The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5544/phpMyAdmin-3.5... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0928/libpng10-1.0.5... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0929/drupal7-ctools... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0927/openstack-nova... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0921/trytond-1.8.6-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0943/asterisk-1.8.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0941/perl-Pod-Plain... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl...
The following builds have been pushed to Fedora EPEL 6 updates-testing
cacti-0.8.8-3.el6 clustershell-1.6-1.el6 duplicity-0.6.18-1.el6 geome-1.1-2.el6 mod_auth_shadow-2.3-1.el6 mosh-1.1.1-1.el6 nwipe-0.08-1.el6 openscada-0.8.0-1.el6 perl-NetPacket-SpanningTree-0.01-3.el6 phoronix-test-suite-3.8.0-1.el6 php-pdepend-PHP-Depend-1.0.5-1.el6 php-pear-phing-2.4.12-1.el6 phpMyAdmin-3.5.0-1.el6 phpPgAdmin-5.0.4-1.el6 plowshare-0.9.4-0.29.20120409git.el6 pymongo-2.1.1-1.el6 python-requests-0.11.1-2.el6 python-txws-0.7-3.el6 python-txzmq-0.3.1-2.el6 rpkg-1.17-1.el6 vmpsd-1.4.04-1.el6 zanata-util-0.2.3-1.el6
Details about builds:
================================================================================ cacti-0.8.8-3.el6 (FEDORA-EPEL-2012-0986) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information:
New upstream version. The full Cacti 0.8.8 release notes are available at http://cacti.net/release_notes_0_8_8.php .
This is the first mainline release to feature the Plugin Architecture.
This update also adds conditionals in the Apache configuration to handle ACLs on httpd 2.4. The same Apache configuration can now be used on httpd 2.2 and 2.4 (in Fedora 18). If you've modified cacti.conf locally, this update will not overwrite your changes. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 11 2012 Ken Dreyer ktdreyer@ktdreyer.com - 0.8.8-3 - Patch $url_path to default to "/cacti/" (upstream bug 2217) * Fri Apr 6 2012 Ken Dreyer ktdreyer@ktdreyer.com - 0.8.8-2 - Adjust httpd ACL conditionals to test the presence of mod_authz_core (as discussed on fedora-devel) * Wed Apr 4 2012 Ken Dreyer ktdreyer@ktdreyer.com - 0.8.8-1 - New upstream release (BZ #809753). * Mon Mar 26 2012 Ken Dreyer ktdreyer@ktdreyer.com - 0.8.7i-4 - Adjust ACLs to support httpd 2.4. * Thu Jan 12 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.8.7i-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #809753 - cacti-0.8.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=809753 --------------------------------------------------------------------------------
================================================================================ clustershell-1.6-1.el6 (FEDORA-EPEL-2012-5534) Python framework for efficient cluster administration -------------------------------------------------------------------------------- Update Information:
Update to 1.6. This version improves the scalability of the library on very large Linux clusters. Also, new features are available in clush and nodeset tools. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 8 2012 Stephane Thiell stephane.thiell@cea.fr 1.6-1 - update to 1.6 --------------------------------------------------------------------------------
================================================================================ duplicity-0.6.18-1.el6 (FEDORA-EPEL-2012-5537) Encrypted bandwidth-efficient backup using rsync algorithm -------------------------------------------------------------------------------- Update Information:
New in v0.6.18 (2012/02/29) ===========================
Enhancements:
- fix extraneous '.py' in botobackend.py include - tests: add delay between backups to avoid assertion error - tests: use backup source that is more likely to be larger than 1M compressed - tests: make other-filesystem check more robust against certain directories being mounts or not - resuming an incremental results in a 'Restarting backup, but current encryption settings do not match original settings' error because curtime is incorrectly set away from previous incremental value - added option to not compress the backup, when no encryption is selected - always delay a little bit when a backend gives us errors - Don't cache TarInfo files. Tests still pass, so I don't believe we need the members cache (and in the old tarfile.py, we didn't cache either). - Adding --file-prefix option so different sets of backups can be stored in the same bucket. See blueprint at https://blueprints.launchpad.net/duplicity/+spec/file-prefix-option - two changes that help the test suite pass - raise log level on backend import failure so it will be visible under default conditions - file /etc/motd may not exist in test environment. Use __file__ instead to point to a known plaintext source file. - some code/import changes to make the ssh and boto backends compatible with Python 2.4. - some changes to make roottest.py compatible with the new dir structure.
