The following Fedora EPEL 5 Security updates need testing:
Age URL
799
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
253
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
133
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2....
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1697/zabbix20-2....
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki11...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1767/cacti-0.8.8...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1780/zarafa-7.1....
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-qtl-1.32.10-2.el5
drupal7-backup_migrate-3.0-3.el5
gyp-0.1-0.15.1617svn.el5
http-parser-2.0-6.20121128gitcd01361.el5
libburn-1.3.8-1.el5
libisoburn-1.3.8-1.el5
libisofs-1.3.8-1.el5
php53-mapi-7.1.10-1.el5
zarafa-7.1.10-1.el5
Details about builds:
================================================================================
R-qtl-1.32.10-2.el5 (FEDORA-EPEL-2014-1778)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
Version 1.32, 2014-05-28:
Major changes:
* None.
Minor changes:
* fitqtl with model="normal" now returns residuals as an attribute.
* Added an additional argument to plot.scanone, bgrect, for making the background of the
plotting region a different color.
* Revised cleanGeno to work with any cross having two possible genotypes (i.e., not just
bc but also riself, risib, dh, haploid).
* Revised summary.cross so that overall genotype frequencies are given separately for
autosomes and the X chromosome.
* Fixed typo in a warning in add.threshold.
* Fixed a bug in reduce2grid, regarding format of attributes
* Fixed a bug in MQM: in some circumstances, the last marker was always included as
cofactor; other cleanup in MQM code.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 28 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.32.10-2
- Disable checks on ppc64
* Wed Jun 25 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.32.10-1
- Update to 1.32.10
- Use R-core-devel instead of R-devel as BR
- Re-enable checks
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.31.9-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
drupal7-backup_migrate-3.0-3.el5 (FEDORA-EPEL-2014-1768)
Backup the Drupal database and files or migrate them to another environment
--------------------------------------------------------------------------------
Update Information:
### [
3.0](https://www.drupal.org/node/2275063)
The first stable release of the 3.x branch.
This branch is a pretty major overhaul of the module which includes:
* An improved UI.
* Better scheduling.
* Built in file/entire site (site archive) backup.
* The ability to create a local and offsite backup at the same time.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 3.0-3
- Require "php-zip" instead of "php-pecl(zip)"
* Fri Jun 27 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 3.0-2
- Re-add EPEL-5 bits
* Fri Jun 27 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 3.0-1
- Updated to 3.0 (BZ #1101926; release notes
https://www.drupal.org/node/2275063)
- Spec cleanup
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1101926 - drupal7-backup_migrate-3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1101926
--------------------------------------------------------------------------------
================================================================================
gyp-0.1-0.15.1617svn.el5 (FEDORA-EPEL-2014-1774)
Generate Your Projects
--------------------------------------------------------------------------------
Update Information:
This update switches gyp to use Python 2.6, allowing it to work properly on EL5.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 25 2014 Akira TAGOH <tagoh(a)redhat.com> - 0.1-0.15.1617svn
- Update rpm macros to the latest guidelines.
- Build against python26 for EPEL5.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1-0.12.1617svn
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1-0.11.1617svn
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Apr 23 2013 Akira TAGOH <tagoh(a)redhat.com> - 0.1-0.10.1617svn
- Rebase to r1617
* Tue Feb 12 2013 Akira TAGOH <tagoh(a)redhat.com> - 0.1-0.9.1569svn
- Rebase to r1569 (#908983)
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1-0.8.1010svn
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1-0.7.1010svn
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1111913 - gyp broken in EL5
https://bugzilla.redhat.com/show_bug.cgi?id=1111913
--------------------------------------------------------------------------------
================================================================================
http-parser-2.0-6.20121128gitcd01361.el5 (FEDORA-EPEL-2014-1781)
HTTP request/response parser for C
--------------------------------------------------------------------------------
Update Information:
This is a parser for HTTP messages written in C. It parses both requests and responses.
The parser is designed to be used in performance HTTP applications. It does not make any
syscalls nor allocations, it does not buffer data, it can be interrupted at anytime.
