The following Fedora EPEL 6 Security updates need testing:
Age URL
628
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
142
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61...
84
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11865/quassel-0....
57
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-...
21
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12427/seamonkey-...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0026/x2goserver-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0110/drupal7-ent...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0105/strongswan-...
The following builds have been pushed to Fedora EPEL 6 updates-testing
docker-io-0.7.4-1.el6
drupal7-entity-1.3-1.el6
drupal7-language_cookie-1.8-1.el6
globus-gram-job-manager-condor-1.4-7.el6
globus-gram-job-manager-fork-1.5-8.el6
globus-gram-job-manager-lsf-1.2-2.el6
globus-gram-job-manager-pbs-1.6-7.el6
globus-gram-job-manager-sge-1.7-2.el6
globus-gram-job-manager-slurm-1.2-3.el6
globus-scheduler-event-generator-4.7-8.el6
milter-greylist-4.5.7-1.el6
msgpack-0.5.8-1.el6
nodejs-mongodb-1.3.19-3.el6
puppet-2.7.25-1.el6
pyhoca-cli-0.4.0.2-1.el6
pyhoca-gui-0.4.0.9-1.el6
python-chai-0.4.7-1.el6
python-docker-py-0.2.3-5.el6
python-pyarabic-0.4-4.el6
python-x2go-0.4.0.9-1.el6
strongswan-5.1.1-4.el6
trac-fedmsg-plugin-0.3.0-1.el6
unhide-20130526-1.el6
Details about builds:
================================================================================
docker-io-0.7.4-1.el6 (FEDORA-EPEL-2014-0101)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
upstream version bump to 0.7.4 (BZ 1049793)
udev rules typo fixed (BZ 1048775)
missed commit value in release 1, updated now
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.7.4-1
- upstream version bump to 0.7.4 (BZ #1049793)
- udev rules file from upstream contrib
- unit file firewalld not used, description changes
* Mon Jan 6 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.7.3-3
- udev rules typo fixed (BZ 1048775)
* Sat Jan 4 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.7.3-2
- missed commit value in release 1, updated now
- upstream release monitoring (BZ 1048441)
* Sat Jan 4 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.7.3-1
- upstream release bump to v0.7.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1049793 - docker-io-0.7.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1049793
[ 2 ] Bug #1048775 - invalid key/value pair in /etc/udev/rules.d/80-docker.rules
https://bugzilla.redhat.com/show_bug.cgi?id=1048775
[ 3 ] Bug #1048441 - docker-io-0.7.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1048441
--------------------------------------------------------------------------------
================================================================================
drupal7-entity-1.3-1.el6 (FEDORA-EPEL-2014-0110)
Extends the entity API to provide a unified way to deal with entities
--------------------------------------------------------------------------------
Update Information:
Updated to 1.3
1.3
* Release notes:
https://drupal.org/node/2169589
* SA-CONTRIB-2014-001:
https://drupal.org/node/2169595
* CVE-2014-1398, CVE-2014-1399, CVE-2014-1400
1.2
* Release notes:
https://drupal.org/node/2065197
* SA-CONTRIB-2013-068:
https://drupal.org/node/2065207
1.1
* Release notes:
https://drupal.org/node/1983440
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.3-1
- Updated to 1.3 (release notes:
https://drupal.org/node/2169589) (BZ #1050853)
- CVE-2014-1398, CVE-2014-1399, CVE-2014-1400 (BZ #1050802, 1050803, 1050804)
- SA-CONTRIB-2014-001 (
https://drupal.org/node/2169595)
- Spec cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1050802 - CVE-2014-1398 CVE-2014-1399 CVE-2014-1400 drupal7-entity: multiple
access bypass vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1050802
--------------------------------------------------------------------------------
================================================================================
drupal7-language_cookie-1.8-1.el6 (FEDORA-EPEL-2014-0099)
Allows usage of cookies to remember the user's last language
--------------------------------------------------------------------------------
Update Information:
Updated to 1.8
* Release notes:
https://drupal.org/node/2150363
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> 1.8-1
- Updated to 1.8 (release notes:
https://drupal.org/node/2150363) (BZ #1039692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1039692 - drupal7-language_cookie-1.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1039692
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-condor-1.4-7.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - Condor Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.4-7
- Remove unused configure option
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 28 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.4-5
- Implement updated packaging guidelines
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1.4-4
- Perl 5.18 rebuild
* Thu May 23 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.4-3
- Specfile clean-up
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-fork-1.5-8.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - Fork Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.5-8
- Fix logfile location
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 28 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.5-6
