Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Mar 20 20:51:08 UTC 2012
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0835/asterisk-1.8.10.1-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0728/libpng10-1.0.58-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.14-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0763/php-pear-CAS-1.3.0-2.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0795/nginx-1.0.14-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
asterisk-1.8.10.1-1.el6
dbmail-3.0.2-2.el6
mod_pubcookie-3.3.4a-3.el6.1
perl-Config-Validator-0.3-1.el6
perl-Net-DNS-SEC-0.16-9.el6
php-pecl-amqp-1.0.1-3.el6
trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.el6
trac-sumfields-plugin-1.0.1-1.20120227svn10482.el6
z80dasm-1.1.2-1.el6
Details about builds:
================================================================================
asterisk-1.8.10.1-1.el6 (FEDORA-EPEL-2012-0835)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.10.1, which fixes 2 security vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 17 2012 Russell Bryant <russell at russellbryant.net> - 1.8.10.1-1
- Update to 1.8.10.1 from upstream.
- Fix remote stack overflow in app_milliwatt.
- Fix remote stack overflow, including possible code injection, in HTTP digest
authentication handling.
- Diable build of SRTP on ppc64, as it doesn't build right now.
- Resolves: rhbz#804045, rhbz#804038, rhbz#804042
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #804038 - CVE-2012-1183 asterisk: Stack-based buffer overwrite by processing large audio packet in Miliwatt application (AST-2012-002)
https://bugzilla.redhat.com/show_bug.cgi?id=804038
[ 2 ] Bug #804042 - CVE-2012-1184 asterisk: Stack-based buffer overflow by processing certain HTTP Digest Authentication headers (AST-2012-003)
https://bugzilla.redhat.com/show_bug.cgi?id=804042
--------------------------------------------------------------------------------
================================================================================
dbmail-3.0.2-2.el6 (FEDORA-EPEL-2012-0840)
A database backed mail storage system
--------------------------------------------------------------------------------
Update Information:
- Add precedence: bulk headers to auto-reply messages #959
- POP3: reset timeout after authentication #951
- IMAP: internal_date and memleaks cleanups
- IMAP: improve sorting by date
- IMAP: sanitize searchable storage of addresses
- IMAP: revert another misguided LIST/LSUB change 2/2
- IMAP: revert another misguided LIST/LSUB change
- IMAP: rework \recent flag handling
- IMAP: improve mailboxstate tracking
- IMAP: improve reliabity of SEARCH SENTON
- IMAP: improve searchable cache value of address headers
- Merge branch 'master' of git.dbmail.eu:/var/git/paul/dbmail
- IMAP: partial revert
- IMAP: fix FETCH regression
- IMAP: update test-runners
- IMAP: small leak in SEARCH unkeyword
- IMAP: fix validation of sequences
- IMAP: prevent premature flushing of recent flag
- IMAP: implement "SEARCH keyword"
- IMAP: update tests
- IMAP: test and fix sequence-set builder
- IMAP: test and fix date converter
- IMAP: re-organize tests
- IMAP: fix small leak
- update THANKS
- SIEVE: fix broken vacation reply
- DELIVERY: fix check_destination during autoreply
- IMAP: revert misguided LIST/LSUB change
- IMAP: small ENVELOPE fix
- IMAP: fix minor compiler warnings
- HTTP: update test-script
- LMTP: fix segfault
- IMAP: improve LIST/LSUB response
- IMAP: improve mailbox atomicity
- LMTP: PEP8 integration tests
- add test for #960
- POP3: another RETR fix
- POP3: fix TOP command
- bump version to 3.0.1
- tweak debian build flags
- plug a couple of memory leaks
- PEP8 and test fixing
- POP3 fix RETR regression
- move referencefield caching back to header cache
- speedup maintenance run
- no default for auto_increment
- fix regression in migration
- debian: i18n update
- lower loglevel for low-level SSL errors (#893)
- [PATCH] Changed INDEX dropping for sievescripts on mysql upgrade
- debian: fix typo
- lmtp: unescape dot-stuffed data
- no autoreply is not an error
- list internal forwards as aliases
- no quotes around NOW()
- [PATCH] Better mysql upgrade and create table scripts
- prevent stack-overflow in debug call
- mysql: use NOW() rather than CURRENT_TIMESTAMP
- postgresql: use NOW() rather than CURRENT_TIMESTAMP
- cache referencefield and envelope separately
- lower loglevel for default hash type
- PEP8 cleanup
- plug memory leak from search optimization
- another missing whitespace fix
- missing whitespace in query
- improve search optimization
- add search optimization
- regenerate autoconf files
- update autotools chain
- update LDFLAGS and CFLAGS for gmodule-2.0
- update dbmail-util man-page for migration option
- fix subaddress regression (#954)
- fix compilation with clang
- silence compiler warning
- silence autoconf warnings
- add warning to UPGRADING regarding bytea_output for pg9 users
- add note regarding bytea_output for pg9 users
- drop old index during migration in postgresql
- send crlf encoded data for pop3 (#945)
- Revert "parse From_ time as localtime"
- fix typo in debian script (#946)
- fix regression in IMAP FETCH
- [PATCH 3/3] fix indentation
- [PATCH 2/3] drop unnecessary lock
- [PATCH 1/3] lock only if necessary
- fix SSL regression
- add mutex around iconv_t access (#940)
- expose possible gmime bug
- more packaging fixes
- add test for utf7 decoding #930
- change debug tracing of blobs
- fix packaging bug
- make SSL_accept non-blocking (#941)
- add test for possible gmime bug
