[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/xml-security-c-1.6.0-2.el6
    https://admin.fedoraproject.org/updates/bugzilla-3.4.11-1.el6
    https://admin.fedoraproject.org/updates/libpng10-1.0.55-1.el6
    https://admin.fedoraproject.org/updates/rt3-3.8.10-2.el6.1
    https://admin.fedoraproject.org/updates/squirrelmail-1.4.22-2.el6
    https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.el6
    https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    bugzilla-3.4.11-1.el6
    django-avatar-2.0a1-4.20110709git097ed8.el6
    django-celery-2.2.3-1.el6
    django-followit-0.0.2-2.el6
    django-threaded-multihost-1.4.0-2.el6
    drbdlinks-1.19-2.el6
    drupal6-features-1.1-3.el6
    duplicity-0.6.14-1.el6
    libbluray-0.2-0.6.20110710git51d7d60a96d06.el6
    nntpgrab-0.6.92-1.el6
    perl-HTTP-Server-Simple-Mason-0.14-3.el6
    perl-Sys-Hostname-Long-1.4-5.el6
    php-ZendFramework-1.11.9-1.el6
    python-anyjson-0.3.1-1.el6
    python-celery-2.2.7-3.el6
    python-importlib-1.0.2-1.el6
    python-migrate0.5-0.5.4-1.el6
    python-oauth2-1.5.170-1.el6
    python-unidecode-0.04.7-3.el6
    python-unidecode-0.04.7-4.el6
    rt3-3.8.10-2.el6.1
    rubygem-rhc-0.71.2-2.el6
    trac-spamfilter-plugin-0.4.7-0.11.20110716svn10756.el6
    xml-security-c-1.6.0-2.el6

Details about builds:


================================================================================
 bugzilla-3.4.11-1.el6 (FEDORA-EPEL-2011-3863)
 Bug tracking system
--------------------------------------------------------------------------------
Update Information:

Security update for CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048
--------------------------------------------------------------------------------
ChangeLog:

* Sun May  1 2011 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.11-1
- Update to 3.4.11
* Tue Mar  8 2011 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.10-2
- Put contrib/recode.pl in the main package so that it no longer depends on
  python and ruby
* Tue Jan 25 2011 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.10-1
- Update to 3.4.10
* Wed Nov  3 2010 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.9-1
- Update to 3.4.9
* Thu Aug 19 2010 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.8-2
- Bump to correct changelog version
* Wed Aug 18 2010 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.8-1
- Update to 3.4.8 (#623426, #615331)
- Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210)
- Add bugzilla-contrib to Requires (#610198)
* Wed Jun 30 2010 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.7-2
- Remove mod_perl from the requirements (#600924)
* Fri Jun 25 2010 Emmanuel Seyman <emmanuel seyman club-internet fr> - 3.4.7-1
- Update to 3.4.7 (CVE-2010-1204)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #672856 - bugzilla: multiple security issues [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=672856
--------------------------------------------------------------------------------


================================================================================
 django-avatar-2.0a1-4.20110709git097ed8.el6 (FEDORA-EPEL-2011-3859)
 A django module for handling user avatars
--------------------------------------------------------------------------------
Update Information:

A django module for handling user avatars
--------------------------------------------------------------------------------


================================================================================
 django-celery-2.2.3-1.el6 (FEDORA-EPEL-2011-3838)
 Django Celery Integration
--------------------------------------------------------------------------------
Update Information:

Django Celery Integration
--------------------------------------------------------------------------------


================================================================================
 django-followit-0.0.2-2.el6 (FEDORA-EPEL-2011-3837)
 A django app that allows users to follow django model objects
--------------------------------------------------------------------------------
Update Information:

A django app that allows users to follow django model objects
--------------------------------------------------------------------------------


================================================================================
 django-threaded-multihost-1.4.0-2.el6 (FEDORA-EPEL-2011-3874)
 Django app to enable multi-site awareness in Django apps
--------------------------------------------------------------------------------
Update Information:

add requires on Django
--------------------------------------------------------------------------------


================================================================================
 drbdlinks-1.19-2.el6 (FEDORA-EPEL-2011-3849)
 A program for managing links into a DRBD shared partition
--------------------------------------------------------------------------------
Update Information:

- Handle visible SELinux range label if mcstrans is not used
- Added configuration file for tmpfiles handling (#656578)
- Added logrotate configuration to ignore possible *.drbdlinks
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 17 2011 Robert Scheck <robert fedoraproject org> 1.19-2
- Handle visible SELinux range label if mcstrans is not used
- Added configuration file for tmpfiles handling (#656578)
- Added logrotate configuration to ignore possible *.drbdlinks
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #656578 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656578
--------------------------------------------------------------------------------


================================================================================
 drupal6-features-1.1-3.el6 (FEDORA-EPEL-2011-3852)
 Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:

Update to upstream 1.1 fixes false overrides when permissions were created in a different order.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 18 2011 Paul W. Frields <stickster gmail com> - 1.1-3
- Update to upstream 1.1
--------------------------------------------------------------------------------