Bugs closed in this release:
- Python 2.5 / boto error - possible memory leak - SSH-Backend: Creating dirs separately causes a permissons-problems - multipart upload fails on python 2.7.2 - UnsupportedBackendScheme: scheme not supported in url: scp://u123@u123.example.com/foo/ - ftpsbackend should respect num_retries for ftp commands - duplicity crashes when PYTHONOPTIMIZE is set -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 8 2012 Robert Scheck robert@fedoraproject.org 0.6.18-1 - Upgrade to 0.6.18 (#798951) * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.6.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #784768 - duplicity uses way too much memory https://bugzilla.redhat.com/show_bug.cgi?id=784768 [ 2 ] Bug #798951 - duplicity-0.6.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=798951 --------------------------------------------------------------------------------
================================================================================ geome-1.1-2.el6 (FEDORA-EPEL-2012-5533) Obtain your geolocation data from Google using NetworkManager -------------------------------------------------------------------------------- Update Information:
Initial package of geome -------------------------------------------------------------------------------- References:
[ 1 ] Bug #810417 - Review Request: geome - Obtain your geolocation data from Google using NetworkManager https://bugzilla.redhat.com/show_bug.cgi?id=810417 --------------------------------------------------------------------------------
================================================================================ mod_auth_shadow-2.3-1.el6 (FEDORA-EPEL-2012-5545) An Apache module for authentication using /etc/shadow -------------------------------------------------------------------------------- Update Information:
updated to latest version, fixed dependency on httpd -------------------------------------------------------------------------------- References:
[ 1 ] Bug #803066 - Missing Requires: httpd-mmn https://bugzilla.redhat.com/show_bug.cgi?id=803066 --------------------------------------------------------------------------------
================================================================================ mosh-1.1.1-1.el6 (FEDORA-EPEL-2012-5527) Mobile shell that supports roaming and intelligent local echo -------------------------------------------------------------------------------- Update Information:
Initial packaging for mosh in Fedora EPEL --------------------------------------------------------------------------------
================================================================================ nwipe-0.08-1.el6 (FEDORA-EPEL-2012-5549) Securely erase disks using a variety of recognized methods -------------------------------------------------------------------------------- Update Information:
Upgrade to new upstream bugfix version. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 8 2012 Michal Ambroz <rebus at, seznam.cz> 0.08-1 - upgrade to version 0.08 * Thu Mar 15 2012 Rex Dieter rdieter@fedoraproject.org 0.06-3 - rebuild (parted) --------------------------------------------------------------------------------
================================================================================ openscada-0.8.0-1.el6 (FEDORA-EPEL-2012-5546) Open SCADA system project -------------------------------------------------------------------------------- Update Information:
Build 0.8.8 Rebuild for CentOs 6.x -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 9 2012 Aleksey Popkov aleksey@oscada.org - Build 0.8.0 release. * Thu Dec 8 2011 Aleksey Popkov aleksey@oscada.org - 0.7.2-3 - Fixed of source code for build on the el5. - Fixed of Source0 and Source1 directives. - Some cosmetics. * Thu Dec 8 2011 Aleksey Popkov aleksey@oscada.org - 0.7.2-2 - Some cosmetics. --------------------------------------------------------------------------------
================================================================================ perl-NetPacket-SpanningTree-0.01-3.el6 (FEDORA-EPEL-2012-5526) Assemble and disassemble IEEE 802.1D Spanning Tree protocol packets -------------------------------------------------------------------------------- Update Information:
NetPacket::SpanningTree provides a set of routines for assembling and disassembling packets using the IEEE standard Spanning Tree Protocol. Spanning Tree is a layer 2 protocol defined by the IEEE 802.1D specification.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #573917 - Review Request: perl-NetPacket-SpanningTree - Assemble and disassemble IEEE 802.1D Spanning Tree protocol packets https://bugzilla.redhat.com/show_bug.cgi?id=573917 --------------------------------------------------------------------------------
================================================================================ phoronix-test-suite-3.8.0-1.el6 (FEDORA-EPEL-2012-5539) An Automated, Open-Source Testing Framework -------------------------------------------------------------------------------- Update Information:
- new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 9 2012 Markus Mayer lotharlutz@gmx.de 3.8.0-1 - new upstream release - drop fix_install.patch (merged upstream) - remove devel packages --------------------------------------------------------------------------------
================================================================================ php-pdepend-PHP-Depend-1.0.5-1.el6 (FEDORA-EPEL-2012-5525) PHP_Depend design quality metrics for PHP package -------------------------------------------------------------------------------- Update Information:
upstream 1.0.5 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 11 2012 Christof Damian christof@damian.net - 1.0.5-1 - upstream 1.0.5 --------------------------------------------------------------------------------
================================================================================ php-pear-phing-2.4.12-1.el6 (FEDORA-EPEL-2012-5551) A project build system based on Apache Ant -------------------------------------------------------------------------------- Update Information:
upstream 2.4.12 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 11 2012 Christof Damian christof@damian.net - 2.4.12-1 - upstream 2.4.12 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-3.5.0-1.el6 (FEDORA-EPEL-2012-5544) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
Changes for 3.5.0.0 (2012-04-07):
- [interface] Add support for mass prefix change. - [display] "up to date" message on main page when current version is up to date - [feature] Update to jQuery 1.6.2 - [search] Show/hide db search results - [patch] Add gettext wrappers around a message - [cleanup] Remove deprecated function PMA_DBI_get_fields - [feature] Remember recent tables - [feature] Remember the last sort order for each table - [ajax] for Create table in navigation panel - [feature] Wording about Column - [ajax] AJAX for Add a user in Database privileges - [feature] new DisableMultiTableMaintenance directive - [interface] Reorganised server status page. - [interface] Changed way of generating charts. - [interface] Flexible column width - [interface] Mouse-based column reordering in query results - [ajax] AJAX for Insert to a table from database Structure page - [patch] PMA_ajaxShowMessage() does not respect timeout - [ajax] AJAX for Change on multiple rows in table Browse - [interface] Improved support for stored routines - [display] More options for browsing GIS data - [interface] Support for spatial indexes - [display] GIS data visualization - [ajax] AJAX for table structure multiple-column change - [ajax] AJAX for table structure index edit - [feature] Show/hide indexes in table Structure - [display] More compact navigation bar - [display] Display direction (horizontal/vertical) no longer displayed by default - [feature] Shift/click support in database Structure - [display] Show/hide column in table Browse - [ajax] AJAX dialogs use wrong font-size - [interface] Timepicker does not work in AJAX dialogs - [ajax] AJAX for table Structure Indexes Edit - [ajax] AJAX for table Structure column Change - [interface] Improved support for events - [interface] Improved support for triggers - [interface] Improved server monitoring - [ajax] AJAX for table Structure column Add - [ajax] AJAX for table Operations copy table - [export] no uid Query result export (Suhosin limit) - [feature] Grid editing in browse mode (replaces row inline edit) - [feature] Zoom-search in table Search - [interface] Editor for GIS data - [import] Import GIS data from ESRI Shapefiles - [interface] 'Function based search' for GIS data - [database] Support Drizzle database - [interface] Interface problems for queries having LIMIT clauses - [interface] Remove DefaultPropDisplay feature - [prettyprint] Order By in a query containing comment character - [interface] Improved ENUM/SET editor - [pmadb] pmadb on a different MySQL server - [interface] Improving field size for character columns - [usability] Removed an unnecessary AJAX request from database search - [navi] Tabs break when squeezing page - [navi] Stick table tools to top of page on scroll - [interface] Improved error handling - [interface] Add useful intermediate pages to pageselector - [interface] Improved index editor - [display] View editing via a generated ALTER VIEW - [interface] Deleting table from the DB does not change the table counter - [designer] Toggle for relation lines - [ajax] database list not updated after adding/deleting a user + database - [edit] Sort by key generates wrong sql with limit clause - [structure] Error dropping index of non-existing column - [display] Page through rows returned from a view - [interface] Checkbox to have SQL input remain - [export] Fixed CSV escape for the export - [import] Fixed CSV escape for the import - [interface] No warning on syntax error in search form - [core] Improved detection of SSL connection - [feature] FULLTEXT support for InnoDB, starting with MySQL 5.6.4 - [interface] Duplicate inline query edit box - [mime] Description of the transformation missing in the tooltip
Changes for 3.4.11.0 (not yet released): - [import] Exception on XML import - [navi] $cfg['ShowTooltipAliasTB'] and blank names in navigation
Changes for 3.4.10.2 (2012-03-28): - [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
Changes for 3.4.10.1 (2012-02-18): - [security] XSS in replication setup, see PMASA-2012-1
Changes for 3.4.10.0 (2012-02-14): - [interface] TextareaAutoSelect feature broken - [export] PHP Array export might generate invalid php code - [import] Import from ODS ignores cell that is the same as cell before - [display] SELECT DISTINCT displays wrong total records found - [operations] copy table data missing SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO' - [edit] Setting data to NULL and drop-downs - [edit] Missing set fields and values in generated INSERT query - [libraries] license issue with TCPDF (updated to 5.9.145) -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 8 2012 Robert Scheck robert@fedoraproject.org 3.5.0-1 - Upgrade to 3.5.0 (#790782, #795020, #809146) * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.4.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #795020 - CVE-2012-1190 phpMyAdmin: XSS in replication setup (PMASA-2012-1) https://bugzilla.redhat.com/show_bug.cgi?id=795020 [ 2 ] Bug #809146 - CVE-2012-1902 phpMyAdmin: path disclosure flaw (PMASA-2012-2) https://bugzilla.redhat.com/show_bug.cgi?id=809146 --------------------------------------------------------------------------------
