Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Mar 21 17:42:06 UTC 2013
The following Fedora EPEL 6 Security updates need testing:
Age URL
521 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
333 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
256 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
33 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4.08-1.el6
26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0420/awstats-7.0-3.el6
26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0423/nginx-1.0.15-4.el6
11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0532/euca2ools-2.1.3-1.el6
11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0568/mediawiki119-1.19.4-1.el6
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0622/firebird-2.5.2.26539.0-3.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0632/privoxy-3.0.21-1.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0634/openstack-keystone-2012.2.3-4.el6
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0686/mimetex-1.74-1.el6
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0692/v8-3.14.5.7-3.el6
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0707/darkserver-0.8.1-1.el6
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0698/darkserver-0.8.2-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0741/drupal7-views-3.6-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0720/puppet-2.6.18-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
drupal7-7.21-2.el6
drupal7-views-3.6-1.el6
gfal-1.15.0-0.el6
icoutils-0.30.0-1.el6
is-interface-1.15.0-0.el6
lcg-util-1.15.0-0.el6
ldm-2.2.11-3.el6
ltsp-5.4.5-4.el6
opendkim-2.8.1-1.el6
php-channel-drush-1.3-2.el6
puppet-2.6.18-2.el6
python-beautifulsoup4-4.1.3-3.el6
python-dingus-0.3.4-3.el6
python-epdb-0.11-9.el6
python-rosinstall-0.6.26-1.20130318git6d482b2.el6
python-rospkg-1.0.20-1.20130318git0a4448e.el6
python-vcstools-0.1.30-1.20130318git963c121.el6
remctl-3.3-3.el6
retrace-server-1.9-1.el6
srm-ifce-1.15.2-1.el6
thunderbird-lightning-1.9.1-1.el6
Details about builds:
================================================================================
drupal7-7.21-2.el6 (FEDORA-EPEL-2013-0742)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Add rpmmacros subpackage to simplify module packaging.
New Drupal release, http://drupal.org/drupal-7.21-release-notes.
New upstream 7.20, resolves SA-CORE-2013-002. Release notes upstream: http://drupal.org/drupal-7.20-release-notes
New Drupal release, http://drupal.org/drupal-7.21-release-notes.
New upstream 7.20, resolves SA-CORE-2013-002
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 7 2013 Peter Borsa <peter.borsa at gmail.com> - 7.21-1
- 7.21
* Thu Feb 21 2013 Paul W. Frields <stickster at gmail.com> - 7.20-1
- 7.20, SA-CORE-2013-002 (#913403)
* Fri Jan 25 2013 Jon Ciesla <limburgher at gmail.com> - 7.19-2
- README update for cron_key, BZ 902234.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #923932 - Add macros to drupal7
https://bugzilla.redhat.com/show_bug.cgi?id=923932
[ 2 ] Bug #918902 - drupal7-7.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=918902
[ 3 ] Bug #913403 - drupal7-7.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=913403
--------------------------------------------------------------------------------
================================================================================
drupal7-views-3.6-1.el6 (FEDORA-EPEL-2013-0741)
Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:
Update to version 3.6 to address cross-site scripting vulnerability SA-CONTRIB-2013-035
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Jared Smith <jsmith at fedoraproject.org> - 3.6-1
- Release 3.6 fixes a cross-site scripting vulnerabilitySA-CONTRIB-2013-035
- More details at http://drupal.org/node/1948358
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gfal-1.15.0-0.el6 (FEDORA-EPEL-2013-0731)
Grid File access library
--------------------------------------------------------------------------------
Update Information:
lcg-util 1.15.0 Update, EMI synchronization
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Adrien Devresse <adevress at cern.ch> - 1.15.0-0
- fix LFS problem with 32bits version of GFAL 1.0
--------------------------------------------------------------------------------
================================================================================
icoutils-0.30.0-1.el6 (FEDORA-EPEL-2013-0732)
Utility for extracting and converting Microsoft icon and cursor files
--------------------------------------------------------------------------------
Update Information:
This updates fixes a few bugs and improves the manpage. For a more detailed list of changes, see the changelog:
http://www.nongnu.org/icoutils/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Martin Gieseking <martin.gieseking at uos.de> 0.30.0-1
- updated to release 0.30.0
- dropped patch as it has been applied upstream
- removed old buildroot stuff
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.29.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.29.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat May 19 2012 Martin Gieseking <martin.gieseking at uos.de> 0.29.1-6
- added missing Provides: bundled(gnulib): https://bugzilla.redhat.com/show_bug.cgi?id=821764
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.29.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 6 2011 Adam Jackson <ajax at redhat.com> - 0.29.1-4
- Rebuild for new libpng
--------------------------------------------------------------------------------
================================================================================
is-interface-1.15.0-0.el6 (FEDORA-EPEL-2013-0719)
Information service library for the lcg bdii system
--------------------------------------------------------------------------------
Update Information:
lcg-util 1.15.0 Update, EMI synchronization
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Adrien Devresse <adevress at cern.ch> - 1.15.0
- fix an issue with FTS 2.2.9 and glite-sd-query