Depending on your architecture, it only requires about 40 bytes of data per message stream
(in a web server that is per connection).
--------------------------------------------------------------------------------
================================================================================
libburn-1.3.8-1.el5 (FEDORA-EPEL-2014-1779)
Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.6
======================================
libburn novelties
-----------------
* Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Minimum drive buffer fill was measured by cdrskin before the buffer could get full
* Bug fix: A failed MMC BLANK command did not cause error indication by libburn
* Bug fix: A final fsync(2) was performed with stdio drives, even if not desired
* CD TAO with multiple tracks could cause a buffer overrun
* Compilation warning for unsupported systems mutated into an error
libisofs novelties
------------------
* Prevent allocation of empty hash tables, thanks Richard Nolde
* Prevent allocation of empty directory children lists, thanks Richard Nolde
* The GUIDs of main GPT and backup GPT differed if more than one System Area was written
into the ISO image
* New API calls iso_image_report_el_torito() and iso_image_report_system_area()
* New API call iso_crc32_gpt()
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -boot_image grub grub2_mbr= did not work (but -as mkisofs --grub2-mbr did
work)
* Bug fix: -boot_image grub2_mbr= prevented -boot_image partition_table=on
* libburn: A final fsync(2) was performed with stdio drives, even if -stdio_sync was set
to "off".
* libburn: Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Bug fix: -blank force:all on DVD+RW had no effect
* Enabled use of libedit as alternative to libreadline
* Enabled recording and restoring of extattr on NetBSD
* New API calls isoburn_igopt_set_stdio_endsync() and isoburn_igopt_get_stdio_endsync
* New bootspecs hppa_*, new -as mkisofs options -hppa-* for HP-PA via PALO
* New -find pseudo tests -use_pattern , -or_use_pattern
* New -find action report_sections
* New command -concat
* New commands -report_system_area and -report_el_torito
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Robert Scheck <robert(a)fedoraproject.org> 1.3.8-1
- Update to upstream 1.3.8 (#1078717)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114299 - libisofs-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1114299
[ 2 ] Bug #1078717 - libburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078717
[ 3 ] Bug #1078719 - libisoburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078719
--------------------------------------------------------------------------------
================================================================================
libisoburn-1.3.8-1.el5 (FEDORA-EPEL-2014-1779)
Library to enable creation and expansion of ISO-9660 filesystems
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.6
======================================
libburn novelties
-----------------
* Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Minimum drive buffer fill was measured by cdrskin before the buffer could get full
* Bug fix: A failed MMC BLANK command did not cause error indication by libburn
* Bug fix: A final fsync(2) was performed with stdio drives, even if not desired
* CD TAO with multiple tracks could cause a buffer overrun
* Compilation warning for unsupported systems mutated into an error
libisofs novelties
------------------
* Prevent allocation of empty hash tables, thanks Richard Nolde
* Prevent allocation of empty directory children lists, thanks Richard Nolde
* The GUIDs of main GPT and backup GPT differed if more than one System Area was written
into the ISO image
* New API calls iso_image_report_el_torito() and iso_image_report_system_area()
* New API call iso_crc32_gpt()
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -boot_image grub grub2_mbr= did not work (but -as mkisofs --grub2-mbr did
work)
* Bug fix: -boot_image grub2_mbr= prevented -boot_image partition_table=on
* libburn: A final fsync(2) was performed with stdio drives, even if -stdio_sync was set
to "off".
