The following Fedora EPEL 6 Security updates need testing:
Age URL
577
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
91
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61...
52
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11703/chicken-4....
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11865/quassel-0....
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12025/seamonkey-...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12064/drupal7-co...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12040/python-djb...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12102/moodle-2.4...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12156/varnish-2....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12154/mediawiki1...
The following builds have been pushed to Fedora EPEL 6 updates-testing
erlang-R14B-04.3.el6
glacier-cli-0-7.20131113gite8a2536.el6
mMass-5.5.0-5.el6
mediawiki119-1.19.9-1.el6
php-extras-5.3.3-2.el6
salt-0.17.2-1.el6
salt-0.17.2-2.el6
varnish-2.1.5-5.el6
wondershaper-1.2.1-2.el6
xrootd-3.3.4-1.el6
Details about builds:
================================================================================
erlang-R14B-04.3.el6 (FEDORA-EPEL-2013-12148)
General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:
fix crash on ppc64
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Dan Horák <dan[at]danny.cz> - R14B-04.3
- Fix segfault due memory corruption when reading topology info (#958953)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958953 - erlang-R14B-04.2.el6.ppc64 segfaults on RHEL6.4
https://bugzilla.redhat.com/show_bug.cgi?id=958953
--------------------------------------------------------------------------------
================================================================================
glacier-cli-0-7.20131113gite8a2536.el6 (FEDORA-EPEL-2013-12147)
Command-line interface to Amazon Glacier
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1031019 - Review Request: glacier-cli - Command-line interface to Amazon
Glacier
https://bugzilla.redhat.com/show_bug.cgi?id=1031019
--------------------------------------------------------------------------------
================================================================================
mMass-5.5.0-5.el6 (FEDORA-EPEL-2013-12151)
Open Source Mass Spectrometry Tool
--------------------------------------------------------------------------------
Update Information:
Lipid Maps Database update.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Antonio Trande <sagitter(a)fedoraproject.org> 5.5.0-5
- Update LIPID MAPS Database (November 16, 2013)
- User Guide packaged in the .doc subpackage
- Installed new .desktop file
--------------------------------------------------------------------------------
================================================================================
mediawiki119-1.19.9-1.el6 (FEDORA-EPEL-2013-12154)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.19.9.
- (bug 53032) SECURITY: Don't cache when a call could autocreate
- (bug 55332) SECURITY: Improve css javascript detection
- (bug 49717) Fix behaviour $wgVerifyMimeType = false; in Upload
Translations
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Patrick Uiterwijk <puiterwijk(a)gmail.com> - 1.19.9-1
- Update to 1.19.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1030987 - CVE-2013-4567 CVE-2013-4568 CVE-2013-4572 mediawiki: security
releases 1.21.3, 1.20.8, and 1.19.9
https://bugzilla.redhat.com/show_bug.cgi?id=1030987
--------------------------------------------------------------------------------
================================================================================
php-extras-5.3.3-2.el6 (FEDORA-EPEL-2013-12145)
Additional PHP modules from the standard PHP distribution
--------------------------------------------------------------------------------
Update Information:
Drop tidy (provided now by the main php packages).
Some little cleanups and bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Dmitry Butskoy <Dmitry(a)Butskoy.name> - 5.3.3-2
- drop tidy (now in the main php package, #1031936)
- spec file and build scripts cleanup
- improve package descriptions
- fix mcrypt tests on ppc64 (backport from php-5.4)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1031936 - php-extras conflicts with system php
https://bugzilla.redhat.com/show_bug.cgi?id=1031936
--------------------------------------------------------------------------------
================================================================================
salt-0.17.2-1.el6 (FEDORA-EPEL-2013-12153)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Updated to bugfix release 0.17.2.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2013 Erik Johnson <erik(a)saltstack.com> - 0.17.2-1
- Update to bugfix release 0.17.2
--------------------------------------------------------------------------------
================================================================================
salt-0.17.2-2.el6 (FEDORA-EPEL-2013-12155)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Patched to fix pkgrepo.managed regression.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Erik Johnson <erik(a)saltstack.com> - 0.17.2-2
- Patched to fix pkgrepo.managed regression
* Mon Nov 18 2013 Erik Johnson <erik(a)saltstack.com> - 0.17.2-1
- Update to bugfix release 0.17.2
--------------------------------------------------------------------------------
================================================================================
varnish-2.1.5-5.el6 (FEDORA-EPEL-2013-12156)
High-performance HTTP accelerator
--------------------------------------------------------------------------------
Update Information:
Backported a patch for CVE-2013-4484
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Ingvar Hagelund <ingvar(a)redpill-linpro.com> - 2.1.5-5
- Backported a patch for CVE-2013-4484, closes #1025129
* Fri Feb 10 2012 Petr Pisar <ppisar(a)redhat.com> - 2.1.5-4
- Rebuild against PCRE 8.30
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025129 - CVE-2013-4484 varnish: denial of service handling certain GET
requests [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1025129
--------------------------------------------------------------------------------
================================================================================
wondershaper-1.2.1-2.el6 (FEDORA-EPEL-2013-12150)
Simple Network Shaper
--------------------------------------------------------------------------------
Update Information:
Simple network shaper
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018498 - Review Request: wondershaper(NG) - Simple network shaper
https://bugzilla.redhat.com/show_bug.cgi?id=1018498
--------------------------------------------------------------------------------
================================================================================
xrootd-3.3.4-1.el6 (FEDORA-EPEL-2013-12149)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
xrootd release 3.3.4
Major bug fixes
* Serialize sss authentication client initialization to prevent race conditions
* Actually cancel the JobManager threads while stopping it - this affected client side
fork handling (new client)
* Restore original meaning of -adler and -md5 to xrdcp
Minor bug fixes
* Append CGI info when retrying at a server that handshaked but never respnded to the
request (xrdcp)
* Do socket accepts asynchronously to prevent DNS resolution from blocking accepts
* Warn about incomplete dirlist responses (xrdfs)
* Cast the utilization statistics to uint16_t before printing to print actual numbers
instead of letters corresponding to ASCII codes (xrdfs)
Miscellaneous
* When calling File::Stat use file handle instead of path
* Improve handling of malformed kXR_readv responses (new client)
* Explain parameters of xrdcopy --tpc (documentation)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:3.3.4-1
- Update to version 3.3.4
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1:3.3.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------