Fedora EPEL 5 updates-testing report - epel-devel - Fedora mailing-lists

4 Apr 2013


      The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 347  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1...
 242  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2...
  47  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4....
  15  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0711/git-1.8.1.4-2....
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0728/puppet-2.6.18-...
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0734/drupal7-views-...
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0754/boost141-1.41....
   5  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0819/libarchive-2.8...
   5  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0837/drupal7-rules-...
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0898/drupal7-ctools...
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0897/wordpress-plug...
The following builds have been pushed to Fedora EPEL 5 updates-testing
cobbler-2.4.0-beta4.el5
    drupal7-7.22-1.el5
    drupal7-ctools-1.3-1.el5
    drupal7-features-2.0-0.2.beta2.el5
    facter-1.6.18-3.el5
    wordpress-plugin-bad-behavior-2.2.13-1.el5
Details about builds:
================================================================================
 cobbler-2.4.0-beta4.el5 (FEDORA-EPEL-2013-0913)
 Boot server configurator
--------------------------------------------------------------------------------
Update Information:
New upstream release
New upstream release
New release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr  3 2013 James Cammarata jimi@sngx.net 2.4.0-beta4
- 2.4.0-beta4 release
* Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.4.0-beta3.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan  8 2013 Remi Collet rcollet@redhat.com  2.4.0-beta3.1
- fix configuration for httpd 2.4, #871383
- own /usr/share/cobbler
* Wed Dec 12 2012 James Cammarata jimi@sngx.net 2.4.0-beta3
- New release 2.4.0-beta3
* Thu Oct 11 2012 James Cammarata jimi@sngx.net 2.4.0-beta2
- Modified spec version/release to be 2.4.0-beta2 (jimi@sngx.net)
- fixing up a bad commit merge (jimi@sngx.net)
* Thu Oct 11 2012 James Cammarata jimi@sngx.net 2.4.0-beta1
- Beta Release 1 of 2.4.0
- BUGFIX - Issue #329 - Systems no longer allow an add with an image for a
  parent (jimi@sngx.net)
- BUGFIX - Issue #327 - revert 5afcff7 and fix in a more sane way
  (jimi@sngx.net)
- Removed some duplicates created by reapplying a patch (jimi@sngx.net)
- BUGFIX - Issue #267 - old python-virtinst does not support --boot
  (jimi@sngx.net)
- Revise install_post_puppet.py to use newer puppet syntax
  (stephen@esstec.co.uk)
- Get rid of deprecated Puppet syntax so that cobbler works with Puppet 3.0
  (stephen@esstec.co.uk)
- Added ubuntu to dist check for named.conf location
  (daniel.givens@rackspace.com)
- Expanded automatic determination of tftpboot path, isc dhcp and bind service
  names and config files based on distro. (daniel@givenstx.com)
- Make the service name for DHCP and DNS restarts configurable for better
  portable between distros. (daniel.givens@rackspace.com)
- Serial based on formatted date and revision number (alevy@mobitv.com)
- Correct undefined variable name (jbd@jbdenis.net)
- fix merge Issue #252 BUGFIX and #262 (daikame@gmail.com)
- Add check for valid driver_type before executing qemu-img (jimi@sngx.net)
- fix mistake remove import. (daikame@gmail.com)
- move exec method to utils.py, and catch unexpected exception.
