The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5544/phpMyAdmin-...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0927/openstack-n...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0943/asterisk-1....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5568/gallery3-3....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5557/wicd-1.7.0-...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5571/puppet-2.6....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5586/gajim-0.14....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5605/gridengine-...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gri...
The following builds have been pushed to Fedora EPEL 6 updates-testing
gajim-0.14.4-3.el6
itstool-1.1.2-1.el6
opensips-1.7.2-2.el6
python-virtualenvwrapper-3.2-2.el6
sems-1.4.2-5.el6
Details about builds:
================================================================================
gajim-0.14.4-3.el6 (FEDORA-EPEL-2012-5586)
Jabber client written in PyGTK
--------------------------------------------------------------------------------
Update Information:
This updates gajim to the last bugfix release of the 0.14 series and adds fixes for
security bugs:
* CVE-2012-2085 - user-assisted code execution
* CVE-2012-2086 - SQL injection
* CVE-2012-2093 - (LaTeX module): Insecure creation of temporary file
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 19 2012 Michal Schmidt <mschmidt(a)redhat.com> 0.14.4-3
- Add gajim-ThreadInterface.patch which gajim-CVE-2012-2085.patch
depends on.
* Thu Apr 19 2012 Michal Schmidt <mschmidt(a)redhat.com> 0.14.4-2
- Two security fixes from 0.15 (seen in DSA-2453-1):
- CVE-2012-2085
- CVE-2012-2086
* Tue Apr 17 2012 Michal Schmidt <mschmidt(a)redhat.com> 0.14.4-1
- Update to 0.14.4.
- Apply fix for CVE-2012-2093.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #811651 - CVE-2012-2093 gajim (LaTeX module): Insecure creation of temporary
file
https://bugzilla.redhat.com/show_bug.cgi?id=811651
--------------------------------------------------------------------------------
================================================================================
itstool-1.1.2-1.el6 (FEDORA-EPEL-2012-5609)
ITS-based XML translation tool
--------------------------------------------------------------------------------
Update Information:
EPEL6 Build updates.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #702989 - Review Request: itstool - Translate XML files with PO using ITS
rules
https://bugzilla.redhat.com/show_bug.cgi?id=702989
--------------------------------------------------------------------------------
================================================================================
opensips-1.7.2-2.el6 (FEDORA-EPEL-2012-5613)
Open Source SIP Server
--------------------------------------------------------------------------------
Update Information:
Ver. 1.7.2 (bugfix release)
update to 1.7.0.
upstream tarball rebuild (removed core file from source tree).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 1.7.2-2
- Fix building on EPEL
* Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 1.7.2-1
- update to 1.7.2 (bugfix release).
- enable systemd support where possible
* Fri Apr 13 2012 Jindrich Novy <jnovy(a)redhat.com> - 1.7.1-6
- rebuild against new librpm and libdb
* Sat Mar 3 2012 Remi Collet <remi(a)fedoraproject.org> - 1.7.1-5
- rebuild against libmemcached.so.9
* Fri Feb 10 2012 Petr Pisar <ppisar(a)redhat.com> - 1.7.1-4
- Rebuild against PCRE 8.30
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.7.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Dec 1 2011 John Khvatov <ivaxer(a)fedoraproject.org> - 1.7.1-2
- upstream tarball rebuild
* Thu Nov 24 2011 John Khvatov <ivaxer(a)fedoraproject.org> - 1.7.1-1
- update to 1.7.1 (bugfix release).
* Mon Nov 7 2011 John Khvatov <ivaxer(a)fedoraproject.org> - 1.7.0-1
- update to 1.7.0
- dropped upstreamed patches
- added new modules: event_datagram and python
- removed lcr module
* Sat Sep 17 2011 Remi Collet <remi(a)fedoraproject.org> - 1.6.4-13
- rebuild against libmemcached.so.8
* Mon Aug 22 2011 John Khvatov <ivaxer(a)fedoraproject.org> - 1.6.4-12
- rebuild against new libnetsnmp
* Thu Jul 21 2011 Petr Sabata <contyk(a)redhat.com> - 1.6.4-11
- Perl mass rebuild
* Wed Jul 20 2011 Petr Sabata <contyk(a)redhat.com> - 1.6.4-10
- Perl mass rebuild
--------------------------------------------------------------------------------
================================================================================
python-virtualenvwrapper-3.2-2.el6 (FEDORA-EPEL-2012-5611)
Enhancements to virtualenv
--------------------------------------------------------------------------------
Update Information:
Enhancements to virtualenv
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #810033 - Review Request: python-virtualenvwrapper - Enhancements to
virtualenv
https://bugzilla.redhat.com/show_bug.cgi?id=810033
--------------------------------------------------------------------------------
================================================================================
sems-1.4.2-5.el6 (FEDORA-EPEL-2012-5614)
SIP Express Media Server, an extensible SIP media server
--------------------------------------------------------------------------------
Update Information:
* Enabled iLBC (
https://bugzilla.redhat.com/728302#c26 )
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 1.4.2-5
- Enabled iLBC (
https://bugzilla.redhat.com/728302#c26 )
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4.2-4
- Rebuilt for c++ ABI breakage
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------