epel-devel August 2014

epel-devel@lists.fedoraproject.org

52 participants
95 discussions

by updates＠fedoraproject.org

The following Fedora EPEL 6 Security updates need testing: Age URL 832 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.... 179 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6... 164 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolki... 73 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8... 69 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-vie... 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.... 41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-... 36 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1745/mediawiki11... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1961/cobbler-2.6... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1923/sdcc-3.2.0-... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1947/drupal6-6.3... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1980/moodle-2.4.... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1940/phpMyAdmin-... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1999/exim-4.72-6... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2045/ansible-1.6... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2050/drupal7-7.3... 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2084/drupal7-dat... 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2088/tor-0.2.4.2... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2099/v8-3.14.5.1... The following builds have been pushed to Fedora EPEL 6 updates-testing debootstrap-1.0.60-1.el6 dl-0.13-3.el6 docker-io-1.1.2-1.el6 ikiwiki-3.20140613-2.el6 kpcli-2.7-2.el6 perl-DateTime-Incomplete-0.07-1.el6 perl-IO-Socket-Timeout-0.27-1.el6 python-pyprintr-1.0-3.el6 Details about builds: ================================================================================ debootstrap-1.0.60-1.el6 (FEDORA-EPEL-2014-2102) Debian GNU/Linux bootstrapper -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 2 2014 Jan Vcelak <jvcelak(a)fedoraproject.org> 1.0.60-1 - new upstream release: + Ubuntu utopic as a symlink to gutsy + Compression support in fallback method for deb archives extraction * Tue Apr 29 2014 Lubomir Rintel <lkundrak(a)v3.sk> 1.0.59-1.2 - Fix chrooting - Fix architecture detection - Drop unneded MAKEDEV patch, as we don't use it anymore * Tue Apr 29 2014 Lubomir Rintel <lkundrak(a)v3.sk> 1.0.59-1.1 - RHEL 7 does not ship MAKEDEV anymore -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095205 - debootstrap-1.0.60 is available https://bugzilla.redhat.com/show_bug.cgi?id=1095205 -------------------------------------------------------------------------------- ================================================================================ dl-0.13-3.el6 (FEDORA-EPEL-2014-2100) Download Ticket Service -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- ================================================================================ docker-io-1.1.2-1.el6 (FEDORA-EPEL-2014-2106) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1124036 - update to upstream v1.1.2 create -pkg-devel (for use by libcontainer) and -devel subpackages -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.1.2-1 - Resolves: rhbz#1124036 - update to upstream v1.1.2 * Thu Jul 31 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.0.0-7 - create -devel and -pkg-devel subpackages * Mon Jul 28 2014 Vincent Batts <vbatts(a)fedoraproject.org> - 1.0.0-10 - split out the github.com/docker/docker/pkg/... libraries, to avoid cyclic deps with libcontainer * Thu Jul 24 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.0.0-9 - /etc/sysconfig/docker should be config(noreplace) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124036 - docker-io-1.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124036 -------------------------------------------------------------------------------- ================================================================================ ikiwiki-3.20140613-2.el6 (FEDORA-EPEL-2014-2036) A wiki compiler -------------------------------------------------------------------------------- Update Information: Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins. -------------------------------------------------------------------------------- References: [ 1 ] Bug #445977 - Review Request: ikiwiki - A wiki compiler https://bugzilla.redhat.com/show_bug.cgi?id=445977 [ 2 ] Bug #1125850 - ikiwiki is not installable on epel6 because of missing deps https://bugzilla.redhat.com/show_bug.cgi?id=1125850 -------------------------------------------------------------------------------- ================================================================================ kpcli-2.7-2.el6 (FEDORA-EPEL-2014-2105) KeePass Command Line Interface (CLI) / interactive shell -------------------------------------------------------------------------------- Update Information: Added perl-XML-Parser -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Matias Kreder <delete(a)fedoraproject.org> 2.7-2 - Added perl-XML-Parser * Mon Jul 14 2014 Matias Kreder <delete(a)fedoraproject.org> 2.7-1 - Updated to 2.7 * Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Mar 10 2014 Matias Kreder <delete(a)fedoraproject.org> 2.4-2 - Added perl perl(Capture::Tiny) and perl(Clipboard) -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Incomplete-0.07-1.el6 (FEDORA-EPEL-2014-2103) Representing partial dates and times -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1123546 - Review Request: perl-DateTime-Incomplete - Representing partial dates and times https://bugzilla.redhat.com/show_bug.cgi?id=1123546 -------------------------------------------------------------------------------- ================================================================================ perl-IO-Socket-Timeout-0.27-1.el6 (FEDORA-EPEL-2014-2104) IO::Socket with read/write timeout -------------------------------------------------------------------------------- Update Information: Update to 0.27. Test suite updates -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1125348 - perl-IO-Socket-Timeout-0.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1125348 -------------------------------------------------------------------------------- ================================================================================ python-pyprintr-1.0-3.el6 (FEDORA-EPEL-2014-2108) Module that allows to emulate the print_r() PHP function -------------------------------------------------------------------------------- Update Information: Module that allows to emulate the print_r() PHP function -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091483 - Review Request: python-pyprintr - Module that allows to emulate the print_r() PHP function https://bugzilla.redhat.com/show_bug.cgi?id=1091483 --------------------------------------------------------------------------------