  (daikame@gmail.com)
- not check driver type on create method. (daikame@gmail.com)
- BUGFIX - Issue #305 - Incorrect Kickstart file when gPXE enabled
  (jimi@sngx.net)
- BUGFIX - Issue #304 - Cobbler does not store values correctly for ksmeta
  Objects were getting flattened improperly, so it was losing escapes/quoting
  for values with spaces (jimi@sngx.net)
- add vmdk and raw file create support. (daikame@gmail.com)
- BUGFIX - Issue #267 - old python-virtinst does not support --boot
  (jimi@sngx.net)
- Modified spec version/release to be 2.4.0-beta-1 (jimi@sngx.net)
- Initial commit for mysql backend support (jimi@sngx.net)
- BUGFIX - Issue #277 - move webroot to /srv/www for debian/ubuntu
  (jimi@sngx.net)
- FEATURE - adding 'zonetype' variable for DNS zone rendering (jimi@sngx.net)
- BUGFIX - Issue #278 - cobbler import fails for ubuntu images due to rsync
  args (jimi@sngx.net)
- BUGFIX - Issue #285 - update cobbler man page for incorrect options
  (jimi@sngx.net)
- BUGFIX - Issue #241 - adding distro with blank name via XMLRPC should not
  work (jimi@sngx.net)
- BUGFIX - Issue #272 - allow anamon to log entries when building systems based
  on profiles (no corresponding system record) (jimi@sngx.net)
- BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match
  preventing LV creation (jimi@sngx.net)
- BUGFIX - Issue #287 - patch to allow templar to work without a config, which
  was breaking the tftpd.py script (jimi@sngx.net)
- add qcow2 driver type (daikame@gmail.com)
- fix koan qemu-machine-type param test. (daikame@gmail.com)
- Only cosmetic cleanup - removed commands that were commented out, added
  spaces for more clear code (flaks@bnl.gov)
- Modified sample.seed to make use kickstart_start and kickstart_done snippets
  for debian. As a result the following cobbler features work for debian:   -
  prevent net boot looping   - cobbler status reflects debian installations   -
  preseed file is downloaded a nd saved on the installed system as
  /var/log/cobbler.seed Also made download_config_files_deb snippet, make use
  of late_command New post_run_deb snippet allows to execute post installation
  script. (flaks@bnl.gov)
- Some changes for testing (jimi@sngx.net)
- Minor fix for urlparse on older pythons (>2.5) (jimi@sngx.net)
- FEATURE - Issue #253 - Use PEERDNS=no for DHCP interfaces when name servers
  are specified (jimi@sngx.net)
- install-tree for debian/ubuntu modified to take tree= from meta data. http,
  ftp and nfs remote tree locations supported (flaks@bnl.gov)
- add support of custom logical volume name (daikame@gmail.com)
- Partial revert of 87acfc8b, and a minor change to bring the koan extra-args
  inline with the PXE args (jimi@sngx.net)
- New default preseed, and a few minor changes to make ubuntu auto install work
  better (jimi@sngx.net)
- Add support for qemu machine type to emulate (option --qemu-machine-type).
  (isaoshimizu@gmail.com)
- Modern x86 kernels have 2048 char limit and this is needed to support
  configurations with kickstart+NIC kernel params. Otherwise koan refuses to
  accept the param list. (oliver@cpan.org)
- Allow koan's -S option to work for SuSE breed. Also remove -S for breed=None,
  as I assume "Red Hat" is not a sane assumption for all Distros without a
  breed. (oliver@cpan.org)
- Only add a udev net rule for an interface if the MAC is set. This fixes
  behaviour whereby a dummy udev rule at eth0 forces the first NIC to get eth1
  post-install. (oliver@cpan.org)
- Make the domainname setting be the full eth0 DNS Name, minus the first dotted
  part (and not the FQDN). (oliver@cpan.org)
- BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match
  preventing LV creation (jimi@sngx.net)
- Added back in the filesystem loader. (oliver@cpan.org)
- BUGFIX - Issue #247 - Reposync does not work from the web interface
  (jimi@sngx.net)
- BUGFIX - Issue #246 - CentOS 5.x install fence_tools to /sbin/
  (jimi@sngx.net)
- Fix post_report trigger typo (jimi@sngx.net)
- Some fixes for koan running with an old virt-install (jimi@sngx.net)
- Define pxe_menu_items variable when creating PXE files for systems
  (jthiltges2@unl.edu)
- Refactor PXE and GRUB menu item creation into a separate function
  (jthiltges2@unl.edu)
- django 1.4 and later have deprecated the old TEMPLATE_LOADERS and replaced
  them with a new app_directories.Loader (oliver@cpan.org)
- Add support for UEFI boot to the subnet, but not for defined systems yet.
