The following Fedora EPEL 6 Security updates need testing:

https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5544/phpMyAdmin-3.5... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0927/openstack-nova... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0943/asterisk-1.8.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5568/gallery3-3.0.3... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5557/wicd-1.7.0-3.e... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5571/puppet-2.6.16-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5586/gajim-0.14.4-3... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5605/gridengine-6.2... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl...

The following builds have been pushed to Fedora EPEL 6 updates-testing

gajim-0.14.4-3.el6 itstool-1.1.2-1.el6 opensips-1.7.2-2.el6 python-virtualenvwrapper-3.2-2.el6 sems-1.4.2-5.el6

Details about builds:

================================================================================ gajim-0.14.4-3.el6 (FEDORA-EPEL-2012-5586) Jabber client written in PyGTK -------------------------------------------------------------------------------- Update Information:

This updates gajim to the last bugfix release of the 0.14 series and adds fixes for security bugs: * CVE-2012-2085 - user-assisted code execution * CVE-2012-2086 - SQL injection * CVE-2012-2093 - (LaTeX module): Insecure creation of temporary file

-------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 19 2012 Michal Schmidt mschmidt@redhat.com 0.14.4-3 - Add gajim-ThreadInterface.patch which gajim-CVE-2012-2085.patch depends on. * Thu Apr 19 2012 Michal Schmidt mschmidt@redhat.com 0.14.4-2 - Two security fixes from 0.15 (seen in DSA-2453-1): - CVE-2012-2085 - CVE-2012-2086 * Tue Apr 17 2012 Michal Schmidt mschmidt@redhat.com 0.14.4-1 - Update to 0.14.4. - Apply fix for CVE-2012-2093. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #811651 - CVE-2012-2093 gajim (LaTeX module): Insecure creation of temporary file https://bugzilla.redhat.com/show_bug.cgi?id=811651 --------------------------------------------------------------------------------

================================================================================ itstool-1.1.2-1.el6 (FEDORA-EPEL-2012-5609) ITS-based XML translation tool -------------------------------------------------------------------------------- Update Information:

EPEL6 Build updates. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #702989 - Review Request: itstool - Translate XML files with PO using ITS rules https://bugzilla.redhat.com/show_bug.cgi?id=702989 --------------------------------------------------------------------------------

================================================================================ opensips-1.7.2-2.el6 (FEDORA-EPEL-2012-5613) Open Source SIP Server -------------------------------------------------------------------------------- Update Information:

Ver. 1.7.2 (bugfix release) update to 1.7.0. upstream tarball rebuild (removed core file from source tree). -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 19 2012 Peter Lemenkov lemenkov@gmail.com - 1.7.2-2 - Fix building on EPEL * Thu Apr 19 2012 Peter Lemenkov lemenkov@gmail.com - 1.7.2-1 - update to 1.7.2 (bugfix release). - enable systemd support where possible * Fri Apr 13 2012 Jindrich Novy jnovy@redhat.com - 1.7.1-6 - rebuild against new librpm and libdb * Sat Mar 3 2012 Remi Collet remi@fedoraproject.org - 1.7.1-5 - rebuild against libmemcached.so.9 * Fri Feb 10 2012 Petr Pisar ppisar@redhat.com - 1.7.1-4 - Rebuild against PCRE 8.30 * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu Dec 1 2011 John Khvatov ivaxer@fedoraproject.org - 1.7.1-2 - upstream tarball rebuild * Thu Nov 24 2011 John Khvatov ivaxer@fedoraproject.org - 1.7.1-1 - update to 1.7.1 (bugfix release). * Mon Nov 7 2011 John Khvatov ivaxer@fedoraproject.org - 1.7.0-1 - update to 1.7.0 - dropped upstreamed patches - added new modules: event_datagram and python - removed lcr module * Sat Sep 17 2011 Remi Collet remi@fedoraproject.org - 1.6.4-13 - rebuild against libmemcached.so.8 * Mon Aug 22 2011 John Khvatov ivaxer@fedoraproject.org - 1.6.4-12 - rebuild against new libnetsnmp * Thu Jul 21 2011 Petr Sabata contyk@redhat.com - 1.6.4-11 - Perl mass rebuild * Wed Jul 20 2011 Petr Sabata contyk@redhat.com - 1.6.4-10 - Perl mass rebuild --------------------------------------------------------------------------------

================================================================================ python-virtualenvwrapper-3.2-2.el6 (FEDORA-EPEL-2012-5611) Enhancements to virtualenv -------------------------------------------------------------------------------- Update Information:

Enhancements to virtualenv -------------------------------------------------------------------------------- References:

[ 1 ] Bug #810033 - Review Request: python-virtualenvwrapper - Enhancements to virtualenv https://bugzilla.redhat.com/show_bug.cgi?id=810033 --------------------------------------------------------------------------------

================================================================================ sems-1.4.2-5.el6 (FEDORA-EPEL-2012-5614) SIP Express Media Server, an extensible SIP media server -------------------------------------------------------------------------------- Update Information:

* Enabled iLBC ( https://bugzilla.redhat.com/728302#c26 ) -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 19 2012 Peter Lemenkov lemenkov@gmail.com - 1.4.2-5 - Enabled iLBC ( https://bugzilla.redhat.com/728302#c26 ) * Tue Feb 28 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.2-4 - Rebuilt for c++ ABI breakage * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------