EPEL Fedora 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Wed Apr 2 18:23:12 UTC 2014


The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 710  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
  57  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
  52  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6
  42  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
  17  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0846/mediawiki119-1.19.13-1.el6
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0888/v8-3.14.5.10-7.el6
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0889/moodle-2.4.9-1.el6
   8  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0938/seamonkey-2.21-5.ESR_24.4.0.el6
   5  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0980/perl-YAML-LibYAML-0.38-4.el6
   3  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0996/munin-2.0.20-1.el6
   3  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0990/libyaml-0.1.6-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1020/php-ZendFramework2-2.2.6-1.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1039/mod_security-2.7.3-3.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    duply-1.7.1-1.el6
    iperf3-3.0.3-2.el6
    mod_security-2.7.3-3.el6
    nodejs-jade-1.3.0-3.el6
    nodejs-supertest-0.9.0-1.el6
    opendnssec-1.4.4-3.el6
    pen-0.22.0-1.el6
    python-fedmsg-genacls-0.2-1.el6
    uglify-js-2.4.13-3.el6
    xvkbd-3.5-1.el6

Details about builds:


================================================================================
 duply-1.7.1-1.el6 (FEDORA-EPEL-2014-0933)
 Wrapper for duplicity
--------------------------------------------------------------------------------
Update Information:

Update to the latest released version.

Changes in version 1.7.0:
- disabled gpg key id plausibility check, too many valid possibilities
- featreq 7 "Halt if precondition fails": added and(+), or(-) batch command(separator) support
- featreq 26 "pre/post script with shebang line": if a script is flagged executable it's executed in a subshell now as opposed to sourced to bash, which is the default
- bugfix: do not check if dpbx, swift credentials are set anymore
- bugfix: properly escape profile name, archdir if used as arguments
- add DUPL_PRECMD conf setting for use with e.g. trickle

Changes in version 1.7.1:
- bugfix: purge-* commands renamed to purgeFull, purgeIncr due to  incompatibility with new minus batch separator
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Thomas Moschny <thomas.moschny at gmx.de> - 1.7.1-1
- Update to 1.7.1
- Update %description.
* Fri Mar 21 2014 Thomas Moschny <thomas.moschny at gmx.de> - 1.7.0-1
- Update to 1.7.0.
--------------------------------------------------------------------------------


================================================================================
 iperf3-3.0.3-2.el6 (FEDORA-EPEL-2014-1037)
 Measurement tool for TCP/UDP bandwidth performance
--------------------------------------------------------------------------------
Update Information:

Moved static library to devel section
Update to 3.0.3 and added devel rpm support
Update to 3.0.3 and added devel rpm support
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  2 2014 Susant Sahani <ssahani at redhat.com> 3.0.3-2
- Moved static library to devel section only .
* Sun Mar 30 2014 Susant Sahani <ssahani at redhat.com> 3.0.3-1
- Update to 3.0.3 and added devel rpm support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1081486 - iperf3-3.0.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1081486
--------------------------------------------------------------------------------


================================================================================
 mod_security-2.7.3-3.el6 (FEDORA-EPEL-2014-1039)
 Security module for the Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:

Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Athmane Madjoudj <athmane at fedoraproject.org> 2.7.3-3
- Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1082904 - CVE-2013-5705 mod_security: bypass of intended rules via chunked requests
        https://bugzilla.redhat.com/show_bug.cgi?id=1082904
--------------------------------------------------------------------------------


================================================================================
 nodejs-jade-1.3.0-3.el6 (FEDORA-EPEL-2014-1035)
 Jade template engine for Node.js
--------------------------------------------------------------------------------
Update Information:

introduce symlink to /usr/bin/jade-nodejs
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 1.3.0-3
- include _bindir/jade-nodejs
* Sat Mar 15 2014 <jamielinux at fedoraproject.org> - 1.3.0-2
- temporarily disable tests due to circular dependency
* Mon Mar  3 2014 <jamielinux at fedoraproject.org> - 1.3.0-1
- update to upstream release 1.3.0
* Sun Mar  2 2014 <jamielinux at fedoraproject.org> - 1.2.0-1
- update to upstream release 1.2.0
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.28.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1082964 - no commandline jade
        https://bugzilla.redhat.com/show_bug.cgi?id=1082964
--------------------------------------------------------------------------------


================================================================================
 nodejs-supertest-0.9.0-1.el6 (FEDORA-EPEL-2014-1042)
 A superagent driven library for testing HTTP servers
--------------------------------------------------------------------------------
Update Information:

initial package
--------------------------------------------------------------------------------