* libburn: Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Bug fix: -blank force:all on DVD+RW had no effect
* Enabled use of libedit as alternative to libreadline
* Enabled recording and restoring of extattr on NetBSD
* New API calls isoburn_igopt_set_stdio_endsync() and isoburn_igopt_get_stdio_endsync
* New bootspecs hppa_*, new -as mkisofs options -hppa-* for HP-PA via PALO
* New -find pseudo tests -use_pattern , -or_use_pattern
* New -find action report_sections
* New command -concat
* New commands -report_system_area and -report_el_torito
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Robert Scheck <robert(a)fedoraproject.org> 1.3.8-1
- Upgrade to 1.3.8 (#1078719)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114299 - libisofs-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1114299
[ 2 ] Bug #1078717 - libburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078717
[ 3 ] Bug #1078719 - libisoburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078719
--------------------------------------------------------------------------------
================================================================================
libisofs-1.3.8-1.el5 (FEDORA-EPEL-2014-1779)
Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.6
======================================
libburn novelties
-----------------
* Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Minimum drive buffer fill was measured by cdrskin before the buffer could get full
* Bug fix: A failed MMC BLANK command did not cause error indication by libburn
* Bug fix: A final fsync(2) was performed with stdio drives, even if not desired
* CD TAO with multiple tracks could cause a buffer overrun
* Compilation warning for unsupported systems mutated into an error
libisofs novelties
------------------
* Prevent allocation of empty hash tables, thanks Richard Nolde
* Prevent allocation of empty directory children lists, thanks Richard Nolde
* The GUIDs of main GPT and backup GPT differed if more than one System Area was written
into the ISO image
* New API calls iso_image_report_el_torito() and iso_image_report_system_area()
* New API call iso_crc32_gpt()
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -boot_image grub grub2_mbr= did not work (but -as mkisofs --grub2-mbr did
work)
* Bug fix: -boot_image grub2_mbr= prevented -boot_image partition_table=on
* libburn: A final fsync(2) was performed with stdio drives, even if -stdio_sync was set
to "off".
* libburn: Wrong stack usage caused SIGBUS on sparc when compiled by gcc -O2
* Bug fix: -blank force:all on DVD+RW had no effect
* Enabled use of libedit as alternative to libreadline
* Enabled recording and restoring of extattr on NetBSD
* New API calls isoburn_igopt_set_stdio_endsync() and isoburn_igopt_get_stdio_endsync
* New bootspecs hppa_*, new -as mkisofs options -hppa-* for HP-PA via PALO
* New -find pseudo tests -use_pattern , -or_use_pattern
* New -find action report_sections
* New command -concat
* New commands -report_system_area and -report_el_torito
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Robert Scheck <robert(a)fedoraproject.org> 1.3.8-1
- Upgrade to 1.3.8 (#1114299)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114299 - libisofs-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1114299
[ 2 ] Bug #1078717 - libburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078717
[ 3 ] Bug #1078719 - libisoburn-1.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1078719
--------------------------------------------------------------------------------
================================================================================
php53-mapi-7.1.10-1.el5 (FEDORA-EPEL-2014-1780)
The PHP MAPI extension by Zarafa
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.10 final [44973]
==================================================
General
-------
This release brings a few new features while maintaining stability. This release is
identical to the RC since no reports have arrived upstream and additional testing has not
shown up any issues.
Backend
-------
- ZCP-12380: Avoid violating RFC 3501 at partial IMAP fetch request
- ZCP-12337: Provide support for offline S/MIME public certificates
- ZCP-12226: ZWS breaks opensource build
- ZCP-12219: Enhance MariaDB support by modifying sql_mode
- ZCP-12162: Implement "Reinvite" for Zarafa ical
- ZCP-11730: zarafa-mailbox-permissions man page error
- ZCP-11835: zarafa-set-oof does not accept argument "-n"
- ZCP-12115: support ubuntu 14.04
- ZCP-12142: Patch: Option to disable all plaintext authentications unless SSL/TLS is
used
- ZCP-12162: Implement "Reinvite" for Zarafa ical
- ZCP-12200: Patch: POP3 RESP-CODES and AUTH-RESP-CODE support in Zarafa-Gateway
- ZCP-12013: Log the reason why a socket error was thrown
- ZCP-12219: Enhance MariaDB support by modifying sql_mode
- ZCP-12227: Enhance DAgent log level prios
- ZCP-12232: Patch: POP3 CAPA (CAPABILITIES) support in Zarafa-Gateway
- ZCP-12234: Include email adress when forwarding mails with a rule (community
contribution)
- ZCP-12270: Change maintainer line for debian packages
- ZCP-12338: Allow administrators to backup archive stores (show GUID via
zarafa-admin)
- ZCP-12339: Personal archive store not opened if archive server name in ADS does not
match the casing of the actual name.
