The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/ocsinventory-agent-1.1.2.1-1.el5
https://admin.fedoraproject.org/updates/gnucash-2.2.9-5.el5
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
clustershell-1.3.3-1.el5
drupal6-flexifilter-1.2-2.el5
erlang-etap-0.3.4-5.el5
fedora-packager-0.5.1.4-5.el5
gnucash-2.2.9-5.el5
libguestfs-1.2.14-1.el5
mock-1.0.13-1.el5
nrpe-2.12-16.el5
petit-1.0.3-1.el5
php-pear-Net-SMTP-1.4.4-1.el5
php-pear-Net-Traceroute-0.21.3-1.el5
rubygem-linode-0.6.2-1.el5
vanessa_adt-0.0.7-6.el5
ykpers-1.3.3-3.el5
Details about builds:
================================================================================
clustershell-1.3.3-1.el5 (FEDORA-EPEL-2010-3550)
Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:
Update release to 1.3.3. Minor bug fixed and improved documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 20 2010 Stephane Thiell <stephane.thiell(a)cea.fr> 1.3.3-1
- update to 1.3.3
--------------------------------------------------------------------------------
================================================================================
drupal6-flexifilter-1.2-2.el5 (FEDORA-EPEL-2010-3551)
Allows non-admins to create their own, configurable custom filters
--------------------------------------------------------------------------------
Update Information:
New package: Flexifilter is a drupal module that allows non-admins to create their own
custom filters.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642856 - Review Request: drupal6-flexifilter - Allows non-admins to create
their own, configurable custom filters
https://bugzilla.redhat.com/show_bug.cgi?id=642856
--------------------------------------------------------------------------------
================================================================================
erlang-etap-0.3.4-5.el5 (FEDORA-EPEL-2010-3549)
Erlang testing library
--------------------------------------------------------------------------------
Update Information:
* Fixed runtime issues in EL-4
* Added %check target
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Peter Lemenkov <lemenkov(a)gmail.com> 0.3.4-5
- Fixed missing runtime dependency on EL-4
- Added %check target
* Tue Sep 28 2010 Peter Lemenkov <lemenkov(a)gmail.com> 0.3.4-4
- Narrowed BuildRequires
* Mon Jul 12 2010 Peter Lemenkov <lemenkov(a)gmail.com> 0.3.4-3
- Rebuild for Erlang/OTP R14A
- Simplified spec-file
--------------------------------------------------------------------------------
================================================================================
fedora-packager-0.5.1.4-5.el5 (FEDORA-EPEL-2010-3503)
Tools for setting up a fedora maintainer environment
--------------------------------------------------------------------------------
Update Information:
split of fedora_cert python library and fedora-cert tool
add fedora-burn-yubikey
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 10 2010 Dennis Gilmore <dennis(a)ausil.us> - 0.5.1.4-5
- fedpkg needs python-fedora
* Sun Oct 10 2010 Dennis Gilmore <dennis(a)ausil.us> - 0.5.1.4-4
- fedpkg needs koji installed
- fedora-cert needs pycurl when installed by itself
* Sun Oct 10 2010 Dennis Gilmore <dennis(a)ausil.us> - 0.5.1.4-3
- move Requires: python-pycurl to fedpkg
* Sun Oct 10 2010 Dennis Gilmore <dennis(a)ausil.us> - 0.5.1.4-2
- split out fedora-cert tool and library
- add fedora-burn-yubikey tool
--------------------------------------------------------------------------------
================================================================================
gnucash-2.2.9-5.el5 (FEDORA-EPEL-2010-3557)
Finance management application
--------------------------------------------------------------------------------
Update Information:
This update removes an unneeded file that could cause a security issue if ran from a
directory that other users had write access to.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Bill Nottingham <notting(a)redhat.com>
- don't ship gnc-test-env (#644933, CVE-2010-3999)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644933 - CVE-2010-3999 gnucash: insecure library loading vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=644933
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.2.14-1.el5 (FEDORA-EPEL-2010-3555)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
New upstream version 1.2.14.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 23 2010 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.2.14-1
- New stable branch version 1.2.14.