================================================================================
 opendnssec-1.4.4-3.el6 (FEDORA-EPEL-2014-1033)
 DNSSEC key and zone management software
--------------------------------------------------------------------------------
Update Information:

Add buildrequires for ods-kasp2html (rhbz#1073313), bump ZSK to 2048bits
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Paul Wouters <pwouters at redhat.com> - 1.4.4-3
- Add buildrequires for ods-kasp2html (rhbz#1073313)
* Fri Mar 28 2014 Paul Wouters <pwouters at redhat.com> - 1.4.4-2
- Add requires for ods-kasp2html (rhbz#1073313)
- Updated to 1.4.4 (rhbz#1080862)
  (compatibility with non RFC 5155 errata 3441 implementations)
- Change the default ZSK policy from 1024 to 2048 bit RSA keys
- Fix post to be quiet when upgrading opendnssec
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1073313 - libxslt is missing in Requires and BuildRequires
        https://bugzilla.redhat.com/show_bug.cgi?id=1073313
--------------------------------------------------------------------------------


================================================================================
 pen-0.22.0-1.el6 (FEDORA-EPEL-2014-1038)
 Load balancer for "simple" tcp based protocols such as http or smtp
--------------------------------------------------------------------------------
Update Information:

140331
* Updated pen manpage to clarify what the control socket does.
* Resist opening control socket running as root.
* Remove the default file name for web log.
* New feature: unix domain listening sockets.
* Released 0.22.0.

140204
* Moved defines for ACE_IPV4 et al outside #ifdef HAVE_SSL clause.
* Otherwise pen won't compile without ssl.
* Released 0.21.1.

140204
* GeoIP access lists.
* Released 0.21.0.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Christopher Meng <rpm at cicku.me> - 0.22.0-1
- Update to 0.22.0
- Built with GeoIP support.
--------------------------------------------------------------------------------


================================================================================
 python-fedmsg-genacls-0.2-1.el6 (FEDORA-EPEL-2014-1034)
 A fedmsg consumer that sets gitosis acls in response to pkgdb messages
--------------------------------------------------------------------------------
Update Information:

Fix mis-use of subprocess.Popen.
New package.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1080094 - Review Request: python-fedmsg-genacls - A fedmsg consumer that sets gitosis acls in response to pkgdb messages
        https://bugzilla.redhat.com/show_bug.cgi?id=1080094
--------------------------------------------------------------------------------


================================================================================
 uglify-js-2.4.13-3.el6 (FEDORA-EPEL-2014-1043)
 JavaScript parser, mangler/compressor and beautifier toolkit
--------------------------------------------------------------------------------
Update Information:

pretrans script should run in js-uglify subpackage (#1082946)
port to new multi-version and browser JavaScript guidelines
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  1 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 2.4.13-3
- pretrans script should run in js-uglify subpackage (#1082946)
* Sat Mar 15 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 2.4.13-2
- add logic for building on EPEL 6 as web-assets-{devel,filesystem} are not
  yet available
* Thu Mar 13 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 2.4.13-1
- update to upstream release 2.4.13
* Mon Jan 20 2014 T.C. Hollingsworth <tchollingsworth at gmail.com> - 2.2.5-4
- port to new JS guidelines
- provide the nodejs- form
* Sun Jan 19 2014 Tom Hughes <tom at compton.nu> - 2.2.5-3
- use new multi-version packaging rules
- update to latest nodejs packaging standards
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1082946 - Update from uglify-js-common to js-uglify fails
        https://bugzilla.redhat.com/show_bug.cgi?id=1082946
  [ 2 ] Bug #1055177 - uglify-js should be using the proper system for packaging multiple npm versions
        https://bugzilla.redhat.com/show_bug.cgi?id=1055177
--------------------------------------------------------------------------------


================================================================================
 xvkbd-3.5-1.el6 (FEDORA-EPEL-2014-1040)
 Virtual Keyboard for X Window System
--------------------------------------------------------------------------------
Update Information:

xvkbd is a virtual (graphical) keyboard program for X Window System which provides facility to enter characters onto other clients (software) by clicking on a keyboard displayed on the screen. This may be used for systems without a hardware keyboard such as kiosk terminals or hand-held devices. This program also has facility to send characters specified as the command line option to another client.
--------------------------------------------------------------------------------



More information about the epel-devel mailing list