EPEL Fedora 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Aug 16 17:13:56 UTC 2013
The following Fedora EPEL 5 Security updates need testing:
Age URL
481 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
376 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6089/ssmtp-2.61-20.el5
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11138/hylafax+-5.5.4-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11174/libzrtpcpp-3.2.1-3.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11165/cacti-0.8.8b-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11144/chrony-1.25-3.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
bdii-5.2.21-1.el5
cacti-0.8.8b-1.el5
ccrtp-2.0.5-3.el5
chrony-1.25-3.el5
drupal7-7.23-3.el5
drupal7-features-2.0-0.6.rc2.el5
drupal7-theme-zen-5.3-1.el5
drupal7-variable-2.3-1.el5
glances-1.7-1.el5
jglobus-2.0.6-1.el5
libssh-0.5.4-5.el5
libzrtpcpp-3.2.1-3.el5
plowshare-0.9.4-0.43.20130727git.el5
python-sphinx-theme-flask-git20130715.1cc4468-2.el5
root-5.34.09-5.el5
salt-0.16.2-1.el5
stout-0.1.2-1.099483f.el5
twinkle-1.4.2-11.el5
ucommon-6.0.7-2.el5
voms-2.0.10-3.el5
Details about builds:
================================================================================
bdii-5.2.21-1.el5 (FEDORA-EPEL-2013-11139)
The Berkeley Database Information Index (BDII)
--------------------------------------------------------------------------------
Update Information:
See the release notes for details:
http://gridinfo.web.cern.ch/sys-admins/bdii-releases/bdii-5221-1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 13 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.2.21-1
- New upstream version 5.2.21
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.2.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cacti-0.8.8b-1.el5 (FEDORA-EPEL-2013-11165)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
Update to Cacti 0.8.8b. This version fixes SQL injection vulnerabilities. See the full [upstream release notes](http://www.cacti.net/release_notes_0_8_8b.php) for details. Note that this update will require you to click through the "install" procedure in the web interface in order to complete the upgrade.
* Remove non-free Javascript files and use a Free jQuery implementation instead.
* Move "README.cacti" to "README.fedora".
* Improve httpd configuration guidance (cacti.conf).
* Adjust package requirements so cacti will now pull in net-snmp-utils.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 7 2013 Ken Dreyer <ktdreyer at ktdreyer.org> - 0.8.8b-1
- New upstream release (BZ #993042)
* Mon Jul 29 2013 Ken Dreyer <ktdreyer at ktdreyer.org> - 0.8.8a-9
- Use %{_pkgdocdir}, per
https://fedoraproject.org/wiki/Changes/UnversionedDocdirs
* Sun Jul 14 2013 Ken Dreyer <ktdreyer at ktdreyer.org> - 0.8.8a-8
- Improve security description in cacti's httpd conf (RHBZ #895823)
- Use improved treeview replacement patch (RHBZ #888207)
- rpmlint fixes
- trim RPM changelog
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.8a-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 8 2013 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8a-6
- Add note to README.fedora about the default MySQL password
- Remove reference to "docs/INSTALL" in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)
* Fri Jan 4 2013 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8a-5
- Install our README file as README.fedora
* Fri Jan 4 2013 Tom Callaway <spot at fedoraproject.org> - 0.8.8a-4
- remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk)
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.8a-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994616 - CVE-2013-1434 CVE-2013-1435 cacti: SQL injection and shell escaping issues fixed in 0.8.8b
https://bugzilla.redhat.com/show_bug.cgi?id=994616
--------------------------------------------------------------------------------
================================================================================
ccrtp-2.0.5-3.el5 (FEDORA-EPEL-2013-11226)
Common C++ class framework for RTP/RTCP
--------------------------------------------------------------------------------
Update Information:
new upstream series; synced from EL-6
--------------------------------------------------------------------------------
================================================================================
chrony-1.25-3.el5 (FEDORA-EPEL-2013-11144)
An NTP client/server
--------------------------------------------------------------------------------
Update Information:
This update fixes two security vulnerabilities: a crash when processing crafted commands (CVE-2012-4502) and uninitialized data sent in command replies (CVE-2012-4503).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 9 2013 Miroslav Lichvar <mlichvar at redhat.com> 1.25-3
- fix buffer overflow when processing crafted command packets (CVE-2012-4502)
- don't send uninitialized data in command replies (CVE-2012-4503)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #846392 - CVE-2012-4502 CVE-2012-4503 chrony: Two security flaws fixed in chrony-1.29 release
https://bugzilla.redhat.com/show_bug.cgi?id=846392
--------------------------------------------------------------------------------
================================================================================
drupal7-7.23-3.el5 (FEDORA-EPEL-2013-11148)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
- EL5 prov Python fix, BZ 995734.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 10 2013 Peter Borsa <peter.borsa at gmail.com> - 7.23-3
- EL5 prov Python fix, BZ 995734, revert php53 packages as required ones.