--------------------------------------------------------------------------------
================================================================================
lcg-util-1.15.0-0.el6 (FEDORA-EPEL-2013-0733)
Command line tools for wlcg storage system
--------------------------------------------------------------------------------
Update Information:
lcg-util 1.15.0 Update, EMI synchronization
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Adrien Devresse <adevress at cern.ch> - 1.15.0-0
- EMI lcg-util 1.15.0 release
- contain several bugfix related to srm-ifce and gfal 1.0
--------------------------------------------------------------------------------
================================================================================
ldm-2.2.11-3.el6 (FEDORA-EPEL-2013-0736)
LTSP Display Manager
--------------------------------------------------------------------------------
Update Information:
Update to new version, also include 'clover' theme, minor bugfix's
--------------------------------------------------------------------------------
================================================================================
ltsp-5.4.5-4.el6 (FEDORA-EPEL-2013-0727)
Linux Terminal Server Project Server and Client
--------------------------------------------------------------------------------
Update Information:
Update to 5.4.5, New overlay unionfs, Uses mock to build chroot
--------------------------------------------------------------------------------
================================================================================
opendkim-2.8.1-1.el6 (FEDORA-EPEL-2013-0723)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 19 2013 Steve Jenkins <steve stevejenkins com> 2.8.1-1
- Updated to use newer upstream 2.8.1 source code
- Removed patches for bugs fixed in upstream source
* Wed Feb 27 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-4
- Added patch from upstream to fix libdb compatibility issues
* Tue Feb 26 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-3
- Split into two spec files: systemd (F17+) and SysV (EL5-6)
- systemd-only: Removed leading / from unitdir variables
- Removed commented source lines
- Created comment sections for easy switching between systemd and SysV
* Mon Feb 25 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-2
- Added / in front of unitdir variables
* Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1
- Happy Birthday to me! :)
- Updated to use newer upstream 2.8.0 source code
- Migration from SysV initscript to systemd unit file
- Added systemd build requirement
- Edited comments in default configuration files
- Changed default Canonicalization to relaxed/relaxed in config file
- Changed default values in EnvironmentFile
- Moved program startup options into EnvironmentFile
- Moved default key check and generation on startup to external script
- Removed AutoRestart directives from default config (systemd will handle)
- Incorporated additional variable names throughout spec file
- Added support for new opendkim-sysvinit package for legacy SysV systems
--------------------------------------------------------------------------------
================================================================================
php-channel-drush-1.3-2.el6 (FEDORA-EPEL-2013-0738)
Adds pear.drush.org channel to PEAR
--------------------------------------------------------------------------------
Update Information:
This package adds the pear.drush.org channel which allows PEAR packages
from this channel to be installed.
--------------------------------------------------------------------------------
================================================================================
puppet-2.6.18-2.el6 (FEDORA-EPEL-2013-0720)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
Updates to EPEL for Puppet 2.6 for security issues disclosed 13-MAR-2013 from Puppet Labs:
https://groups.google.com/group/puppet-announce/t/9200f268f8479e2c
This update also includes a backported patch to fix a for service resource race condition.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 19 2013 Lukas Zapletal <lzap+rpm at redhat.com> - 2.6.18-2
- Apply backported patch for service race condition (#908655)
* Mon Mar 11 2013 Michael Stahnke <stahnma at puppetlabs.com> - 2.6.18-1
- Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
- and CVE-2013-1655 CVE-2013-2274 CVE-2013-2275
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #919770 - CVE-2013-1654 Puppet: SSL protocol downgrade
https://bugzilla.redhat.com/show_bug.cgi?id=919770
[ 2 ] Bug #919773 - CVE-2013-2274 Puppet: HTTP PUT report saving code execution vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=919773
[ 3 ] Bug #919783 - CVE-2013-1640 Puppet: catalog request code execution
https://bugzilla.redhat.com/show_bug.cgi?id=919783
[ 4 ] Bug #919784 - CVE-2013-1652 Puppet: HTTP GET request catalog retrieval
https://bugzilla.redhat.com/show_bug.cgi?id=919784
[ 5 ] Bug #919785 - CVE-2013-2275 Puppet: default auth.conf allows authenticated node to submit a report for any other node
https://bugzilla.redhat.com/show_bug.cgi?id=919785
--------------------------------------------------------------------------------
================================================================================
python-beautifulsoup4-4.1.3-3.el6 (FEDORA-EPEL-2013-0735)
HTML/XML parser for quick-turnaround applications like screen-scraping
--------------------------------------------------------------------------------
Update Information:
Initial el6 branch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #923091 - askbot requires python-beautifulsoup4 which is not available on epel6
https://bugzilla.redhat.com/show_bug.cgi?id=923091
--------------------------------------------------------------------------------
================================================================================
python-dingus-0.3.4-3.el6 (FEDORA-EPEL-2013-0718)
A record-then-assert mocking library
--------------------------------------------------------------------------------
Update Information:
New python-dingus package for el6.
