The following Fedora EPEL 6 Security updates need testing: Age URL 851 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 198 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-... 183 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2... 69 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-... 60 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Add... 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2088/tor-0.2.4.23-1... 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2099/v8-3.14.5.10-1... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2123/ReviewBoard-1.... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2117/ansible-1.7-1.... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2144/mediawiki119-1... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2159/iodine-0.7.0-1... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2158/drupal7-7.31-1... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2148/drupal6-6.33-1... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2162/wordpress-3.9.... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2185/sks-1.1.5-2.el... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2218/pen-0.25.1-1.e... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2229/phpMyAdmin-4.0... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2257/GraphicsMagick... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2255/distcc-3.2rc1-...
The following builds have been pushed to Fedora EPEL 6 updates-testing
GraphicsMagick-1.3.20-1.el6 MUMPS-4.10.0-17.el6 distcc-3.2rc1-2.el6 fail2ban-0.8.14-1.el6 heat-cfntools-1.2.6-3.el6 ipv6calc-0.97.4-7.el6 knot-1.5.1-1.el6 mph-2b-damase-fonts-002.000-3.el6 nordugrid-arc-4.2.0-1.el6 nordugrid-arc-doc-1.5.0-1.el6 php-aws-sdk-2.6.15-2.el6 php-jsonlint-1.2.0-1.el6 php-scssphp-0.0.15-1.el6 python-dogpile-cache-0.5.4-1.el6 python-fedmsg-meta-fedora-infrastructure-0.2.19-1.el6 root-5.34.20-1.el6 sparse-0.4.4-7.el6
Details about builds:
================================================================================ GraphicsMagick-1.3.20-1.el6 (FEDORA-EPEL-2014-2257) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information:
New stable upstream release, patched for CVE-2014-1947. See also: http://www.graphicsmagick.org/NEWS.html#august-16-2014 -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Rex Dieter rdieter@fedoraproject.org 1.3.20-1 - 1.3.20, CVE-2014-1947 (#1064098,#1083082) * Fri Aug 15 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.19-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Aug 13 2014 Orion Poplawski orion@cora.nwra.com - 1.3.19-8 - Rebuild for libjbig soname bump * Fri Jun 6 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.19-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun May 11 2014 Rex Dieter rdieter@fedoraproject.org 1.3.19-6 - handle upgrade path for introduction of -doc subpkg in 1.3.19-4 * Mon Feb 3 2014 Remi Collet remi@fedoraproject.org - 1.3.19-5 - upstream patch, drop debug output (#1060665) * Sat Jan 25 2014 Ville Skyttä ville.skytta@iki.fi - 1.3.19-4 - Split docs into -doc subpackage, drop README.txt (#1056306). - Drop no longer needed BrowseDelegateDefault modification. - Convert docs to UTF-8. * Thu Jan 9 2014 Rex Dieter rdieter@fedoraproject.org 1.3.19-3 - ppc64le is a multilib arch (#1051208) * Wed Jan 1 2014 Rex Dieter rdieter@fedoraproject.org 1.3.19-2 - BR: jbigkit, libwebp, xdg-utils, xz * Wed Jan 1 2014 Rex Dieter rdieter@fedoraproject.org 1.3.19-1 - 1.3.19 (#1047676) * Tue Oct 15 2013 Rex Dieter rdieter@fedoraproject.org 1.3.18-5 - trim changelog -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1064098 - CVE-2014-1947 ImageMagick: PSD writing layer name buffer overflow ("L%02ld") https://bugzilla.redhat.com/show_bug.cgi?id=1064098 --------------------------------------------------------------------------------
================================================================================ MUMPS-4.10.0-17.el6 (FEDORA-EPEL-2014-2260) A MUltifrontal Massively Parallel sparse direct Solver -------------------------------------------------------------------------------- Update Information:
*Some MPI packaging fixes *Changed MUMPS sequential build -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 24 2014 Antonio Trande sagitter@fedoraproject.org - 4.10.0-17 - Some MPI packaging fixes - Changed MUMPS sequential build * Fri Jun 6 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 4.10.0-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 3 2014 Tom Callaway spot@fedoraproject.org - 4.10.0-15 - rebuild against new scalapack tree of blacs --------------------------------------------------------------------------------
================================================================================ distcc-3.2rc1-2.el6 (FEDORA-EPEL-2014-2255) Distributed C/C++ compilation -------------------------------------------------------------------------------- Update Information:
Fix CVE-2014-4607 by upgrading to minilzo 2.08 -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Andy Grover agrover@redhat.com - 3.2rc1-2 - Add patch distcc-minilzo-2.08.patch, to fix CVE-2014-4607 (BZ 1131791) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1112418 --------------------------------------------------------------------------------
================================================================================ fail2ban-0.8.14-1.el6 (FEDORA-EPEL-2014-2276) Ban IPs that make too many password failures -------------------------------------------------------------------------------- Update Information:
