[EPEL-devel] Fedora EPEL 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Apr 14 22:56:00 UTC 2015
The following Fedora EPEL 5 Security updates need testing:
Age URL
1088 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
542 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
306 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
156 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
24 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1344/drupal6-6.35-1.el5
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1588/arj-3.10.22-22.el5
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1636/mantis-1.2.19-1.el5
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5724/torque-4.2.10-1.el5
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5677/chrony-1.31.1-1.el5
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5740/perl-Test-Signature-1.11-1.el5,perl-Module-Signature-0.78-1.el5
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5758/tor-0.2.4.27-1.el5
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5694/zarafa-7.1.12-1.el5,php53-mapi-7.1.12-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
GeoIP-1.6.5-1.el5
GeoIP-GeoLite-data-2015.04-1.el5
boost148-1.48.0-5.el5
check-mk-1.2.6p1-1.el5
collectl-4.0.0-2.el5
geoipupdate-2.2.1-2.el5
libspf2-1.2.10-5.20150405gitd57d79fd.el5
opendmarc-1.3.1-12.el5
Details about builds:
================================================================================
GeoIP-1.6.5-1.el5 (FEDORA-EPEL-2015-5788)
Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:
This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.
The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.
The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.
In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 2 2015 Paul Howarth <paul at city-fan.org> - 1.6.5-1
- Update to 1.6.5
- Fixed a segmentation fault in geoiplookup when the utility was passed an
invalid database (#1180874)
- Additional validation was added for the size used in the creation of the
index cache (#832913)
- Changed the code to only look up country codes by using functions that
ensure that we do not try to look past the end of an array (GitHub #53)
* Fri Feb 20 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-4
- Databases now unbundled to the GeoIP-GeoLite-data package
- Drop long-unused perl helper scripts
- Add explicit pkgconfig dependency for EL-5 build
- Drop timestamp hack for configure, no longer needed
* Tue Feb 10 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-3
- Sub-package the data; going forward, this would be better as a separate
package, since it has separate upstream releases than the library
* Fri Feb 6 2015 Paul Howarth <paul at city-fan.org> - 1.6.4-2
- Only require geoipupdate prior to F-22, for back-compatibility
- Use %license where possible
- GeoIP-devel provides geoip-devel as well as obsoleting it
- Update bundled databases
* Thu Jan 29 2015 Philip Prindeville <philipp at fedoraproject.org> - 1.6.4-1
- Require geoipupdate per Paul
* Tue Jan 20 2015 Philip Prindeville <philipp at fedoraproject.org> - 1.6.4-0
- Version bump to 1.6.4 per bz #1158667 (okay, that bug was for 1.6.3)
- Remove geoipupdate as it will be moving into its own package
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Feb 25 2014 Paul Howarth <paul at city-fan.org> - 1.5.1-4
- Add %check, so we can run tests by building using --with tests
- Update databases from upstream
* Fri Aug 2 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jun 18 2013 Paul Howarth <paul at city-fan.org> - 1.5.1-2
- Properly provide all of the GeoLite databases and their IPv6 equivalents, as
per the geoip-geolite package that we're obsoleting/providing
- Provide compatibility symlinks for database files that historically had
different names in GeoIP and geoip-geolite
- Don't distribute unbundled LICENSE files, as per packaging guidelines
- Update license tag to reflect distribution of CC-BY-SA database content
- No longer try to update the databases in %post
- Maintain timestamps where possible
- Set up GeoIP.dat symlink in package and don't touch it again
- Add update6 package to update the IPv6 databases; have to use wget for this
rather than geoipupdate as the databases are still in beta
* Wed Jun 12 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.1-1
- Bump to version 1.5.1
- Fix exit codes for various situations (MaxMind support #129155)
- Use versioned obsoletes/provides for geoip-geolite
- Update UTF8 patch
- Change symlink from GeoIP-initial.dat to GeoLiteCountry.dat if we had a
successful download and now have the latter file.