9 years, 9 months

1
0
0 / 0

EPEL Fedora 5 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 5 Security updates need testing: Age URL 832 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.... 286 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs... 167 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.... 51 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.... 41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-... 36 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki11... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1945/cobbler-2.4... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1919/drupal6-6.3... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2046/drupal7-7.3... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1996/fail2ban-0.... 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2087/drupal7-dat... The following builds have been pushed to Fedora EPEL 5 updates-testing python-jinja2-2.2.1-4.el5 python26-jinja2-2.5.5-6.el5 Details about builds: ================================================================================ python-jinja2-2.2.1-4.el5 (FEDORA-EPEL-2014-2107) General purpose template engine -------------------------------------------------------------------------------- Update Information: Add a runtime dependency on python-setuptools to fix bug 1121241. Fix incompatibility with Python 2.4 introduced by a patch in the last update. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Thomas Moschny <thomas.moschny(a)gmx.de> - 2.2.1-4 - Add dependency on python-setuptools (rhbz#1121241). * Fri Jul 18 2014 Thomas Moschny <thomas.moschny(a)gmx.de> - 2.2.1-3 - Update patch for Python 2.4 (rhbz#1114823). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1121241 - python-jinja2 missing a Requires for python-setuptools https://bugzilla.redhat.com/show_bug.cgi?id=1121241 [ 2 ] Bug #1114823 - python-jinja2 not compatible with EPEL5 https://bugzilla.redhat.com/show_bug.cgi?id=1114823 -------------------------------------------------------------------------------- ================================================================================ python26-jinja2-2.5.5-6.el5 (FEDORA-EPEL-2014-2101) General purpose template engine -------------------------------------------------------------------------------- Update Information: Add a runtime dependency on python-setuptools to fix bug 1121240. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Thomas Moschny <thomas.moschny(a)gmx.de> - 2.5.5-6 - Add dependency on python-setuptools (rhbz#1121240). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1121240 - python26-jinja2 is missing a Requires for python26-distribute https://bugzilla.redhat.com/show_bug.cgi?id=1121240 --------------------------------------------------------------------------------