* Sat Aug 10 2013 Peter Borsa <peter.borsa at gmail.com> - 7.23-2
- EL5 prov Python fix, BZ 995734.
* Thu Aug 8 2013 Peter Borsa <peter.borsa at gmail.com> - 7.23-1
- Update to upstream 7.23 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/drupal-7.23-release-notes
* Tue Jul 30 2013 Jon Ciesla <limburgher at gmail.com> - 7.22-8
- Add crontabs requires, BZ 989021.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #995734 - drupal7: EL5 prov Python fix
https://bugzilla.redhat.com/show_bug.cgi?id=995734
--------------------------------------------------------------------------------
================================================================================
drupal7-features-2.0-0.6.rc2.el5 (FEDORA-EPEL-2013-11153)
Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.0-rc2 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2056641
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Peter Borsa <peter.borsa at gmail.com> - 2.0-0.6.rc2
- Update to upstream 2.0-rc2 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2056641
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0-0.5.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991746 - drupal7-features-2.0-rc2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=991746
--------------------------------------------------------------------------------
================================================================================
drupal7-theme-zen-5.3-1.el5 (FEDORA-EPEL-2013-11146)
Zen is a powerful, yet simple, HTML5 starting theme
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 5.3 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2054707
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Peter Borsa <peter.borsa at gmail.com> - 5.3-1
- Update to upstream 5.3 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2054707
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991747 - drupal7-theme-zen-5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=991747
--------------------------------------------------------------------------------
================================================================================
drupal7-variable-2.3-1.el5 (FEDORA-EPEL-2013-11181)
Variable module provides a registry for meta-data about Drupal variables
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.3 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2061163
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 10 2013 Peter Borsa <peter.borsa at gmail.com> - 2.3-1
- Update to upstream 2.3 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/node/2061163
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #995382 - drupal7-variable-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=995382
--------------------------------------------------------------------------------
================================================================================
glances-1.7-1.el5 (FEDORA-EPEL-2013-11160)
CLI curses based monitoring tool
--------------------------------------------------------------------------------
Update Information:
update to 1.7
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 11 2013 Edouard Bourguignon <madko at linuxed.net> - 1.7-1
- Update to 1.7
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Apr 18 2013 Michel Salim <salimma at fedoraproject.org> - 1.6.1-1
- Update to 1.6.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #995805 - glances-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=995805
--------------------------------------------------------------------------------
================================================================================
jglobus-2.0.6-1.el5 (FEDORA-EPEL-2013-11168)
Globus Java client libraries
--------------------------------------------------------------------------------
Update Information:
JGlobus version 2.0.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.0.6-1
- 2.0.6 final release
--------------------------------------------------------------------------------
================================================================================
libssh-0.5.4-5.el5 (FEDORA-EPEL-2013-10979)
A library implementing the SSH2 protocol (0xbadc0de version)
--------------------------------------------------------------------------------
Update Information:
Add EPEL 5 support and enable Doxygen documentation.