  (erinn.looneytriggs@gmail.com)
- Fix redhat import whitelist for Fedora 17 (jimi@sngx.net)
- Fix unittest on the case of haven't virt-install libs. (daikame@gmail.com)
- os_version for debian should be similar to ubunty for virt-install to work
  changed tree in app.py so that I can use debian mirror different from cobbler
  server (flaks@bnl.gov)
- fedora 17 changed the output of ifconfig command. This will make IFNAME set
  in snippets again (flaks@bnl.gov)
- remove edit for now (flaks@bnl.gov)
- Fixed snippets for bonded_bridge_slave and a few other fixes for koan/web GUI
  (jimi@sngx.net)
- Initial support for bonded_bridge_slave type. TODO: modifying snippets to
  actually make it work... (jimi@sngx.net)
- The webui_sessions directory belongs only to cobbler-web
  (chutzimir@gmail.com)
- RPM: put cobbler*.conf files only in /etc/httpd/conf.d
  (cristian.ciupitu@yahoo.com)
- better fix for pull request #228 (jorgen.maas@gmail.com)
- make rpms failed because the misc/ directory containing the augeas lense
  could not be found. this simple diff fixes that. (jorgen.maas@gmail.com)
- Ubuntu actually requires auto=true in kopts See
  http://serverfault.com/a/144290/39018 (ekirpichov@gmail.com)
- Whitespace cleanup for the new openvz stuff (jimi@sngx.net)
- Remove dead code (useless imports) (cristian.ciupitu@yahoo.com)
- BUGFIX extra-args option problems (daikame@gmail.com)
- FIX koan virt-install tests. (daikame@gmail.com)
- added debian support to prevent net boot looping (flaks@bnl.gov)
- README.openvz: - added (nvrhood@gmail.com)
- scripts/ovz-install: - added support for "services" kickstart option -
  corrected repos and installation source processing (nvrhood@gmail.com)
- cobbler.spec, setup.py: - added scripts/ovz-install (nvrhood@gmail.com)
- koan/openvzcreate.py, scripts/ovz-install: - changes in copyright notice
  (nvrhood@gmail.com)
- koan/app.py: - bug in koan: size of freespace on VG expressed as float with
  comma, but need fload with point (nvrhood@gmail.com)
- koan/app.py: - added type "openvz" (nvrhood@gmail.com)
- cobbler/collection.py: - openvz containers doesn't need to boot from PXE, so
  we prevent PXE-menu creation for such profiles. (nvrhood@gmail.com)
- cobbler/item_profile.py, cobbler/utils.py: - added "openvz" virtualization
  type (nvrhood@gmail.com)
- cobbler/item_system.py: - added openvz for virt_type (nvrhood@gmail.com)
- [BUGFIX] template errors can hit an exception path that references an
  undefined variable (jimi@sngx.net)
- If the call to int() fails, inum has no value, thus the reference to inum in
  the except clause causes an UnboundLocalError when it tries to reference
  inum. (joshua@azariah.com)
- Add new ubuntu (alpha) version to codes.py (jorgen.maas@gmail.com)
- Not all remove current ifcfg- post_install_network_config (me@n0ts.org)
- Update systemctl script to resolve some issues (jimi@sngx.net)
- More spec fixes (jimi@sngx.net)
- Removing replicate_use_default_rsync_options setting and setting
  replicate_rsync_options to existing rsync default.  Issue #58
  (john@julienfamily.com)
- Commit for RFE: Expose rsync options during replication.  Issue #58
  (john@julienfamily.com)
- Yet more HTML/CSS fixes, cleaning up some overly large inputs caused by other
  CSS changes (jimi@sngx.net)
- More HTML/CSS improvements for new weblayout (jimi@sngx.net)
- CSS improvements for the tabbed layout (jimi@sngx.net)
- Fix for settings edit using the new tab format (jimi@sngx.net)
- Added a cancel button to replace the reset button (jimi@sngx.net)
- Fix saving of multiselect fields (jimi@sngx.net)
- Modification to generic_edit template to use tabs for categories plus some
  miscellaneous cleanup (jimi@sngx.net)
- Adding an example line for redhat imports to the whitelist file
  (jimi@sngx.net)
- Another minor fix for suse imports - fixing up name when using --available-as