- Implement updated packaging guidelines
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1.5-5
- Perl 5.18 rebuild
* Tue May 21 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.5-4
- Add aarch64 to the list of 64 bit platforms
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Dec 6 2012 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.5-2
- Specfile clean-up
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-lsf-1.2-2.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - LSF Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.2-2
- Fix logfile location
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-pbs-1.6-7.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - PBS Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.6-7
- Fix logfile location
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.6-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 28 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.6-5
- Implement updated packaging guidelines
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1.6-4
- Perl 5.18 rebuild
* Tue May 21 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.6-3
- Add aarch64 to the list of 64 bit platforms
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-sge-1.7-2.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - Grid Engine Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.7-2
- Fix logfile location
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-slurm-1.2-3.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - SLURM Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.2-3
- Remove unused configure option
--------------------------------------------------------------------------------
================================================================================
globus-scheduler-event-generator-4.7-8.el6 (FEDORA-EPEL-2014-0116)
Globus Toolkit - Scheduler Event Generator
--------------------------------------------------------------------------------
Update Information:
Make GRAM SEG logfile locations consistent.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.7-8
- Fix logfile location
--------------------------------------------------------------------------------
================================================================================
milter-greylist-4.5.7-1.el6 (FEDORA-EPEL-2014-0103)
Milter for greylisting, the next step in the spam control war
--------------------------------------------------------------------------------
Update Information:
Cumulative bug-fix update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Paul Howarth <paul(a)city-fan.org> - 4.5.7-1
- Update to 4.5.7
- Do not use strndup(), for POSIX.1-2001 compatibility
* Mon Sep 2 2013 Paul Howarth <paul(a)city-fan.org> - 4.5.6-1
- Update to 4.5.6
- Fix bug that replaced first character of hostname by '['
- Do not force into lowercase properties set using the set clause
- Add %cA and %ca to report current ACL line number and id
- Increase format string maximum length to 4096
- Break long SMTP replies into mutiple lines
- Add configure --disable-parallel-make in case make -j is unsupported
* Sun Sep 1 2013 Paul Howarth <paul(a)city-fan.org> - 4.5.5-1
- Update to 4.5.5
- Fix memory leak in log ACL clause
- Updated AUTHORS in manpage
- Fix typos in manpage, style
- Numeric operator tests for property versus number
- Numeric operator tests for property versus property
* Mon Aug 19 2013 Paul Howarth <paul(a)city-fan.org> - 4.5.3-1
- Update to 4.5.3
- Format string expansions now honor %r everywhere possible
- Add unbracket option to resolve MTA-passed bracketed unresolved IP
- set ACL clause to set/increment/decrement properties
- log ACL clause to send formatted string to syslog
* Wed Aug 14 2013 Paul Howarth <paul(a)city-fan.org> - 4.5.2-1
- Update to 4.5.2
- Fix crash when chown socket without group
- Fix memory leak in nsupdate config reload
- Fix nsupdate servers option
- Build fixes
- Fix ACL bypass for second recipient when sender passed auth/tls/spf
- Parallel build
- Configurable package information
- More verbosity in SPF logs
- Use localaddr for p0f and %V format string
- Search current directory first for includes
- Make unknown AF family non fatal in p0f, report errors once
- Enable parallel build
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1050132 - Is it possible to update it to the latest version?
https://bugzilla.redhat.com/show_bug.cgi?id=1050132
--------------------------------------------------------------------------------
================================================================================
msgpack-0.5.8-1.el6 (FEDORA-EPEL-2014-0108)
Binary-based efficient object serialization library
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Daiki Ueno <dueno(a)redhat.com> - 0.5.8-1
- new upstream release
- remove patches that are no longer needed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1050794 - msgpack-0.5.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1050794
--------------------------------------------------------------------------------
================================================================================
nodejs-mongodb-1.3.19-3.el6 (FEDORA-EPEL-2014-0109)
A node driver for MongoDB
--------------------------------------------------------------------------------
Update Information:
Fix bson dependancies.
