The following Fedora EPEL 6 Security updates need testing: Age URL 673 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 102 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-1.e... 26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0378/quassel-0.9.2-... 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-... 17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0466/python-gnupg-0... 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0507/seamonkey-2.21... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0509/python-tahrir-... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0514/python-tahrir-... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0525/libyaml-0.1.5-... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0536/drupal6-ctools... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0538/drupal7-ctools... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0535/drupal6-image_... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0567/drupal6-filefi... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0565/jansson-2.6-1.... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0574/zabbix-1.8.20-... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0583/zabbix20-2.0.1... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0644/easy-rsa-2.2.2... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0653/perl-CGI-Appli...
The following builds have been pushed to Fedora EPEL 6 updates-testing
BackupPC-3.3.0-2.el6 datagrepper-0.3.3-1.el6 dbmail-3.0.2-3.el6 fedmsg-0.7.6-2.el6 lynis-1.4.2-1.el6 nodejs-cssom-0.3.0-1.el6 nodejs-debug-0.7.4-2.el6 nodejs-temp-0.6.0-1.el6 perl-CGI-Application-4.50-4.el6 php-doctrine-annotations-1.1.2-3.20131220gita11349d.el6 php-doctrine-cache-1.3.0-2.el6 php-doctrine-collections-1.2-1.el6 php-doctrine-common-2.4.1-2.el6 php-doctrine-datafixtures-1.0.0-2.el6 php-doctrine-dbal-2.4.2-2.el6 php-doctrine-inflector-1.0-2.20131221gita81c334.el6 php-doctrine-lexer-1.0-2.20131220gitf12a5f7.el6 php-doctrine-orm-2.4.2-1.el6 python-datanommer-models-0.6.1-2.el6 ripright-0.9-2.el6 shogun-data-0.8-1.el6 sx-2.16-1.el6
Details about builds:
================================================================================ BackupPC-3.3.0-2.el6 (FEDORA-EPEL-2014-0663) High-performance backup system -------------------------------------------------------------------------------- Update Information:
- fix typo in README.RHEL - enable PIE build (bz #965523) - add patch that causes getpwnam to return only uid to fix selinux denials (bz #827854) - add local-fs.target and remote-fs.target to startup dependency (bz #959309) - Last upstream release - Remove no longer needeed patches - Fix incorrect-fsf-address to reduce rpmlint output -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 21 2014 Bernard Johnson bjohnson@symetrix.com 3.3.0-2 - fix typo in README.RHEL - enable PIE build (bz #965523) - add patch that causes getpwnam to return only uid to fix selinux denials (bz #827854) - add local-fs.target and remote-fs.target to startup dependency (bz #959309) * Fri Feb 21 2014 Johan Cwiklinski <johan AT x-tnd DOT be> 3.3.0-1 - Last upstream release - Remove no longer needeed patches - Fix incorrect-fsf-address to reduce rpmlint output * Fri Feb 21 2014 Bernard Johnson bjohnson@symetrix.com - 3.3.0-1 - v 3.3.0 - fixed typos * Fri Aug 2 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2.1-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar ppisar@redhat.com - 3.2.1-14 - Perl 5.18 rebuild * Sun Mar 31 2013 Ville Skyttä ville.skytta@iki.fi - 3.2.1-13 - Add build dependency on Pod::Usage (#913855). - Fix bogus dates in %changelog. * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jan 20 2013 Bernard Johnson bjohnson@symetrix.com 3.2.1-11 - Missing backuppc.service file after upgrade to 3.2.1-10 causes service to exit at start (bz #896626) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #827854 - SELinux prevents BackupPC from reading /etc/shadow https://bugzilla.redhat.com/show_bug.cgi?id=827854 [ 2 ] Bug #957393 - Please update to 3.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=957393 [ 3 ] Bug #959309 - Missing startup dependencies in backuppc.service https://bugzilla.redhat.com/show_bug.cgi?id=959309 [ 4 ] Bug #965523 - BackupPC package should be built with PIE flags https://bugzilla.redhat.com/show_bug.cgi?id=965523 --------------------------------------------------------------------------------
================================================================================ datagrepper-0.3.3-1.el6 (FEDORA-EPEL-2014-0655) A webapp to query fedmsg history -------------------------------------------------------------------------------- Update Information:
Expanded API. New self-expanding javascript widget. Improvements to the html cards. Improvements to the html cards. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 21 2014 Ralph Bean rbean@redhat.com - 0.3.3-1 - New /raw api option to query for an arbitrary string - New /raw api option to query for negative filters. - New /widget.js self-expanding javascript widget. * Sun Feb 9 2014 Ralph Bean rbean@redhat.com - 0.3.2-1 - Cosmetic fixes. * Sun Feb 9 2014 Ralph Bean rbean@redhat.com - 0.3.1-1 - Frontend and docs improvements by charulagrl. --------------------------------------------------------------------------------