--------------------------------------------------------------------------------
================================================================================
python-epdb-0.11-9.el6 (FEDORA-EPEL-2013-0745)
Extended Python debugger
--------------------------------------------------------------------------------
Update Information:
epdb is an enhanced debugger for python. This is a new package in EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #480380 - Review Request: python-epdb - extended python debugger
https://bugzilla.redhat.com/show_bug.cgi?id=480380
--------------------------------------------------------------------------------
================================================================================
python-rosinstall-0.6.26-1.20130318git6d482b2.el6 (FEDORA-EPEL-2013-0737)
ROS installation utilities
--------------------------------------------------------------------------------
Update Information:
This update brings the latest upstream versions of rosinstall, rospkg, and vcstools.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2013 Rich Mattes <richmattes at gmail.com> - 0.6.28-1.20130318git6d482b2
- Update to release 0.6.28
--------------------------------------------------------------------------------
================================================================================
python-rospkg-1.0.20-1.20130318git0a4448e.el6 (FEDORA-EPEL-2013-0737)
Utilities for ROS package, stack, and distribution information
--------------------------------------------------------------------------------
Update Information:
This update brings the latest upstream versions of rosinstall, rospkg, and vcstools.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2013 Rich Mattes <richmattes at gmail.com> - 1.0.20-1.20130318git0a4448e
- Update to release 1.0.20
--------------------------------------------------------------------------------
================================================================================
python-vcstools-0.1.30-1.20130318git963c121.el6 (FEDORA-EPEL-2013-0737)
Version Control System tools for Python
--------------------------------------------------------------------------------
Update Information:
This update brings the latest upstream versions of rosinstall, rospkg, and vcstools.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2013 Rich Mattes <richmattes at gmail.com> - 0.1.30-1.20130318git963c121
- Update to release 0.1.30
- Updated upstream URL
--------------------------------------------------------------------------------
================================================================================
remctl-3.3-3.el6 (FEDORA-EPEL-2013-0746)
Client/server for Kerberos-authenticated command execution
--------------------------------------------------------------------------------
Update Information:
Adjust for new Ruby on Fedora 19
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 13 2013 Ken Dreyer <ktdreyer at ktdreyer.com> - 3.3-2
- Adjust RPM conditionals for new Ruby guidelines on Fedora 19
- Add workaround for Ruby 2.0 "make install" bug (#921650)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
retrace-server-1.9-1.el6 (FEDORA-EPEL-2013-0744)
Application for remote coredump analysis
--------------------------------------------------------------------------------
Update Information:
Update to 1.9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 Michal Toman <mtoman at redhat.com> 1.9-1
- guess debuginfo name correctly for <= el4
- rename _log to retrace-log
- fix cross-arch vmcores processing
- debug mode checked by default in task manager
- fix typos
- touch task directory when using retrace-server-interact
- forward kernel version from command line correctly
- parse flavoured kernel version correctly
- allow to send notification e-mails
- symlink retrace_log to MISC_DIR
- do not die on download error
- rework front page
- be able to specify custom core location
- do not die if makedumpfile fails
- make FTP buffer size configurable
- fix detaching from httpd
- add more logging
- fix paths of DF_BIN and TAR_BIN
- fix dependencies
- unify access to task directory elements
- display the progress of FTP download
- add notes & case no. boxes
- run bt_filter on vmcores automatically
- add timestamps to logs
- enable free space check in task manager
- urlencode hyperlinks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905715 - Retrace failed. Try again later and if the problem persists report this issue please.
https://bugzilla.redhat.com/show_bug.cgi?id=905715
[ 2 ] Bug #866322 - retrace server couldn't generate backtrace
https://bugzilla.redhat.com/show_bug.cgi?id=866322
[ 3 ] Bug #821115 - Couldn't generate backtrace with Retrace Server
https://bugzilla.redhat.com/show_bug.cgi?id=821115
[ 4 ] Bug #805400 - Generated backtrace is unusable (Reporting disabled)
https://bugzilla.redhat.com/show_bug.cgi?id=805400
--------------------------------------------------------------------------------
================================================================================
srm-ifce-1.15.2-1.el6 (FEDORA-EPEL-2013-0721)
SRM client side library
--------------------------------------------------------------------------------
Update Information:
lcg-util 1.15.0 Update, EMI synchronization
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2013 adevress at cern.ch - 1.15.2-1
- EMI lcgutil 1.15.0 release
* Thu Mar 14 2013 Michail Salichos <msalicho at cern.ch> - 1.15.2-0
- avoid double initialization when session reuse is enabled
* Fri Feb 22 2013 Adrien Devresse <adevress at cern.ch> - 1.15.1-0
- fix an estimatedWaitTime problem with the backoff logic
- introduce srm session reuse
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-1.9.1-1.el6 (FEDORA-EPEL-2013-0729)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
- Update to 1.9.1
- Add patch to fix alarm handling after suspend (bug #910976)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 19 2013 Orion Poplawski <orion at cora.nwra.com> - 1.9.1-1
- Update to 1.9.1
- Add patch to fix alarm handling after suspend (bug #910976)
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list