- Remove Python fix patch, now upstream.
- Rebase aug-clear patch.
--------------------------------------------------------------------------------
================================================================================
mock-1.0.13-1.el5 (FEDORA-EPEL-2010-3553)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
This update addresses multiple issues seen with the new selinux plugin
create empty /var/log/{last,fail}log in chroot rather than copy in possible large sparse
file from host filesystem
make sure that both --spec and --sources are specified when the --buildsrpm option is
used
use rpm module function compareEVR to compare kernel versions (string comparison
doesn't work).
change selinux plugin to use tmp directory for faux /proc/filesystems file, rather than
cachedir (which may not exist)
fix a typo in exception.py
Added Alan Franzoni's umountall modifications
- run update after unpacking root cache
- clean up noarch builds
- fix selinux plugin issue
- fix repeated calls to umount
- clean up i585 target fix
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the
chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the
chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
create empty /var/log/{last,fail}log in chroot rather than copy in possible large sparse
file from host filesystem
make sure that both --spec and --sources are specified when the --buildsrpm option is
used
use rpm module function compareEVR to compare kernel versions (string comparison
doesn't work).
change selinux plugin to use tmp directory for faux /proc/filesystems file, rather than
cachedir (which may not exist)
fix a typo in exception.py
Added Alan Franzoni's umountall modifications
- run update after unpacking root cache
- clean up noarch builds
- fix selinux plugin issue
- fix repeated calls to umount
- clean up i585 target fix
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the
chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the
chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 14 2010 Clark Williams <williams(a)redhat.com> - 1.0.13-1
- replace call to perl with native python edit function
- change permissions of selinux plugin 'filesystems' file
- from Ville Skyttä <ville.skytta(a)iki.fi>:
- Find out completions for --*-plugin dynamically
- Keep $COLUMNS in consolehelper environment for --help formatting
- Document --scrub, --enable-plugin, and --disable-plugin
- Fix option name in --enable-plugin/--disable-plugin error string
- Add --scrub completion
- Complete on *.spm (*.src.rpm are sometimes named like that e.g. in SUSE)
- Fix buildsrpm() docstring
- Error message improvements
* Fri Sep 17 2010 Clark Williams <williams(a)redhat.com> - 1.0.12-1
- add cmpKernelEVR function to compare kernel versions (BZ# 526414)
- added commandline argument checking for --buildsrpm (BZ# 605800)
- create empty faillog and lastlog in <chroot>/var/log (BZ# 585973 & 633435)
- changed copyin/copyout prints from debug to info
- from Alan Franzoni <mailing(a)franzoni.eu>:
- reworked the root object _umountall() method
- fix epel4 chroot cleanup and umountall issue
* Sat Aug 14 2010 Clark Williams <williams(a)redhat.com> - 1.0.11-1
- fix problem with mock.util.rmtree interaction with selinux plugin
- change integer constants to symbolic from errno package
- from Paul Howarth <paul(a)city-fan.org>:
- add i586 as a legal target arch
- Retain order of umountCmds
- Exclude bind-mounted cache dirs from root cache
- noarch is always a legal arch
- Update packages after unpacking root cache
* Tue Aug 3 2010 Clark Williams <williams(a)redhat.com> - 1.0.10-1
- append rather than insert umount of /proc/filesystems (BZ# 620825)
- set state correctly for SELinux (BZ# 620143)
- turn off updates-released repository for prerelease fedora-14 configs
* Sat Jul 31 2010 Clark Williams <williams(a)redhat.com> - 1.0.9-1
- From Jan Vcelak <jvcelak(a)redhat.com>:
- added an selinux plugin
- From Kalev Lember <kalev(a)smartlink.ee>:
- patch to tmpfs plugin to allow specifying max fs size
- From Ricky Zhou <rzhou(a)redhat.com>:
- allow --sources to specify either single file or directory (BZ# 510409)
- From Dennis Gilmore <dennis(a)ausil.us>:
- updated epel-6 config files
- From Paul B. Schroeder <paulbsch(a)haywired.net>:
- add the --scrub option for cleaning up cache (BZ# 450726)
- added symlink from /proc/self/fd to /dev/fd in the chroot (BZ# 526414)
- changed from referencing defaults.cfs to site-defaults.cfg (BZ# 600487)
- added i686 architecture
- deleted f10 and f11 configs
- fixed cachefile filtering logic
- moved rpmdb clean block of code to work with --offline option
- added logic to detect invalid architecture combinations (BZ# 607144)
- added description of how to add user to the mock group (BZ# 570434)
* Wed Apr 14 2010 Clark Williams <williams(a)redhat.com> - 1.0.8-1
- rpmdb cache fix from Seth Vidal <skvidal(a)fedoraproject.org>
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #573111 - Mock environment needs to fake chroot into thinking SELinux is
disabled.