  (already done in other import modules) - allowing multiple arch imports (also
  already done in other imports) (jimi@sngx.net)
- Some fixups for suse using --available-as (jimi@sngx.net)
- Fix for import when using --available-as - currently rsyncs full remote tree,
  changing that to only import files in a white list - some modifications to
  import modules to clean some things up and make available-as work better -
  fix in utils.py for path_tail, which was not working right and appending the
  full path (jimi@sngx.net)
- Run the same sed command on the default distributed config file to ensure
  consistent indentation (jimi@sngx.net)
- Add setting to enable/disable dynamic settings changes Adding
  cobblersettings.aug to distributed files, since we need a copy that doesn't
  insert tabs Added a "cobbler check" that checks if dynamic settings is
  enabled and prints a sed command to cleanup the settings file spacing/indents
  (jimi@sngx.net)
- Change cli command "settings" to "setting" to match other commands (which are
  not plurarlized) (jimi@sngx.net)
- Removing commented-out try/except block in config.py, didn't mean to commit
  this (jimi@sngx.net)
- Fixed/improved CLI reporting for settings (jimi@sngx.net)
- Added support for validating setting type when saving Also fixed up the
  augeas stuff to save lists and hashes correctly (jimi@sngx.net)
- Fix for incorrect redirect when login times out when looking at a setting
  edit (jimi@sngx.net)
- Dynamic settings edit support for the web GUI (jimi@sngx.net)
- Added ability to write settings file via augeas (jimi@sngx.net)
- Initial support for modifying settings live Changed settings do not survive a
  reboot and revert to what's in /etc/cobbler/settings TODO:  * report --name
  show a single setting  * validate settings based on type (string, list, bool,
  etc.)  * web support for editing  * persisting settings after change
  (jimi@sngx.net)
- Branch for 2.4.0, updated spec and setup.py (jimi@sngx.net)
--------------------------------------------------------------------------------
================================================================================
 drupal7-7.22-1.el5 (FEDORA-EPEL-2013-0903)
 An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
New maintenance release of Drupal 7. Release notes: http://drupal.org/drupal-7.22-release-notes
Add rpmmacros subpackage to simplify module packaging.
New Drupal release, http://drupal.org/drupal-7.21-release-notes.
New upstream 7.20, resolves SA-CORE-2013-002. Release notes upstream: http://drupal.org/drupal-7.20-release-notes
New Drupal release, http://drupal.org/drupal-7.21-release-notes.
New upstream 7.20, resolves SA-CORE-2013-002
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr  4 2013 Peter Borsa peter.borsa@gmail.com - 7.22-1
- 7.22
* Thu Mar  7 2013 Peter Borsa peter.borsa@gmail.com - 7.21-1
- 7.21
* Thu Feb 21 2013 Paul W. Frields stickster@gmail.com - 7.20-1
- 7.20, SA-CORE-2013-002 (#913403)
* Fri Jan 25 2013 Jon Ciesla limburgher@gmail.com - 7.19-2
- README update for cron_key, BZ 902234.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #923932 - Add macros to drupal7
        https://bugzilla.redhat.com/show_bug.cgi?id=923932
  [ 2 ] Bug #918902 - drupal7-7.21 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=918902
  [ 3 ] Bug #913403 - drupal7-7.20 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=913403
--------------------------------------------------------------------------------
================================================================================
 drupal7-ctools-1.3-1.el5 (FEDORA-EPEL-2013-0898)
 This suite is primarily a set of APIs and tools for other Drupal modules
--------------------------------------------------------------------------------
Update Information:
New security release.
