The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5854/perl-Config...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5772/drupal6-og-...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5781/python-djan...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gri...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5808/python-virt...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5829/moodle-2.1....
The following builds have been pushed to Fedora EPEL 6 updates-testing
lcgdm-dav-0.8.0-1.el6
nagios-plugins-lcgdm-0.8.0-1.el6
perl-Config-IniFiles-2.72-1.el6
plowshare-0.9.4-0.30.20120511git.el6
python-tw2-jit-2.0.3-3.el6
Details about builds:
================================================================================
lcgdm-dav-0.8.0-1.el6 (FEDORA-EPEL-2012-5858)
HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:
Update for new upstream release (0.8.0).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 25 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.8.0-1
- Update for new upstream release
- Added build dependencies on json-c-devel and neon-devel
- Added provides/requires for compatibility with gLite packaging
* Fri Mar 30 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.7.0-2
- Update for httpd-mmn
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-lcgdm-0.8.0-1.el6 (FEDORA-EPEL-2012-5857)
Nagios probes to be run remotely against DPM / LFC nodes
--------------------------------------------------------------------------------
Update Information:
Update for new upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 26 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.8.0-1
- Update for new upstream release
- Moved nagios configuration files to separate package (nagios-lcgdm)
--------------------------------------------------------------------------------
================================================================================
perl-Config-IniFiles-2.72-1.el6 (FEDORA-EPEL-2012-5854)
A module for reading .ini-style configuration files
--------------------------------------------------------------------------------
Update Information:
Update to 2.72, fixes CVE-2012-2451.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 11 2012 Tom Callaway <spot(a)fedoraproject.org> - 2.72-1
- update to 2.72
- notable fix: SECURITY BUG FIX: Config::IniFiles used to write
to a temporary filename with a predictable name
("${filename}-new") which opens the door for potential
exploits.
Fixes CVE-2012-2451
- disable tests for epel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818430 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=818430
[ 2 ] Bug #818431 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=818431
--------------------------------------------------------------------------------
================================================================================
plowshare-0.9.4-0.30.20120511git.el6 (FEDORA-EPEL-2012-5856)
Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:
New upstream snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 12 2012 Elder Marco <eldermarco(a)fedoraproject.org> -
0.9.4-0.30.20120511git
- New upstream snapshot
--------------------------------------------------------------------------------
================================================================================
python-tw2-jit-2.0.3-3.el6 (FEDORA-EPEL-2012-5853)
Javascript Infovis Toolkit (JIT) for ToscaWidgets2
--------------------------------------------------------------------------------
Update Information:
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #812030 - Review Request: python-tw2-jit - Javascript Infovis Toolkit (JIT)
for ToscaWidgets2
https://bugzilla.redhat.com/show_bug.cgi?id=812030
--------------------------------------------------------------------------------