Fix missing npm(nodejs-mongodb) provides, which may resolve dependency issues when
installing this package or other packages that depend on it
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2014 Troy Dawson <tdawson(a)redhat.com> - 1.3.19-3
- Fix bson dependancy
* Fri Jan 3 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1.3.19-2
- add macro to invoke dependency generator on EL6
--------------------------------------------------------------------------------
================================================================================
puppet-2.7.25-1.el6 (FEDORA-EPEL-2014-0115)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
Update to 2.7.25 to fix the default file mode (#1049274)
Update to 2.7.24 to mitigate CVE-2013-4969 (#1046902)
Add slightly modified upstream patches to fix bugs in notify/restart
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2014 Sam Kottler <skottler(a)fedoraproject.org> - 2.7.25-1
- Update to 2.7.25 to fix the default file mode (#1049274)
* Fri Dec 27 2013 Sam Kottler <skottler(a)fedoraproject.org> - 2.7.24-1
- Update to 2.7.24 to mitigate CVE-2013-4969 (#1046902)
* Fri Dec 6 2013 Sam Kottler <skottler(a)fedoraproject.org> - 2.7.23-2
- Add slightly modified upstream patches to fix bugs in notify/restart (#1038041)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1049274 - Bump to puppet 2.7.25 to fix the default file mode
https://bugzilla.redhat.com/show_bug.cgi?id=1049274
[ 2 ] Bug #1046902 - Upgrade to 2.7.24 to mitigate CVE-2013-4969
https://bugzilla.redhat.com/show_bug.cgi?id=1046902
[ 3 ] Bug #1038041 - Missing patches for upstream service notify/restart bug (#7165) in
2.7.23
https://bugzilla.redhat.com/show_bug.cgi?id=1038041
--------------------------------------------------------------------------------
================================================================================
pyhoca-cli-0.4.0.2-1.el6 (FEDORA-EPEL-2014-0114)
Command line X2Go client written in Python
--------------------------------------------------------------------------------
Update Information:
python-x2go:
o Support for passphrase protect SSH keys.
o Support for two-factor authentication as provided
by OpenSSH server 6.2 and above (requires as of yet
unreleased Python Paramiko module).
o many many bugfixes.
o Support pulseaudio (>= 2).
o Expand the "~" character properly.
o Fix detection of color depth on Windows machines.
pyhoca-gui:
o Translation updates.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2014 Orion Poplawski <orion(a)cora.nwra.com> - 0.4.0.2-1
- Update to 0.4.0.2
--------------------------------------------------------------------------------
================================================================================
pyhoca-gui-0.4.0.9-1.el6 (FEDORA-EPEL-2014-0114)
Graphical X2Go client written in (wx)Python
--------------------------------------------------------------------------------
Update Information:
python-x2go:
o Support for passphrase protect SSH keys.
o Support for two-factor authentication as provided
by OpenSSH server 6.2 and above (requires as of yet
unreleased Python Paramiko module).
o many many bugfixes.
o Support pulseaudio (>= 2).
o Expand the "~" character properly.
o Fix detection of color depth on Windows machines.
pyhoca-gui:
o Translation updates.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2014 Orion Poplawski <orion(a)cora.nwra.com> - 0.4.0.9-1
- Update to 0.4.0.9
- Add Requires python-cups
--------------------------------------------------------------------------------
================================================================================
python-chai-0.4.7-1.el6 (FEDORA-EPEL-2014-0106)
Easy to use mocking/stub framework
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2014 Pierre-Yves Chibon <pingou(a)pingoured.fr> 0.4.7-1
- Update to 0.4.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1048161 - python-chai-0.4.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1048161
--------------------------------------------------------------------------------
================================================================================
python-docker-py-0.2.3-5.el6 (FEDORA-EPEL-2014-0100)
An API client for docker written in Python
--------------------------------------------------------------------------------
Update Information:
initial upload (BZ 1048667), python3 to be added after python3-websocket-client (BZ
1049424).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1048667 - Review Request: python-docker-py - An API client for docker written
in Python
https://bugzilla.redhat.com/show_bug.cgi?id=1048667
--------------------------------------------------------------------------------
================================================================================
python-pyarabic-0.4-4.el6 (FEDORA-EPEL-2014-0102)
Arabic text tools for Python
--------------------------------------------------------------------------------
Update Information:
Arabic language text tools to be used by Python.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1047785 - Review Request: python-pyarabic - Arabic text tools for Python
https://bugzilla.redhat.com/show_bug.cgi?id=1047785
--------------------------------------------------------------------------------
================================================================================
python-x2go-0.4.0.9-1.el6 (FEDORA-EPEL-2014-0114)
Python module providing X2Go client API
--------------------------------------------------------------------------------
Update Information:
python-x2go:
o Support for passphrase protect SSH keys.
o Support for two-factor authentication as provided
by OpenSSH server 6.2 and above (requires as of yet
unreleased Python Paramiko module).
o many many bugfixes.
o Support pulseaudio (>= 2).
o Expand the "~" character properly.
o Fix detection of color depth on Windows machines.