9 years, 9 months

1
0
0 / 0

EPEL epel beta report: 20140802 changes

by EPEL Beta Report

Compose started at Sat Aug 2 08:15:02 UTC 2014 New package: dl-0.13-3.el7 Download Ticket Service New package: kpcli-2.4-1.el7 KeePass Command Line Interface (CLI) / interactive shell New package: perl-Crypt-Rijndael-1.11-6.el7 Crypt::CBC compliant Rijndael encryption module New package: perl-DateTime-Incomplete-0.07-1.el7 Representing partial dates and times New package: perl-Rose-DateTime-0.540-2.el7 DateTime helper functions and objects New package: perl-Rose-Object-0.860-2.el7 Simple object base class New package: perl-SQL-ReservedWords-0.8-5.el7 Determine if words are reserved by ANSI/ISO SQL standard New package: python-pyprintr-1.0-3.el7 Module that allows to emulate the print_r() PHP function New package: rubygem-ZenTest-4.9.0-2.el7 Automated test scaffolding for Ruby New package: rubygem-childprocess-0.3.9-2.el7 A simple and reliable gem for controlling external programs New package: rubygem-commander-4.1.2-7.el7 The complete solution for Ruby command-line executable New package: rubygem-multi_json-1.7.1-1.el7 A gem to provide swappable JSON backends New package: rubygem-rspec-core-2.14.8-1.el7.0 Rspec-2 runner and formatters New package: rubygem-webmock-1.17.1-2.el7 Library for stubbing HTTP requests in Ruby New package: xedit-1.2.1-1.el7 Simple text editor for X Updated Packages: OpenImageIO-1.4.12-1.el7 ------------------------ * Fri Aug 01 2014 Richard Shaw <hobbes1069(a)gmail.com> - 1.4.12-1 - Update to latest upstream release. * Fri Jun 06 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.4.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata(a)redhat.com> - 1.4.7-3 - Rebuild for boost 1.55.0 * Fri May 23 2014 David Tardon <dtardon(a)redhat.com> - 1.4.7-2 - rebuild for boost 1.55.0 * Mon May 19 2014 Richard Shaw <hobbes1069(a)gmail.com> - 1.4.7-1 >>>>>>> master - Update to latest upstream release. debootstrap-1.0.60-1.el7 ------------------------ * Sat Aug 02 2014 Jan Vcelak <jvcelak(a)fedoraproject.org> 1.0.60-1 - new upstream release: + Ubuntu utopic as a symlink to gutsy + Compression support in fallback method for deb archives extraction pdns-3.4.0-0.1.rc1.el7 ---------------------- * Fri Aug 01 2014 Morten Stevens <mstevens(a)imt-systems.com> - 3.4.0-0.1.rc1 - Update to 3.4.0-rc1 perl-IO-Socket-Timeout-0.27-1.el7 --------------------------------- * Mon Jul 07 2014 David Dick <ddick(a)cpan.org> - 0.25-1 - Update to 0.27. Test suite updates perl-MooseX-Role-WithOverloading-0.14-1.el7 ------------------------------------------- * Fri Aug 01 2014 Paul Howarth <paul(a)city-fan.org> - 0.14-1 - Update to 0.14 - Fixed a bug with Perl 5.18+ that caused this module to simply blow up with an error like "Use of uninitialized value in subroutine entry at .../Class/MOP/Package.pm ..." - Line numbers in shipped code are now almost the same (within 3) as the repository source, for easier debugging - Repository migrated to the github moose organization - Unneeded init_meta method removed - Use %license - Make %files list more explicit * Sat Jun 07 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.13-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild python-qpid-0.28-4.el7 ---------------------- * Fri Aug 01 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.28-4 - Includes changes from QPID-5637. - Resolves: BZ#1125983 seren-0.0.19-1.el7 ------------------ * Fri Aug 01 2014 Francesco Frassinelli <fraph24(a)gmail.com> - 0.0.19-1 - Version bump Summary: Added Packages: 15 Removed Packages: 0 Modified Packages: 7