================================================================================ dbmail-3.0.2-3.el6 (FEDORA-EPEL-2014-0651) A database backed mail storage system -------------------------------------------------------------------------------- Update Information:
Fix Memory Leak in IMAP SSL/TLS Connections (bz #833211) -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 23 2014 Bernard Johnson bjohnson@symetrix.com - 3.0.2-3 - Fix Memory Leak in IMAP SSL/TLS Connections (bz #833211) - remove changelog entries prior to 3.0 series -------------------------------------------------------------------------------- References:
[ 1 ] Bug #833211 - Fix Memory Leak in IMAP SSL/TLS Connections https://bugzilla.redhat.com/show_bug.cgi?id=833211 --------------------------------------------------------------------------------
================================================================================ fedmsg-0.7.6-2.el6 (FEDORA-EPEL-2014-0649) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information:
Fix user warning on import. New options to fedmsg-config. Latest upstream. Seamlessly switch between gpg and x509 validation. Messages carry a new 'crypto' field indicating their signature type. Fixes to fedmsg-tail. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 21 2014 Ralph Bean rbean@redhat.com - 0.7.6-2 - Copy test config into the test directory before building. * Fri Feb 21 2014 Ralph Bean rbean@redhat.com - 0.7.6-1 - Latest upstream. - New option to fedmsg-config to query for particular values. - Avoid pkg_resources warning. * Sun Feb 9 2014 Ralph Bean rbean@redhat.com - 0.7.5-1 - Latest upstream. - Gource tail is removed. - Fixes to fedmsg-tail. - Updated documentation. - Messages now carry a 'crypto' field indicating their sig type. - Seamless switching between x509 and gpg crypto validation. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1066625 - UserWarning when importing fedmsg.meta https://bugzilla.redhat.com/show_bug.cgi?id=1066625 --------------------------------------------------------------------------------
================================================================================ lynis-1.4.2-1.el6 (FEDORA-EPEL-2014-0652) Security and system auditing tool -------------------------------------------------------------------------------- Update Information:
* 1.4.2 (2014-02-19)
Changes: - Ignore interfaces aliases for HostID - Extended umask tests with pam_umask entries [AUTH-9328] - Check for supressed version on Squid [SQD-3680] -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 21 2014 Christopher Meng rpm@cicku.me - 1.4.2-1 - Update to 1.4.2 --------------------------------------------------------------------------------
================================================================================ nodejs-cssom-0.3.0-1.el6 (FEDORA-EPEL-2014-0658) CSS Object Model implementation and CSS parser for Node.js -------------------------------------------------------------------------------- Update Information:
Update to upstream release 0.3.0. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 23 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.3.0-1 - update to upstream release 0.3.0 - MIT-LICENSE.txt is now included upstream * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ nodejs-debug-0.7.4-2.el6 (FEDORA-EPEL-2014-0660) A small debugging utility for Node.js -------------------------------------------------------------------------------- Update Information:
Update to upstream release 0.7.4. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 23 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.7.4-2 - History.md and example/ no longer included in the NPM tarball * Sun Feb 23 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.7.4-1 - update to upstream release 0.7.4 * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.7.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ nodejs-temp-0.6.0-1.el6 (FEDORA-EPEL-2014-0662) Temporary files and directories for Node.js -------------------------------------------------------------------------------- Update Information:
Update to upstream release 0.6.0: * https://github.com/bruce/node-temp/commits/v0.6.0 -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 23 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.6.0-1 - update to upstream release 0.6.0 - apply patch to use native os.tmpDir instead of npm(osenv) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1005983 - nodejs-temp-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1005983 --------------------------------------------------------------------------------
================================================================================ perl-CGI-Application-4.50-4.el6 (FEDORA-EPEL-2014-0653) Framework for building reusable web-applications -------------------------------------------------------------------------------- Update Information:
CGI::Application suffers from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information.
