Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Sep 28 18:36:10 UTC 2010


The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/libmspack-0.2-0.1.20100723alpha.el5,cabextract-1.3-1.el5
    https://admin.fedoraproject.org/updates/lib3ds-1.3.0-9.el5
    https://admin.fedoraproject.org/updates/cgit-0.8.2.1-4.el5
    https://admin.fedoraproject.org/updates/couchdb-0.11.2-2.el5
    https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-1.el5
    https://admin.fedoraproject.org/updates/php-pecl-apc-3.0.19-2.el5
    https://admin.fedoraproject.org/updates/python26-2.6.5-5.el5
    https://admin.fedoraproject.org/updates/mantis-1.1.8-4.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    389-ds-base-1.2.6.1-1.el5
    cgit-0.8.2.1-4.el5
    erlang-amf-0-0.2.20100908git27329144.el5
    erlang-ibrowse-2.0.1-1.el5
    erlang-log4erl-0.9.0-3.el5
    erlang-misultin-0.6.1-2.el5
    gridsite-1.5.19-1.el5
    iverilog-0.9.20100928-1.el5
    mash-0.5.20-1.el5
    perl-IPC-Signal-1.00-2.el5
    rubygem-gherkin-2.2.4-3.el5

Details about builds:


================================================================================
 389-ds-base-1.2.6.1-1.el5 (FEDORA-EPEL-2010-3435)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint

Put back the selinux dependencies I removed during a merge commit . . .
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 23 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.6.1-1
- Bug 634561 - Server crushes when using Windows Sync Agreement
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #634561 - Server crushes when using Windows Sync Agreement
        https://bugzilla.redhat.com/show_bug.cgi?id=634561
  [ 2 ] Bug #631862 - crash - delete entries not in cache + referint
        https://bugzilla.redhat.com/show_bug.cgi?id=631862
--------------------------------------------------------------------------------


================================================================================
 cgit-0.8.2.1-4.el5 (FEDORA-EPEL-2010-3431)
 A fast webinterface for git
--------------------------------------------------------------------------------
Update Information:

This fixes a security issue where a special crafted .git file could cause arbitrary code execution (CVE-2010-2542).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 27 2010 Todd Zullinger <tmz at pobox.com> - 0.8.2.1-4
- Appy upstream git patch for CVE-2010-2542 (#618108)
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 0.8.2.1-3
- rebuilt with new openssl
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #618108 - CVE-2010-2542 Git: Arbitrary code execution via specially-crafted .git file
        https://bugzilla.redhat.com/show_bug.cgi?id=618108
--------------------------------------------------------------------------------


================================================================================
 erlang-amf-0-0.2.20100908git27329144.el5 (FEDORA-EPEL-2010-3430)
 Erlang Action Message Format Library
--------------------------------------------------------------------------------
Update Information:

Initial commit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #632190 - Review Request: erlang-amf - Erlang Action Message Format Library
        https://bugzilla.redhat.com/show_bug.cgi?id=632190
--------------------------------------------------------------------------------


================================================================================
 erlang-ibrowse-2.0.1-1.el5 (FEDORA-EPEL-2010-3441)
 Erlang HTTP client
--------------------------------------------------------------------------------
Update Information:

Ver. 2.0.1
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 28 2010 Peter Lemenkov <lemenkov at gmail.com> - 2.0.1-1
- Ver. 2.0.1
- Narrowed BuildRequires
--------------------------------------------------------------------------------


================================================================================
 erlang-log4erl-0.9.0-3.el5 (FEDORA-EPEL-2010-3440)
 A logger for erlang in the spirit of Log4J
--------------------------------------------------------------------------------
Update Information:

Initial commit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #632186 - Review Request: erlang-log4erl - A logger for erlang in the spirit of Log4J
        https://bugzilla.redhat.com/show_bug.cgi?id=632186
--------------------------------------------------------------------------------


================================================================================
 erlang-misultin-0.6.1-2.el5 (FEDORA-EPEL-2010-3439)
 Erlang library for building fast lightweight HTTP(S) servers
--------------------------------------------------------------------------------
Update Information:

Initial commit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #632189 - Review Request: erlang-misultin - Erlang library for building fast lightweight HTTP(S) servers
        https://bugzilla.redhat.com/show_bug.cgi?id=632189
--------------------------------------------------------------------------------


================================================================================
 gridsite-1.5.19-1.el5 (FEDORA-EPEL-2010-3438)
 Grid Security for the Web, Web platforms for Grids
--------------------------------------------------------------------------------
Update Information:

* Supports hashes other than MD5 for VOMS ACs.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 21 2010 Steve Traylen <steve.traylen at cern.ch> - 1.5.19-1
- Upstream to 1.5.19.
- Add gridsite-include.patch 
  https://savannah.cern.ch/bugs/index.php?69632 
  https://bugzilla.redhat.com/show_bug.cgi?id=612109
- Alter default .gacl
  https://bugzilla.redhat.com/show_bug.cgi?id=612187
- Change setuid binary from 4510 to 4754
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #635272 - gridsite hardcodes md5 as the signature algorithm
        https://bugzilla.redhat.com/show_bug.cgi?id=635272
  [ 2 ] Bug #612109 - Various problems in the gridsite headers
        https://bugzilla.redhat.com/show_bug.cgi?id=612109
  [ 3 ] Bug #612187 - The root-level gacl in the gridsite package uses an old syntax
        https://bugzilla.redhat.com/show_bug.cgi?id=612187
--------------------------------------------------------------------------------


================================================================================
 iverilog-0.9.20100928-1.el5 (FEDORA-EPEL-2010-3436)
 Icarus Verilog is a verilog compiler and simulator
--------------------------------------------------------------------------------
Update Information:

Icarus Verilog 0.9.3 improves language coverage over the previous stable release, but is primarily a bug fix release. Therefore, we recommend people using the 0.9.2 release upgrade to 0.9.3 as soon as possible. Version 0.9.3 is the recommended version for all new users.
v0.9.2 prerelease snapshot
https://fedorahosted.org/fedora-electronic-lab/wiki/Testing/iverilog
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 28 2010 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20100928-1
- new stable upstream release
* Sat Sep 11 2010 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20100911-1
- New sources for upcoming  - 0.9.3 - for testing repos only
- removing useless -devel subpackage
* Wed Dec 30 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20091230-1
- New stable snapshot - 0.9.2
* Sat Dec 12 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20091212-1
- New development snapshot - 0.9.2 final prerelease snapshot
* Sat Dec  5 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20091205-1
- New development snapshot - 0.9.2 prerelease snapshot
* Fri Dec  4 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20091204-1
- New development snapshot - 0.9.2 prerelease snapshot
* Sat Nov 28 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20091130-1
- New development snapshot
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.20090423-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Sat Jun 13 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20090423-5
- Improved VPI support
* Mon Mar 23 2009 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 0.9.20081118-4
- new development release
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.20081118-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sun Dec  7 2008 Balint Cristian <rezso at rdsor.ro> 0.9.20081118-1
- new snapshot release upstream.
* Fri Sep 12 2008 Balint Cristian <rezso at rdsor.ro> 0.9.20080905-1
- new snapshot release upstream.
* Mon May 26 2008 Balint Cristian <rezso at rdsor.ro> 0.9.20080429-1
- new snapshot release upstream.
* Fri Mar 28 2008 Balint Cristian <rezso at rdsor.ro> 0.9.20080314-1
- new snapshot release upstream.
- add check section for some tests
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 0.9.20070608-2
- Autorebuild for GCC 4.3
--------------------------------------------------------------------------------


================================================================================
 mash-0.5.20-1.el5 (FEDORA-EPEL-2010-3432)
 Koji buildsystem to yum repository converter
--------------------------------------------------------------------------------
Update Information:

This is the latest upstream mash release.
This is the current upstream version of mash. This updates the EPEL version
to what Fedora infrastructure currently uses to push updates and releases. It has a
large number of changes, so please test carefully.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 28 2010 Bill Nottingham <notting at redhat.com> 0.5.20-1
- solve multilib against parent repos if configured (#633136)
- fix traceback when only binary RPMS exist (modified from #636697, <tguthmann at iseek.com.au>)
- disable sigchecking on deltas in source, not via patch (#512454)
- mark LSB-providing packages as multilib (#585858)
- fix libmunge to catch more cases (#637172, <mschwendt at gmail.com>)
- add krb5 plugin dir to multilib list (#632611)
- add libstdc++-static as a multilib whitelist (#630581)
- add dri as a multilib dir
- arm arch compatiblitiy <dennis at ausil.us>
* Fri Jul 30 2010 Bill Nottingham <notting at redhat.com> 0.5.19-1
- retarget branched.mash at f14
* Mon Jul 26 2010 Bill Nottingham <notting at redhat.com> 0.5.18-1
- add F14 key (<jkeating at redhat.com>)
* Fri Jun 25 2010 Bill Nottingham <notting at redhat.com> 0.5.17-1
- fix copying of prior deltarpms, broken in 0.5.16 (#598584)
* Wed Apr 21 2010 Bill Nottingham <notting at redhat.com> 0.5.16-1
- fix use of prior repodata (<jkeating at redhat.com>)
* Fri Apr 16 2010 Bill Nottingham <notting at redhat.com> 0.5.15-1
- branched compose configuration tweaks
- speed up composes a teeny bit
* Tue Feb 23 2010 Bill Nottingham <notting at redhat.com> 0.5.14-1
- further changes for NFR (<jkeating at redhat.com>)
* Fri Feb 19 2010 Bill Nottingham <notting at redhat.com> 0.5.13-1
- assorted fixes for no-frozen-rawhide
- make package hash directories all lowercase
* Wed Feb 17 2010 Bill Nottingham <notting at redhat.com> 0.5.12-1
- adjust for branched trees and no-frozen-rawhide (<jkeating at redhat.com>)
- allow for source repos to be optional (<jgregusk at redhat.com>)
- allow for pulling all builds, not just latest (<kanarip at fedoraunity.org>)
- enable hashed packages for rawhide
* Fri Dec 18 2009 Bill Nottingham <notting at redhat.com> 0.5.11-1
- allow package directories to be hashed by the package name
  (adapted from <skvidal at fedoraproject.org>)
* Mon Nov 16 2009 Bill Nottingham <notting at redhat.com> 0.5.10-1
- fix up distro_tags and content_tags
- bump rawhide version
- there is no ppc in Fedora rawhide anymore (<jkeating at redhat.com>)
* Mon Oct  5 2009 Bill Nottingham <notting at redhat.com> 0.5.9-1
- set dist_tags & content_tags when making metadata; update rawhide config
  (<jkeating at redhat.com>)
- allow glibc-static as a devel package
- allow making ancient yum-arch metadata
* Mon Jun 29 2009 Bill Nottingham <notting at redhat.com> 0.5.8-1
- noarch packages can have debuginfo too (#508746)
- remove wine-arts from multilib whitelist (not needed, doesn't exist)
* Tue Jun 23 2009 Bill Nottingham <notting at redhat.com> 0.5.7-1
- when using previous runs for deltas, only look in the appropriate arch dirs
- wine multilib fixes
* Mon Jun 22 2009 Bill Nottingham <notting at redhat.com> 0.5.6-1
- more gtk2 multilib (#507165)
- minor transaction speedups
- handle new yum arch-setting API. (<skvidal at fedoraproject.org>)
* Fri May  8 2009 Bill Nottingham <notting at redhat.com> 0.5.5-1
- fix setting delta_dirs in config file
- canonicalize -o option if passed as a relative path
* Wed May  6 2009 Bill Nottingham <notting at redhat.com> 0.5.4-1
- allow configuring createrepo hash type
- remove old config files
* Mon Apr 27 2009 Bill Nottingham <notting at redhat.com> 0.5.3-1
- when copying in old deltas, make sure the signatures match current packages
- don't delta source and debuginfo packages
* Fri Apr 17 2009 Bill Nottingham <notting at redhat.com> 0.5.2-1
- set a max size for deltarpm-able packages (#496242)
* Thu Apr 16 2009 Bill Nottingham <notting at redhat.com> 0.5.1-1
- delta fixes
- handle qt/kde plugins better (#495947)
* Wed Apr 15 2009 Bill Nottingham <notting at redhat.com> 0.5.0-1
- Add support for generating deltas with createrepo
- add F11 key to config (<jkeating at redhat.com>)
- various multlib updates (#485242, etc.)
* Thu Jan  8 2009 Bill Nottingham <notting at redhat.com> 0.4.9-1
- error out if strict_keys is set and we can't download the signed package
* Thu Dec 18 2008 Bill Nottingham <notting at redhat.com> 0.4.8-1
- Fix debuginfo exclusion
- Fix --skip-stat with old createrepo
- Use update_from, if it's available
* Wed Dec 17 2008 Bill Nottingham <notting at redhat.com> 0.4.7-1
- Fix noarch handling
* Wed Dec 17 2008 Bill Nottingham <notting at redhat.com> 0.4.6-1
- Fix -p/--previous for certain repository layouts
* Tue Dec 16 2008 Bill Nottingham <notting at redhat.com> 0.4.5-1
- fix caching bug with respect to epochs
- work with both python createrepo API and commandline createrepo
