[EPEL-devel] Fedora EPEL 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed May 6 17:27:33 UTC 2015
The following Fedora EPEL 5 Security updates need testing:
Age URL
1109 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
563 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
328 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
178 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5975/jasper-1.900.1-15.el5
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5953/wordpress-4.2.1-1.el5
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6090/drupal7-views-3.11-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6127/openslp-1.2.1-21.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6130/t1utils-1.39-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
check-mk-1.2.6p2-1.el5
dpm-dsi-1.9.5-3.el5
lua-sec-0.5-4.el5
lua-socket-3.0-0.9.rc1.el5
openslp-1.2.1-21.el5
prosody-0.9.8-1.el5
ssdeep-2.13-1.el5
t1utils-1.39-1.el5
tcl-tcludp-1.0.8-2.el5
tcl-tclvfs-20080503-2.el5
Details about builds:
================================================================================
check-mk-1.2.6p2-1.el5 (FEDORA-EPEL-2015-6160)
A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:
New upstream release: 1.2.6p2
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 5 2015 Andrea Veri <averi at fedoraproject.org> - 1.2.6p2-1
- New upstream release.
- Add a Require on bind-utils. (BZ: #1218501)
- Do not install all the plugins by default but make them available
on a different directory. Users will then be able to symlink each
of the plugins under the %{_datadir}/check-mk-agent/plugins directory
and finally mark them as active. (BZ: #1218516)
- Get rid of plugins from unsupported archs or operating systems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218516 - Plugins should not be activated by default
https://bugzilla.redhat.com/show_bug.cgi?id=1218516
[ 2 ] Bug #1218501 - Missing bind-utils dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1218501
--------------------------------------------------------------------------------
================================================================================
dpm-dsi-1.9.5-3.el5 (FEDORA-EPEL-2015-6175)
Disk Pool Manager (DPM) plugin for the Globus GridFTP server
--------------------------------------------------------------------------------
Update Information:
Strict dependency towards Globus and minor fixes for compatibility
New upstream release 1.9.5
Update for new upstream release
Update for new upstream release
Update for new upstream release
New upstream release 1.9.5
Update for new upstream release
Update for new upstream release
Update for new upstream release
New upstream release 1.9.5
Update for new upstream release
Update for new upstream release
Update for new upstream release
New upstream release 1.9.5
Update for new upstream release
Update for new upstream release
Update for new upstream release
New upstream release 1.9.5
Update for new upstream release
Update for new upstream release
Update for new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 5 2015 Laurence Field <laurence.field at cern.ch> - 1.9.5-3
- Strict dependency towards Globus and minor fixes for compatibility
* Fri Apr 17 2015 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 1.9.5-2
- Missing fix by upstream
* Thu Apr 16 2015 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 1.9.5-1
- Update for new upstream release
* Wed Apr 8 2015 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 1.9.4-1
- Update for new upstream release
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.9.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.9.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lua-sec-0.5-4.el5 (FEDORA-EPEL-2015-6166)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
LuaSec 0.5
==========
LuaSec depends on OpenSSL, and integrates with LuaSocket to make it easy to add secure connections to any Lua applications or scripts.
This version includes:
* A new certificate (X509) API, which supports:
- Reading the subject (identity) and issuer of the certificate.
- Reading various X509 extensions, including email and dnsName.
- Converting certificates to and from the standard ASCII PEM format.
- Generating the fingerprint/digest of a certificate (using SHA1, SHA256 or SHA512).
- Reading the certificate's expiration, serial number, and other info.
* The ability to get more detailed information from OpenSSL about why a certificate failed verification, for each certificate in the chain.
* Flags to force acceptance of invalid certificates, e.g. to allow the use of self-signed certificates in a Trust On First Use model.
* Flags to control checking CRLs for certificate revocation status.
* Support for ECDH cipher suites.
