EPEL Fedora 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Wed Apr 9 05:27:46 UTC 2014


The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 717  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
  64  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
  59  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6
  49  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
  20  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0888/v8-3.14.5.10-7.el6
  12  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0980/perl-YAML-LibYAML-0.38-4.el6
  10  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0996/munin-2.0.20-1.el6
  10  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0990/libyaml-0.1.6-1.el6
   8  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1020/php-ZendFramework2-2.2.6-1.el6
   6  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1039/mod_security-2.7.3-3.el6
   5  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1050/check-mk-1.2.4p1-1.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1073/cacti-0.8.8b-5.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    RBTools-0.6-1.el6
    ansible-1.5.4-2.el6
    appliance-tools-007.7-2.1.el6
    autotest-framework-0.16.0-2.el6
    cacti-0.8.8b-5.el6
    docker-registry-0.6.6-2.el6
    libmediainfo-0.7.68-1.el6
    mediainfo-0.7.68-1.el6
    perl-Data-Tumbler-0.005-2.el6
    php-solarium-3.2.0-1.el6
    php-tcpdf-6.0.064-1.el6
    python-behave-1.2.3-12.el6
    python-dpath-1.2-0.2.70.el6
    python-posix_ipc-0.9.8-1.el6
    python-pthreading-0.1.3-0.el6
    python-pycadf-0.4.1-2.el6
    python-six-1.5.2-1.el6
    rubygem-net-http-persistent-2.9.4-2.el6
    srm-ifce-1.19.0-1.el6
    unrtf-0.21.5-1.el6

Details about builds:


================================================================================
 RBTools-0.6-1.el6 (FEDORA-EPEL-2014-1072)
 Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:

http://www.reviewboard.org/docs/releasenotes/rbtools/0.6/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Stephen Gallagher <sgallagh at redhat.com> 0.6-1
- New upstream release 0.6
- http://www.reviewboard.org/docs/releasenotes/rbtools/0.6/
--------------------------------------------------------------------------------


================================================================================
 ansible-1.5.4-2.el6 (FEDORA-EPEL-2014-1076)
 SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:

* Really fix python-setuptools requirement on epel6 this time.
https://github.com/ansible/ansible/blob/release1.5.4/CHANGELOG.md  * Security fix for safe_eval, which further hardens the checking of the evaluation function.
* Fix for accelerate mode
* Add a missing dependency on python-setuptools
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 1.5.4-2
- Fix setuptools requirement to apply to rhel=6, not rhel<6
* Wed Apr  2 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 1.5.4-1
- Update to 1.5.4
- Add upstream patch to fix accelerator mode
- Merge fedora and el6 spec files
* Fri Mar 14 2014 Kevin Fenzi <kevin at scrye.com> 1.5.3-2
- Update to NEW 1.5.3 upstream release.
- Add missing dependency on python-setuptools (el6 build)
* Thu Mar 13 2014 Kevin Fenzi <kevin at scrye.com> 1.5.3-1
- Update to 1.5.3
- Fix ansible-vault for newer python-crypto dependency (el6 build)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1083419 - Missing dependency python-setuptools
        https://bugzilla.redhat.com/show_bug.cgi?id=1083419
--------------------------------------------------------------------------------


================================================================================
 appliance-tools-007.7-2.1.el6 (FEDORA-EPEL-2014-1085)
 Tools for building Appliances
--------------------------------------------------------------------------------
Update Information:

First build of appliance-tools for EPEL6
--------------------------------------------------------------------------------


================================================================================
 autotest-framework-0.16.0-2.el6 (FEDORA-EPEL-2014-1079)
 Framework for fully automated testing
--------------------------------------------------------------------------------
Update Information:

This release adds the necessary libraries to run external applications/tests such as the latest virt-test releases.

Also, the autotest-framework-server package received some fixes and is now functional.
Various packaging bugfixes.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Cleber Rosa <cleber at redhat.com> - 0.16.0-2
- Added python macros for proper building on EL6
- Added fix for shared module installation
- Renamed httpd configuration so that it is parsed last
* Wed Jan 29 2014 Cleber Rosa <cleber at redhat.com> - 0.16.0-1
- Package 0.16.0 release
- Fixed bogus date on ancient (0.11.0-2) release
- Added patch in upstream 0.16.0 branch but still not on released tarball
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.14.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Nov 19 2012 Cleber Rosa <cleber at redhat.com> - 0.14.4-1
- Package 0.14.4 release
- Dropped patches applied upstream
* Mon Oct  8 2012 Martin Krizek <mkrizek at redhat.com> 0.14.3-2
- replace mod_python with mod_wsgi
--------------------------------------------------------------------------------


================================================================================
 cacti-0.8.8b-5.el6 (FEDORA-EPEL-2014-1073)
 An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:

Patches for four CVEs. This update fixes SQL injection, shell escaping issues, a stored XSS attack, and use of exec-like function calls without safety checks allowing arbitrary command execution.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8b-5
- Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
  (RHBZ #1084258)
- Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
  (RHBZ #1084258)
- Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
- Patch for CVE-2014-2328 use of exec-like function calls without safety
  checks allow arbitrary command execution (RHBZ #1082122)
* Fri Feb  7 2014 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8b-4
- Move cron to a separate file and require crontabs (RHBZ #947047). Thanks
  Jóhann B. Guðmundsson.
- Update for systemd (RHBZ #947047). Thanks Jóhann B. Guðmundsson.
- Fix rpmlint warning about spaces-to-tabs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1084258 - CVE-2014-2708 CVE-2014-2709 cacti: command injection issues fixed in bug#0002405
        https://bugzilla.redhat.com/show_bug.cgi?id=1084258
  [ 2 ] Bug #1082122 - CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 cacti: multiple flaws reported by Deutsche Telekom
        https://bugzilla.redhat.com/show_bug.cgi?id=1082122
--------------------------------------------------------------------------------


================================================================================
 docker-registry-0.6.6-2.el6 (FEDORA-EPEL-2014-1087)
 Registry server for Docker
--------------------------------------------------------------------------------
Update Information:

Fixes for SETTINGS_FLAVOR env variable not being used.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Marek Goldmann <mgoldman at redhat.com> - 0.6.6-2
- docker-registry settings in /etc/sysconfig/docker-registry not honored,
  RHBZ#1072523
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1072523 - docker-registry settings in /etc/sysconfig/docker-registry not honored
        https://bugzilla.redhat.com/show_bug.cgi?id=1072523
--------------------------------------------------------------------------------


================================================================================
 libmediainfo-0.7.68-1.el6 (FEDORA-EPEL-2014-1075)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:

Update to 0.7.68
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Vasiliy N. Glazov <vascom2 at gmail.com> 0.7.68-1
- Update to 0.7.68
--------------------------------------------------------------------------------


================================================================================
 mediainfo-0.7.68-1.el6 (FEDORA-EPEL-2014-1081)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:

Update to 0.7.68
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Vasiliy N. Glazov <vascom2 at gmail.com> 0.7.68-1
- Update to 0.7.68
--------------------------------------------------------------------------------


================================================================================
 perl-Data-Tumbler-0.005-2.el6 (FEDORA-EPEL-2014-1083)
 Dynamic generation of nested combinations
--------------------------------------------------------------------------------
Update Information:

This is the first Fedora / EPEL release of perl-Data-Tumbler.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1084942 - Review Request: perl-Data-Tumbler - Dynamic generation of nested combinations
        https://bugzilla.redhat.com/show_bug.cgi?id=1084942
--------------------------------------------------------------------------------


================================================================================
 php-solarium-3.2.0-1.el6 (FEDORA-EPEL-2014-1090)
 Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:

Upstream annoucement:

It has taken quite a while, but Solarium 3.2.0 has just been released. Mostly bugfixes and a few new features:
* Fix for issue #161 (Extract query bug for several document types)
* Fix for issue #164 (Docblock improvements for autocompletion)
* Fix for issue #170 (Add support for timeAllowed parameter)
* Fix for issue #158 (Force correct JSON format)
* Fix for issue #183 (Remove development gitignore entries)
* Fix for issue #175 (Better maxScore handling in MoreLikeThis)
* Fix for issue #165 (Duplicate parameters in ZendHttp adapter)
* Fix for issue #169 (Support Solr 1.4 TermsComponent)
* Fix for issue #180 (Add filter for control-characters)
* Fix for issue #181 (ParallelExecution doesn’t correctly report errors)
* Fix for issue #184 (Spellcheck error on multiterm queries)
* Fix for issue #188 (Support set to null in atomic updates)
* pull request #171 (Extend allowable EventDispatcher versions)
* pull request #192 (Updated namespaces to improve IDE autocomplete handling)
* pull request #193 (Fix inspection warnings)
* pull request #196 (Optional MoreLikeThis parameters)
* pull request #198 (DocumentInterface type hints)
* pull request #200 (Add PHPUnit as Composer dev requirement)
* pull request #204 (PSR-2 compliance)
* pull request #205 (Fix bug in example 5.2)

A lot of these fixes have been contributed by members of the community, thanks a lot guys!

Version 3.2 is backwards compatible with 3.1, so if you should be able to upgrade without changing any of your code.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2014 Remi Collet <remi at fedoraproject.org> - 3.2.0-1
- update to 3.2.0
--------------------------------------------------------------------------------


================================================================================
 php-tcpdf-6.0.064-1.el6 (FEDORA-EPEL-2014-1077)
 PHP class for generating PDF documents
--------------------------------------------------------------------------------
Update Information:

6.0.064 (2014-04-07)
* Header and Footer fonts are now set by default.
* Bug #904 "PDF corrupted" was fixed.