- parse From_ time as localtime
- re-indent php code
- gmime-2.6 compatibility (#935)
- call database schema version check on all connections
- reset timeout after idle is done (#932)
- gracefully degrade after decoding error (#930)
- handle hangups better during read (#932)
- fix IDLE regression (#927)
- fix dbmail.h generation (#916)
- fix broken SEARCH TEXT (#912)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Bernard Johnson <bjohnson at symetrix.com> - 3.0.2-2
- EL patch reworked for gthread only
* Sun Mar 18 2012 Bernard Johnson <bjohnson at symetrix.com> - 3.0.2-1
- 3.0.2
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.0-0.7.rc3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #797118 - dbmail 3.0.2 is released
https://bugzilla.redhat.com/show_bug.cgi?id=797118
--------------------------------------------------------------------------------
================================================================================
mod_pubcookie-3.3.4a-3.el6.1 (FEDORA-EPEL-2012-0829)
A solution for single sign-on authentication to websites
--------------------------------------------------------------------------------
Update Information:
httpd-mmn requires added (#803073)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Gabriel Somlo <somlo at cmu.edu> 3.3.4a-3.el6.1
- httpd-mmn requires added (#803073)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #803073 - Missing Requires: httpd-mmn
https://bugzilla.redhat.com/show_bug.cgi?id=803073
--------------------------------------------------------------------------------
================================================================================
perl-Config-Validator-0.3-1.el6 (FEDORA-EPEL-2012-0839)
Schema based configuration validation
--------------------------------------------------------------------------------
Update Information:
Schema based configuration validation.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #798254 - Review Request: perl-Config-Validator - Schema based configuration validation
https://bugzilla.redhat.com/show_bug.cgi?id=798254
--------------------------------------------------------------------------------
================================================================================
perl-Net-DNS-SEC-0.16-9.el6 (FEDORA-EPEL-2012-0828)
DNSSEC modules for Perl
--------------------------------------------------------------------------------
Update Information:
Added a patch to fix NSEC record parsing
Upstream pause #75892
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Wes Hardaker <wjhns174 at hardakers.net> - 0.16-9
- Added a patch to fix the NSEC shouldn't be downcased issue
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Jul 19 2011 Petr Sabata <contyk at redhat.com> - 0.16-7
- Perl mass rebuild
* Thu Jun 23 2011 Wes Hardaker <wjhns174 at hardakers.net> - 0.16-6
- added support for the v1.3 private key format
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.16-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Dec 21 2010 Marcela Maslanova <mmaslano at redhat.com> - 0.16-4
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
================================================================================
php-pecl-amqp-1.0.1-3.el6 (FEDORA-EPEL-2012-0838)
Communicate with any AMQP compliant server
--------------------------------------------------------------------------------
Update Information:
This extension can communicate with any AMQP spec 0-9-1 compatible server, such as RabbitMQ, OpenAMQP and Qpid, giving you the ability to create and delete exchanges and queues, as well as publish to any exchange and consume from any queue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #802037 - Review Request: php-pecl-amqp - Communicate with any AMQP compliant server
https://bugzilla.redhat.com/show_bug.cgi?id=802037
--------------------------------------------------------------------------------
================================================================================
trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.el6 (FEDORA-EPEL-2012-0836)
Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
Update Information:
New package - Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #798014 - Review Request: trac-advancedticketworkflow-plugin - Advanced workflow operations Trac plugin
https://bugzilla.redhat.com/show_bug.cgi?id=798014
--------------------------------------------------------------------------------
================================================================================
trac-sumfields-plugin-1.0.1-1.20120227svn10482.el6 (FEDORA-EPEL-2012-0830)
Sums specified fields in custom queries
--------------------------------------------------------------------------------
Update Information:
New package: A trac plugin that allows you to sum fields in Trac custom queries.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #797945 - Review Request: trac-sumfields-plugin - Sums specified fields in custom queries
https://bugzilla.redhat.com/show_bug.cgi?id=797945
--------------------------------------------------------------------------------
================================================================================
z80dasm-1.1.2-1.el6 (FEDORA-EPEL-2012-0832)
Z80 Disassembler
--------------------------------------------------------------------------------
Update Information:
z80dasm is a Z80 disassembler.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #798074 - Review Request: z80dasm - Z80 Disassembler
https://bugzilla.redhat.com/show_bug.cgi?id=798074
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list