EPEL Fedora 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Oct 2 17:05:59 UTC 2014
The following Fedora EPEL 6 Security updates need testing:
Age URL
893 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
225 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
112 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2655/python-oauth2-1.5.211-7.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2750/libsrtp-1.4.4-10.20101004cvs.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2742/TeXmacs-1.0.7.2-3.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2713/putty-0.63-3.el6
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2850/nginx-1.0.15-7.el6
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2811/nodejs-qs-0.6.6-3.el6
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2821/nodejs-send-0.3.0-4.el6
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2801/seamonkey-2.21-8.ESR_24.8.0.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2981/check-mk-1.2.4p5-2.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3080/phpMyAdmin-4.0.10.4-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3024/rssh-2.3.4-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3082/golang-1.3.3-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
golang-1.3.3-1.el6
jbrout-0.4-0.13.git20140930reva7c8fb8.el6
jglobus-2.1.0-1.el6
mediawiki119-1.19.20-1.el6
perl-Array-Unique-0.08-2.el6
php-tcpdf-6.0.094-1.el6
phpMyAdmin-4.0.10.4-1.el6
pkgwat-0.10-3.el6
pyexiv2-0.3.2-13.el6
python-behave-1.2.4-4.el6
python-mwclient-0.7.0-1.el6
python-pkgwat-api-0.12-3.el6
uid_wrapper-1.0.2-3.el6
Details about builds:
================================================================================
golang-1.3.3-1.el6 (FEDORA-EPEL-2014-3082)
The Go Programming Language
--------------------------------------------------------------------------------
Update Information:
update to go1.3.3 (bz1146882)
update to go1.3.2 (bz1147324)
more work to get cgo.a timestamps to line up, due to build-env
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 1 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.3.3-1
- update to go1.3.3 (bz1146882)
* Mon Sep 29 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.3.2-1
- update to go1.3.2 (bz1147324)
* Wed Aug 13 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-22
- more work to get cgo.a timestamps to line up, due to build-env
* Wed Aug 13 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-21
- touch cgo.a regardless
* Wed Aug 13 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-20
- rpm dependency ordering for %post
* Tue Aug 12 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-19
- finally check for a Stale cgo in a %post
* Tue Aug 12 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-18
- explicitly list all the files and directories for the packages trees
* Tue Aug 12 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-17
- explicitly list all the files and directories of the src tree, to preserve timestamps
* Mon Aug 11 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-16
- touch all the built archives to be the same
* Mon Aug 11 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-15
- make golang-src 'noarch' again, since that was not a fix, and takes up more space
* Mon Aug 11 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-14
- update timestamps of source files during %install bz1099206
* Fri Aug 8 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-13
- update timestamps of source during %install bz1099206
* Fri Aug 8 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-12
- set another version constraint on xemacs due to bz1127518
* Wed Aug 6 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-11
- set a version constraint on xemacs due to bz1127518
* Wed Aug 6 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-10
- make the source subpackage arch'ed, instead of noarch
* Tue Jul 15 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-9
- fix the loading of gdb safe-path. bz981356
* Tue Jul 8 2014 Vincent Batts <vbatts at fedoraproject.org> - 1.2.2-8
- `go install std` requires gcc, to build cgo. bz1105901, bz1101508
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1147324 - CVE-2014-7189 golang: TLS client authentication issue fixed in version 1.3.2
https://bugzilla.redhat.com/show_bug.cgi?id=1147324
--------------------------------------------------------------------------------
================================================================================
jbrout-0.4-0.13.git20140930reva7c8fb8.el6 (FEDORA-EPEL-2014-3085)
Photo manager, written in python/pygtk
--------------------------------------------------------------------------------
Update Information:
New checkout from the upstream.
New package introducced to EL-6 branch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114394 - [abrt] jbrout: jbrout.py:42:<module>:TypeError: sequence item 0: expected string, NoneType found
https://bugzilla.redhat.com/show_bug.cgi?id=1114394
[ 2 ] Bug #749473 - Please, create EL6 branch in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=749473
--------------------------------------------------------------------------------
================================================================================
jglobus-2.1.0-1.el6 (FEDORA-EPEL-2014-3072)
Globus Java client libraries
--------------------------------------------------------------------------------
Update Information:
JGlobus 2.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 1 2014 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.1.0-1
- 2.1.0 final release
- Drop patches included upstream
- Install pom files
--------------------------------------------------------------------------------
================================================================================
mediawiki119-1.19.20-1.el6 (FEDORA-EPEL-2014-3064)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
(bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2014 Patrick Uiterwijk <puiterwijk at redhat.com> - 1.19.20-1
- Update to 1.19.20
- (bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance
* Thu Sep 25 2014 Patrick Uiterwijk <puiterwijk at redhat.com> - 1.19.19-1
- Update to 1.19.19
- (bug 69008) SECURITY: Enhance CSS filtering in SVG files
--------------------------------------------------------------------------------
================================================================================
perl-Array-Unique-0.08-2.el6 (FEDORA-EPEL-2014-3068)
Tie-able array that allows only unique values
--------------------------------------------------------------------------------
Update Information:
perl-Array-Unique: initial submission
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139043 - Review Request: perl-Array-Unique - Tie-able array that allows only unique values
https://bugzilla.redhat.com/show_bug.cgi?id=1139043
--------------------------------------------------------------------------------
================================================================================
php-tcpdf-6.0.094-1.el6 (FEDORA-EPEL-2014-3084)
PHP class for generating PDF documents and barcodes
--------------------------------------------------------------------------------
Update Information:
6.0.094 (2014-09-30)
* Bug item #978 "Variable Undefined: $cborder" was fixed.