* Mon Jun 10 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.0-7
- Annotate conflict with geoip-geolite package (#968074)
* Mon Jun 10 2013 Paul Howarth <paul at city-fan.org> - 1.5.0-6
- Update sub-package requires main package for geoipupdate script
* Sat Jun 8 2013 Paul Howarth <paul at city-fan.org> - 1.5.0-5
- Make GeoIP.dat -> GeoIP-initial.dat symlink in %install, not %post,
and don't %ghost it
- Run geoipupdate silently in %post and cron job
- Create empty database files for %ghost to work with old rpm versions
- Don't try to use noarch subpackages on old rpm versions
- Update %description to mention database updates
- Drop outdated README.Fedora
* Sat Jun 8 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.0-4
- Revert ability to replace 3rd-party package
* Fri Jun 7 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.0-3
- Add attributes for %ghost files
* Fri Jun 7 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.0-2
- Make update subpackage be noarch.
* Fri Jun 7 2013 Philip Prindeville <philipp at fedoraproject.org> - 1.5.0-1
- Version bump to 1.5.0
- Have GeoIP.dat be a symlink to the real data, and install the canned
GeoIP.dat as GeoIP-initial.dat
- Change config as per Boris' instructions to use 'lite' databases which are
regularly updated.
- Add pkgconfig (.pc) file into devel subpackage
- Add cron support for refreshing the lite databases and make a separate
subpackage.
* Sun Mar 24 2013 Paul Howarth <paul at city-fan.org> - 1.4.8-6
- Fix config.guess and config.sub to add aarch64 support (#925403)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Oct 22 2012 Paul Howarth <paul at city-fan.org> - 1.4.8-4
- libGeoIPUpdate and geoipupdate (which is linked against it) are GPL-licensed
rather than LGPL-licensed (#840896)
- Don't package generic INSTALL file (#661625)
- Kill bogus rpaths on x86_64
- Hardcode library sonames in %files list to avoid nasty surprises in the
future
- Drop %defattr, redundant since rpm 4.4
- Recode docs as UTF-8
- Don't use macros for commands
- Use tabs
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.8-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.8-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
https://bugzilla.redhat.com/show_bug.cgi?id=832913
[ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
https://bugzilla.redhat.com/show_bug.cgi?id=1174002
[ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1180874
[ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
https://bugzilla.redhat.com/show_bug.cgi?id=1189934
[ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
https://bugzilla.redhat.com/show_bug.cgi?id=1158667
[ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
https://bugzilla.redhat.com/show_bug.cgi?id=1186889
[ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------
================================================================================
GeoIP-GeoLite-data-2015.04-1.el5 (FEDORA-EPEL-2015-5788)
Free GeoLite IP geolocation country database
--------------------------------------------------------------------------------
Update Information:
This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.
The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.
The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.
In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
https://bugzilla.redhat.com/show_bug.cgi?id=832913
[ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
https://bugzilla.redhat.com/show_bug.cgi?id=1174002
[ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1180874
[ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
https://bugzilla.redhat.com/show_bug.cgi?id=1189934
[ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
https://bugzilla.redhat.com/show_bug.cgi?id=1158667
[ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
https://bugzilla.redhat.com/show_bug.cgi?id=1186889
[ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------
================================================================================
boost148-1.48.0-5.el5 (FEDORA-EPEL-2015-5784)
The free peer-reviewed portable C++ source libraries
--------------------------------------------------------------------------------
Update Information:
Boost-1.48 for EPEL 5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #921134 - Review Request: boost148 - The free peer-reviewed portable C++ source libraries
https://bugzilla.redhat.com/show_bug.cgi?id=921134
--------------------------------------------------------------------------------
================================================================================
check-mk-1.2.6p1-1.el5 (FEDORA-EPEL-2015-5809)
A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:
New upstream release: 1.2.6p1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 13 2015 Andrea Veri <averi at fedoraproject.org> - 1.2.6p1-1
- New upstream release.
* Tue Apr 7 2015 Andrea Veri <averi at fedoraproject.org> - 1.2.6-1
- New upstream release. Source0 is now generated directly from Git
as Check-Mk's upstream has decided to not include source code files
(.cc, .c) for livestatus, mkeventd and waitmax anymore on the tarballs
they release. We want to have these binaries built during the RPM build,
thus the need to repack the tarball with the procedure outlined above.
- Include the 02-Downtime-Struct-Update patch to prevent Nagios to core dump
when a downtime is set. This was caused by a change on the downtime struct
applied in the course of Nagios 3's development. Thanks Mike Battersby for
the patch. (BZ: #1083003)
- Fix the /usr/bin/pnp shebang from the plugins/unitrends_backup file
as that is a non-existent binary file, upstream probably meant php.