* An API to get the TLS 'finished' messages used for SASL channel binding (e.g. the SCRAM PLUS mechanisms).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 16 2015 Tom Callaway <spot at fedoraproject.org> - 0.5-4
- rebuild for lua 5.3
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Jan Kaluza <jkaluza at redhat.com> - 0.5-1
- update to luasec-0.5 (#1000622)
- build -compat subpackage against compat-lua
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun May 12 2013 Tom Callaway <spot at fedoraproject.org> - 0.4.1-5
- rebuild for lua 5.2
--------------------------------------------------------------------------------
================================================================================
lua-socket-3.0-0.9.rc1.el5 (FEDORA-EPEL-2015-6155)
Network support for the Lua language
--------------------------------------------------------------------------------
Update Information:
LuaSocket 3.0-rc1
=================
* Added: Compatible with Lua 5.2
- Note that unless you define LUA_COMPAT_MODULE, package tables will not be exported as globals!
* Added: IPv6 support;
- Socket.connect and socket.bind support IPv6 addresses;
- Getpeername and getsockname support IPv6 addresses, and return the socket family as a third value;
- URL module updated to support IPv6 host names;
- New socket.tcp6 and socket.udp6 functions;
- New socket.dns.getaddrinfo and socket.dns.getnameinfo functions;
* Added: getoption method;
* Fixed: url.unescape was returning additional values;
* Fixed: mime.qp, mime.unqp, mime.b64, and mime.unb64 could mistaking their own stack slots for functions arguments;
* Fixed: Receiving zero-length datagram is now possible;
* Improved: Hidden all internal library symbols;
* Improved: Better error messages;
* Improved: Better documentation of socket options.
* Fixed: manual sample of HTTP authentication now uses correct "authorization" header (Alexandre Ittner);
* Fixed: failure on bind() was destroying the socket (Sam Roberts);
* Fixed: receive() returns immediatelly if prefix can satisfy bytes requested (M Joonas Pihlaja);
* Fixed: multicast didn't work on Windows, or anywhere else for that matter (Herbert Leuwer, Adrian Sietsma);
* Fixed: select() now reports an error when called with more sockets than FD_SETSIZE (Lorenzo Leonini);
* Fixed: manual links to home.html changed to index.html (Robert Hahn);
* Fixed: mime.unb64() would return an empty string on results that started with a null character (Robert Raschke);
* Fixed: HTTP now automatically redirects on 303 and 307 (Jonathan Gray);
* Fixed: calling sleep() with negative numbers could block forever, wasting CPU. Now it returns immediately (MPB);
* Improved: FTP commands are now sent in upper case to help buggy servers (Anders Eurenius);
* Improved: known headers now sent in canonic capitalization to help buggy servers (Joseph Stewart);
* Improved: Clarified tcp:receive() in the manual (MPB);
* Improved: Decent makefiles (LHF).
* Fixed: RFC links in documentation now point to IETF (Cosmin Apreutesei).
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 4 2015 Robert Scheck <robert at fedoraproject.org> 3.0-0.9.rc1
- Fix broken release tag
* Fri Mar 20 2015 Bastien Nocera <bnocera at redhat.com> 3.0-0.8rc1.1
- Rebuild for new lua
* Fri Jan 16 2015 Tom Callaway <spot at fedoraproject.org> - 3.0-0.8rc1
- lua 5.3
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-0.7rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-0.6rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 22 2014 Jan Kaluza <jkaluza at redhat.com> - 3.0-0.5rc1
- build -compat subpackage against compat-lua
* Mon Sep 9 2013 Matěj Cepl <mcepl at redhat.com> - 3.0-0.4rc1
- Add -devel package.
* Fri Aug 23 2013 Matěj Cepl <mcepl at redhat.com> - 3.0-0.3rc1
- update to the 3.0rc1 from git
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.1-0.2.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri May 10 2013 Tom Callaway <spot at fedoraproject.org> - 2.1-0.1.rc1
- update to 2.1rc1 from git
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Oct 10 2011 Matthew Garrett <mjg at redhat.com> - 2.0.2-6
- Build support for Unix domain sockets (rhbz: #720692)
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
openslp-1.2.1-21.el5 (FEDORA-EPEL-2015-6127)
Open implementation of Service Location Protocol V2
--------------------------------------------------------------------------------
Update Information:
openslp: denial of service vulnerability (CVE-2010-3609)
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 4 2015 Rex Dieter <rdieter at fedoraproject.org> 1.2.1-21
- openslp: denial of service vulnerability (CVE-2010-3609, #684294)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jun 19 2013 Rex Dieter <rdieter at fedoraproject.org> 1.2.1-19
- -server: Requires: +net-tools (for netstat, #975868)
* Wed Jan 30 2013 Rex Dieter <rdieter at fedoraproject.org> 1.2.1-18
- update URL: tag (#905975)
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684294 - CVE-2010-3609 openslp: denial of service vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=684294
--------------------------------------------------------------------------------
================================================================================
prosody-0.9.8-1.el5 (FEDORA-EPEL-2015-6149)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 0.9.8
=============
A summary of changes in this release:
High
----
* Ensure only valid UTF-8 is passed to libidn. It was found (CVE-2015-2059) that libidn can read beyond the boundaries of the provided buffer when an input string contains invalid UTF-8 sequences.
