The following Fedora EPEL 6 Security updates need testing: Age URL 766 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 113 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-... 98 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2... 57 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramew... 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1388/botan-1.8.14-2... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1414/gajim-0.14.4-4... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1452/php-ZendFramew... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8.0.... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1475/moodle-2.4.10-... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1522/check-mk-1.2.4...
The following builds have been pushed to Fedora EPEL 6 updates-testing
check-mk-1.2.4p2-2.el6 gpaw-0.10.0.11364-3.el6 hylafax+-5.5.5-1.el6 jpegoptim-1.4.1-1.el6 perl-Crypt-PBKDF2-0.140890-1.el6 perl-Sys-Detect-Virtualization-0.106-1.el6 sys_basher-1.1.25-2.el6 uthash-1.9.9-6.el6
Details about builds:
================================================================================ check-mk-1.2.4p2-2.el6 (FEDORA-EPEL-2014-1522) A new general purpose Nagios-plugin for retrieving data -------------------------------------------------------------------------------- Update Information:
- Install the mk-job binary on /usr/bin. - Make sure the proper permissions are given to /var/lib/check_mk_agent/job to prevent any hard or symlink to be created by a normal user and pointing to any file on the filesystem exposing it on the check-mk-agent output being run as root. -------------------------------------------------------------------------------- ChangeLog:
* Tue May 27 2014 Andrea Veri averi@fedoraproject.org - 1.2.4p2-2 - Install the mk-job binary on /usr/bin. - Make sure the proper permissions are given to /var/lib/check_mk_agent/job to prevent any hard or symlink to be created by a normal user and pointing to any file on the filesystem exposing it on the check-mk-agent output being run as root. Fixes BZ #1101669. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1101669 - CVE-2014-0243 check-mk: arbitrary file disclosure flaw as root https://bugzilla.redhat.com/show_bug.cgi?id=1101669 --------------------------------------------------------------------------------
================================================================================ gpaw-0.10.0.11364-3.el6 (FEDORA-EPEL-2014-1520) A grid-based real-space PAW method DFT code -------------------------------------------------------------------------------- Update Information:
A grid-based real-space PAW method DFT code -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1087812 - Review Request: gpaw - A grid-based real-space PAW method DFT code https://bugzilla.redhat.com/show_bug.cgi?id=1087812 --------------------------------------------------------------------------------
================================================================================ hylafax+-5.5.5-1.el6 (FEDORA-EPEL-2014-1519) An enterprise-strength fax server -------------------------------------------------------------------------------- Update Information:
Update to 5.5.5 fixes several bugs plus add uucp dependency. -------------------------------------------------------------------------------- ChangeLog:
* Mon May 26 2014 Lee Howard faxguy@howardsilvan.com - 5.5.5-1 - update to 5.5.5 * Thu Apr 24 2014 Lee Howard faxguy@howardsilvan.com - 5.5.4-3 - add uucp dependency for build and install, bug 998737 * Sat Sep 14 2013 Lee Howard faxguy@howardsilvan.com - 5.5.4-2 - fix preun stop call to hylafax+ (and not hylafax) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #998737 - /var/spool/hylafax has incorrect ownership and other hylafax+ RPM problems https://bugzilla.redhat.com/show_bug.cgi?id=998737 --------------------------------------------------------------------------------
================================================================================ jpegoptim-1.4.1-1.el6 (FEDORA-EPEL-2014-1516) Utility to optimize JPEG files -------------------------------------------------------------------------------- Update Information:
Update to version 1.4.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed May 28 2014 Denis Fateyev denis@fateyev.com - 1.4.1-1 - Update to version 1.4.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1100425 - jpegoptim-1.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1100425 --------------------------------------------------------------------------------
================================================================================ perl-Crypt-PBKDF2-0.140890-1.el6 (FEDORA-EPEL-2014-1511) PBKDF2 password hashing algorithm -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1098097 - Review Request: perl-Crypt-PBKDF2 - PBKDF2 password hashing algorithm https://bugzilla.redhat.com/show_bug.cgi?id=1098097 --------------------------------------------------------------------------------
================================================================================ perl-Sys-Detect-Virtualization-0.106-1.el6 (FEDORA-EPEL-2014-1514) Library to detect if a UNIX system is running as a virtual machine -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1095662 - Review Request: perl-Sys-Detect-Virtualization - Detect if a UNIX system is running as a virtual machine https://bugzilla.redhat.com/show_bug.cgi?id=1095662 --------------------------------------------------------------------------------
================================================================================ sys_basher-1.1.25-2.el6 (FEDORA-EPEL-2014-1512) A multithreaded hardware exerciser -------------------------------------------------------------------------------- Update Information:
Added verbose mode to memory tests --------------------------------------------------------------------------------
================================================================================ uthash-1.9.9-6.el6 (FEDORA-EPEL-2014-1521) A hash table for C structures -------------------------------------------------------------------------------- Update Information:
add `%global debug_package %{nil}` to avoid empty debuginfo-pkg -------------------------------------------------------------------------------- ChangeLog:
* Wed May 28 2014 Björn Esser bjoern.esser@gmail.com - 1.9.9-6 - add `%global debug_package %{nil}` to avoid empty debuginfo-pkg. * Thu May 22 2014 Björn Esser bjoern.esser@gmail.com - 1.9.9-5 - revert "Root package should be noarch too". - add provides %{name} for -devel subpkg. - add a note about why the mainpkg is arched. * Wed May 21 2014 Peter Robinson pbrobinson@fedoraproject.org 1.9.9-4 - Root package should be noarch too * Wed May 21 2014 Peter Robinson pbrobinson@fedoraproject.org 1.9.9-3 - Build as noarch * Sun May 18 2014 Christopher Meng rpm@cicku.me - 1.9.9-2 - Move all files to -devel subpkg. * Sat Mar 29 2014 Christopher Meng rpm@cicku.me - 1.9.9-1 - Update to 1.9.9 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1101930 - uthash-debuginfo-1.9.9-5 is empty https://bugzilla.redhat.com/show_bug.cgi?id=1101930 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org