The following Fedora EPEL 6 Security updates need testing:
Age URL
990
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
209
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7....
80
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3....
55
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binut...
43
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6....
32
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-torn...
23
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5....
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4766/mediawiki11...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4884/mapserver-6...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4918/dokuwiki-0-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0151/docker-io-1...
The following builds have been pushed to Fedora EPEL 6 updates-testing
docker-io-1.4.1-2.el6
drupal7-features-2.3-1.el6
php-horde-Horde-Idna-1.0.1-1.el6
php-horde-Horde-Imap-Client-2.26.0-1.el6
php-horde-Horde-Kolab-Server-2.0.3-1.el6
php-horde-Horde-Mail-2.5.1-1.el6
php-horde-Horde-Smtp-1.8.0-1.el6
php-true-punycode-1.0.1-1.el6
python-flask-login-0.2.11-3.el6
python-gnupg-0.3.7-1.el6
python-trollius-1.0.4-1.el6
tito-0.5.6-2.el6
Details about builds:
================================================================================
docker-io-1.4.1-2.el6 (FEDORA-EPEL-2015-0151)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
don't require fish for fish-completion as it's unavailable
Resolves: rhbz#1175144 - update to 1.4.1
Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.1-2
- don't require fish for fish-completion as it's unavailable
* Mon Jan 5 2015 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.1-1
- Resolves: rhbz#1175144 - update to 1.4.1
- patch to make 'docker exec' work
via Vincent Batts <vbatts(a)fedoraproject.org>
https://github.com/docker/libcontainer/issues/309
- subpackages for fish, zsh completion, vim highlighting and logrotate cron
job
* Mon Dec 15 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.0-2
- Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
* Thu Dec 11 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.0-1
- Resolves: rhbz#1173325
- Resolves: rhbz#1172761 - CVE-2014-9356
- Resolves: rhbz#1172782 - CVE-2014-9357
- Resolves: rhbz#1172787 - CVE-2014-9358
- update to upstream v1.4.0
- override DOCKER_CERT_PATH in sysconfig instead of patching the source
- update metaprovides
- define PR_SET_CHILD_SUBREAPER as per newer kernel-headers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172761 - CVE-2014-9356 docker: Path traversal during processing of absolute
symlinks
https://bugzilla.redhat.com/show_bug.cgi?id=1172761
[ 2 ] Bug #1172782 - CVE-2014-9357 docker: Escalation of privileges during decompression
of LZMA archives
https://bugzilla.redhat.com/show_bug.cgi?id=1172782
[ 3 ] Bug #1172787 - CVE-2014-9358 docker: Path traversal and spoofing opportunities
presented through image identifiers
https://bugzilla.redhat.com/show_bug.cgi?id=1172787
--------------------------------------------------------------------------------
================================================================================
drupal7-features-2.3-1.el6 (FEDORA-EPEL-2015-0123)
Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
Fixes an issue added in Drupal 7.33 that can cause merge conflicts when collaborating on
Features.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Paul W. Frields <stickster(a)gmail.com> - 2.3-1
- Update to upstream 2.3 release for bug fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179190 - drupal7-features-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1179190
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Idna-1.0.1-1.el6 (FEDORA-EPEL-2015-0154)
IDNA backend normalization package
--------------------------------------------------------------------------------
Update Information:
Normalized access to various backends providing IDNA (Internationalized Domain Names in
Applications) support.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179711 - Review Request: php-horde-Horde-Idna - IDNA backend normalization
package
https://bugzilla.redhat.com/show_bug.cgi?id=1179711
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.26.0-1.el6 (FEDORA-EPEL-2015-0124)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.26.0
* [mms] Fix handling mailbox cache data when the mailbox returns NOMODSEQ.
* [mms] IMAP alerts can now be handled by registering an observer with the new
Horde_Imap_Client_Base_Alerts object.
Horde_Smtp 1.8.0
* [mms] Failed recipients can now be determined via the Horde_Smtp_Exception_Recipients
exception thrown when calling Horde_Smtp#send().
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <remi(a)fedoraproject.org> - 2.26.0-1
- Update to 2.26.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Kolab-Server-2.0.3-1.el6 (FEDORA-EPEL-2015-0147)
A package for manipulating the Kolab user database
--------------------------------------------------------------------------------
Update Information:
Horde_Kolab_Server 2.0.3
* [jan] Improve PSR-2 compatibility.
* [jan] Remove PHPUnit dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <remi(a)fedoraproject.org> - 2.0.3-1
- Update to 2.0.3
- raise dependency on Horde_Test 2.4.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mail-2.5.1-1.el6 (FEDORA-EPEL-2015-0135)
Horde Mail Library
--------------------------------------------------------------------------------
Update Information:
Horde_Mail 2.5.1
* [mms] IDN support no longer requires intl to be built-in to PHP.