6.0.063 (2014-04-03)
* Method TCPDF_IMAGES::_parsepng() was fixed to support transparency in Indexed images.

6.0.062 (2014-03-02)
* The method startLayer() now accepts the NULL value for the $print parameter to not set the print layer option.

6.0.061 (2014-02-18)
* Bug #893 "Parsing error on streamed xref for secured pdf" was fixed.

6.0.060 (2014-02-16)
* Bug #891 "Error on parsing hexa fields" was fixed.
* Bug #892 "Parsing pdf with trailing space at start" was fixed.


--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  8 2014 Remi Collet <remi at fedoraproject.org> - 6.0.064-1
- update to 6.0.064
--------------------------------------------------------------------------------


================================================================================
 python-behave-1.2.3-12.el6 (FEDORA-EPEL-2014-1091)
 Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:

Add python-setuptools dependency (fix #1084996)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Matěj Cepl <mcepl at redhat.com> - 1.2.3-12
- Add python-setuptools dependency (fix #1084996)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1084996 - Behave package should depend on python-setuptools
        https://bugzilla.redhat.com/show_bug.cgi?id=1084996
--------------------------------------------------------------------------------


================================================================================
 python-dpath-1.2-0.2.70.el6 (FEDORA-EPEL-2014-1084)
 A library for searching dictionaries using XPath-like expressions
--------------------------------------------------------------------------------
Update Information:

New python module for accessing dictionaries with XPath-like expressions
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1079965 - Review Request: python-dpath - python library for searching dictionaries using XPath-like expressions
        https://bugzilla.redhat.com/show_bug.cgi?id=1079965
--------------------------------------------------------------------------------


================================================================================
 python-posix_ipc-0.9.8-1.el6 (FEDORA-EPEL-2014-1082)
 POSIX IPC primitives (semaphores and shared memory) for Python
--------------------------------------------------------------------------------
Update Information:

- Latest upstream
--------------------------------------------------------------------------------


================================================================================
 python-pthreading-0.1.3-0.el6 (FEDORA-EPEL-2014-1088)
 Re-implement threading.Lock, RLock and Condition with libpthread
--------------------------------------------------------------------------------
Update Information:

Monkeypatch python's thread.allocate_lock
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 18 2014 Douglas Schilling Landgraf <dougsland at redhat.com> - 0.1.3-0
- Monkeypatch python's thread.allocate_lock
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jun  4 2013 Douglas Schilling Landgraf <dougsland at redhat.com> - 0.1.2-1
- Release 0.1.2
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 python-pycadf-0.4.1-2.el6 (FEDORA-EPEL-2014-1078)
 DMTF Cloud Audit (CADF) data model
--------------------------------------------------------------------------------
Update Information:

- DMTF Cloud Audit (CADF) data model
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1073974 - Review Request: python-pycadf - DMTF Cloud Audit (CADF) data model
        https://bugzilla.redhat.com/show_bug.cgi?id=1073974
--------------------------------------------------------------------------------


================================================================================
 python-six-1.5.2-1.el6 (FEDORA-EPEL-2014-1071)
 Python 2 and 3 compatibility utilities
--------------------------------------------------------------------------------
Update Information:

- Latest upstream
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar  7 2014 Matthias Runge <mrunge at redhat.com> - 1.5.2-1
- upgrade to 1.5.2 (rhbz#1048819)
--------------------------------------------------------------------------------


================================================================================
 rubygem-net-http-persistent-2.9.4-2.el6 (FEDORA-EPEL-2014-1086)
 Persistent connections using Net::HTTP plus a speed fix
--------------------------------------------------------------------------------
Update Information:

Import net-http-persistent into epel
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1084502 - Branch Request: rubygem-net-http-persistent for EL6
        https://bugzilla.redhat.com/show_bug.cgi?id=1084502
--------------------------------------------------------------------------------


================================================================================
 srm-ifce-1.19.0-1.el6 (FEDORA-EPEL-2014-1089)
 SRM client side library
--------------------------------------------------------------------------------
Update Information:

Update for upstream release 1.19.0
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr  7 2014 Alejandro Alvarez <aalvarez at cern.ch> - 1.19.0-1
- Release srm-ifce 1.19.0
* Thu Oct 17 2013 Adrien Devresse <adevress at cern.ch> - 1.18.0-2
- Rebuilt for gsoap++
--------------------------------------------------------------------------------


================================================================================
 unrtf-0.21.5-1.el6 (FEDORA-EPEL-2014-1080)
 RTF (Rich Text Format) to other formats converter
--------------------------------------------------------------------------------
Update Information:

First EPEL 6 release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1079685 - [RFE] Please build unrtf for EPEL
        https://bugzilla.redhat.com/show_bug.cgi?id=1079685
--------------------------------------------------------------------------------



More information about the epel-devel mailing list