* Tue Dec 16 2008 Bill Nottingham <notting at redhat.com> 0.4.4-1
- Mark gstreamer plugins as multilib (#252173)
- Some more multilib devel blacklisting, including php. (#342851)
- Add a --previous option, for copying createrepo data
* Wed Oct 15 2008 Bill Nottingham <notting at redhat.com> 0.4.2-1
- Enable unique repoadata file names (<jkeating at redhat.com>)
- Add a kernel multilib policy for sparc (<dennis at ausil.us>)
- Fix base multilib policy, and packages with no key (<dennis at ausil.us>)
* Mon Sep 15 2008 Bill Nottingham <notting at redhat.com> 0.4.1-1
- Adjust for new keys
* Tue Jul 22 2008 Bill Nottingham <notting at redhat.com> 0.4.0-1
- add simple timestamping for profiling usage
- add support for caching non-local koji repositories
* Fri May 16 2008 Bill Nottingham <notting at redhat.com> 0.3.7-1
- add F9 updates configuration
* Tue Apr 29 2008 Bill Nottingham <notting at redhat.com> 0.3.6-1
- adjust qt path to catch scim-bridge-qt
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #633136 - Update fails with errors
        https://bugzilla.redhat.com/show_bug.cgi?id=633136
  [ 2 ] Bug #636697 - [MASH/KOJI] what about imported RPMs without a build ?
        https://bugzilla.redhat.com/show_bug.cgi?id=636697
  [ 3 ] Bug #512454 - attempting to check that existing deltas match signatures does not work
        https://bugzilla.redhat.com/show_bug.cgi?id=512454
  [ 4 ] Bug #585858 - redhat-lsb-graphics broken
        https://bugzilla.redhat.com/show_bug.cgi?id=585858
  [ 5 ] Bug #637172 - [PATCH] enhancement for libmunge in spam-o-matic
        https://bugzilla.redhat.com/show_bug.cgi?id=637172
  [ 6 ] Bug #632611 - RFE: count plugins under /usr/$LIB/krb5/plugins as multilib
        https://bugzilla.redhat.com/show_bug.cgi?id=632611
  [ 7 ] Bug #630581 - libstdc++-static.i686 package missing on x86_64
        https://bugzilla.redhat.com/show_bug.cgi?id=630581
  [ 8 ] Bug #508746 - noarch MinGW debuginfo packages don't get placed in the debuginfo repository
        https://bugzilla.redhat.com/show_bug.cgi?id=508746
  [ 9 ] Bug #507165 - gtk immodules not getting composed multilib
        https://bugzilla.redhat.com/show_bug.cgi?id=507165
  [ 10 ] Bug #496242 - deltarpm creation a bit piggish
        https://bugzilla.redhat.com/show_bug.cgi?id=496242
  [ 11 ] Bug #495947 - qt/kde plugin multilib love
        https://bugzilla.redhat.com/show_bug.cgi?id=495947
  [ 12 ] Bug #485242 - qt/kde widget styles should be multilib'd
        https://bugzilla.redhat.com/show_bug.cgi?id=485242
  [ 13 ] Bug #252173 - gstreamer plugins are not selected to be multilib packages when composing a tree
        https://bugzilla.redhat.com/show_bug.cgi?id=252173
  [ 14 ] Bug #342851 - multiarch conflicts in php
        https://bugzilla.redhat.com/show_bug.cgi?id=342851
  [ 15 ] Bug #338211 - alsa-plugins-pulseaudio needs 32 bit libs on x86_64 platform
        https://bugzilla.redhat.com/show_bug.cgi?id=338211
  [ 16 ] Bug #439949 - i386 version of bug-buddy not in x86_64 repos
        https://bugzilla.redhat.com/show_bug.cgi?id=439949
  [ 17 ] Bug #433555 - Mash multilib problems with yum 3.0.x / EL5
        https://bugzilla.redhat.com/show_bug.cgi?id=433555
  [ 18 ] Bug #433551 - noarch builds w/o src rpm ignored for first listed arch
        https://bugzilla.redhat.com/show_bug.cgi?id=433551
  [ 19 ] Bug #598584 - Deltarpms are deleted from repository while target rpms are still in it
        https://bugzilla.redhat.com/show_bug.cgi?id=598584
--------------------------------------------------------------------------------


================================================================================
 perl-IPC-Signal-1.00-2.el5 (FEDORA-EPEL-2010-3433)
 Utility functions dealing with signals for Perl
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #602587 - Review Request: perl-IPC-Signal - Utility functions dealing with signals
        https://bugzilla.redhat.com/show_bug.cgi?id=602587
--------------------------------------------------------------------------------


================================================================================
 rubygem-gherkin-2.2.4-3.el5 (FEDORA-EPEL-2010-3437)
 Fast Gherkin lexer/parser
--------------------------------------------------------------------------------
Update Information:


Fixed JSON dependency
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 24 2010 Michal Fojtik <mfojtik at redhat.com> - 2.2.4-3
- Replaced ~> with >= in JSON version so now it can be used
  with latest json as well
* Fri Sep 24 2010 Michal Fojtik <mfojtik at redhat.com> - 2.2.4-2
- Fixed JSON dependency version
* Fri Sep 24 2010 Michal Fojtik <mfojtik at redhat.com> - 2.2.4-1
- Version bump
* Wed Sep  8 2010 Michal Fojtik <mfojtik at redhat.com> - 2.2.0-1
- Version bump
--------------------------------------------------------------------------------





More information about the epel-devel-list mailing list