https://bugzilla.redhat.com/show_bug.cgi?id=573111
[ 2 ] Bug #629041 - selinux plugin expects that yum cache directory exists
https://bugzilla.redhat.com/show_bug.cgi?id=629041
[ 3 ] Bug #630479 - rebuilds fail with ""execmod" access" errors
from SELinux
https://bugzilla.redhat.com/show_bug.cgi?id=630479
[ 4 ] Bug #637555 - Mock selinux plugin creates /proc/filesystems with incorrect
permissions
https://bugzilla.redhat.com/show_bug.cgi?id=637555
[ 5 ] Bug #642051 - Xvfb SELinux issues in mock
https://bugzilla.redhat.com/show_bug.cgi?id=642051
[ 6 ] Bug #585973 - root cache fails to untar with <fail|last>log
https://bugzilla.redhat.com/show_bug.cgi?id=585973
[ 7 ] Bug #633435 - /var/log/lastlog and /var/log/faillog included in cache.tar.gz
https://bugzilla.redhat.com/show_bug.cgi?id=633435
[ 8 ] Bug #605800 - TypeError when using --buildsrpm
https://bugzilla.redhat.com/show_bug.cgi?id=605800
[ 9 ] Bug #526414 - missing /dev/fd symlink causes some mock builds using it to fail
https://bugzilla.redhat.com/show_bug.cgi?id=526414
[ 10 ] Bug #622170 - Latest architecture patches broke noarch builds
https://bugzilla.redhat.com/show_bug.cgi?id=622170
[ 11 ] Bug #614440 - [PATCH] Get mock to turn off selinux within the chroot
https://bugzilla.redhat.com/show_bug.cgi?id=614440
[ 12 ] Bug #622544 - i586 target no more possible
https://bugzilla.redhat.com/show_bug.cgi?id=622544
[ 13 ] Bug #557526 - mock no longer runs yum update after unpacking root
https://bugzilla.redhat.com/show_bug.cgi?id=557526
[ 14 ] Bug #620143 - ERROR: pop from empty list
https://bugzilla.redhat.com/show_bug.cgi?id=620143
[ 15 ] Bug #620825 - Unmounts filesystems in wrong order, gives traceback
https://bugzilla.redhat.com/show_bug.cgi?id=620825
[ 16 ] Bug #619819 - Please ship fedora-14-*.cfg
https://bugzilla.redhat.com/show_bug.cgi?id=619819
[ 17 ] Bug #510409 - Mock not building SRPM
https://bugzilla.redhat.com/show_bug.cgi?id=510409
[ 18 ] Bug #600487 - site-defaults.cfg cites defaults.cfg fix
https://bugzilla.redhat.com/show_bug.cgi?id=600487
[ 19 ] Bug #607144 - mock -r epel-5-x86_64 --rebuild X.src.rpm is not working
(dependencies problems?)