Release notes: http://drupal.org/node/1960424
SA-CONTRIB-2013-041: http://drupal.org/node/1960406
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr  4 2013 Peter Borsa peter.borsa@gmail.com - 1.3-1
- Upstream 1.3 release
- SA-CONTRIB-2013-041
* Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 drupal7-features-2.0-0.2.beta2.el5 (FEDORA-EPEL-2013-0907)
 Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1956610.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr  4 2013 Peter Borsa peter.borsa@gmail.com - 2.0-0.2.beta2
- New upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #929393 - drupal7-features-2.0-beta2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=929393
--------------------------------------------------------------------------------
================================================================================
 facter-1.6.18-3.el5 (FEDORA-EPEL-2013-0896)
 Command and ruby library for gathering system information
--------------------------------------------------------------------------------
Update Information:
This is an upstream bugfix which resolves numerous issues.  For full details, refer to the upstream release notes:
http://projects.puppetlabs.com/projects/facter/wiki
In addition, this update applies a backported fix for the virtual fact when facter is run by a non-root user:
https://projects.puppetlabs.com/issues/19989
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr  3 2013 Todd Zullinger tmz@pobox.com - 1.6.18-3
- Avoid warnings when virt-what produces no output
* Tue Apr  2 2013 Todd Zullinger tmz@pobox.com - 1.6.18-2
- Apply upstream patch to filter virt-what warnings from virtual fact
* Mon Mar 18 2013 Todd Zullinger tmz@pobox.com - 1.6.18-1
- Update to 1.6.18
- Restart puppet in %postun (#806370)
- Require virt-what for improved KVM detection (#905592)
- Ensure man page is installed on EL < 7
* Tue Mar 12 2013 Vít Ondruch vondruch@redhat.com - 1.6.17-2
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Mon Feb 25 2013 Jeroen van Meeuwen vanmeeuwen@kolabsys.com - 1.6.17-1
- New upstream version, fixes rhbz #892734
* Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Dec  4 2012 Michael Stahnke stahnma@puppetlabs.com - 1.6.16-1
- Update to 1.6.16
* Wed Nov 28 2012 Michael Stahnke stahnma@puppetlabs.com -  1.6.15-1
- Rebase to 1.6.15
- Put asc file back as Source1
* Fri Nov  9 2012 Michael Stahnke stahnma@puppetlabs.com - 1.6.13-2
- Add patch for ec2 fix
- Rebase to 1.6.14 via bz 871211
* Mon Oct 29 2012 Michael Stahnke stahnma@puppetlabs.com - 1.6.13-1
- Rebase to 1.6.13
* Thu Jul 19 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #806370 - facter should restart puppet on upgrade if it is running
        https://bugzilla.redhat.com/show_bug.cgi?id=806370
  [ 2 ] Bug #836313 - Detects SELinux as being disabled/false
        https://bugzilla.redhat.com/show_bug.cgi?id=836313
  [ 3 ] Bug #892734 - Ipaddress fact broken in F17, already fixed upstream
        https://bugzilla.redhat.com/show_bug.cgi?id=892734
  [ 4 ] Bug #905592 - virtual fact is not set correctly for KVM (including RHEV) under RHEL
        https://bugzilla.redhat.com/show_bug.cgi?id=905592
  [ 5 ] Bug #871211 - Please update facter to the latest upstream (patch included)
        https://bugzilla.redhat.com/show_bug.cgi?id=871211
--------------------------------------------------------------------------------
================================================================================
 wordpress-plugin-bad-behavior-2.2.13-1.el5 (FEDORA-EPEL-2013-0897)
 Bad Behavior plugin for WordPress
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.13 - fixes security bug
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 20 2013 Nick Bebout nb@fedoraproject.org - 2.2.13-1
- Upgrade to 2.2.13
* Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.42-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.42-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.42-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #848125 - CVE-2012-4271 wordpress-plugin-bad-behavior: multiple XSS flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=848125
--------------------------------------------------------------------------------