- PLUGINSDIR on the check_mk_agent binary file is set to be
%{_datadir}/check-mk-agent/plugins, make sure all the plugins are installed
there and not on %{_datadir}/check_mk/plugins instead.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1083003 - Nagios SIGSEGV on (internal to nagios) scheduled log rotate if livestatus module is loaded and a downtime is set
https://bugzilla.redhat.com/show_bug.cgi?id=1083003
--------------------------------------------------------------------------------
================================================================================
collectl-4.0.0-2.el5 (FEDORA-EPEL-2015-5781)
A utility to collect various Linux performance data
--------------------------------------------------------------------------------
Update Information:
fix auto-generated Requires
- update to upstream version 4.0.0
- upstream changelog at http://collectl.sourceforge.net/Releases.html
- update to upstream version 4.0.0
- upstream changelog at http://collectl.sourceforge.net/Releases.html
- update to upstream version 4.0.0
- upstream changelog at http://collectl.sourceforge.net/Releases.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 13 2015 Dan Horák <dan[at]danny.cz> - 4.0.0-2
- workaround perl dependency generator issue in EPEL <= 7
* Thu Apr 9 2015 Dan Horák <dan[at]danny.cz> - 4.0.0-1
- upgrade to upstream version 4.0.0 (#1201069)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1201069 - collectl-4.0.0.src is available
https://bugzilla.redhat.com/show_bug.cgi?id=1201069
--------------------------------------------------------------------------------
================================================================================
geoipupdate-2.2.1-2.el5 (FEDORA-EPEL-2015-5788)
Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
--------------------------------------------------------------------------------
Update Information:
This update brings GeoIP to the current upstream release, with a number of bug fixes making the library more resistant to bad database files.
The geoipupdate tool has been unbundled from GeoIP upstream, and this has been reflected in the packaging. The update tool and the library are now packaged separately and will updated independently of each other in future.
The GeoLite databases have always been distributed separately from the library upstream, and this has also now been reflected in the packaging. Again, the database files will be updated independently in future.
In order not to break anything for existing users, the builds for current stable Fedora releases and EPEL have dependencies that pull together all of the separate packages so that upgrading will not result in a loss of functionality. From Fedora 22 onwards though, the library only has a dependency on the IPv4 country database - users wanting to use geoipupdate should install that package themselves, and users wanting to use different databases should install the GeoIP-GeoLite-data-extra package, which includes the IPv6, City and AS number databases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832913 - GeoIP: crash due to lack of segment size validation
https://bugzilla.redhat.com/show_bug.cgi?id=832913
[ 2 ] Bug #1174002 - Broken /etc/cron.weekly/geoipupdate6 prevents updates
https://bugzilla.redhat.com/show_bug.cgi?id=1174002
[ 3 ] Bug #1180874 - [abrt] GeoIP: geoiplookup(): geoiplookup killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1180874
[ 4 ] Bug #1189934 - Updating GeoIP-1.5.1-6.fc21.x86_64 tries to install the i686 version
https://bugzilla.redhat.com/show_bug.cgi?id=1189934
[ 5 ] Bug #1158667 - GeoIP version bump to 1.6.4
https://bugzilla.redhat.com/show_bug.cgi?id=1158667
[ 6 ] Bug #1186889 - Review Request: geoipupdate - Update GeoIP2 and GeoIP Legacy binary databases from MaxMind
https://bugzilla.redhat.com/show_bug.cgi?id=1186889
[ 7 ] Bug #1194798 - Review Request: GeoIP-GeoLite-data - Free GeoLite IP geolocation country database
https://bugzilla.redhat.com/show_bug.cgi?id=1194798
--------------------------------------------------------------------------------
================================================================================
libspf2-1.2.10-5.20150405gitd57d79fd.el5 (FEDORA-EPEL-2015-5805)
An implementation of the SPF specification
--------------------------------------------------------------------------------
Update Information:
initial release for Fedora and EPEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1057874 - Review Request: libspf2 - Implementation of the Sender Policy Framework for SMTP authorization
https://bugzilla.redhat.com/show_bug.cgi?id=1057874
--------------------------------------------------------------------------------
================================================================================
opendmarc-1.3.1-12.el5 (FEDORA-EPEL-2015-5785)
A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
--------------------------------------------------------------------------------
Update Information:
- Added libspf2-devel to BuildRequires
- libspf2 support now provided for all branches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905304 - Review Request: OpenDMARC - Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
https://bugzilla.redhat.com/show_bug.cgi?id=905304
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list