[EPEL-devel] Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 14 22:08:08 UTC 2014
The following Fedora EPEL 6 Security updates need testing:
Age URL
967 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
185 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
56 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
31 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4404/perl-YAML-LibYAML-0.38-5.el6
11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4384/antiword-0.37-17.el6
11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4407/pkcs11-helper-1.11-3.el6,openvpn-2.3.6-1.el6
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4411/llvm-3.4.2-3.el6
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4444/php-horde-kronolith-4.2.4-1.el6
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4442/icecast-2.4.1-1.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4472/pwgen-2.07-1.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4496/seamonkey-2.28-2.ESR_31.3.0.el6
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4624/xrdp-0.6.1-1.el6
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4575/links-2.8-4.el6
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4563/firebird-2.5.3.26778.0-2.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4663/docker-io-1.4.0-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5.16-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4693/denyhosts-2.6-19.el6.1
The following builds have been pushed to Fedora EPEL 6 updates-testing
2048-cli-0.9-4.git20141214.723738c.el6
denyhosts-2.6-19.el6.1
drupal7-ctools-1.5-1.el6
libhtp-0.5.16-1.el6
liveusb-creator-3.13.2-1.el6
python-argcomplete-0.8.4-1.el6
python-fedmsg-meta-fedora-infrastructure-0.3.8-1.el6
python-mwclient-0.7.1-1.el6
python-regex-2014.11.14-1.el6
tcalc-1.4-1.el6
Details about builds:
================================================================================
2048-cli-0.9-4.git20141214.723738c.el6 (FEDORA-EPEL-2014-4423)
The game 2048 for your Linux terminal
--------------------------------------------------------------------------------
Update Information:
initial rpm-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170231 - Review Request: 2048-cli - The game 2048 for your Linux terminal
https://bugzilla.redhat.com/show_bug.cgi?id=1170231
--------------------------------------------------------------------------------
================================================================================
denyhosts-2.6-19.el6.1 (FEDORA-EPEL-2014-4693)
A script to help thwart ssh server attacks
--------------------------------------------------------------------------------
Update Information:
Fix security bug
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 14 2014 Till Maas <opensource at till.name> - 2.6-19.1
- Add patch from master for CVE-2013-6890 (rhbz #1045984)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1045982 - CVE-2013-6890 denyhosts: remote denial of ssh service
https://bugzilla.redhat.com/show_bug.cgi?id=1045982
--------------------------------------------------------------------------------
================================================================================
drupal7-ctools-1.5-1.el6 (FEDORA-EPEL-2014-4667)
Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:
# 7.x-1.5
## API Additions:
* **ctools_ajax_icon_text_button()**: The ctools_ajax_icon_text_button() function provides the ability to render an icon and related text as a link. This will automatically apply an AJAX class to the link and add the appropriate javascript to make this happen.
* **String Context:**: The string context plugin now provides a proper settings form for creating arbitrary string contexts.
## Issues:
* Revert "Issue #1917658 by codycraven: Empty context value results in missing argument in views argument"
* Issue #2195211 fix Missing argument 4 error when checking entity access
* Issue #2195471 by Eric_A, DamienMcKenna: Only variables should be passed by reference in ctools_entity_from_field_context
* Issue #1315900 by tim.plunkett: Add reset_html_ids option to stop form ids from changing when validation fails.
* Issue #1774434 by axel.rutz, Angry Dan: Allow string context to be created in the UI
* Issue #2257367 by loopduplicate: Update homepage configuration link to d7
* Issue #955070 by azinck, EclipseGc: Update the token replacements in ctools to work against a fully rendered page.
* Issue #2280875 by cboyden: Add icon+text renderer to avoid duplicate links for text and icons in Panels IPE
* Issue #581670 by mariacha1, hass: Autocomplete loses selected item after selection
* Issue #2054803 by Mac_Weber, Kazanir, merlinofchaos Added documentation for the classes array in plugin definitions.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 13 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.5-1
- Updated to 1.5 (BZ #1166343)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
- Spec cleanup
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166343 - drupal7-ctools-1.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1166343
--------------------------------------------------------------------------------
================================================================================
libhtp-0.5.16-1.el6 (FEDORA-EPEL-2014-4669)
Security-aware parser for the HTTP protocol and the related bits and pieces
--------------------------------------------------------------------------------
Update Information:
This is a major update. API/ABI breaks are to be expected.
Extensive testing will be more than welcome.
Below is the upstream changelog from version 0.5.3 to the latest 0.5.16. Unfortunately, upstream didn't maintain a changelog before that.