Systems where Prosody is compiled to use libICU are not affected by this issue.
Medium
------
* DNS: Fix traceback caused when DNS server IP is unroutable (issue 473)
* HTTP client: More robust handling of chunked encoding across packet boundaries
* Stanza router: Fix handling of 'error' <iq>'s with multiple children
Minor
-----
* c2s: Fix error reply when clients try to bind multiple resources on the same stream (issue 484)
* s2s: Ensure to/from attributes are always present on stream headers, even if empty (issue 468)
* Build scripts: Add --libdir option to ./configure to simplify building on some platforms
* Fix traceback in datamanager when used outside of Prosody (e.g. in some migration tools)
* mod_admin_telnet: Fix potential traceback in server:memory() command (issue 471)
* HTTP server: Improved debug logging
Prosody 0.9.7
=============
A summary of changes in this release:
* util.stanza: Don't XML-escape whitespace
* prosodyctl: Fix traceback in 'about' command with LuaRocks 2.2.0
Prosody 0.9.6
=============
Note: This release disables SSLv3 by default, which has been shown to be insecure when used by clients. Clients that only support SSLv3 will no longer be able to connect. There are not many of these nowadays, but they exist.
A summary of changes in this release:
* certmanager, net.http: Disable SSLv3 by default
* net.http.parser: Support status code 101 and allow handling of the received data by plugins
* util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded)
* mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error
* Networking API: Add 'ondetach' callback for listener objects, to prevent leaks when connections have their listener changed
* core.stanza_router: Stricter validation of stanzas
* mod_admin_adhoc: Mark 'accountjids' field as required in 'end user sessions' command (thanks Lloyd)
* mod_admin_adhoc: Add required to field in user deletion form too
* net.dns: Avoid duplicate cache entries
* util.stanza: Escape newlines and tabs (
) when serializing stanzas.
* util/dataforms: Make sure we iterate over field tags only
* mod_s2s: Capitalize log message
* mod_pubsub: Fix error type of 'forbidden' (change from 'cancel' to 'auth')
Prosody 0.9.5
=============
A summary of changes in this release:
* C2S: Fix traceback if a client opens a stream to component, which could cause a crash in combination with some versions of LuaEvent
* C2S, S2S: Log received invalid stream headers
* S2S: Fix case where stream headers were sometimes sent twice
* DNS: Ensure all pending requests get notified of a timeout when looking up a record
* DNS: Fix duplicated cache insertions by limiting outstanding queries per name to one
* xmppstream: Disable LuaExpat's buffering
* xmppstream: Disable CharacterData merging after stream restarts
* xmppstream: Pass invalid stream headers to error handling
* Privacy lists: Correctly sort privacy list rules by order
* prosody: Check dependencies later in the startup sequence
* Config: Delay importing LuaFileSystem until needed by an Include line
* Config: Normalize VirtualHost and Component names
* prosodyctl: Normalize JIDs for adduser/passwd/deluser
* POSIX: Fix error reporting from disk space allocation
* POSIX: Verify that 'pidfile' is a string, show friendly error otherwise
* Dependency checking: Check that prosody is running under Lua 5.1. We don't currently support any other versions. (LuaJIT identifies as 5.1)
* Compliance: Reset stream ID when resetting stream
* Compression: Log compression setup errors
* Console: Fix commands for adding and replacing name servers
* Console MUC commands: Fix error when a non-existent host is entered
* Filters: Prevent filters from being added twice
* Network: Transfer all available data between linked sockets
* dataforms: Add support for XEP-0221: Data Forms Media Element
Prosody 0.9.4
=============
A summary of changes in this release:
* Compression: Disallow compression on unauthenticated streams
* Core: Limit default read size and maximum stanza size
* Core: Enable SASL EXTERNAL by default for component s2s
* S2S: Warn if `s2s_secure_auth` and `s2s_require_encryption` have been set in conflicting ways
* S2S: Warn if no local network addresses were found, preventing successful s2s