Update to 0.8.14 (bug #1130706): - minor fixes for claimed Python 2.4 and 2.5 compatibility - Handle case when inotify watch is auto deleted on file deletion to stop error messages - tests - fixed few "leaky" file descriptors when files were not closed while being removed physically - grep in mail*-whois-lines.conf now also matches end of line to work with the recidive filter - filters.d/sieve.conf - fixed typo in _daemon. Thanks Jisoo Park -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Orion Poplawski orion@cora.nwra.com - 0.8.14-1 - Update to 0.8.14 (bug #1130706) --------------------------------------------------------------------------------
================================================================================ heat-cfntools-1.2.6-3.el6 (FEDORA-EPEL-2014-2259) Tools required to be installed on Heat provisioned cloud instances -------------------------------------------------------------------------------- Update Information:
fix dependencies to include external commands (rhbz#1130964) -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 19 2014 Jeff Peeler jpeeler@redhat.com 1.2.6-3 - fix dependencies to include external commands (rhbz#1130964) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1130964 - wget dependency is not described https://bugzilla.redhat.com/show_bug.cgi?id=1130964 --------------------------------------------------------------------------------
================================================================================ ipv6calc-0.97.4-7.el6 (FEDORA-EPEL-2014-2273) IPv6 address format change and calculation utility -------------------------------------------------------------------------------- Update Information:
new package for EPEL6/EPEL7 --------------------------------------------------------------------------------
================================================================================ knot-1.5.1-1.el6 (FEDORA-EPEL-2014-2272) An authoritative DNS daemon -------------------------------------------------------------------------------- Update Information:
new upstream release: - logging: unified logging messages - logging: support for systemd journal - DDNS: processing updates in bulk - DDNS: fix signing of responses with TSIG - DDNS: fix prerequisites checking in apex node - DNSSEC: fix domain names conversion to canonical format before signing - DNSSEC: semantic checks for signing keys - EDNS: fix inclusion of OPT record into some packets - knsupdate: fix use of zone origin for deletions -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 19 2014 Jan Vcelak jvcelak@fedoraproject.org 1.5.1-1 - new upstream release: + logging: unified logging messages + logging: support for systemd journal + DDNS: processing updates in bulk + DDNS: fix signing of responses with TSIG + DDNS: fix prerequisites checking in apex node + DNSSEC: fix domain names conversion to canonical format before signing + DNSSEC: semantic checks for signing keys + EDNS: fix inclusion of OPT record into some packets + knsupdate: fix use of zone origin for deletions --------------------------------------------------------------------------------
================================================================================ mph-2b-damase-fonts-002.000-3.el6 (FEDORA-EPEL-2014-2258) Free font encoding many non-Latin scripts -------------------------------------------------------------------------------- Update Information:
Free font encoding many non-Latin scripts -------------------------------------------------------------------------------- References:
[ 1 ] Bug #991753 - Review Request: mph-2b-damase-fonts - Free font encoding many non-Latin scripts https://bugzilla.redhat.com/show_bug.cgi?id=991753 --------------------------------------------------------------------------------
================================================================================ nordugrid-arc-4.2.0-1.el6 (FEDORA-EPEL-2014-2263) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information:
ARC 4.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 18 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 4.2.0-1 - 4.2.0 Final Release - Drop patch nordugrid-arc-twisted.patch - Build for EPEL 7 (without xmlsec) * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 4.1.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Jul 2 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 4.1.0-4 - Rebuilt for xrootd 4 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 4.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kalev Lember kalevlember@gmail.com - 4.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1096587 - Architecture conflict between i686 and x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1096587 --------------------------------------------------------------------------------
================================================================================ nordugrid-arc-doc-1.5.0-1.el6 (FEDORA-EPEL-2014-2263) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information:
ARC 4.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 18 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 1.5.0-1 - 1.5.0 Final Release * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1096587 - Architecture conflict between i686 and x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1096587 --------------------------------------------------------------------------------
================================================================================ php-aws-sdk-2.6.15-2.el6 (FEDORA-EPEL-2014-2274) Amazon Web Services framework for PHP -------------------------------------------------------------------------------- Update Information:
Amazon Web Services SDK for PHP enables developers to build solutions for Amazon Simple Storage Service (Amazon S3), Amazon Elastic Compute Cloud (Amazon EC2), Amazon SimpleDB, and more. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1047812 - Make package PSR-0 compliant https://bugzilla.redhat.com/show_bug.cgi?id=1047812 [ 2 ] Bug #1126610 - php-aws-sdk-2.6.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1126610 --------------------------------------------------------------------------------
