The following Fedora EPEL 5 Security updates need testing:
Age URL
570
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
85
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61...
61
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0...
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12004/GraphicsMa...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12067/drupal7-co...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12091/bip-0.8.9-...
The following builds have been pushed to Fedora EPEL 5 updates-testing
RBTools-0.5.2-1.el5
bip-0.8.9-1.el5
dkms-2.2.0.3-20.el5
Details about builds:
================================================================================
RBTools-0.5.2-1.el5 (FEDORA-EPEL-2013-12080)
Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:
Upstream release 0.5.2
This version of RBTools is required in order to operate with recent (1.7+) versions of
Review Board.
Note that the modern Review Board server is not supported on EPEL5, but this client
component is.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 15 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.5.2-1
- New upstream release 0.5.2
-
http://www.reviewboard.org/docs/releasenotes/rbtools/0.5.2/
* Fri Aug 2 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu May 30 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.5.1-1
- New upstream release 0.5.1
-
http://www.reviewboard.org/docs/releasenotes/rbtools/0.5.1/
- Drop upstreamed ez_setup patch
- New Features:
* Improved the readability of rbt status output
* Added a --repository-type option to most commands
* Added a --list-repository-types option to post-review
* Added a new rbt list-repo-types command
* Third-parties can now write new SCM support by creating Python packages
leveraging Python entry points
- API Client Changes:
* Added an API Client method for retrieving resources from a path
* Add a get_or_create_draft method to the API
* Restructured the API Client internally
- Bug Fixes:
* Fixed crash when copying old post-review cookies for use with rbt
* rbt commands will now properly generate diffs with moved files
* Fixed references to non-existent variables in rbt patch
* Fixed rbt post for Perforce repositories
* Fixed rbt post and rbt diff for Subversion and Bazaar
* Fixed post-review and rbt when used for Perforce paths
* Fixed error handling when posting a review request
- Packaging Changes:
* Conditionalize ez_setup
* Tue Mar 19 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.5-1
- New upstream release 0.5
-
http://www.reviewboard.org/docs/releasenotes/rbtools/0.5/
- New Features:
* API Client
* A new Python API Client has been introduced for communication with
the Review Board Web API
* rbt
* This is the initial release of our new command line tool, rbt
* Provides access to useful sub-commands which interact with local
source code repositories and Review Board
* Currently considered beta
* See release notes link for detailed information
- Bug Fixes
* Perforce:
* Fix treating an SVN repository as Perforce by mistake
* Fix diff generation with unedited files in Perforce
* Gracefully handle no-match in p4 info regex
* ClearCase:
* Support posting review requests in ClearCase snapshot view
Subversion:
* Don’t block waiting for user input from svn
* Mon Jan 28 2013 Stephen Gallagher <sgallagh(a)redhat.com> - 0.4.3-1
- New upstream release 0.4.3
-
http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.4.3/
- New Features:
* Added support for posting from Bazaar repositories
* Passing --basedir to post-review will override the computed base
directory used for Subversion diffs
* Added better support for moved files in Perforce
- Bug Fixes:
* General:
* Fixed problems authenticating with the server when anonymous access is
disabled
* Fixed loading settings from the user’s ~/.reviewboardrc when it’s the
only .reviewboardrc in the search path
* Fixed a crash when the user’s home directory isn’t writable
* Added a fallback when failing to get the API version from a Review
Board server
* The "Username" prompt is now printed to stderr instead of stdout, to
match the “Password” prompt’s inputted text
* Unicode URLs are now encoded as UTF-8, preventing an encoding conflict
when talking to Review Board
* Git:
* Git diffs no longer contain move/rename information if the Review Board
server doesn’t support it
* Mercurial:
* Fixed --guess-summary when it has newline characters in it
* Subversion:
* Fixed problems generating diffs containing deleted files
* Fri Nov 16 2012 - Stephen Gallagher <sgallagh(a)redhat.com> - 0.4.2-1
- New upstream release 0.4.2
-