This package now requires php-horde-Horde-Idna and php-true-punycode.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <remi(a)fedoraproject.org> - 2.5.1-1
- Update to 2.5.1
- add required dependency on Horde_Idna
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Smtp-1.8.0-1.el6 (FEDORA-EPEL-2015-0124)
Horde SMTP Client
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.26.0
* [mms] Fix handling mailbox cache data when the mailbox returns NOMODSEQ.
* [mms] IMAP alerts can now be handled by registering an observer with the new
Horde_Imap_Client_Base_Alerts object.
Horde_Smtp 1.8.0
* [mms] Failed recipients can now be determined via the Horde_Smtp_Exception_Recipients
exception thrown when calling Horde_Smtp#send().
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <remi(a)fedoraproject.org> - 1.8.0-1
- Update to 1.8.0
--------------------------------------------------------------------------------
================================================================================
php-true-punycode-1.0.1-1.el6 (FEDORA-EPEL-2015-0122)
A Bootstring encoding of Unicode for IDNA
--------------------------------------------------------------------------------
Update Information:
A Bootstring encoding of Unicode for Internationalized Domain Names in Applications
(IDNA).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179665 - Review Request: php-true-punycode - A Bootstring encoding of
Unicode for IDNA
https://bugzilla.redhat.com/show_bug.cgi?id=1179665
--------------------------------------------------------------------------------
================================================================================
python-flask-login-0.2.11-3.el6 (FEDORA-EPEL-2015-0132)
User session management for Flask
--------------------------------------------------------------------------------
Update Information:
add python3- subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 3 2015 Miroslav Suchy <msuchy(a)redhat.com> - 0.2.11-3
- add python3- subpackage
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.2.11-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-gnupg-0.3.7-1.el6 (FEDORA-EPEL-2015-0126)
Python module for GnuPG
--------------------------------------------------------------------------------
Update Information:
Updated to 0.3.7 Merged in export-minimal and armor options, many encoding fixes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Paul Wouters <pwouters(a)redhat.com> - 0.3.7-1
- Updated to 0.3.7 Merged in export-minimal and armor options, many encoding fixes
--------------------------------------------------------------------------------
================================================================================
python-trollius-1.0.4-1.el6 (FEDORA-EPEL-2015-0148)
A port of the Tulip asyncio module to Python 2
--------------------------------------------------------------------------------
Update Information:
update to 1.0.4
update to 1.0.1
fix python-ordereddict dependency typo
Update to 0.2 release
add python-futures as build-dep
add python-futures as build-dep
--------------------------------------------------------------------------------
================================================================================
tito-0.5.6-2.el6 (FEDORA-EPEL-2015-0129)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Cleanup underlying builder when releaser completes.
Fixed bugs building old tags.
Add support for checking bugzilla flags before proceeding with a release.
Allow overriding builder for all releasers.
Requires new srpm_disttag setting for rsync/yum releasers.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 23 2014 Devan Goodwin <dgoodwin(a)rm-rf.ca> 0.5.6-1
- Require new srpm_disttag for rsync/yum releasers. (dgoodwin(a)rm-rf.ca)
- Drop more test only requirements from spec. (dgoodwin(a)redhat.com)
- NameError: global name 'RawConfigParser' is not defined (miroslav(a)suchy.cz)
- NameError: global name 'getoutput' is not defined (miroslav(a)suchy.cz)
- E:166,16: Undefined variable 'config' (undefined-variable)
(miroslav(a)suchy.cz)
- defattr is not needed (miroslav(a)suchy.cz)
- get rid of wildcards imports (miroslav(a)suchy.cz)
- E:112,24: Instance of BuilderBase has no REQUIRED_ARGS member (no-member)
(miroslav(a)suchy.cz)
- change inheritance for ObsReleaser (miroslav(a)suchy.cz)
- raw_input was renamed under python3 (miroslav(a)suchy.cz)
- TypeError: __init__() takes exactly 1 argument (2 given) (miroslav(a)suchy.cz)
- MockBuilder: cleanup underlying builder on completion (dcleal(a)redhat.com)
- Fix bugs building old tag with custom tito.props. (at that time)
(dgoodwin(a)redhat.com)
- add links to upstream announcements and how-to articles
(jumanjiman(a)gmail.com)
- add rpmdevtools as build dep for el5 (jumanjiman(a)gmail.com)
- Fix failing tests with no ~/.bugzillarc. (dgoodwin(a)redhat.com)
- Add documentation for bugzilla flag checking. (dgoodwin(a)redhat.com)
- Hookup bugzilla flag checking with dist git releasers. (dgoodwin(a)redhat.com)
- Fixes for Python 3. (dgoodwin(a)redhat.com)
- Add support for checking bz flags. (dgoodwin(a)redhat.com)
- Refactor dist-git releasers to separate module. (dgoodwin(a)redhat.com)
- fix the configuration examples to match the code (tlestach(a)redhat.com)
- add mailmap for cleaner shortlog output (jumanjiman(a)gmail.com)
- Allow overriding of builder on all releasers (dcleal(a)redhat.com)
- Cleanup builders on interruption when called directly (dcleal(a)redhat.com)
--------------------------------------------------------------------------------