Fedora EPEL 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jan 23 22:05:36 UTC 2013
The following Fedora EPEL 5 Security updates need testing:
Age URL
277 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
171 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
53 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0171/moodle-1.9.19-5.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0173/couchdb-1.0.4-2.el5.1
19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0011/drupal7-context-3.0-0.3.beta6.el5
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0116/drupal6-6.28-1.el5
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0102/ettercap-0.7.3-21.el5
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0139/proftpd-1.3.3g-2.el5
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0148/drupal7-7.19-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
couchdb-1.0.4-2.el5.1
moodle-1.9.19-5.el5
mozilla-https-everywhere-3.1.3-1.el5
nordugrid-arc-2.0.1-2.el5
packagedb-cli-1.3.0-1.el5
ucarp-1.5.2-7.el5
weechat-0.4.0-2.el5
whatsup-1.14-1.el5
zabbix20-2.0.4-4.el5
Details about builds:
================================================================================
couchdb-1.0.4-2.el5.1 (FEDORA-EPEL-2013-0173)
A document database server, accessible via a RESTful JSON API
--------------------------------------------------------------------------------
Update Information:
* Ver. 1.0.4 (security release)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 23 2013 Peter Lemenkov <lemenkov at gmail.com> - 1.0.4-2
- Fix for EPEL 5 (Erlang R12B)
* Wed Jan 23 2013 Peter Lemenkov <lemenkov at gmail.com> - 1.0.4-1
- Ver. 1.0.4
- Fixes CVE-2012-5649, CVE-2012-5650
* Mon Aug 15 2011 Kalev Lember <kalevlember at gmail.com> - 1.0.3-2
- Rebuilt for rpm bug #728707
* Thu Jul 21 2011 Peter Lemenkov <lemenkov at gmail.com> - 1.0.3-1
- Ver. 1.0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #784792 - Request: update CouchDB to 1.0.3
https://bugzilla.redhat.com/show_bug.cgi?id=784792
[ 2 ] Bug #895599 - CVE-2012-5649 CVE-2012-5650 couchdb various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=895599
--------------------------------------------------------------------------------
================================================================================
moodle-1.9.19-5.el5 (FEDORA-EPEL-2013-0171)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2012-6098 and CVE-2012-6100.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #903264 - CVE-2012-6100 CVE-2012-6098 moodle various flaws [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=903264
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.1.3-1.el5 (FEDORA-EPEL-2013-0187)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s
and product images), Libav, Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698
Disable broken: Coursera, EBay, Etsy, OpenOffice,
Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865
Update cert whitelist
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 Russell Golden <niveusluna at niveusluna.org> - 3.1.3-1
- Internet Freedom Day stable bugfix release
- Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s and product images), Libav,
Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698
- Disable broken: Coursera, EBay, Etsy, OpenOffice, Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865
- Update cert whitelist
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-2.0.1-2.el5 (FEDORA-EPEL-2013-0183)
Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
SE Linux fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 23 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.0.1-2
- Additional selinux contexts
- Fix for python wrappers using swig 2.0.9
--------------------------------------------------------------------------------
================================================================================
packagedb-cli-1.3.0-1.el5 (FEDORA-EPEL-2013-0179)
A CLI for pkgdb
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.0 which provides some bugs fix including one for the use of the 'all' keyword for the branch.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #887950 - packagedb-cli: silently fails to change ACLs
https://bugzilla.redhat.com/show_bug.cgi?id=887950
--------------------------------------------------------------------------------
================================================================================
ucarp-1.5.2-7.el5 (FEDORA-EPEL-2013-0196)
Common Address Redundancy Protocol (CARP) for Unix
--------------------------------------------------------------------------------
Update Information:
Remove MASTER from init script.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 23 2013 Jon Ciesla <limburgher at gmail.com> - 1.5.2-7
- Dropped MASTER from init, BZ 896576.
* Tue Dec 11 2012 Jon Ciesla <limburgher at gmail.com> - 1.5.2-6
- init fix from Alexander Bostrom, BZ 809421.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #896576 - New init.d ucarp script wrong setting advskew=1 to all nodes if no MASTER variable set.
https://bugzilla.redhat.com/show_bug.cgi?id=896576
--------------------------------------------------------------------------------
================================================================================
weechat-0.4.0-2.el5 (FEDORA-EPEL-2013-0191)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
Reimplement enchant patch, with new support for spelling suggestions
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 22 2013 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.4.0-2
- reimplement enchant support as a separate patch
- implement additional enchant support for displaying spelling suggestions
in weechat_aspell_get_suggestions(), which is a new function introduced by
upstream in 0.4.0
* Mon Jan 21 2013 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.4.0-1
- update to upstream release 0.4.0
- add CMAKE options (DPREFIX and DLIBDIR) which negate the need to patch
- remove enchant patches to keep close to upstream
--------------------------------------------------------------------------------
================================================================================
whatsup-1.14-1.el5 (FEDORA-EPEL-2013-0184)
Node up/down detection utility
--------------------------------------------------------------------------------
Update Information:
New upstream version and fixes opensm linking problem.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 David Brown <david.brown at pnnl.gov> - 1.14-1
- New upstream version of whatsup
- added libtool-ltdl-devel build deps
- added genders build deps and sub packages
* Mon Sep 10 2012 David Brown <david.brown at pnnl.gov> - 1.13-6
- get the damn macro right for postun
* Mon Sep 10 2012 David Brown <david.brown at pnnl.gov> - 1.13-5
- add systemd macros to post postun preun
--------------------------------------------------------------------------------
================================================================================
zabbix20-2.0.4-4.el5 (FEDORA-EPEL-2013-0195)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
zabbix20 packages the 2.0 series of Zabbix. EPEL policy only allows for bugfix releases, avoiding breaking things. Hence this package came into existence.
Notice, there's no SSH support, due to the version of libssh2.
While updating an agent is straight forward, you'll have to run multiple database schema upgrades when upgrading a server.
There are a number of changes compared to earlier packages, documented in zabbix-fedora.README. If you're upgrading, you're strongly advised to go through this document. Please don't hesitate to contact volker27 at gmx.at if something is wrong, hard to understand or missing there. You can file a bug as well, of course!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #867159 - Review Request: zabbix20 - Open-source monitoring solution for your IT infrastructure
https://bugzilla.redhat.com/show_bug.cgi?id=867159
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list