More details can be obtained by [comparing the current version in EPEL6, 0.3.0, and the one in this update](https://github.com/OISF/libhtp/compare/0.3.0...0.5.16).
### 0.5.16 (11 December 2014)
* Per personality requestline leading whitespace handling [Victor Julien]
* Improve request line parsing with leading spaces [Victor Julien]
* Harden decompress code against memory stress [Victor Julien]
### 0.5.15 (1 August 2014)
* Fixed [#78] Make a case-insensitive comparision for the pattern "chunked" for "Transfer-Encoding" [Anoop Saldanha]
### 0.5.14 (22 July 2014)
* Fixed the tests sometimes not returning the correct status code. Increased the the compiler warnings for the tests.
* Fixed [#77] Fix compiler warnings in the tests
### 0.5.13 (16 July 2014)
* Fixed [#56] Investigate clean-up performance with a large number of transactions on a single connection
### 0.5.12 (25 June 2014)
* Fixed [#73] Fix double Content-Length issue [Wesley Shields]
### 0.5.11 (5 April 2014)
* Fixed [#72] On CONNECT requests inbound tx progress prematurely set to complete
* Fixed [#71] Fix missing files in distribution target [Pierre Chifflier]
### 0.5.10 (3 March 2014)
* Fixed [#63] Final response body data callback missing on compressed responses.
* Do not consume the byte that comes after an invalid UTF-8 character.
* Use case insensitive comparison for content-coding values. Warn if unknown response content encoding is encountered.
* Small fixes. [#66, #69] [Victor Julien]
### 0.5.9 (19 November 2013)
* Fixed an `HTP_HOST_AMBIGUOUS` false positive.
* Fixed the tests not compiling on OS X 10.9.
### 0.5.8 (21 October 2013)
* Fixed [#54] Compression and base64 tests failing on some architectures.
* Fixed [#55] Incorrect ambiguous host warning on some CONNECT requests.
### 0.5.7 (18 September 2013)
* Use `umask()` with `mkstemp()` to ensure that temporary files are created with correct permissions. This addresses the potential security problem, but creates another, because umask() is not thread safe. For this and other reasons (see #52), file extraction will be removed in a future release.
* Fix copying `hook_response_complete` instead of `hook_transaction_complete`.
* Fix several small memory leaks that occur when memory allocation fails.
### 0.5.6 (22 July 2013)
* Fix memory leaks in `htp_tx_t::request_auth_username` and `htp_tx_t::request_auth_password`.
* [#43] When processing the response line, treat stream closure as the end of line.
* Fix normalization when the URL begins with `./`.
* Do not fail a stream with an incorrectly formed digest username.
* Do not stop processing request headers on PUT requests.
### 0.5.5 (18 July 2013)
* Tagging for a Suricata beta release.
* [#46] Fix the segfault that occurs under certain conditions when an invalid hostname is supplied.
* [#44] Fix libiconv detection on OpenBSD. [Victor Julien]
### 0.5.4 (17 July 2013)
* Tagging for a Suricata beta release.
* Added `htp_get_version()`, which returns the complete library name (e.g., "LibHTP v0.5.4").
* Hard field limit is now treated as specifying the maximum amount of memory LibHTP will use for buffering per stream. Fields (e.g., headers) longer than this limit will be accepted if they are contained within a single buffer submitted to LibHTP (i.e., if LibHTP does not have to do any buffering in order to process them). Soft limits are currently not creating any warnings. This area will be improved in a future release.
* Invalid headers no longer fail the entire stream. They are now treated as headers without a name.
* `htp_conn_remove_tx()` now returns `HTP_DECLINED` (was `HTTP_ERROR`) if the specified transaction cannot be found.
* `htp_list_array_replace()` now returns `HTP_DECLINED` (was `HTP_ERROR`) if the element at the specified position does not exist.
* New public functions:
* `htp_status_t htp_urldecode_inplace(htp_cfg_t *cfg, enum htp_decoder_ctx_t ctx, bstr *input, uint64_t *flags);`
* `htp_status_t htp_urldecode_inplace_ex(htp_cfg_t *cfg, enum htp_decoder_ctx_t ctx, bstr *input, uint64_t *flags, int *expected_status_code);`
* Improved test coverage (84.1% lines, 91.3% functions).
### 0.5.3 (14 June 2013)
* Fix stream error when valid Basic Authentication information is provided.
* Do not fail the entire stream if the Authorization header is invalid. Raise `HTP_AUTH_INVALID` instead.
