The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/asterisk-1.8.4.3-1.el6
https://admin.fedoraproject.org/updates/dokuwiki-0-0.8.20110525.a.el6
https://admin.fedoraproject.org/updates/mingw32-libpng-1.2.37-3.el6
https://admin.fedoraproject.org/updates/libpng10-1.0.54-3.el6
https://admin.fedoraproject.org/updates/libmodplug-0.8.8.3-2.el6
https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.el6
https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
389-admin-1.1.19-1.el6
389-dsgw-1.1.7-1.el6
R-qtl-1.21.2-1.el6
etckeeper-0.55-1.el6
libpng10-1.0.54-3.el6
mingw32-libpng-1.2.37-3.el6
packagedb-cli-1.0.0-3.el6
php-voms-admin-0.6-1.el6
python-argparse-1.2.1-2.el6
xrootd-3.0.4-2.el6
Details about builds:
================================================================================
389-admin-1.1.19-1.el6 (FEDORA-EPEL-2011-3669)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
look for separate openldap ldif library
skip rebranding current brand - add support for different skins
The 1.1.17 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 28 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.19-1
- look for separate openldap ldif library
* Tue Jun 21 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.18-1
- skip rebranding current brand
- support for skins
* Fri May 13 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.17-1
- 1.1.17
- support "in-place" upgrade and rebranding from Red Hat to 389
- many fixes for coverity issues
* Tue Mar 29 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.16-1
- 389-admin-1.1.16
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
- Bug 614690 - Don't use exec to call genrb
- Bug 158926 - Unable to install CA certificate when using
- hardware token ( LunaSA )
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
* Wed Feb 23 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.15-1
- 1.1.15 release - git tag 389-admin-1.1.15
- Bug 493424 - remove unneeded modules for admin server apache config
- Bug 618897 - Wrong permissions when creating instance from Console
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
- Bug 245278 - Changing to a password with a single quote does not work
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
- Bug 668950 - Add posix group support to Console
- Bug 618858 - move start-ds-admin env file into main admin server config path
- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe
ndencies
- start-ds-admin.in -- replaced "return 1" with "exit 1"
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 470576 - Migration could do addition checks before commiting actions
* Wed Jan 5 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.14-1
- 1.1.14 release
- Bug 664671 - Admin server segfault when full SSL access (http+ldap+console)
required
- Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
* Mon Nov 29 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.13-2
- fix Conflicts for selinux policy
* Tue Nov 23 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.13-1
- This is the final 1.1.13 release
- git tag 389-admin-1.1.13
- Bug 656441 - Missing library path entry causes LD_PRELOAD error
- setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
* Thu Nov 18 2010 Nathan Kinder <nkinder(a)redhat.com> - 1.1.12-2
- This is the final 1.1.12 release
- git tag 389-admin-1.1.12
- Corrected conflict version for selinux-policy
* Fri Nov 12 2010 Nathan Kinder <nkinder(a)redhat.com> - 1.1.1.12-1
- This is the final 1.1.12 release
- git tag 389-admin-1.1.12
* Fri Nov 12 2010 Nathan Kinder <nkinder(a)redhat.com> - 1.1.1.12-1
- Bug 648949 - Merge dirsrv and dirsrv-admin policy modules into base policy
* Tue Oct 26 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.12-0.2.a2
- fix mozldap build breakage
* Tue Sep 28 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.12-0.1.a1
- This is the 1.1.12 alpha 1 release - with openldap support
* Thu Aug 26 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.11-1
- This is the final 1.1.11 release
* Wed Aug 4 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.11-0.6.rc2
- 1.1.11.rc2 release
- git tag 389-admin-1.1.11.rc2
- Bug 594745 - Get rid of dirsrv_lib_t label
--------------------------------------------------------------------------------
================================================================================
389-dsgw-1.1.7-1.el6 (FEDORA-EPEL-2011-3663)
389 Directory Server Gateway (dsgw)
--------------------------------------------------------------------------------
Update Information:
look for separate openldap ldif library
The 1.1.6 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 28 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.7-1
- look for separate openldap ldif library
- remove old fedora-ds cruft
* Fri Oct 8 2010 Rich Megginson <rmeggins(a)redhat.com> - 1.1.6-1
- bump version to 1.1.6
- support for openldap
--------------------------------------------------------------------------------
================================================================================
R-qtl-1.21.2-1.el6 (FEDORA-EPEL-2011-3667)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
New version from
http://www.rqtl.org/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 29 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.21.2-1
- New upstream release
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.19.20-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
etckeeper-0.55-1.el6 (FEDORA-EPEL-2011-3668)
Store /etc in a SCM system (git, mercurial, bzr or darcs)
--------------------------------------------------------------------------------
Update Information:
Update to 0.55, a bugfix version. From the upstream changelog:
* Avoid being noisy in post-install after automatic yum updates. (Tuomo Soini)
* Ignore FHS violating prelink.cache and openvpn-status.log.