================================================================================ phpPgAdmin-5.0.4-1.el6 (FEDORA-EPEL-2012-5524) Web-based PostgreSQL administration -------------------------------------------------------------------------------- Update Information:
Update to 5.0.4, per changes described at http://archives.postgresql.org/pgsql-announce/2012-03/msg00016.php -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 22 2012 Devrim Gunduz devrim@gunduz.org 5.0.4-1 - Update to 5.0.4, per changes described at http://archives.postgresql.org/pgsql-announce/2012-03/msg00016.php --------------------------------------------------------------------------------
================================================================================ plowshare-0.9.4-0.29.20120409git.el6 (FEDORA-EPEL-2012-5536) Download and upload files from file-sharing websites -------------------------------------------------------------------------------- Update Information:
New upstream snapshot. -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 9 2012 Elder Marco eldermarco@fedoraproject.org - 0.9.4-0.29.20120409git - New upstream snapshot --------------------------------------------------------------------------------
================================================================================ pymongo-2.1.1-1.el6 (FEDORA-EPEL-2012-5552) Python driver for MongoDB -------------------------------------------------------------------------------- Update Information:
Update to 2.1.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 10 2012 Silas Sewell silas@sewell.org - 2.1.1-1 - Update to 2.1.1 --------------------------------------------------------------------------------
================================================================================ python-requests-0.11.1-2.el6 (FEDORA-EPEL-2012-5528) HTTP library, written in Python, for human beings -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. python-requests - 0.11.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #808912 - ImportError on requests https://bugzilla.redhat.com/show_bug.cgi?id=808912 --------------------------------------------------------------------------------
================================================================================ python-txws-0.7-3.el6 (FEDORA-EPEL-2012-5547) Twisted WebSockets wrapper -------------------------------------------------------------------------------- Update Information:
Initial packaging of python-txws. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #810386 - Review Request: python-txws - Twisted WebSockets wrapper https://bugzilla.redhat.com/show_bug.cgi?id=810386 --------------------------------------------------------------------------------
================================================================================ python-txzmq-0.3.1-2.el6 (FEDORA-EPEL-2012-5542) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information:
Initial packaging of txzmq. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #810382 - Review Request: python-txzmq - Twisted bindings for ZeroMQ https://bugzilla.redhat.com/show_bug.cgi?id=810382 --------------------------------------------------------------------------------
================================================================================ rpkg-1.17-1.el6 (FEDORA-EPEL-2012-5531) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information:
Fix chain-building and reading of custom configs -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 9 2012 Jesse Keating jkeating@redhat.com - 1.17-1 - Don't assume master branch for chain builds (jkeating) * Mon Mar 26 2012 Jesse Keating jkeating@redhat.com - 1.16-1 - Only read from .koji/config (jkeating) --------------------------------------------------------------------------------
================================================================================ vmpsd-1.4.04-1.el6 (FEDORA-EPEL-2012-5541) A GPL implementation of Cisco Systems' VMPS -------------------------------------------------------------------------------- Update Information:
Rebase to v1.4.04 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 11 2012 Colin Coe colin.coe@gmail.com - 1.4.04-1 - Rebase to latest upstream to resolve BZ754963 * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.03-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #754963 - vmpsd-1.4.04 is available https://bugzilla.redhat.com/show_bug.cgi?id=754963 --------------------------------------------------------------------------------
================================================================================ zanata-util-0.2.3-1.el6 (FEDORA-EPEL-2012-5543) Helper scripts for using Zanata -------------------------------------------------------------------------------- Update Information:
Zanata-util contains a collection of helper scripts that makes Zanata use easier -------------------------------------------------------------------------------- References:
[ 1 ] Bug #807113 - Review Request: zanata-util - Helper scripts for using Zanata https://bugzilla.redhat.com/show_bug.cgi?id=807113 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org