9 years, 9 months

1
0
0 / 0

EPEL Fedora 6 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 6 Security updates need testing: Age URL 831 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.... 178 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6... 163 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolki... 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8... 68 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-vie... 50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.... 40 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-... 35 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1745/mediawiki11... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1961/cobbler-2.6... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1923/sdcc-3.2.0-... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1947/drupal6-6.3... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1980/moodle-2.4.... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1940/phpMyAdmin-... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1999/exim-4.72-6... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2045/ansible-1.6... 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2050/drupal7-7.3... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2084/drupal7-dat... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2088/tor-0.2.4.2... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2099/v8-3.14.5.1... The following builds have been pushed to Fedora EPEL 6 updates-testing golang-github-gorilla-context-0-0.27.git14f550f.el6 libuv-0.10.28-1.el6 nodejs-0.10.30-1.el6 openconnect-5.03-1.el6 pgpdump-0.29-1.el6 php-symfony-icu-1.1.2-1.el6 seren-0.0.19-1.el6 v8-3.14.5.10-11.el6 x2goserver-4.0.1.15-2.el6 Details about builds: ================================================================================ golang-github-gorilla-context-0-0.27.git14f550f.el6 (FEDORA-EPEL-2014-2094) A golang registry for global request variables -------------------------------------------------------------------------------- Update Information: remove conditionals for arch specification (handle el6 separately) update to commit b06ed15e1c (required for docker 1.0 golang exclusivearch for el6+ revert golang >= 1.2 requirement -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 31 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0-0.27.git - remove conditionals for arch specification (handle el6 separately) - defattr only for el6 * Thu Jul 24 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0-0.26.git - disable debuginfo * Mon Jul 21 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0-0.25.git - update to commit 14f550f51a for docker 1.1.0 (and 1.1.1) - use golang packaging macros wherever applicable - do not own directories owned by 'golang' package * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0-0.24.gitb06ed15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 31 2014 Lokesh Mandvekar <lsm5(a)redhat.com> 0-0.23.git - update to commit b06ed15e1c (required for docker 1.0 https://github.com/dotcloud/docker/issues/5908 ) * Wed Jan 15 2014 Lokesh Mandvekar <lsm5(a)redhat.com> 0-0.22.git708054d - golang exclusivearch for el6+ - add check * Wed Jan 15 2014 Lokesh Mandvekar <lsm5(a)redhat.com> 0-0.21.git708054d - revert golang 1.2 requirement * Wed Jan 15 2014 Lokesh Mandvekar <lsm5(a)redhat.com> 0-0.20.git708054d - require golang 1.2 and up -------------------------------------------------------------------------------- ================================================================================ libuv-0.10.28-1.el6 (FEDORA-EPEL-2014-2096) Platform layer for node.js -------------------------------------------------------------------------------- Update Information: ### 2014.07.31, node.js Version 0.10.30 (Stable) * Revert "stream: start old-mode read in a next tick" (Fedor Indutny) * buffer: fix sign overflow in `readUIn32BE` (Fedor Indutny) * buffer: improve {read,write}{U}Int* methods (Nick Apperson) * child_process: handle writeUtf8String error (Fedor Indutny) * lib: remove and restructure calls to isNaN() (cjihrig) * module: eliminate double `getenv()` (Maciej Małecki) * stream2: flush extant data on read of ended stream (Chris Dickinson) * streams: remove unused require('assert') (Rod Vagg) * timers: backport f8193ab (Julien Gilli) ### 2014.07.32, Version 0.10.28 (Stable) * unix: return system error on EAI_SYSTEM (Saúl Ibarra Corretgé) * unix: fix bogus structure field name (Saúl Ibarra Corretgé) Please note that the v8 security fix shipped in the bundled copy of v8 in this upstream release is not included in this update. Instead, this fix is applied in the [v8-3.14.5.10-11 update](https://admin.fedoraproject.org/updates/v8-3.14.5.10-11.fc18). -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.28-1 - new upstream release 0.10.28 https://github.com/joyent/libuv/blob/v0.10.28/ChangeLog * Thu Jul 3 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.27-3 - build static library for rust (RHBZ#1115975) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1:0.10.27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115975 - Add libuv-static package to prepare rust https://bugzilla.redhat.com/show_bug.cgi?id=1115975 -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.30-1.el6 (FEDORA-EPEL-2014-2096) JavaScript runtime -------------------------------------------------------------------------------- Update Information: ### 2014.07.31, node.js Version 0.10.30 (Stable) * Revert "stream: start old-mode read in a next tick" (Fedor Indutny) * buffer: fix sign overflow in `readUIn32BE` (Fedor Indutny) * buffer: improve {read,write}{U}Int* methods (Nick Apperson) * child_process: handle writeUtf8String error (Fedor Indutny) * lib: remove and restructure calls to isNaN() (cjihrig) * module: eliminate double `getenv()` (Maciej Małecki) * stream2: flush extant data on read of ended stream (Chris Dickinson) * streams: remove unused require('assert') (Rod Vagg) * timers: backport f8193ab (Julien Gilli) ### 2014.07.32, Version 0.10.28 (Stable) * unix: return system error on EAI_SYSTEM (Saúl Ibarra Corretgé) * unix: fix bogus structure field name (Saúl Ibarra Corretgé) Please note that the v8 security fix shipped in the bundled copy of v8 in this upstream release is not included in this update. Instead, this fix is applied in the [v8-3.14.5.10-11 update](https://admin.fedoraproject.org/updates/v8-3.14.5.10-11.fc18). -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.30-1 - new upstream release 0.10.30 http://blog.nodejs.org/2014/07/31/node-v0-10-30-stable/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115975 - Add libuv-static package to prepare rust https://bugzilla.redhat.com/show_bug.cgi?id=1115975 -------------------------------------------------------------------------------- ================================================================================ openconnect-5.03-1.el6 (FEDORA-EPEL-2014-2093) Open client for Cisco AnyConnect VPN -------------------------------------------------------------------------------- Update Information: Update to 5.03 release -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Nikos Mavrogiannopoulos <nmav(a)redhat.com> - 5.03-1 - Update to 5.03 release * Sat Jun 1 2013 David Woodhouse <David.Woodhouse(a)intel.com> - 5.01-1 - Update to 5.01 release (#955710, #964329, #964650) -------------------------------------------------------------------------------- ================================================================================ pgpdump-0.29-1.el6 (FEDORA-EPEL-2014-2095) PGP packet visualizer -------------------------------------------------------------------------------- Update Information: * GnuPG extensions in private/experimental S2K specifiers (type 101), and parsing of gnu-dummy (1001) (indicating absent secret key material), and gnu-divert-to-card (2002) (indicating key material tored on a smartcard). * Ignore whitespace in Radix-64 input, per RFC 4880 section 6.4 * Makefile change -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Christopher Meng <rpm(a)cicku.me> - 0.29-1 - Update to 0.29 -------------------------------------------------------------------------------- ================================================================================ php-symfony-icu-1.1.2-1.el6 (FEDORA-EPEL-2014-2092) Symfony Icu Component -------------------------------------------------------------------------------- Update Information: Updated to 1.1.2 * Fixed IcuTestCase to set a common locale for all tests * Updated data files with improved transformation classes Git diffs: * v1.1.0 to v1.1.1: https://github.com/symfony/Icu/compare/v1.1.0...v1.1.1 * v1.1.1 to v1.1.2: https://github.com/symfony/Icu/compare/v1.1.1...v1.1.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 31 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.1.2-1 - Updated to 1.1.2 (BZ #1124230) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124230 - php-symfony-icu-1.1.2/1.