6.0.093 (2014-09-02)
* Security fix: some serialize/unserialize methods were replaced with json_encode/json_decode to avoid a potential object injection with user supplied content. Thanks to ownCloud Inc. for reporting this issue.
* K_TIMEZONE constant was added to the default configuration to supress date-time warnings.
6.0.092 (2014-09-01)
* Bug item #956 "Monospaced fonts are not alignd at the baseline" was fixed.
* Bug item #964 "Problem when changing font size" was fixed.
* Bug item #969 "ImageSVG with radialGradient problem" was fixed.
* sRGB.icc file was replaced with the one from the Debian package icc-profiles-free (2.0.1+dfsg-1)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2014 Remi Collet <remi at fedoraproject.org> - 6.0.094-1
- update to 6.0.094
* Wed Sep 17 2014 Robert Scheck <robert at fedoraproject.org> - 6.0.091-2
- buildrequire php-cli >= 5.3 (#1121745)
- added provides for php-* if package is used on EL-5 (#1121745)
- corrected inter-package dependencies (Remi Collet)
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.0.10.4-1.el6 (FEDORA-EPEL-2014-3080)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.4 (2014-10-01)
================================
- [security] XSS vulnerabilities in table search and table structure pages
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2014 Robert Scheck <robert at fedoraproject.org> 4.0.10.4-1
- Upgrade to 4.0.10.4 (#1148664)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148664 - CVE-2014-7217 phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11)
https://bugzilla.redhat.com/show_bug.cgi?id=1148664
--------------------------------------------------------------------------------
================================================================================
pkgwat-0.10-3.el6 (FEDORA-EPEL-2014-3063)
CLI tool for querying the fedora packages webapp
--------------------------------------------------------------------------------
Update Information:
Branch for epel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148215 - Please package pkgwat for EL6 and EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1148215
--------------------------------------------------------------------------------
================================================================================
pyexiv2-0.3.2-13.el6 (FEDORA-EPEL-2014-3078)
Python binding to exiv2
--------------------------------------------------------------------------------
Update Information:
Rebuilt for EPEL-6
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.2-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.2-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 23 2014 David Tardon <dtardon at redhat.com> - 0.3.2-11
- rebuild for boost 1.55.0
* Tue Dec 3 2013 Rex Dieter <rdieter at fedoraproject.org> - 0.3.2-10
- rebuild (exiv2)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 27 2013 pmachata at redhat.com - 0.3.2-8
- Rebuild for boost 1.54.0
* Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 0.3.2-7
- Rebuild for Boost-1.53.0
* Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 0.3.2-6
- Rebuild for Boost-1.53.0
--------------------------------------------------------------------------------
================================================================================
python-behave-1.2.4-4.el6 (FEDORA-EPEL-2014-3081)
Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:
Add another patch to fix an Unicode error (thanks to vbenes for help)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 12 2014 Matěj Cepl <mcepl at redhat.com> - 1.2.4-4
- Add another patch to fix an Unicode error (thanks for vbenes for
fixing my earlier proposal).
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.7.0-1.el6 (FEDORA-EPEL-2014-3089)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update provides the new 0.7.0 release of python-mwclient. The upstream changelog is available at https://github.com/mwclient/mwclient/blob/v0.7.0/RELEASE-NOTES.md . Notably, the Page.edit() method is technically deprecated in this release, though the deprecation notice is silent by default and it will continue to work fine. The new name is Page.text(). There should be no API incompatibility with the previous 0.6.5 release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 1 2014 Adam Williamson <awilliam at redhat.com> - 0.7.0-1
- new release: 0.7.0
- update for github source, use of setuptools and modern Python packaging rules
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-pkgwat-api-0.12-3.el6 (FEDORA-EPEL-2014-3083)
Python API for querying the fedora packages webapp
--------------------------------------------------------------------------------
Update Information:
Branch for epel
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 28 2014 Kalev Lember <kalevlember at gmail.com> - 0.12-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148215 - Please package pkgwat for EL6 and EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1148215
--------------------------------------------------------------------------------
================================================================================
uid_wrapper-1.0.2-3.el6 (FEDORA-EPEL-2014-3075)
A wrapper for privilege separation
--------------------------------------------------------------------------------
Update Information:
Do not own /usr/lib64/cmake.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2014 - Andreas Schneider <asn at redhat.com> - 1.0.2-3
- resolves: #1146410 - Do not own /usr/lib64/cmake.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146410 - uid_wrapper owns /usr/lib64/cmake
https://bugzilla.redhat.com/show_bug.cgi?id=1146410
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list