* MUC: Fix traceback when a non-occupant tried to change an occupant's role
* MUC: API: Fire an event when temporary rooms are destroyed after the last person leaves
* Telnet: Fixed traceback when listing users
* Telnet: Apply normalization to JIDs in user management commands
* HTTP: Fix directory detection in file server on Windows
* Plugins: Fix paths on Windows
* MOTD: Don't strip blank lines from the message provided in the config
* prosodyctl: Better error reporting when generating certificates
* Makefile: Improve FreeBSD compatibility
* Multiple fixes to our migration tools, and support for importing MUCs from ejabberd
Prosody 0.9.3
=============
A summary of changes in this release:
* A config file passed as command line argument is no longer forgotten when config is reloaded
* MUC: Allow admins to always bypass restrict_room_creation
* Strip trailing '.' when normalizing hostnames
* HTTP: Prevent silent connection failures
* Components: Alow easier overriding of component authentication by plugins
* Components: Enable TCP keepalives
* Migrator: Better error reporting and improved robustness
* S2S: Include IP in log messages, if hostname is unavailable
* TLS: Log error when initialization fails
Prosody 0.9.2
=============
Note: If you are upgrading from 0.8.x or earlier, please read the 0.9.0 upgrade notes at http://prosody.im/doc/release/0.9.0!
A summary of changes in this release:
* Debian/Ubuntu packages fixed to always generate per-system certs
* TLS: Improved cipher string, and use Prosody's preferred ciphers instead of the client's
* MUC: Fix for Spark clients not displaying room lists
For more details behind the security improvements, see the release announcement at http://blog.prosody.im/prosody-0-9-2-released/.
Prosody 0.9.1
=============
Note: If you are upgrading from 0.8.x or earlier, please read the 0.9.0 upgrade notes at http://prosody.im/doc/release/0.9.0!
A summary of changes in this release:
* Config: Fix the workaround for LuaSec 0.4.x to apply the ssl 'ciphers' option correctly
* Config: Ability to specify the ssl 'dhparam' option simply as a path to a file, instead of a callback function
* Windows: Fix s2s issues
* Windows: Fix the ability to specify absolute paths to SSL certificates in the config
* Build: Fix compilation issue on non-Linux systems that have glibc (such as Debian GNU/kFreeBSD)
* API: Fix to our set library, that caused the :include() and :exclude() methods to behave incorrectly
Prosody 0.9.0
=============
This release requires configuration changes to some existing Prosody installations, and breaks compatibility with some modules. Please read the section on upgrading below.
A summary of changes in this release:
* IPv6 support for c2s, s2s and all other services (e.g. HTTP)
* Server-to-server authentication using certificates (SASL EXTERNAL)
* A new HTTP subsystem, supporting virtual hosts, and fully reloadable modules
* Client and server connections are now handled by modules: mod_c2s, mod_s2s
* mod_pubsub: Basic pubsub service (some features not yet implemented)
* prosodyctl about - show information about a Prosody installation
* prosodyctl cert - command to generate XMPP certificates and CSRs
* Many very nice enhancements to our module API
* MUC: Configurable per-room history length
* MUC: Plugins can now extend the room configuration form
Upgrading from 0.8.x
====================
Module compatibility
--------------------
Prosody 0.9 breaks compatibility with some modules (something upstream very rarely does), by removing some APIs that have been replaced. All modules in prosody-modules should be working if you have the latest versions. Please let upstream know if you have any problems.
Upstream is also happy to help with the porting of other modules, it is usually quite straightforward.
The APIs that have been removed are:
* net.connlisteners (used for opening ports), use the new API for network services.
* net.httpserver (used by all modules accepting HTTP requests), use the new HTTP API.
Configuration changes
---------------------
Due to the above, upstream has changed (for the better!) the config format for some things. If you encounter any issues not listed here then please, PLEASE let upstream know!
Upstream wants to help make the upgrade as smooth as possible for everyone, but upstream needs your help to report issues, even if you manage to work them out yourself.
HTTP configuration
------------------
All HTTP modules that had config options with names ending in '_ports' are replaced by new HTTP configuration. There are only two options for controlling HTTP ports now, http_ports and https_ports. These default to { 5280 } and { 5281 } respectively, and all HTTP modules can be accessed via both.
Also note that Prosody no longer ignores virtual hosts specified in requests! This could lead to some setups no longer working, especially where reverse proxies (such as an external web server forwarding requests) are involved. See our documentation on HTTP virtual hosts for more information.
Finally, mod_httpserver was renamed to mod_http_files to clarify that it is for serving static files only, and is unrelated to other Prosody HTTP services.
Port multiplexing
-----------------
If you are using the ports or ssl_ports options, you now need to add "net_multiplex" to modules_enabled in your config file.
disallow_s2s
------------
The disallow_s2s option has been deprecated, and in particular it no longer affects anonymous users, who are still prevented from sending stanzas to remote servers by default. To re-enable access to remote servers for anonymous users see Allowing anonymous users access to remote servers.
proxy65
-------
In previous versions mod_proxy65 allowed ports to be specified per-host. As of 0.9 this is no longer possible, proxy65_ports may only be set in the global section of the config file, like all other network and port configuration.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 18 2015 Robert Scheck <robert at fedoraproject.org> 0.9.8-1
- Upgrade to 0.9.8 (#1152126)
* Sat Feb 14 2015 Robert Scheck <robert at fedoraproject.org> 0.9.7-1
- Upgrade to 0.9.7 (#985563, #1152126)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Jun 3 2014 Jan Kaluza <jkaluza at redhat.com> - 0.9.4-2
- add missing lua-socket-compat dependency
* Fri May 30 2014 Jan Kaluza <jkaluza at redhat.com> - 0.9.4-1
- update to version 0.9.4
- build with luajit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999473 - Please package latest 0.9 release for EL6
https://bugzilla.redhat.com/show_bug.cgi?id=999473
[ 2 ] Bug #985563 - Logging, conf.d and log rotation
https://bugzilla.redhat.com/show_bug.cgi?id=985563
[ 3 ] Bug #1152126 - prosody-0.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1152126
--------------------------------------------------------------------------------
================================================================================
ssdeep-2.13-1.el5 (FEDORA-EPEL-2015-6163)
Compute context triggered piecewise hashes
--------------------------------------------------------------------------------
Update Information:
**Version 2.13** - 24 Apr 2015
**New Features**
* Added fuzzy_set_total_input_length function to the API.
* Added support for files up to 192GB.
* Added support for arbitrary length input from the standard input.
**Bug Fixes**
* Fixed issue when comparing hashes from relatively simple files.
* Fixed portability issues.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 5 2015 Remi Collet <remi at fedoraproject.org> - 2.13-1
- update to 2.13
--------------------------------------------------------------------------------
================================================================================
t1utils-1.39-1.el5 (FEDORA-EPEL-2015-6130)
Collection of Type 1 and 2 font manipulation utilities
--------------------------------------------------------------------------------
Update Information:
t1utils Version 1.39 (2015-02-26)
=================================
* t1disasm: Security fixes for buffer overrun reported by Jakub Wilk and Niels Thykier.
t1utils Version 1.38 (2013-09-29)
=================================
* t1disasm: Fix an infinite loop on some fonts reported by Niels Thykier.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 4 2015 Robert Scheck <robert at fedoraproject.org> 1.39-1
- Update to 1.39 (#1218365)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.37-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218365 - t1utils: buffer overflow flaw
https://bugzilla.redhat.com/show_bug.cgi?id=1218365
--------------------------------------------------------------------------------
================================================================================
tcl-tcludp-1.0.8-2.el5 (FEDORA-EPEL-2015-6126)
Tcl extension for UDP support
--------------------------------------------------------------------------------
Update Information:
This is an update fixing broken tcl dependencies.
--------------------------------------------------------------------------------
================================================================================
tcl-tclvfs-20080503-2.el5 (FEDORA-EPEL-2015-6177)
Tcl extension for Virtual Filesystem support
--------------------------------------------------------------------------------
Update Information:
This is an update fixing broken tcl dependencies.
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list