* Ignore *.LOCK files, as used by selinux policies.
* Add AVOID_SPECIAL_FILE_WARNING to config file, and set it in cron job to avoid daily
noise. (gulikoza)
Also, the patch to fix error propagation to yum, which makes AVOID_COMMIT_BEFORE_INSTALL
work (bz 709487) has been applied upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 24 2011 Thomas Moschny <thomas.moschny(a)gmx.de> - 0.55-1
- Update to 0.55.
--------------------------------------------------------------------------------
================================================================================
libpng10-1.0.54-3.el6 (FEDORA-EPEL-2011-3664)
Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:
This update fixes a 1-byte uninitialized memory reference in png_format_buffer(). It
allows attackers to cause a denial of service (crash) via a malformed PNG image file that
triggers an error that causes an out-of-bounds read when creating the error message.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 29 2011 Paul Howarth <paul(a)city-fan.org> 1.0.54-3
- fix 1-byte uninitialized memory reference in png_format_buffer()
(CVE-2011-2501, related to CVE-2004-0421)
- nobody else likes macros for commands
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org>
1.0.54-2
- rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #717084 - CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
https://bugzilla.redhat.com/show_bug.cgi?id=717084
--------------------------------------------------------------------------------
================================================================================
mingw32-libpng-1.2.37-3.el6 (FEDORA-EPEL-2011-3670)
MinGW Windows Libpng library
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2011-2501.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #717513 - CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=717513
--------------------------------------------------------------------------------
================================================================================
packagedb-cli-1.0.0-3.el6 (FEDORA-EPEL-2011-3665)
A CLI for pkgdb
--------------------------------------------------------------------------------
Update Information:
First release of packagedb-cli
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #717555 - Review Request: packagedb-cli - A CLI for pkgdb
https://bugzilla.redhat.com/show_bug.cgi?id=717555
--------------------------------------------------------------------------------
================================================================================
php-voms-admin-0.6-1.el6 (FEDORA-EPEL-2011-3592)
Web based interface to control VOMS parameters written in PHP
--------------------------------------------------------------------------------
Update Information:
PHP VOMS-Admin (PVA) originally implemented the same functions as the traditional
JAVA-based VOMS-Admin (v.2.0.18) interface for Apache Tomcat. It was designed to be more
flexible and stable, provide easy scalability and minimize resource usage. PVA is fully
compatible with the vomsd mysql backend.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #603346 - Review Request: php-voms-admin - Web based interface to control VOMS
parameters written in PHP
https://bugzilla.redhat.com/show_bug.cgi?id=603346
--------------------------------------------------------------------------------
================================================================================
python-argparse-1.2.1-2.el6 (FEDORA-EPEL-2011-3658)
Optparse inspired command line parser for Python
--------------------------------------------------------------------------------
Update Information:
* Add the LICENSE.txt file
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 29 2011 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.2.1-2
- Include LICENSE.txt file
* Wed Jun 29 2011 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.2.1-1
- New compatble upstream with some bugfixes and a GPL2 vompatible license
- Enable test suite
* Wed Feb 10 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.0.1-1.1
- First build for EL-5
- Small change to %files section so lack of egg-info on EL-5 is okay.
--------------------------------------------------------------------------------
================================================================================
xrootd-3.0.4-2.el6 (FEDORA-EPEL-2011-3649)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
Update of xrootd to version 3.0.4. For a list of new features and fixed bugs see:
http://www.xrootd.org/download/ReleaseNotes.html
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 28 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:3.0.4-2
- Add missing BuildRequires ncurses-devel
* Tue Jun 28 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:3.0.4-1.1
- Remove xrootdfs man page on EPEL 4
* Mon Jun 27 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:3.0.4-1
- Update to version 3.0.4
- Drop patches fixed upstream: xrootd-man.patch, xrootd-rhel5-no-atomic.patch
- Drop the remaining man-pages copied from root - now provided by upstream
* Fri Jun 17 2011 Marcela Mašláňová <mmaslano(a)redhat.com> - 1:3.0.3-3
- Perl mass rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #716843 - RFE: Please update to 3.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=716843
--------------------------------------------------------------------------------