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124230 -------------------------------------------------------------------------------- ================================================================================ seren-0.0.19-1.el6 (FEDORA-EPEL-2014-2097) Simple VoIP program to create conferences from the terminal -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 1 2014 Francesco Frassinelli <fraph24(a)gmail.com> - 0.0.19-1 - Version bump * Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-11.el6 (FEDORA-EPEL-2014-2099) JavaScript Engine -------------------------------------------------------------------------------- Update Information: TJ Fontaine of the Node.js project reports: A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may trigger a GC and receive an interrupt may overflow the stack and result in a segmentation fault. For instance, if your work load involves successive `JSON.parse` calls and the parsed objects are significantly deep, you may experience the process aborting while parsing. This issue was identified by Tom Steele of [^Lift Security](https://liftsecurity.io/) and Fedor Indunty, Node.js Core Team member worked closely with the V8 team to find our resolution. The V8 issue is described here https://codereview.chromium.org/339883002 It has landed in the Node repository here: https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa... And has been released in the following versions: * [v0.10.30](http://nodejs.org/dist/v0.10.30) http://blog.nodejs.org/2014/07/31/node-v0-10-30-stable/ * [v0.8.28](http://nodejs.org/dist/v0.8.28) http://blog.nodejs.org/2014/07/31/node-v0-8-28-maintenance/ ### The Fix [Applied in this update.] ### Remediation The best course of action is to patch or upgrade Node.js. ### Mitigation To mitigate against deep JSON parsing you can limit the size of the string you parse against, or ban clients who trigger a `RangeError` for parsing JSON. There is no specific maximum size of a JSON string, though keeping the max to the size of your known message bodies is suggested. If your message bodies cannot be over 20K, there's no reason to accept 1MB bodies. For web frameworks that do automatic JSON parsing, you may need to configure the routes that accept JSON payloads to have a maximum body size. * [expressjs](http://expressjs.com) and [krakenjs](http://krakenjs.com) used with the [body-parser](https://github.com/expressjs/body-parser#bodyparserjsonoptions) plugin accepts a `limit` parameter in your JSON config * [Hapi.js](http://hapijs.com) has `payload.maxBytes` https://github.com/spumko/hapi/blob/master/docs/Reference.md * [restify](http://mcavage.me/node-restify/#Bundled-Plugins) bundled `bodyParser` accepts a `maxBodySize` Source: https://groups.google.com/d/msg/nodejs/-siJEObdp10/2xcqqmTHiEMJ -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 31 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:3.14.5.10-11 - backport security fix for memory corruption and stack overflow (RHBZ#1125464) https://groups.google.com/d/msg/nodejs/-siJEObdp10/2xcqqmTHiEMJ - backport bug fix for x64 MathMinMax for negative untagged int32 arguments. https://github.com/joyent/node/commit/3530fa9cd09f8db8101c4649cab03bcdf76... -------------------------------------------------------------------------------- References: [ 1 ] Bug #1125464 - V8 Memory Corruption and Stack Overflow https://bugzilla.redhat.com/show_bug.cgi?id=1125464 -------------------------------------------------------------------------------- ================================================================================ x2goserver-4.0.1.15-2.el6 (FEDORA-EPEL-2014-2098) X2Go Server -------------------------------------------------------------------------------- Update Information: - Add Requires xorg-x11-xauth - Update to 4.0.1.15: - Fix hanging of x2goserver init script. - Log SSHFS output and errors to ~/.x2go/C-<session>/sshfs-mounts.log. (Fixes: #415). - If x2golistmounts is used without cmd option <session_id>, then the env var $X2GO_SESSION (current session) will be attempted to use. - If x2goumount-session is used without cmd option <session_id>, then the env var $X2GO_SESSION (current session) will be attempted to use. - Fix x2gostartagent. Make sure the -nolisten tcp option is configurable via x2goagent.options. (Fixes: #424). - Safely remove desktop files for client-side shared folders. Remove the correct desktop file, even if the shared folder has already been (forcefully) umounted. Such situations occur in cases where the connection gets interrupted. SSHFS will then get removed by the Linux kernel and we have to "guess" what desktop icons is actually to be removed. - Fix broken file descriptor closures in x2gocleansessions. (Fixes: #441). - x2gofm.desktop: Drop obsolete Encoding key from .desktop file. - Fix typos / hyphen-as-minus signs issues in x2goversion.8 and x2gomountdirs.8. -------------------------------------------------------------------------------- ChangeLog: * Fri May 2 2014 Orion Poplawski <orion(a)cora.nwra.com> - 4.0.1.15-2 - Add Requires xorg-x11-xauth * Thu Apr 3 2014 Orion Poplawski <orion(a)cora.nwra.com> - 4.0.1.15-1 - Update to 4.0.1.15 * Wed Apr 2 2014 Orion Poplawski <orion(a)cora.nwra.com> - 4.0.1.14-1 - Update to 4.0.1.14 --------------------------------------------------------------------------------