pyhoca-gui:
o Translation updates.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2014 Orion Poplawski <orion(a)cora.nwra.com> - 0.4.0.9-1
- Update to 0.4.0.9
- Drop python-cups requires
--------------------------------------------------------------------------------
================================================================================
strongswan-5.1.1-4.el6 (FEDORA-EPEL-2014-0105)
An OpenSource IPsec-based VPN Solution
--------------------------------------------------------------------------------
Update Information:
This is a major update that includes a version bump, build configuration changes and
security updates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Pavel Šimerda <psimerda(a)redhat.com> - 5.1.1-4
- Removed redundant patches and *.spec commands caused by branch merging
* Wed Jan 8 2014 Pavel Šimerda <psimerda(a)redhat.com> - 5.1.1-3
- rebuilt
* Mon Dec 2 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 5.1.1-2
- Resolves: 973315
- Resolves: 1036844
* Fri Nov 1 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 5.1.1-1
- Support for PT-TLS (RFC 6876)
- Support for SWID IMC/IMV
- Support for command line IKE client charon-cmd
- Changed location of pki to /usr/bin
- Added swid tags files
- Added man pages for pki and charon-cmd
- Renamed pki to strongswan-pki to avoid conflict with
pki-core/pki-tools package.
- Update local patches
- Fixes CVE-2013-6075
- Fixes CVE-2013-6076
- Fixed autoconf/automake issue as configure.ac got changed
and it required running autoreconf during the build process.
- added strongswan signature file to the sources.
* Thu Sep 12 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 5.1.0-3
- Fixed initialization crash of IMV and IMC particularly
attestation imv/imc as libstrongswas was not getting
initialized.
* Fri Aug 30 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 5.1.0-2
- Enabled fips support
- Enabled TNC's ifmap support
- Enabled TNC's pdp support
- Fixed hardocded package name in this spec file
* Wed Aug 7 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 5.1.0-1
- rhbz#981429: New upstream release
- Fixes CVE-2013-5018: rhbz#991216, rhbz#991215
- Fixes rhbz#991859 failed to build in rawhide
- Updated local patches and removed which are not needed
- Fixed errors around charon-nm
- Added plugins libstrongswan-pkcs12.so, libstrongswan-rc2.so,
libstrongswan-sshkey.so
- Added utility imv_policy_manager
* Thu Jul 25 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 5.0.4-5
- rename strongswan-NetworkManager to strongswan-charon-nm
- fix enable_nm macro
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025870 - CVE-2013-6075 strongswan: denial of service and potential
authorization bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1025870
[ 2 ] Bug #1026152 - CVE-2013-6076 strongswan: denial of service when handling IKEv1
fragmentation payloads
https://bugzilla.redhat.com/show_bug.cgi?id=1026152
--------------------------------------------------------------------------------
================================================================================
trac-fedmsg-plugin-0.3.0-1.el6 (FEDORA-EPEL-2014-0111)
Emit fedmsg messages
--------------------------------------------------------------------------------
Update Information:
Use an active instead of passive fedmsg socket. Forwards to fedmsg-relay.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Ralph Bean <rbean(a)redhat.com> - 0.3.0-1
- Latest upstream.
- Forwards messages to a fedmsg-relay instead of passive binding.
- Modernized python macros.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
unhide-20130526-1.el6 (FEDORA-EPEL-2014-0113)
Tool to find hidden processes and TCP/UDP ports from rootkits
--------------------------------------------------------------------------------
Update Information:
2013-05-26
unhide-posix.c
- Transform 'ret' in global variable to avoid warnings
(note: ret variable was added to avoid warnings with some over pedantic
version of glibc and is otherwise useless).
2013-05-24
unhide-tcp.8 (spanish version), LEEME.txt
- update according to english version.
2013-03-03
unhide-posix.c
- Bugfix : Correct app name in banner of unhide-posix.
unhide-tcp.c
- Continue to simplify packager job:
* on FreeBSD use sockstat instead of fuser, which doesn't show info on internet
socket
on this system.
README.txt, LISEZ-MOI.txt
- Add list of build-requires and use-requires
unhide-tcp.8 (french and english version)
- Add notes upon FreeBSD.
2013-02-03
unhide-output.h
- Bugfix : include <stdarg.h>, some old glibc need it
unhide-posix.c, unhide-output.c, unhide-tcp.c
- Simplify packager job:
* put OS specific command between #ifdef (they were previously commented),
* don't use ss by default in unhide-tcp if OS is not linux,
* on FreeBSD use sockstat instead of fuser, which doesn't show info on internet
socket
on this system.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #469843 - Review Request: unhide - Tool to find hidden processes and TCP/UDP
ports from rootkits
https://bugzilla.redhat.com/show_bug.cgi?id=469843
--------------------------------------------------------------------------------