This update patches CGI::Application to no longer do so. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 23 2014 Emmanuel Seyman emmanuel@seyman.fr - 4.50-3 - Patch CGI::Application to prevent information disclosure (CVE-2013-7329) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1067180 - CVE-2013-7329 perl-CGI-Application: information disclosure flaw https://bugzilla.redhat.com/show_bug.cgi?id=1067180 --------------------------------------------------------------------------------
================================================================================ php-doctrine-annotations-1.1.2-3.20131220gita11349d.el6 (FEDORA-EPEL-2014-0657) PHP docblock annotations parser library -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-cache-1.3.0-2.el6 (FEDORA-EPEL-2014-0657) Doctrine Cache -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-collections-1.2-1.el6 (FEDORA-EPEL-2014-0657) Collections abstraction library -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-common-2.4.1-2.el6 (FEDORA-EPEL-2014-0657) Common library for Doctrine projects -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-datafixtures-1.0.0-2.el6 (FEDORA-EPEL-2014-0657) Data Fixtures for all Doctrine Object Managers -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-dbal-2.4.2-2.el6 (FEDORA-EPEL-2014-0657) Doctrine Database Abstraction Layer (DBAL) -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-inflector-1.0-2.20131221gita81c334.el6 (FEDORA-EPEL-2014-0657) Common string manipulations with regard to casing and singular/plural rules -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-lexer-1.0-2.20131220gitf12a5f7.el6 (FEDORA-EPEL-2014-0657) Base library for a lexer that can be used in top-down, recursive descent parsers -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ php-doctrine-orm-2.4.2-1.el6 (FEDORA-EPEL-2014-0657) Doctrine Object-Relational-Mapper (ORM) -------------------------------------------------------------------------------- Update Information:
php-doctrine-* 2.4.x stack --------------------------------------------------------------------------------
================================================================================ python-datanommer-models-0.6.1-2.el6 (FEDORA-EPEL-2014-0654) SQLAlchemy models for datanommer -------------------------------------------------------------------------------- Update Information:
Expanded Message.grep API. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 21 2014 Ralph Bean rbean@redhat.com - 0.6.2-1 - Added a new test dependency on python-fedmsg-meta-fedora-infrastructure * Fri Feb 21 2014 Ralph Bean rbean@redhat.com - 0.6.1-1 - Expanded Message.grep API. --------------------------------------------------------------------------------
================================================================================ ripright-0.9-2.el6 (FEDORA-EPEL-2014-0659) A minimal CD ripper -------------------------------------------------------------------------------- Update Information:
Satisfy the tests and fix a typo in %description. A minimal CD ripper. A minimal CD ripper. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1057418 - Review Request: ripright - A minimal CD ripper https://bugzilla.redhat.com/show_bug.cgi?id=1057418 --------------------------------------------------------------------------------
================================================================================ shogun-data-0.8-1.el6 (FEDORA-EPEL-2014-0661) Data-files for the SHOGUN machine learning toolbox -------------------------------------------------------------------------------- Update Information:
new upstream release: v0.8 -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1068941 - shogun-data 0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1068941 --------------------------------------------------------------------------------
================================================================================ sx-2.16-1.el6 (FEDORA-EPEL-2014-0656) Tool to extract reports and run plug-ins against those extracted reports -------------------------------------------------------------------------------- Update Information:
New upstream release 2.16: - Added detection of secondary fencing method. - Added clean_start attribute value to message if attribute detected. - Add this url to allow_kill on qdisk. - Check protocal when gfs/gfs2 found. If broadcast or updu then output a message. - Added DMIDecode.py and added to machine type of cluster nodes to summary output. - Fix network issue for: https://bugzilla.redhat.com/show_bug.cgi?id=1001754 -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 22 2014 Niels de Vos devos@fedoraproject.org - 2.16-1 - Update to sx-2.16 (#1068700) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1068700 - Update to sx-2.16 https://bugzilla.redhat.com/show_bug.cgi?id=1068700 [ 2 ] Bug #1001754 - sxconsole improperly reports heartbeat interface https://bugzilla.redhat.com/show_bug.cgi?id=1001754 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org