9 years, 9 months

1
0
0 / 0

EPEL epel beta report: 20140801 changes

by EPEL Beta Report

Compose started at Fri Aug 1 08:15:03 UTC 2014 New package: fann-2.2.0-6.el7 A fast artificial neural network library New package: libmongo-client-0.1.8-1.el7 Alternative C driver for MongoDB New package: python-flask-admin-1.0.8-1.el7 Simple and extensible admin interface framework for Flask New package: python-pyrax-1.9.0-3.el7 Python language bindings for OpenStack Clouds New package: rtorrent-0.9.4-2.el7 BitTorrent client based on libtorrent New package: rubygem-net-scp-1.0.4-7.el7 A pure Ruby implementation of the SCP client protocol New package: rubygem-net-ssh-2.9.1-1.el7 Net::SSH: a pure-Ruby implementation of the SSH2 client protocol New package: torsocks-1.3-3.el7 Use SOCKS-friendly applications with Tor Updated Packages: libuv-0.10.28-1.el7 ------------------- * Fri Aug 01 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.28-1 - new upstream release 0.10.28 https://github.com/joyent/libuv/blob/v0.10.28/ChangeLog * Thu Jul 03 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.27-3 - build static library for rust (RHBZ#1115975) * Sat Jun 07 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1:0.10.27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild nodejs-0.10.30-1.el7 -------------------- * Fri Aug 01 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.30-1 - new upstream release 0.10.30 http://blog.nodejs.org/2014/07/31/node-v0-10-30-stable/ pgpdump-0.29-1.el7 ------------------ * Fri Aug 01 2014 Christopher Meng <rpm(a)cicku.me> - 0.29-1 - Update to 0.29 php-pecl-mongo-1.5.5-1.el7 -------------------------- * Wed Jul 30 2014 Remi Collet <remi(a)fedoraproject.org> - 1.5.5-1 - Update to 1.5.5 (stable) * Thu Jun 19 2014 Remi Collet <rcollet(a)redhat.com> - 1.5.4-2 - rebuild for https://fedoraproject.org/wiki/Changes/Php56 php-symfony-icu-1.2.2-1.el7 --------------------------- * Thu Jul 31 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.2.2-1 - Updated to 1.2.2 (BZ #1124230) * Wed Jun 11 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.2.1-3 - Added "php-composer(symfony/icu)" virtual provide phpMyAdmin-4.2.7-1.el7 ---------------------- * Thu Jul 31 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.7-1 - Upgrade to 4.2.7 syslog-ng-3.5.5-2.el7 --------------------- * Thu Jul 31 2014 Peter Czanik <czanik(a)balabit.hu> - 3.5.5-2 - enabled mongodb destination support - merged with master for easier editing - disabled installing libdbi-dbd-sqlite as it's not available v8-3.14.5.10-11.el7 ------------------- * Thu Jul 31 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:3.14.5.10-11 - backport security fix for memory corruption and stack overflow (RHBZ#1125464) https://groups.google.com/d/msg/nodejs/-siJEObdp10/2xcqqmTHiEMJ - backport bug fix for x64 MathMinMax for negative untagged int32 arguments. https://github.com/joyent/node/commit/3530fa9cd09f8db8101c4649cab03bcdf76... * Thu Jun 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:3.14.5.10-10 - fix corner case in integer comparisons (v8 bug#2416; nodejs bug#7528) Summary: Added Packages: 8 Removed Packages: 0 Modified Packages: 8

9 years, 9 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
7
8
9
10
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

epel-devel August 2014