugins-profiler-0.4.0-2.el6 gallery3-3.0.4-3.el6 mcrypt-2.6.8-10.el6 mozilla-https-everywhere-3.0.3-1.el6 php-Kohana-2.4-1.rc2.el6.3 python-sieve-0.1.6-6.el6 rubberband-1.8.1-1.el6 rubygem-puppet-lint-0.3.2-1.el6 snmptt-1.4-0.6.beta2.el6 valkyrie-2.0.0-5.el6 Details about builds: ================================================================================ R-2.15.2-1.el6 (FEDORA-EPEL-2012-13352) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to R 2.15.2 (and rebuild rpy and rkward). For a list of bugfixes and changes in 2.15.2, see: http://cran.r-project.org/src/base/NEWS.html -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 29 2012 Tom Callaway - 2.15.2-1 - update to 2.15.2 - R now Requires: R-java (for a more complete base install) * Wed Jul 18 2012 Fedora Release Engineering - 2.15.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-profiler-0.4.0-2.el6 (FEDORA-EPEL-2012-13349) Profiler plugin for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the profiler plug-in for dmlite. This plug-in is a simple wrapper around a real plug-in implementation, and is used to do multiple measurements regarding the performance of each call to dmlite -------------------------------------------------------------------------------- References: [ 1 ] Bug #860283 - Review Request: dmlite-plugins-profiler - Profiler plugin for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860283 -------------------------------------------------------------------------------- ================================================================================ gallery3-3.0.4-3.el6 (FEDORA-EPEL-2012-13345) Customizable photo gallery web site -------------------------------------------------------------------------------- Update Information: Add php-mysql requires. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Jon Ciesla - 3.0.4-3 - Add php-mysql, BZ 871224. * Thu Jul 19 2012 Fedora Release Engineering - 3.0.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #871224 - Missing dependency on php-mysql https://bugzilla.redhat.com/show_bug.cgi?id=871224 -------------------------------------------------------------------------------- ================================================================================ mcrypt-2.6.8-10.el6 (FEDORA-EPEL-2012-13351) Replacement for crypt() -------------------------------------------------------------------------------- Update Information: Apply workaround for CVE-2012-4527. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Tom Callaway - 2.6.8-10 - apply workaround patch for CVE-2012-4527 Thanks to Attila Bogar and Nobuhiro Iwamatsu -------------------------------------------------------------------------------- References: [ 1 ] Bug #867790 - CVE-2012-4527 mcrypt: stack-based buffer overflow by encryption / decryption of overly long file names https://bugzilla.redhat.com/show_bug.cgi?id=867790 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.3-1.el6 (FEDORA-EPEL-2012-13358) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: - Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Russell Golden - 3.0.3-1 - Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users * Sun Oct 21 2012 Russell Golden - 3.0.2-1 - Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox - New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Mon Oct 15 2012 Russell Golden - 3.0.1-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ php-Kohana-2.4-1.rc2.el6.3 (FEDORA-EPEL-2012-13347) The Swift PHP Framework -------------------------------------------------------------------------------- Update Information: Add php-mbstring requires. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #871209 - Missing dependency on php-mbstring https://bugzilla.redhat.com/show_bug.cgi?id=871209 -------------------------------------------------------------------------------- ================================================================================ python-sieve-0.1.6-6.el6 (FEDORA-EPEL-2012-13356) XML Comparison Utils -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- ================================================================================ rubberband-1.8.1-1.el6 (FEDORA-EPEL-2012-13342) Audio time-stretching and pitch-shifting library -------------------------------------------------------------------------------- Update Information: Changes in Rubber Band v1.8.1 * Fix a crash in formant-preserving pitch shift for some build targets The API is unchanged and the library is binary compatible with version 1.7. Changes in Rubber Band v1.8 * Add build support for Win32/MSVC, Android, and various libraries * Add Java JNI interface The API is unchanged and the library is binary compatible with version 1.7. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Michel Salim - 1.8.1-1 - Update to 1.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866397 - rubberband-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=866397 -------------------------------------------------------------------------------- ================================================================================ rubygem-puppet-lint-0.3.2-1.el6 (FEDORA-EPEL-2012-13355) Ensure your Puppet manifests conform with the Puppetlabs style guide -------------------------------------------------------------------------------- Update Information: New upstream version. http://puppet-lint.com/changelog/ -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Russell Harrison 0.3.2-1 - New upstream version. http://puppet-lint.com/changelog/ - Remove exit code patch. Fixed in upstream -------------------------------------------------------------------------------- ================================================================================ snmptt-1.4-0.6.beta2.el6 (FEDORA-EPEL-2012-13344) An SNMP trap handler written in Perl -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #870615 - Review Request: snmptt - An SNMP trap handler written in Perl https://bugzilla.redhat.com/show_bug.cgi?id=870615 -------------------------------------------------------------------------------- ================================================================================ valkyrie-2.0.0-5.el6 (FEDORA-EPEL-2012-13353) Graphical User Interface for Valgrind Suite -------------------------------------------------------------------------------- Update Information: Initial version of Valkyrie, a graphical interface for Valgrind. -------------------------------------------------------------------------------- References: [ 1 ] Bug #862160 - Review Request: valkyrie - Graphical User Interface for Valgrind Suite https://bugzilla.redhat.com/show_bug.cgi?id=862160 -------------------------------------------------------------------------------- From updates at fedoraproject.org Tue Oct 30 22:32:33 2012 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Tue, 30 Oct 2012 22:32:33 +0000 Subject: Fedora EPEL 5 updates-testing report Message-ID: <20121030223233.44ED320DFD@bastion01.phx2.fedoraproject.org> The following Fedora EPEL 5 Security updates need testing: Age URL 192 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-1.el5 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1.2.10.14-2.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.17-1.el5 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13283/pcp-3.6.9-1.el5 86 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.14.20121013.el5 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13348/mcrypt-2.6.8-10.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing R-2.15.2-1.el5 dmlite-plugins-profiler-0.4.0-2.el5 ldns-1.6.15-2.el5 mcrypt-2.6.8-10.el5 mozilla-https-everywhere-3.0.3-1.el5 rubberband-1.8.1-1.el5 snmptt-1.4-0.6.beta2.el5 Details about builds: ================================================================================ R-2.15.2-1.el5 (FEDORA-EPEL-2012-13346) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to R 2.15.2 (and rebuild rpy and rkward). For a list of bugfixes and changes in 2.15.2, see: http://cran.r-project.org/src/base/NEWS.html -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 29 2012 Tom Callaway - 2.15.2-1 - update to 2.15.2 -------------------------------------------------------------------------------- ================================================================================ dmlite-plugins-profiler-0.4.0-2.el5 (FEDORA-EPEL-2012-13343) Profiler plugin for dmlite -------------------------------------------------------------------------------- Update Information: This package provides the profiler plug-in for dmlite. This plug-in is a simple wrapper around a real plug-in implementation, and is used to do multiple measurements regarding the performance of each call to dmlite -------------------------------------------------------------------------------- References: [ 1 ] Bug #860283 - Review Request: dmlite-plugins-profiler - Profiler plugin for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860283 -------------------------------------------------------------------------------- ================================================================================ ldns-1.6.15-2.el5 (FEDORA-EPEL-2012-13357) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information: A lot of code audit fixes, ldns-dane support. fixup dependency for certs Updates from source code audit, ldns-dane support Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Paul Wouters - 1.6.15-2 - EL5 has no ca-certificates, it needs to depend on openssl * Fri Oct 26 2012 Paul Wouters - 1.6.15-1 - Updated to 1.6.15, as 1.6.14 accidentally broke ABI (We never released 1.6.14) * Tue Oct 23 2012 Paul Wouters - 1.6.14-1 - [pulled before release] - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation -------------------------------------------------------------------------------- ================================================================================ mcrypt-2.6.8-10.el5 (FEDORA-EPEL-2012-13348) Replacement for crypt() -------------------------------------------------------------------------------- Update Information: Apply workaround for CVE-2012-4527. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Tom Callaway - 2.6.8-10 - apply workaround patch for CVE-2012-4527 Thanks to Attila Bogar and Nobuhiro Iwamatsu -------------------------------------------------------------------------------- References: [ 1 ] Bug #867790 - CVE-2012-4527 mcrypt: stack-based buffer overflow by encryption / decryption of overly long file names https://bugzilla.redhat.com/show_bug.cgi?id=867790 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.3-1.el5 (FEDORA-EPEL-2012-13341) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: - Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Russell Golden - 3.0.3-1 - Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users * Sun Oct 21 2012 Russell Golden - 3.0.2-1 - Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox - New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Mon Oct 15 2012 Russell Golden - 3.0.1-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ rubberband-1.8.1-1.el5 (FEDORA-EPEL-2012-13350) Audio time-stretching and pitch-shifting library -------------------------------------------------------------------------------- Update Information: Changes in Rubber Band v1.8.1 * Fix a crash in formant-preserving pitch shift for some build targets The API is unchanged and the library is binary compatible with version 1.7. Changes in Rubber Band v1.8 * Add build support for Win32/MSVC, Android, and various libraries * Add Java JNI interface The API is unchanged and the library is binary compatible with version 1.7. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 28 2012 Michel Salim - 1.8.1-1 - Update to 1.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866397 - rubberband-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=866397 -------------------------------------------------------------------------------- ================================================================================ snmptt-1.4-0.6.beta2.el5 (FEDORA-EPEL-2012-13354) An SNMP trap handler written in Perl -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #870615 - Review Request: snmptt - An SNMP trap handler written in Perl https://bugzilla.redhat.com/show_bug.cgi?id=870615 -------------------------------------------------------------------------------- From kevin at scrye.com Wed Oct 31 16:30:54 2012 From: kevin at scrye.com (Kevin Fenzi) Date: Wed, 31 Oct 2012 10:30:54 -0600 Subject: 'policy' for multiple versions of same software in EPEL In-Reply-To: References: <20121012155353.4400ceef@jelerak.scrye.com> <20121025004431.GA25812@disco.bu.edu> <20121029125201.1bc08d69@jelerak.scrye.com> Message-ID: <20121031103054.264d33fc@jelerak.scrye.com> On Mon, 29 Oct 2012 13:39:26 -0600 Ken Dreyer wrote: > On Mon, Oct 29, 2012 at 12:52 PM, Kevin Fenzi wrote: > > This plan has also come up before. ;) > > I didn't realize this had been brought up before. Do you have a link > to the discussion? I've browsed through the EPEL archives and I > didn't see something like this. Not off hand. I know it was suggested in the past tho. ;) > On Mon, Oct 29, 2012 at 12:52 PM, Kevin Fenzi > wrote:> > > - We never know when exactly a point release is going to appear > > until it does. RH never announces them in advance. So, might lead to > > scrambling. It's pretty unlikely we could push those updates the > > same day as the point release... so when would we? would they go > > through testing as usual? > > We could publish a policy that the "EPEL flag day" is two weeks after > the day that RHEL ships a point release. > > Pros: > > * A maintainer can push an "incompatible update" into epel-testing on > the day that RHEL ships, and then have their package hit epel-stable > two weeks later on the agreed-upon flag day. (Of course, if a > maintainer wanted to get their update into updates-testing sooner, > that's fine too.) > > * Easy to remember: "two weeks" is the same time as Bodhi testing. > > * CentOS and SL are important, but we can't really affect the release > schedules for these projects, so it's yet another one-way street. I > think we have to just make a best effort. A consistent two week gap > would these projects some leeway while not compromising on > consistency. > > Cons: > > * We would need some coordination to ensure that the signing process > happens on the day of RHEL's point release, and two weeks afterward. > I'm not involved with the sigining task... hopefully this is not a > huge deal? Not a big deal. I sign and push updates almost every day. > * Technically we would have two release days (RHEL + EPEL) instead of > one (RHEL). Right. > > - Once we push those incompatible ones that require the new point > > release, does that just leave people who are on an older one out > > in the cold? Or they get the updates and it breaks them even though > > they didn't apply the point release? > > I'm having trouble picturing a scenario where this problem could > happen in RHEL+EPEL. Can you explain more? (I'm not envisioning that > these new packages would have dependencies on the redhat-release > package version number; only that we would try to hit the dates on > the calendar.) So, say RHEL 6.4 comes out. We set our EPEL6 'incompatible upgrade day' as 2 weeks after that. Some people upgrade to 6.4 immediately. Should be ok, as our upgrades haven't happened yet. Some people wait and stay on 6.x. 2 weeks pass. EPEL incompatible upgrade day arrives, we push updates out. People who upgraded to 6.4 already see a bunch of updates that are incompatible and are annoyed since they already did their point release. People on say 6.1 who never applied the point release see a bunch of updates out of the blue. Perhaps some of these EPEL updates require newer packages or new packages in 6.4 only, so they just see broken updates. Granted we have never catered to those folks on old releases much... Anyhow, I guess the big problem I see is that some people will upgrade before our 2 weeks and then have to go through 2 'major' upgrades in a row. kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From danalmmp79437 at yahoo.com Wed Oct 31 16:46:34 2012 From: danalmmp79437 at yahoo.com (Staci Page) Date: Wed, 31 Oct 2012 09:46:34 -0700 (PDT) Subject: 'policy' for multiple versions of same software in EPEL Message-ID: <1351701994.94845.YahooMailClassic@web124901.mail.ne1.yahoo.com> Heya good to hear back from ya. Well I just got out of a relationship but I am not feeling like I'm on the rebound I suppose cuz it's been a coupla months. Just kind of seeing whats on here and keeping it nsa for right now. if that's what your up for 100% or no, some guys say they're down but really aren't and some say they are not but are, so at least you understand what I'm up for. Id describe me as sexy, sassy, and I love to laugh. Sort of looking on here for someone that is not only shallow, as I am not. I've got pictures on my profile if you wanna look. I have my cell number on there, however it is just one that I use for on line stuff b/c I've had some men who wouldn't stop bugging me in the past. It does still forwards any calls and text msgs to my cell phone anyways. If u like what u see and I am the type you're looking for, contact me. If I'm not then good luck in your searc! -------------- next part -------------- An HTML attachment was scrubbed... URL: