The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5544/phpMyAdmin-3.5... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0929/drupal7-ctools... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0927/openstack-nova... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0921/trytond-1.8.6-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0943/asterisk-1.8.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0941/perl-Pod-Plain... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5568/gallery3-3.0.3... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5557/wicd-1.7.0-3.e... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl...
The following builds have been pushed to Fedora EPEL 6 updates-testing
cobbler-2.2.2-1.el6 drupal6-addthis-3.0-6.beta2.el6 drupal6-og-2.2-4.el6 drupal6-views-2.16-2.el6 gallery3-3.0.3-1.el6 nagios-plugins-openmanage-3.7.5-1.el6 python-dulwich-0.8.5-1.el6 rubygem-dynect_rest-0.4.3-1.el6 tito-0.4.8-1.el6 wicd-1.7.0-3.el6
Details about builds:
================================================================================ cobbler-2.2.2-1.el6 (FEDORA-EPEL-2012-5556) Boot server configurator -------------------------------------------------------------------------------- Update Information:
New upstream release -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 11 2012 James Cammarata jimi@sngx.net - 2.2.2-1 - New upstream 2.2.2 release (jimi@sngx.net) * Thu Jan 12 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ drupal6-addthis-3.0-6.beta2.el6 (FEDORA-EPEL-2012-5562) AddThis module for Drupal6 -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #807331 - Review Request: drupal6-addthis - AddThis module for Drupal6. https://bugzilla.redhat.com/show_bug.cgi?id=807331 --------------------------------------------------------------------------------
================================================================================ drupal6-og-2.2-4.el6 (FEDORA-EPEL-2012-5558) Organic Group Module for Drupal6 -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #807328 - Review Request: drupal6-og - Organic Group Module for Drupal6 https://bugzilla.redhat.com/show_bug.cgi?id=807328 --------------------------------------------------------------------------------
================================================================================ drupal6-views-2.16-2.el6 (FEDORA-EPEL-2012-5559) Provides a method for site designers to control content presentation -------------------------------------------------------------------------------- Update Information:
Latest upstream. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.16-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Nov 15 2011 Jon Ciesla limb@jcomserv.net - 2.16-1 - Update to 2.16, BZ 754076. * Fri Nov 4 2011 Jon Ciesla limb@jcomserv.net - 2.14-1 - Update to 2.14, BZ 751044. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #812130 - Can you make drupal6-views-2.16-2 available on epel6 https://bugzilla.redhat.com/show_bug.cgi?id=812130 --------------------------------------------------------------------------------
================================================================================ gallery3-3.0.3-1.el6 (FEDORA-EPEL-2012-5568) Customizable photo gallery web site -------------------------------------------------------------------------------- Update Information:
Minor XSS fixes. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #812048 - CVE-2012-1113 gallery: XSS flaws in administration area [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=812048 [ 2 ] Bug #812049 - CVE-2012-1113 gallery: XSS flaws in administration area [fedora-rawhide] https://bugzilla.redhat.com/show_bug.cgi?id=812049 [ 3 ] Bug #812050 - CVE-2012-1113 gallery: XSS flaws in administration area [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=812050 --------------------------------------------------------------------------------
================================================================================ nagios-plugins-openmanage-3.7.5-1.el6 (FEDORA-EPEL-2012-5566) Nagios plugin to monitor hardware health on Dell servers -------------------------------------------------------------------------------- Update Information:
Update to upstream version 3.7.5 -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 13 2012 Trond Hasle Amundsen t.h.amundsen@usit.uio.no - 3.7.5-1 - Upstream version 3.7.5 --------------------------------------------------------------------------------
================================================================================ python-dulwich-0.8.5-1.el6 (FEDORA-EPEL-2012-5565) A python implementation of the Git file formats and protocols -------------------------------------------------------------------------------- Update Information:
* Fri Apr 13 2012 Fabian Affolter mail@fabian-affolter.ch - 0.8.5-1 - Updated to new upstream version 0.8.5
-------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 13 2012 Fabian Affolter mail@fabian-affolter.ch - 0.8.5-1 - Updated to new upstream version 0.8.5 * Fri Apr 6 2012 Fabian Affolter mail@fabian-affolter.ch - 0.8.4-1 - Updated to new upstream version 0.8.4 * Fri Feb 24 2012 Fabian Affolter mail@fabian-affolter.ch - 0.8.3-1 - Updated to new upstream version 0.8.3 --------------------------------------------------------------------------------
================================================================================ rubygem-dynect_rest-0.4.3-1.el6 (FEDORA-EPEL-2012-5570) Dynect REST API library -------------------------------------------------------------------------------- Update Information:
Update to 0.4.3 Upstream update to 0.4.1 -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 13 2012 Russell Harrison rharriso@redhat.com 0.4.3-1 - Update to 0.4.3 * Thu Mar 29 2012 Russell Harrison rharriso@redhat.com 0.4.1-1 - Update to 0.4.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #811530 - rubygem-dynect_rest-0.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=811530 [ 2 ] Bug #808020 - rubygem-dynect_rest-0.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=808020 --------------------------------------------------------------------------------
================================================================================ tito-0.4.8-1.el6 (FEDORA-EPEL-2012-5567) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information:
Fix mock builds of packages that do not use the standard builder, changelog email issues with interpreting 0 as false, and a broken constructor in the distributionbuilder. -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 2 2012 Devan Goodwin dgoodwin@rm-rf.ca 0.4.8-1 - Fix MockBuilder for packages that use non-standard builders normally. (dgoodwin@redhat.com) - interpret '0' as False for changelog_with_email setting. (msuchy@redhat.com) * Thu Mar 15 2012 Devan Goodwin dgoodwin@rm-rf.ca 0.4.7-1 - Fix issues with DistributionBuilder constructor (dgoodwin@redhat.com) --------------------------------------------------------------------------------
================================================================================ wicd-1.7.0-3.el6 (FEDORA-EPEL-2012-5557) Wireless and wired network connection manager -------------------------------------------------------------------------------- Update Information:
This update fixes CVE-2012-2095. The wicd daemon suffered from a local privilege escalation flaw due to incomplete input sanitization. A local attacker sould use this to inject arbitrary code through the D-Bus interface. -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 13 2012 David Cantrell dcantrell@redhat.com - 1.7.0-3 - Fix CVE-2012-2095 (#811764) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #811762 - CVE-2012-2095 wicd: broken filtering leads to arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=811762 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org