https://bugzilla.redhat.com/show_bug.cgi?id=607144
[ 20 ] Bug #570434 - 'man mock' does not tell user to add him or herself to
group 'mock'
https://bugzilla.redhat.com/show_bug.cgi?id=570434
[ 21 ] Bug #450726 - No way to clean mock cache directory
https://bugzilla.redhat.com/show_bug.cgi?id=450726
[ 22 ] Bug #516355 - newest mock not working on RHEL5
https://bugzilla.redhat.com/show_bug.cgi?id=516355
[ 23 ] Bug #486555 - Need to be able to clean/disable yum cache
https://bugzilla.redhat.com/show_bug.cgi?id=486555
[ 24 ] Bug #522505 - --unpriv only works with --chroot
https://bugzilla.redhat.com/show_bug.cgi?id=522505
[ 25 ] Bug #593654 - mock/yum: IndexError: list index out of range
https://bugzilla.redhat.com/show_bug.cgi?id=593654
--------------------------------------------------------------------------------
================================================================================
nrpe-2.12-16.el5 (FEDORA-EPEL-2010-3558)
Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:
Proper directory access mode for %{_localstatedir}/run/nrpe
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 25 2010 Peter Lemenkov <lemenkov(a)gmail.com> - 2.12-16
- Issue with SELinux was resolved (see rhbz #565220#c25). 2nd try.
* Wed Sep 29 2010 jkeating - 2.12-15
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #565220 - SELinux is preventing /usr/sbin/nrpe "dac_override" access
.
https://bugzilla.redhat.com/show_bug.cgi?id=565220
--------------------------------------------------------------------------------
================================================================================
petit-1.0.3-1.el5 (FEDORA-EPEL-2010-3561)
Log analysis tool for syslog, Apache and raw log files
--------------------------------------------------------------------------------
Update Information:
new upstream version
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-SMTP-1.4.4-1.el5 (FEDORA-EPEL-2010-3511)
Provides an implementation of the SMTP protocol
--------------------------------------------------------------------------------
Update Information:
Upstream changelog:
Version 1.4.4
* Corrected a problem with SMTP servers that don't support the SIZE feature. (Bug
17942)
Version 1.4.3
* Reduce peak memory usage when sending large files. (Request 17887)
* Adding support for proxy authentication. (Request 17358)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 11 2010 Remi Collet <Fedora(a)FamilleCollet.com> 1.4.4-1
- Version 1.4.4 (stable) - API 1.1.3 (stable)
* Mon Oct 11 2010 Remi Collet <Fedora(a)FamilleCollet.com> 1.4.3-1
- Version 1.4.3 (stable) - API 1.1.3 (stable)
- set timezone during build
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-Traceroute-0.21.3-1.el5 (FEDORA-EPEL-2010-3559)
Execute traceroute
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
* move error-redirection to end of command-line (on Linux)
* handle arguments without a value (example: numeric) correctly
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Remi Collet <Fedora(a)FamilleCollet.com> 0.21.3-1
- Version 0.21.3 (alpha) - API 0.21.1 (alpha)
- set timezone during build
- spec cleanup
--------------------------------------------------------------------------------
================================================================================
rubygem-linode-0.6.2-1.el5 (FEDORA-EPEL-2010-3552)
Ruby wrapper for the Linode API
--------------------------------------------------------------------------------
================================================================================
vanessa_adt-0.0.7-6.el5 (FEDORA-EPEL-2010-3562)
Library of Abstract Data Types
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #518316 - Review Request: vanessa_adt - Library of Abstract Data Types
https://bugzilla.redhat.com/show_bug.cgi?id=518316
--------------------------------------------------------------------------------
================================================================================
ykpers-1.3.3-3.el5 (FEDORA-EPEL-2010-3503)
Yubikey personalization program
--------------------------------------------------------------------------------
Update Information:
split of fedora_cert python library and fedora-cert tool
add fedora-burn-yubikey
--------------------------------------------------------------------------------