Fedora EPEL 4 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Mon Feb 22 22:40:47 UTC 2010 

The following builds have been pushed to Fedora EPEL 4 updates-testing

    haproxy-1.3.23-1.el4
    libisofs-0.6.28-1.el4
    moreutils-0.38-1.el4
    myproxy-5.0-1.el4
    ocsinventory-1.3.1-1.el4
    perl-Crypt-OpenSSL-X509-0.7-6.el4
    perl-Unicode-String-2.09-7.el4
    proftpd-1.3.2d-1.el4

Details about builds:


================================================================================
 haproxy-1.3.23-1.el4 (FEDORA-EPEL-2010-2279)
 HA-Proxy is a TCP/HTTP reverse proxy for high availability environments
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 18 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.23-1
- update to 1.3.23
--------------------------------------------------------------------------------


================================================================================
 libisofs-0.6.28-1.el4 (FEDORA-EPEL-2010-2290)
 Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:

Libisofs is a library to create an ISO-9660 filesystem and supports extensions
like RockRidge or Joliet. It is also a full featured ISO-9660 editor, allowing
you to modify an ISO image or multisession disc, including file addition or
removal, change of file names and attributes etc. It supports the extension AAIP
which allows to store ACLs and xattr in ISO-9660 filesystems as well. As it is
linked with zlib, it supports zisofs compression, too.
--------------------------------------------------------------------------------


================================================================================
 moreutils-0.38-1.el4 (FEDORA-EPEL-2010-0211)
 Additional unix utilities
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 10 2010 Marc Bradshaw <fedora at marcbradshaw.co.uk> 0.38-1.el4
- new upstream version moreutils 0.38 released with these changes
- * Description improvements. Closes: #549450 (Thanks, Justin B Rye)
- * parallel: Allow running independent commands, like parallel -j3 -- ls df "echo hi"
- * ifdata: Add FreeBSD kernel support, although some of the more esoteric interface options are not currently supported in FreeBSD.
- * parallel: Define WEXITED to allow building on FreeBSD kernel.
- * Thanks Enrico Tassi for the FreeBSD kernel support, which should be enough to get moreutils built on Debian kFreeBSD. Closes: #562609
--------------------------------------------------------------------------------


================================================================================
 myproxy-5.0-1.el4 (FEDORA-EPEL-2010-2301)
 Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:

- in myproxy-server, atomically update credential files and avoid unnecessary
file copies; NOTE API CHANGE: myproxy_creds_store() now moves file to the
repository, rather than copying it - add myproxy-server.config
request_size_limit parameter to control myproxy-server network limits, and fix
network limit handling to apply only to myproxy-server (not clients), so clients
can handle large X509_CERT_DIR contents
(http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6889) - include
extendedKeyUsage=clientAuth in EECs by default per GFD.125 - add myproxy-logon
/myproxy-get-trustroots -b option to allow bootstrapping CA trust even when
X509_CERT_DIR exists (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6886)
- myproxy-logon -T / myproxy-get-trustroots fixes/improvements: - when cleaning
bad CRLs, also remove any CRLs we can't parse - when recovering from CRL errors,
allow anonymous authentication on second attempt, just like first attempt - when
bootstrapping, restrict CA trust to only the one certificate subject needed,
rather than a wildcard
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 19 2010 Steve Traylen <steve.traylen at cern.ch> - 5.0-1
- New upstream version 5.0
--------------------------------------------------------------------------------


================================================================================
 ocsinventory-1.3.1-1.el4 (FEDORA-EPEL-2010-2281)
 Open Computer and Software Inventory Next Generation
--------------------------------------------------------------------------------
Update Information:

New upstream version 1.3  (no changelog available)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 18 2010 Remi Collet <Fedora at famillecollet.com> 1.3.1-1
- update to new version
- improved patch for schema
* Sun Feb  7 2010 Remi Collet <Fedora at famillecollet.com> 1.3-1
- update to new version
- add a patch to improve schema check (when install / upgrade needed)
--------------------------------------------------------------------------------


================================================================================
 perl-Crypt-OpenSSL-X509-0.7-6.el4 (FEDORA-EPEL-2010-2295)
 Perl interface to OpenSSL for X509
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------


================================================================================
 perl-Unicode-String-2.09-7.el4 (FEDORA-EPEL-2010-2299)
 Perl modules to handle various Unicode issues
--------------------------------------------------------------------------------
Update Information:

This package has documentation recoded in UTF-8 and properly depends on a
version of perl that searches for modules where this module is installed.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 18 2010 Paul Howarth <paul at city-fan.org> 2.09-7
- license is same as perl
- carefully convert documentation to UTF-8 encoding
- add :MODULE_COMPAT_* dependency
--------------------------------------------------------------------------------


================================================================================
 proftpd-1.3.2d-1.el4 (FEDORA-EPEL-2010-2293)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This update addresses CVE-2009-3555 (SSL/TLS renegotiation vulnerability),
mitigating the problem by refusing all client-initiated SSL/TLS session
renegotiations.    This update to the latest maintenance release also fixes a
number of bugs recorded in the proftpd bug tracker:    * SSL/TLS renegotiation
vulnerability (CVE-2009-3555, bug 3324)  * Failed database transaction can cause
mod_quotatab to loop (bug 3228)  * Segfault in mod_wrap (bug 3332)  *
<Directory> sections can have <Limit> problems (bug 3337)  * mod_wrap2 segfaults
when a valid user retries the USER command (bug 3341)  * modauthfile handles
'getgroups' request incorrectly (bug 3347)  * Segfault caused by scrubbing zero-
length portion of memory (bug 3350)  * Lack of PID protection in ScoreboardFile
(bug 3370)   * Crash when retrying a failed login with mod_radius being used
(bug 3372)   * RADIUS authentication broken on 64-bit platforms (bug 3381)   *
SIGHUP eventually causes certain DSO modules to segfault (bug 3387)    Finally,
the behaviour of the MLSD FTP command (used in many modern FTP clients to list
directories) is fixed for the case when the FTP server's configuration disallows
its usage (using a <Limit> clause) in some but not all places (#544002).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 15 2010 Paul Howarth <paul at city-fan.org> 1.3.2d-1
- Update to 1.3.2d, addressing the following issues: 
  - mod_tls doesn't compile with pre-0.9.7 openssl (bug 3358) 
  - Lack of PID protection in ScoreboardFile (bug 3370) 
  - Crash when retrying a failed login with mod_radius being used (bug 3372) 
  - RADIUS authentication broken on 64-bit platforms (bug 3381) 
  - SIGHUP eventually causes certain DSO modules to segfault (bug 3387)
* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2c-1
- Update to 1.3.2c, addressing the following issues:
  - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324)
  - Failed database transaction can cause mod_quotatab to loop (bug 3228)
  - Segfault in mod_wrap (bug 3332)
  - <Directory> sections can have <Limit> problems (bug 3337)
  - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341)
  - mod_auth_file handles 'getgroups' request incorrectly (bug 3347)
  - Segfault caused by scrubbing zero-length portion of memory (bug 3350)
- Drop upstreamed segfault patch
* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-3
- Add patch for upstream bug 3350 - segfault on auth failures
* Wed Dec  9 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-2
- Reduce the mod_facts patch to the single commit addressing the issue with
  directory names with glob characters (#521634), avoiding introducing a
  further problem with <Limit> (#544002)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation
        https://bugzilla.redhat.com/show_bug.cgi?id=533125
--------------------------------------------------------------------------------

More information about the epel-devel mailing list