The following Fedora EPEL 5 Security updates need testing:
Age URL
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubem...
223
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10...
117
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1....
49
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2....
46
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13496/mod_securi...
45
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ct...
The following builds have been pushed to Fedora EPEL 5 updates-testing
drupal6-ctools-1.10-1.el5
munin-2.0.8-2.el5
opendkim-2.7.3-1.el5
pam_mapi-0.1.2-1.el5
tito-0.4.10-1.el5
voms-api-java-2.0.9-1.el5
Details about builds:
================================================================================
drupal6-ctools-1.10-1.el5 (FEDORA-EPEL-2012-13612)
This suite is primarily a set of APIs and tools
--------------------------------------------------------------------------------
Update Information:
New security release,
http://drupal.org/node/1841030.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Peter Borsa <peter.borsa(a)gmail.com> - 1.10-1
- Fix BZ#881987
- Fix BZ#881988
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #881986 - CVE-2012-5559 drupal6-ctools: XSS flaw (SA-CONTRIB-2012-165)
https://bugzilla.redhat.com/show_bug.cgi?id=881986
--------------------------------------------------------------------------------
================================================================================
munin-2.0.8-2.el5 (FEDORA-EPEL-2012-13611)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
FCGI sample files included
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 13 2012 D. Johnson <fenris02(a)fedoraproject.org> - 2.0.8-2
- Added cgitmp patch c/o Diego Elio Pettenò <flameeyes(a)flameeyes.eu>
- BZ# 861816 Add sample files for switching to FCGI
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #861816 - munin-2.x CGI support is broken without manual hacks
https://bugzilla.redhat.com/show_bug.cgi?id=861816
--------------------------------------------------------------------------------
================================================================================
opendkim-2.7.3-1.el5 (FEDORA-EPEL-2012-13615)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an
oversign header field name list that is present but empty. Problem noted by Alec
Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously
defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 29 2012 Steve Jenkins <steve stevejenkins com> 2.7.3-1
- Updated to use newer upstream 2.7.3 source code
* Mon Nov 19 2012 Steve Jenkins <steve stevejenkins com> 2.7.2-1
- Updated to use newer upstream 2.7.2 source code
--------------------------------------------------------------------------------
================================================================================
pam_mapi-0.1.2-1.el5 (FEDORA-EPEL-2012-13619)
PAM module for authentication via MAPI against a Zarafa server
--------------------------------------------------------------------------------
Update Information:
- Added checks for build-time dependencies on zlib, uuid & icu to work around the
broken Zarafa binary distribution packages
- Fixed the "undefined symbol" errors appearing with GCC 4.6, thanks to Steffen
Sachse (reporter) and Tomas Mraz (Red Hat)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 29 2012 Robert Scheck <robert(a)fedoraproject.org> 0.1.2-1
- Upgrade to 0.1.2
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun May 6 2012 Robert Scheck <robert(a)fedoraproject.org> 0.1.1-2
- Rebuilt for libicu 49.1.1
--------------------------------------------------------------------------------
================================================================================
tito-0.4.10-1.el5 (FEDORA-EPEL-2012-13618)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Allow specifying a build target for dist-git releasers. Added release --no-build option to
skip dist-git builds. Added first draft of a gem builder.
New RsyncReleaser (similar to YumRepo but more generic), several bug fixes.
New RsyncReleaser (similar to YumRepo but more generic), several bug fixes.
New RsyncReleaser (similar to YumRepo but more generic), several bug fixes.
New RsyncReleaser (similar to YumRepo but more generic), several bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 28 2012 Devan Goodwin <dgoodwin(a)rm-rf.ca> 0.4.10-1
- Add --no-build; this will allow scripted DistGit commits and
koji/brew chain-builds (admiller(a)redhat.com)
- Added gembuilder, cleaned up pep8 (admiller(a)redhat.com)
- Add a Travis configuration (jbowes(a)repl.ca)
- Update README.mkd (misc(a)zarb.org)
- fix: RsyncReleaser doesn't handle multiple rsync locations
(jesusr(a)redhat.com)
- remove tabs and trailing whitespace. add whitespace between methods
(jesusr(a)redhat.com)
- Handle stderr noise getting from remote server (inecas(a)redhat.com)
- Can now specify a build target for fedora and distgit releasers
(mstead(a)redhat.com)
* Tue Sep 4 2012 Devan Goodwin <dgoodwin(a)rm-rf.ca> 0.4.9-1
- Stop passing --installdeps for mock builds. (dgoodwin(a)redhat.com)
- YumRepoReleaser feature: createrepo command can now be specified from
releasers.conf with the 'createrepo_command' config option
(palli(a)opensource.is)
- Created new releaser called RsyncReleaser. Based heavily on YumRepoReleaser.
Refactored YumRepoReleaser to inherit most code from RsyncReleaser.
(palli(a)opensource.is)
- Optionally print stacktrace whenever error_out is hit (bleanhar(a)redhat.com)
- encourage users to push only their new tag (jbowes(a)redhat.com)
- Attempt to copy local Sources during releases. (dgoodwin(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
voms-api-java-2.0.9-1.el5 (FEDORA-EPEL-2012-13616)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 29 2012 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.9-1
- Update to version 2.0.9
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.0.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------