================================================================================ php-jsonlint-1.2.0-1.el6 (FEDORA-EPEL-2014-2261) JSON Lint for PHP -------------------------------------------------------------------------------- Update Information:
### [1.2.0 (2014-07-20)](https://github.com/Seldaek/jsonlint/releases/tag/1.2.0)
* Added support for linting multiple files at once in `jsonlint` * Added a -q/--quiet flag to suppress the output * Fixed error output being on STDOUT instead of STDERR * Fixed parameter parsing -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Shawn Iwinski shawn.iwinski@gmail.com - 1.2.0-1 - Updated to 1.2.0 (BZ #1124228) - Added option to build without tests ("--without tests") - Added bin * Mon Jun 9 2014 Remi Collet remi@fedoraproject.org - 1.1.2-2 - fix FTBFS, include path during test - upstream patch for latest PHPUnit - provides php-composer(seld/jsonlint) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124228 - php-jsonlint-1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124228 --------------------------------------------------------------------------------
================================================================================ php-scssphp-0.0.15-1.el6 (FEDORA-EPEL-2014-2267) A compiler for SCSS written in PHP -------------------------------------------------------------------------------- Update Information:
## [v0.0.15](https://github.com/leafo/scssphp/tree/v0.0.15)
## [v0.0.14](https://github.com/leafo/scssphp/tree/v0.0.14)
3.2.x compatibility fixes:
* @keyframes $name - didn't work inside mixin (@sergeylukin) * Bourbon transform(translateX()) didn't work (@dovy and @greynor)
## [v0.0.13](https://github.com/leafo/scssphp/tree/v0.0.13)
Note: the cached .imports file has been replaced by .meta files; to reclaim disk space (or inodes), you can safely remove the .imports files
* If-None-Match and ETag support (@NSmithUK) * normalize quotation marks (@NoxNebula) * improve handling of escape sequence in selectors (@matt3224) * add "scss_formatter_crunched" which strips comments * internal: generate more accurate parse tree -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 19 2014 Shawn Iwinski shawn.iwinski@gmail.com - 0.0.15-1 - Updated to 0.0.15 (BZ #1126612) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1126612 - php-scssphp-0.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1126612 --------------------------------------------------------------------------------
================================================================================ python-dogpile-cache-0.5.4-1.el6 (FEDORA-EPEL-2014-2266) A caching front-end based on the Dogpile lock -------------------------------------------------------------------------------- Update Information:
Latest upstream http://dogpilecache.readthedocs.org/en/latest/changelog.html#change-0.5.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Ralph Bean rbean@redhat.com - 0.5.4-1 - Latest upstream. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.5.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 30 2014 Bohuslav Kabrda bkabrda@redhat.com - 0.5.3-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 * Tue Jan 28 2014 Ralph Bean rbean@redhat.com - 0.5.3-1 - Latest upstream. - Modernize python3 conditional. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1111878 - python-dogpile-cache-0.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1111878 --------------------------------------------------------------------------------
================================================================================ python-fedmsg-meta-fedora-infrastructure-0.2.19-1.el6 (FEDORA-EPEL-2014-2275) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information:
Latest upstream with fixes for pkgdb and jenkins messages. Fixes to jenkins messages. Fixes to jenkins messages. New Fedora-College processor. -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Ralph Bean rbean@redhat.com - 0.2.19-1 - Latest upstream with jenkins and pkgdb fixes. - Remove patches. * Wed Aug 13 2014 Ralph Bean rbean@redhat.com - 0.2.18-3 - Upstream patches to fix further problems with the jenkins processor. * Sun Aug 10 2014 Ralph Bean rbean@redhat.com - 0.2.18-2 - Patch out time-sensitive test. * Sat Aug 9 2014 Ralph Bean rbean@redhat.com - 0.2.18-1 - Fix test suite. * Sat Aug 9 2014 Ralph Bean rbean@redhat.com - 0.2.17-1 - Bugfixes to jenkins messages. * Sat Aug 9 2014 Ralph Bean rbean@redhat.com - 0.2.16-1 - Remove patch. - Handle fedora college messages. --------------------------------------------------------------------------------
================================================================================ root-5.34.20-1.el6 (FEDORA-EPEL-2014-2271) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information:
For details see;
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
-------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 20 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 5.34.20-1 - Update to 5.34.20 - Re-enable xrootd support for F21+ and EPEL7 (now ported to xrootd 4) - Do not depend on wine's fonts - Drop patch root-gccopt.patch * Mon Aug 18 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 5.34.19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ sparse-0.4.4-7.el6 (FEDORA-EPEL-2014-2265) A semantic parser of source files -------------------------------------------------------------------------------- Update Information:
This package rebuilds sparse without -fpic. See bug 1109560 for details. -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 19 2014 Jeff Layton jlayton@primarydata.com - 0.4.4-7 - Remove -fpic and -fPIC from CFLAGS. Seems to be causing weird effects with -O2. (bz# 1109560) --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org