http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.4.2/
- New Features:
- * The .post-review-cookies.txt file is now made readable only by the calling
user, improving security
- * Improved debug output
- * Updated our Plastic support for Plastic 4.0. This is no longer
compatible with previous versions
- * A revision to diff against can now be specified when using hgsubversion
- Bug Fixes:
- * General:
- * Using UTF-8 in the summary or description no longer breaks
- * The GNU diff error no longer mentions Subversion specifically
- * Posting a diff to a submitted review request now displays an error
instead of reopening the review request
- * Clearcase:
- * Fixed base path generation for Clear Case
- * Git:
- * Fix issues when running post-review within a git submodule with recent
Git revisions
- * Git diffs no longer include diffs from submodules, preventing useless
diffs from being created
- * post-review no longer breaks when run from a detached Git HEAD
- * Mercurial:
- * Fixed bailing on harmless warnings when running hg commands
- * Fixed path calculation for hgsubversion when the path contains a
username
- * Subversion:
- * Scanning for the right repository is much faster now when there are lots
of Subversion repositories on the server
- * Fix handling of revisions with deleted files for Subversion
- * Handle modifications inside moved/copied directories for Subversion
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.4.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Feb 29 2012 - Stephen Gallagher <sgallagh(a)redhat.com> - 0.4.1-1
- New upstream release 0.4.1
-
http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.4.1/
- Fixed Python 2.4 compatibility
- Fixed --diff-filename=- with --username and --password
* Mon Feb 27 2012 - Stephen Gallagher <sgallagh(a)redhat.com> - 0.4.0-1
- New upstream release 0.4.0
-
http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.4/
- Features (post-review):
- Defaults for many parameters can now be specified in .reviewboardrc
- Added a --disable-proxy option for disabling the HTTP(S) proxy server
- Bugfixes (post-review):
- Fixed authentication problems when accessing the API
- Shows a nicer error when trying to update someone else's review request
- Fixed crashes when the home directory wasn’t writable
- Fixed using --diff-filename=- without a valid cookie
- Fixed the link to the Repository Configurations documentation
- Bugfixes (Git):
- Fixed problems when using --repository-url
- Bugfixes (Mercurial):
- Make Mercurial handle the case where there are no outgoing changes
- Improve merge support in order to generate better diffs
- Bugfixes (Perforce):
- Using --revision-range on Perforce now provides better errors
- Display an informative error if GNU diff isn’t installed
- Fix handling of new files in post-commit scenarios
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
bip-0.8.9-1.el5 (FEDORA-EPEL-2013-12091)
IRC Bouncer
--------------------------------------------------------------------------------
Update Information:
* Upstream v0.8.9
* CVE-2013-4550 - failed SSL handshake resource leak
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 9 2013 Brian C. Lane <bcl(a)redhat.com> 0.8.9-1
- Upstream v0.8.9
- CVE-2013-4550 - failed SSL handshake resource leak
- Removed 2 patches included in new version
- Use -Wno-error when building
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1028605 - CVE-2013-4550 bip: failed SSL handshake resource leak
https://bugzilla.redhat.com/show_bug.cgi?id=1028605
--------------------------------------------------------------------------------
================================================================================
dkms-2.2.0.3-20.el5 (FEDORA-EPEL-2013-12084)
Dynamic Kernel Module Support Framework
--------------------------------------------------------------------------------
Update Information:
Fix man page formatting.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 7 2013 Simone Caronni <negativo17(a)gmail.com> - 2.2.0.3-20
- Exclude build dependency logic for RHEL/CentOS 5.
* Wed Nov 6 2013 Simone Caronni <negativo17(a)gmail.com> - 2.2.0.3-19
- Add macros to the top of the man page to fix displaying on el5/el6 (#986660).
Thanks to Darik Horn for the fix.
* Mon Nov 4 2013 Simone Caronni <negativo17(a)gmail.com> - 2.2.0.3-18
- Add ZFS On Linux patches for additional functionality/bugfixes (#1023598).
Thanks to Darik Horn and Brian Behlendorf.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986660 - bad man page
https://bugzilla.redhat.com/show_bug.cgi?id=986660
--------------------------------------------------------------------------------