--------------------------------------------------------------------------------
================================================================================
libzrtpcpp-3.2.1-3.el5 (FEDORA-EPEL-2013-11174)
ZRTP support library for the GNU ccRTP stack
--------------------------------------------------------------------------------
Update Information:
new upstream version
fixes CVE-2013-2221 CVE-2013-2222 CVE-2013-2223
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980904 - CVE-2013-2221 CVE-2013-2222 CVE-2013-2223 libzrtpcpp various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=980904
[ 2 ] Bug #980905 - libzrtpcpp: CVE-2013-2221 libzrtpcpp: Heap-based buffer overflow when processing overly-large ZRTP packets [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=980905
--------------------------------------------------------------------------------
================================================================================
plowshare-0.9.4-0.43.20130727git.el5 (FEDORA-EPEL-2013-11189)
Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:
New upstream snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 10 2013 Elder Marco <eldermarco at fedoraproject.org> - 0.9.4-0.43.20130727git
- New upstream snapshot
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.4-0.42.20130520git
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-sphinx-theme-flask-git20130715.1cc4468-2.el5 (FEDORA-EPEL-2013-11193)
Sphinx Themes for Flask related projects and Flask itself
--------------------------------------------------------------------------------
Update Information:
* Mon Aug 12 2013 Björn Esser <bjoern.esser at gmail.com> - git20130715.1cc4468-2\n- added python3-package\n\npython-sphinx-theme-flask contains Sphinx Themes for Flask related projects and Flask itself. The following themes exist: * flask - the standard flask documentation theme for large projects * flask_small - small one-page theme. Intended to be used by very small addon libraries for flask.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996061 - Review Request: python-sphinx-theme-flask - Sphinx Themes for Flask related projects and Flask itself
https://bugzilla.redhat.com/show_bug.cgi?id=996061
--------------------------------------------------------------------------------
================================================================================
root-5.34.09-5.el5 (FEDORA-EPEL-2013-11206)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
Slightly improved font handling.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.34.09-5
- Exclude armv7hl - cint is not working
- Use _pkgdocdir when defined
- Use texlive-stix
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.34.09-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jul 18 2013 Petr Pisar <ppisar at redhat.com> - 5.34.09-3
- Perl 5.18 rebuild
* Tue Jul 16 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.34.09-2
- Rebuild for cfitsio 3.350
--------------------------------------------------------------------------------
================================================================================
salt-0.16.2-1.el5 (FEDORA-EPEL-2013-11157)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
moving to 0.16.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Clint Savage <herlo1 at gmail.com> - 0.16.2-1
- Update to patch release 0.16.2
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.16.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
stout-0.1.2-1.099483f.el5 (FEDORA-EPEL-2013-11228)
C++ headers for building sturdy software
--------------------------------------------------------------------------------
Update Information:
* Tue Aug 13 2013 Björn Esser <bjoern.esser at gmail.com> - 0.1.2-1.099483f\n - new upstream version\n - additional adaptions for el5\n - create direct subpkg instead of named package\n\nHeaders used for for development of sturdy applications, and leveraged by Mesos. stout is a header only library that is contains a series of primitives to assist in the development of building sturdy C++ applications. Currently this application is leveraged by Mesos. Note: as that project has only headers (i.e., no library/binary object), this package (i.e., the -devel package) is the one containing all of the project. There's no package with a library to link for this.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #988545 - Review Request: stout - C++ headers for building sturdy software
https://bugzilla.redhat.com/show_bug.cgi?id=988545
--------------------------------------------------------------------------------
================================================================================
twinkle-1.4.2-11.el5 (FEDORA-EPEL-2013-11173)
A SIP Soft Phone
--------------------------------------------------------------------------------
Update Information:
rebuilt against the new ucommon/ccrtp/zrtpcpp stack
--------------------------------------------------------------------------------
================================================================================
ucommon-6.0.7-2.el5 (FEDORA-EPEL-2013-11184)
Runtime library for portable C++ threading and sockets
--------------------------------------------------------------------------------
Update Information:
GNU uCommon C++ is a lightweight library to facilitate using C++ design patterns even for very deeply embedded applications
--------------------------------------------------------------------------------
================================================================================
voms-2.0.10-3.el5 (FEDORA-EPEL-2013-11176)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
Now built with hardened buildflags
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.0.10-3
- Activate hardened buildflags
- Use _pkgdocdir
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #955221 - voms package should be built with PIE flags
https://bugzilla.redhat.com/show_bug.cgi?id=955221
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list