The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/myproxy-5.3-1.el6
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.113-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
TurboGears-1.1.2-2.el6
bios_extract-0-0.6.20101207gitd65284d.el6
clustershell-1.4-1.el6
erlang-ebloom-1.0.2-4.el6
perl-CGI-Simple-1.113-1.el6
perl-Mail-Mbox-MessageParser-1.5002-6.el6
pondus-0.7.3-1.el6
python-pep8-0.6.0-2.el6
skipfish-1.84-0.1.b.el6
Details about builds:
================================================================================
TurboGears-1.1.2-2.el6 (FEDORA-EPEL-2011-0138)
Back-to-front web development in Python
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 17 2011 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.1.2-2
- Changes to allow the package to run on RHEL6.
- Add a text file with tips for porting from 1.0 to 1.1
* Sat Dec 25 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.1.2-1
- Update to upstream 1.1.2
- Add python-dateutil as a a Req (for scheduler)
* Thu Dec 2 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.1.1-1
- Update to upstream 1.1.1
- Fix test case failure
- Fix problem with an import not matching what's actually called.
* Thu Sep 16 2010 Mark Chappell <tremble(a)fedoraproject.org> - 1.0.9-7
- Add explicit versions to ensure we install cleanly on EL-5 RHBZ#451228
* Tue Aug 3 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.0.9-6
- Fix building on python-2.7
* Wed Jul 21 2010 David Malcolm <dmalcolm(a)redhat.com> - 1.0.9-5
- Rebuilt for
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Mon May 31 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.0.9-4
- Fix failing unittest with SA-0.6
* Wed Jan 13 2010 Toshio Kuratomi <toshio(a)fedoraproject.org> - 1.0.9-3
- Fix deprecation warnings
--------------------------------------------------------------------------------
================================================================================
bios_extract-0-0.6.20101207gitd65284d.el6 (FEDORA-EPEL-2011-0133)
Tools to extract the different submodules of common legacy bioses
--------------------------------------------------------------------------------
Update Information:
* New GIT snapshot
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 22 2011 Peter Lemenkov <lemenkov(a)gmail.com> - 0-0.6.20101207gitd65284d
- New git snapshot
- Dropped upstreamed patches
--------------------------------------------------------------------------------
================================================================================
clustershell-1.4-1.el6 (FEDORA-EPEL-2011-0139)
Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:
* performance improvements on large cluster
* several new minor features
* CLI tools code rewrite
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 15 2011 Stephane Thiell <stephane.thiell(a)cea.fr> 1.4-1
- update to 1.4
--------------------------------------------------------------------------------
================================================================================
erlang-ebloom-1.0.2-4.el6 (FEDORA-EPEL-2011-0141)
A NIF wrapper around a basic bloom filter
--------------------------------------------------------------------------------
Update Information:
* Added CXXFLAGS too
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 22 2011 Peter Lemenkov <lemenkov(a)gmail.com> - 1.0.2-4
- Pass proper cxxflags to the C++ compiler (rhbz #669722) too
* Fri Jan 21 2011 Peter Lemenkov <lemenkov(a)gmail.com> - 1.0.2-3
- Pass proper cflags to the C compiler (rhbz #669722)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #669722 - Pass proper optflags to the C-compiler
https://bugzilla.redhat.com/show_bug.cgi?id=669722
--------------------------------------------------------------------------------
================================================================================
perl-CGI-Simple-1.113-1.el6 (FEDORA-EPEL-2011-0148)
Simple totally OO CGI interface that is CGI.pm compliant
--------------------------------------------------------------------------------
Update Information:
Update to 1.113 and apply additional patch to resolve CVE-2010-4410.
Fix boundary to use randomized value as opposed to hardcoded value.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 21 2011 Tom Callaway <spot(a)fedoraproject.org> - 1.113-1
- Update to 1.113, apply additional patch to fully resolve CVE-2010-4411
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #658976 - perl-CGI, perl-CGI-Simple: CVE-2010-2761 -- hardcoded value of the
MIME boundary string in multipart/x-mixed-replace content, CVE-2010-4410 -- CRLF injection
vulnerability in the header function
https://bugzilla.redhat.com/show_bug.cgi?id=658976
[ 2 ] Bug #658970 - perl-CGI-Simple: CRLF injection vulnerability via a crafted URL
https://bugzilla.redhat.com/show_bug.cgi?id=658970
--------------------------------------------------------------------------------
================================================================================
perl-Mail-Mbox-MessageParser-1.5002-6.el6 (FEDORA-EPEL-2011-0140)
A fast and simple mbox folder reader
--------------------------------------------------------------------------------
Update Information:
This is the first EPEL release of perl-Mail-Mbox-MessageParser.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #170507 - Review Request: perl-Mail-Mbox-MessageParser
https://bugzilla.redhat.com/show_bug.cgi?id=170507
--------------------------------------------------------------------------------
================================================================================
pondus-0.7.3-1.el6 (FEDORA-EPEL-2011-0137)
A personal weight management program
--------------------------------------------------------------------------------
Update Information:
Update to newest stable upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 22 2011 Jussi Lehtola <jussilehtola(a)fedoraproject.org> - 0.7.3-1
- Update to 0.7.3.
* Wed Jul 21 2010 David Malcolm <dmalcolm(a)redhat.com> - 0.7.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #671866 - pondus-0.7.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=671866
--------------------------------------------------------------------------------
================================================================================
python-pep8-0.6.0-2.el6 (FEDORA-EPEL-2011-0132)
Python style guide checker
--------------------------------------------------------------------------------
Update Information:
This update fixes a dependency issue where python-setuptools, a required package to run
this program, was not installed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633102 - [abrt] python-pep8-0.4.2-2.fc13: pep8:5:<module>:ImportError:
No module named pkg_resources
https://bugzilla.redhat.com/show_bug.cgi?id=633102
--------------------------------------------------------------------------------
================================================================================
skipfish-1.84-0.1.b.el6 (FEDORA-EPEL-2011-0136)
Web application security scanner
--------------------------------------------------------------------------------
Update Information:
Update to versin 1.84b
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 21 2011 Michal Ambroz <rebus AT seznam.cz> - 1.84-0.1.b
- rebuild for version 1.84b
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576431 - Package Review: skipfish - Web application security scanner
https://bugzilla.redhat.com/show_bug.cgi?id=576431
--------------------------------------------------------------------------------