* When a request does not contain the request URI, leave `htp_tx_t::request_uri` `NULL`.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Mathieu Bridon <bochecha at daitauha.fr> - 0.5.16-1
- Update to 0.5.16
- Among other things, this fixes a security issue
https://bugzilla.redhat.com/show_bug.cgi?id=1173605
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1173605 - libhtp: denial of service with specific packets
https://bugzilla.redhat.com/show_bug.cgi?id=1173605
--------------------------------------------------------------------------------
================================================================================
liveusb-creator-3.13.2-1.el6 (FEDORA-EPEL-2014-4668)
A liveusb creator
--------------------------------------------------------------------------------
Update Information:
* Support a new installation mode that uses `dd` to copy the iso directly to the device. This method tends to be more reliable than the non-destructive approach.
* Added a new `--dd` command-line option
* DVD iso support with the 'overwrite device' method
* Improved UI layout
* Added AppData metadata
* The `--calculcate-liveos-checksum` now works on Linux
* Fixed the code that automatically populates the available releases
* Switched to use polkit on Linux instead of consolehelper for authentication
* Translation updates
* Improved error handling
* Can automatically download all supported Fedora products and spins
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Luke Macken <lmacken at redhat.com> - 3.13.2-1
- Added all products and spins to the release list
* Mon Dec 8 2014 Rex Dieter <rdieter at fedoraproject.org> 3.13.1-2
- Requires: PolicyKit-authentication-agent (#1171583)
* Thu Nov 27 2014 Luke Macken <lmacken at redhat.com> - 3.13.1-1
- Latest upstream release
* Thu Nov 27 2014 Gene Czarcinski <gczarcinski at gmail.com> 3.13.0-2
- convert to using polkit (pkexec) instead of consolehelper
* Wed Nov 26 2014 Luke Macken <lmacken at redhat.com> - 3.13.0-1
- Latest upstream release with bug fixes and interface improvements.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.12.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Feb 21 2014 Luke Macken <lmacken at redhat.com> 3.12.1-1
- Update to 3.12.1 with more translations
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1096460 - [abrt] liveusb-creator: grabber.py:1727:_do_grab:URLGrabError: [Errno 14] curl#7 - "Failed to connect to 2a02:6b8::183: Сеть недоступна"
https://bugzilla.redhat.com/show_bug.cgi?id=1096460
[ 2 ] Bug #995258 - Cannot install Fedora 19 on MacBook pro
https://bugzilla.redhat.com/show_bug.cgi?id=995258
[ 3 ] Bug #1006270 - [abrt] liveusb-creator-3.11.8-3.fc19: creator.py:362:get_liveos:TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
https://bugzilla.redhat.com/show_bug.cgi?id=1006270
[ 4 ] Bug #1033489 - [abrt] liveusb-creator-3.11.8-3.fc19: creator.py:341:delete_liveos:UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 12: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1033489
[ 5 ] Bug #1044309 - [abrt] liveusb-creator: gui.py:470:status:TypeError: QTextEdit.append(QString): argument 1 has unexpected type 'int'
https://bugzilla.redhat.com/show_bug.cgi?id=1044309
[ 6 ] Bug #1045692 - [abrt] liveusb-creator: gui.py:80:__init__:LiveUSBError: Unknown release: RFRemix 20 i686 XFCE
https://bugzilla.redhat.com/show_bug.cgi?id=1045692
[ 7 ] Bug #1057640 - [abrt] liveusb-creator: creator.py:732:get_free_bytes:OSError: [Errno 2] File o directory non esistente: '/run/media/lorenzo/F28B-8137'
https://bugzilla.redhat.com/show_bug.cgi?id=1057640
[ 8 ] Bug #1089453 - [abrt] liveusb-creator: linux_dialog.py:10:<module>:ImportError: /usr/lib/python2.7/site-packages/PyQt4/QtCore.so: undefined symbol: _ZTI13QStateMachine
https://bugzilla.redhat.com/show_bug.cgi?id=1089453
[ 9 ] Bug #1098725 - [abrt] liveusb-creator: creator.py:341:delete_liveos:UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 21: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1098725
[ 10 ] Bug #1101288 - Created F20 liveusb boot problem
https://bugzilla.redhat.com/show_bug.cgi?id=1101288
[ 11 ] Bug #1120893 - unable to boot supermicro X10ssl-f and C7Z87
https://bugzilla.redhat.com/show_bug.cgi?id=1120893
[ 12 ] Bug #1149782 - liveusb-creator creates non-booting Live USB
https://bugzilla.redhat.com/show_bug.cgi?id=1149782
[ 13 ] Bug #1154779 - [abrt] liveusb-creator: python2.7 killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1154779
[ 14 ] Bug #1156489 - liveusb-creator for Windows (Win 8.1) produces not bootable usb media