- ZCP-12340: Patch: Repair broken ssl_enable_v2 setting for Zarafa 7.1.x
- ZCP-12342: Zarafa-backup creates empty folders for skipped companies
- ZCP-9899: Update GSoap to 2.8.x
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Robert Scheck <robert(a)fedoraproject.org> 7.1.10-1
- Upgrade to 7.1.10
* Fri Jun 20 2014 Remi Collet <rcollet(a)redhat.com> - 7.1.9-2.1
- rebuild for
https://fedoraproject.org/wiki/Changes/Php56
- add numerical prefix to extension configuration file
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
7.1.9-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 22 2014 Petr Machata <pmachata(a)redhat.com> - 7.1.9-2
- Rebuild for boost 1.55.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1073618 - CVE-2014-0103 zarafa: passwords stored in cleartext on server
https://bugzilla.redhat.com/show_bug.cgi?id=1073618
--------------------------------------------------------------------------------
================================================================================
zarafa-7.1.10-1.el5 (FEDORA-EPEL-2014-1780)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.10 final [44973]
==================================================
General
-------
This release brings a few new features while maintaining stability. This release is
identical to the RC since no reports have arrived upstream and additional testing has not
shown up any issues.
Backend
-------
- ZCP-12380: Avoid violating RFC 3501 at partial IMAP fetch request
- ZCP-12337: Provide support for offline S/MIME public certificates
- ZCP-12226: ZWS breaks opensource build
- ZCP-12219: Enhance MariaDB support by modifying sql_mode
- ZCP-12162: Implement "Reinvite" for Zarafa ical
- ZCP-11730: zarafa-mailbox-permissions man page error
- ZCP-11835: zarafa-set-oof does not accept argument "-n"
- ZCP-12115: support ubuntu 14.04
- ZCP-12142: Patch: Option to disable all plaintext authentications unless SSL/TLS is
used
- ZCP-12162: Implement "Reinvite" for Zarafa ical
- ZCP-12200: Patch: POP3 RESP-CODES and AUTH-RESP-CODE support in Zarafa-Gateway
- ZCP-12013: Log the reason why a socket error was thrown
- ZCP-12219: Enhance MariaDB support by modifying sql_mode
- ZCP-12227: Enhance DAgent log level prios
- ZCP-12232: Patch: POP3 CAPA (CAPABILITIES) support in Zarafa-Gateway
- ZCP-12234: Include email adress when forwarding mails with a rule (community
contribution)
- ZCP-12270: Change maintainer line for debian packages
- ZCP-12338: Allow administrators to backup archive stores (show GUID via
zarafa-admin)
- ZCP-12339: Personal archive store not opened if archive server name in ADS does not
match the casing of the actual name.
- ZCP-12340: Patch: Repair broken ssl_enable_v2 setting for Zarafa 7.1.x
- ZCP-12342: Zarafa-backup creates empty folders for skipped companies
- ZCP-9899: Update GSoap to 2.8.x
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 29 2014 Robert Scheck <robert(a)fedoraproject.org> 7.1.10-1
- Upgrade to 7.1.10
* Fri Jun 20 2014 Remi Collet <rcollet(a)redhat.com> - 7.1.9-2.1
- rebuild for
https://fedoraproject.org/wiki/Changes/Php56
- add numerical prefix to extension configuration file
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
7.1.9-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 22 2014 Petr Machata <pmachata(a)redhat.com> - 7.1.9-2
- Rebuild for boost 1.55.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1073618 - CVE-2014-0103 zarafa: passwords stored in cleartext on server
https://bugzilla.redhat.com/show_bug.cgi?id=1073618
--------------------------------------------------------------------------------