https://bugzilla.redhat.com/show_bug.cgi?id=1156489
[ 15 ] Bug #1160979 - Trying to boot from USB just says "No OS found", or something like that
https://bugzilla.redhat.com/show_bug.cgi?id=1160979
[ 16 ] Bug #1161867 - Create a F20-DVD work but USB fail to boot
https://bugzilla.redhat.com/show_bug.cgi?id=1161867
[ 17 ] Bug #1164589 - Fedora Live unable to boot from USB 3.0 device
https://bugzilla.redhat.com/show_bug.cgi?id=1164589
[ 18 ] Bug #537577 - Ability to build LiveUSB from within a LiveDVD/CD
https://bugzilla.redhat.com/show_bug.cgi?id=537577
[ 19 ] Bug #1044243 - Installing from USB has wrong file paths
https://bugzilla.redhat.com/show_bug.cgi?id=1044243
[ 20 ] Bug #1054465 - [abrt] liveusb-creator: creator.py:362:get_liveos:TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
https://bugzilla.redhat.com/show_bug.cgi?id=1054465
[ 21 ] Bug #1145813 - RFE: use polkit instead of consolehelper
https://bugzilla.redhat.com/show_bug.cgi?id=1145813
[ 22 ] Bug #1171583 - liveusb-creator: Please remove hardcoded Requires: polkit-gnome
https://bugzilla.redhat.com/show_bug.cgi?id=1171583
--------------------------------------------------------------------------------
================================================================================
python-argcomplete-0.8.4-1.el6 (FEDORA-EPEL-2014-4676)
Bash tab completion for argparse
--------------------------------------------------------------------------------
Update Information:
Updating package to 0.8.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 14 2014 - Dale Macartney <dbmacartney at fedoraproject.org> 0.8.4-1
- Updating package to 0.8.4
* Fri Sep 12 2014 - Steve Traylen <steve.traylen at cern.ch> 0.8.1-1
- Updating package to 0.8.1
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1160288 - python-argcomplete-0.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1160288
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.3.8-1.el6 (FEDORA-EPEL-2014-4682)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Handle a new type of anitya message.
Latest upstream. New mirrormanager2 processor. Bugfixes to the fedimg processor. Able now to distinguish between some prod and stg messages.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Ralph Bean <rbean at redhat.com> - 0.3.8-1
- Fixes to anitya messages (new distro.delete message).
* Sat Dec 6 2014 Ralph Bean <rbean at redhat.com> - 0.3.7-1
- New mirrormanager2 processor.
- Bugfix to the fedimg processor.
- Be able to distinguish between some prod and stg messages.
* Fri Nov 21 2014 Ralph Bean <rbean at redhat.com> - 0.3.6-1
- Latest upstream with some bugfixes.
- Disable network test with patch.
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.7.1-1.el6 (FEDORA-EPEL-2014-4685)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream release of mwclient. It is a minor release that does not change the API, and mostly fixes bugs. See https://github.com/mwclient/mwclient/blob/master/RELEASE-NOTES.md for details.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Adam Williamson <awilliam at redhat.com> - 0.7.1-1
- new release 0.7.1, bit of spec cleaning
* Fri Oct 31 2014 Adam Williamson <awilliam at redhat.com> - 0.7.0-2
- requires python-requests
--------------------------------------------------------------------------------
================================================================================
python-regex-2014.11.14-1.el6 (FEDORA-EPEL-2014-4690)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
This new regex implementation is intended eventually to replace Python's current re module implementation.
For testing and comparison with the current 're' module the new implementation is in the form of a module called 'regex'.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1155778 - Review Request: python-regex - Alternative regular expression module, to replace re
https://bugzilla.redhat.com/show_bug.cgi?id=1155778
--------------------------------------------------------------------------------
================================================================================
tcalc-1.4-1.el6 (FEDORA-EPEL-2014-4683)
The terminal calculator
--------------------------------------------------------------------------------
Update Information:
Added '-table' option to print multiplication tables
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Mohammed Isam <mohammed_isam1984 at yahoo.com> 1.4-1
- Added '-table' option to print multiplication tables
- Added handling for input redirection from command line
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list