================================================================================
 duplicity-0.6.14-1.el6 (FEDORA-EPEL-2011-3855)
 Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:

New in v0.6.14 (2011/06/18)
----------------------------

Enhancements:

  * Provide Ubuntu One integration

Bugs closed in this release:

  * AttributeError: FileobjHooked instance has no attribute 'name'
  * Restore fails with "Invalid data - SHA1 hash mismatch"
  * Cygwin: Full Backup fails with "IOError: [Errno 13] Permission denied"
  * --exclude-filelist-stdin and gpg error with/without PASSPHRASE
  * Endless retype passphrase when typo
  * "include-filelist-stdin" not implemented on version 0.6.11
  * [PATCH] Local backend should always try renaming instead of copying
  * cannot import name S3ResponseError
  * Difference found: File X has permissions 666, expected 666
  * collection-status asking for passphrase
  * ncftpls file delete fails in ftpbackend.py
  * create tomporary files with sftp
  * duplicity sftp backend should ignore removing a file which is not there
  * Webdav(s) url scheme lacks port support
  * create tomporary files with sftp
  * sftp backend cannot create new subdirs on new backup
  * Timeout on sftp command 'ls -1'
  * Duplicity ignores some FatalErrors
  * Allow to pass different passwords for --sign-key and --encrypt-key


New in v0.6.13 (2011/04/02)
----------------------------

Enhancements added this release:

  * New manual test to make Ctrl-C issues easier to replicate.
  * Use python-virtualenv to make testing multiple Python versions easier.
  * In boto backend check for existing bucket before trying to create.

Bugs closed in this release:

  * Assertion error "time not moving forward at appropriate pace"
  * silent data corruption with checkpoint/restore
  * File "/usr/bin/duplicity", error after upgrade from 6.11 to 6.12


New in v0.6.12 (2011/03/08)
----------------------------

Enhancements added this release:

  * ftps support using lftp (ftpsbackend)

Bugs closed in this release:

  * Only full backups done on webdav
  * Use log codes for common backend errors
  * Inverted "Current directory" "Previous directory" in error message
  * OSError: [Errno 2] No such file or directory
  * sslerror: The read operation timed out with cf
  * boto backend uses Python 2.5 conditional
  * symbolic link ownership not preserved
  * Cygwin: TypeError: basis_file must be a (true) file ...
  * Duplicity 0.6.11 aborts if RSYNC_RSH not set
  * Backup fails silently when target is full (sftp, verbosity=4)
  * Exception in log module
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 17 2011 Robert Scheck <robert fedoraproject org> 0.6.14-1
- Upgrade to 0.6.14 (#720589, #697222)
- Backported optparse 1.5a2 from RHEL 5 for RHEL 4 (#717133)
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.6.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #720589 - duplicity 0.6.13 out
        https://bugzilla.redhat.com/show_bug.cgi?id=720589
  [ 2 ] Bug #697222 - Duplicity with rsync fails if RSYNC_RSH is not set
        https://bugzilla.redhat.com/show_bug.cgi?id=697222
  [ 3 ] Bug #717133 - Duplicity on EL4 (From epel) doesn't even work
        https://bugzilla.redhat.com/show_bug.cgi?id=717133
--------------------------------------------------------------------------------


================================================================================
 libbluray-0.2-0.6.20110710git51d7d60a96d06.el6 (FEDORA-EPEL-2011-3870)
 Library to access Blu-Ray disks for video playback
--------------------------------------------------------------------------------
Update Information:

First EL 6 build.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #721124 - Update for EPEL 6
        https://bugzilla.redhat.com/show_bug.cgi?id=721124
--------------------------------------------------------------------------------


================================================================================
 nntpgrab-0.6.92-1.el6 (FEDORA-EPEL-2011-3840)
 Download files from the usenet
--------------------------------------------------------------------------------
Update Information:

Update to 0.6.92 (0.7 beta 3). For the complete list of changes see http://nntpgrab.nl/projects/nntpgrab/wiki/Version_history
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 20 2011 Erik van Pienbroek <epienbro fedoraproject org> - 0.6.92-1
- Update to 0.6.92 (0.7 Beta 3)
- Build against gtk3 on Fedora 15 and rawhide
- Dropped upstreamed NetworkManager 0.9 patch
* Sun Mar 27 2011 Christopher Aillon <caillon redhat com> - 0.6.91-4
- Rebuild against NetworkManager 0.9
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.6.91-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-HTTP-Server-Simple-Mason-0.14-3.el6 (FEDORA-EPEL-2011-3841)
 HTTP::Server::Simple::Mason Perl module
--------------------------------------------------------------------------------
Update Information:

Update to 0.14.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.14-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Dec 17 2010 Marcela Maslanova <mmaslano redhat com> - 0.14-2
- 661697 rebuild for fixing problems with vendorach/lib
* Mon Sep 13 2010 Ralf Corsépius <corsepiu fedoraproject org> - 0.14-1
- Upstream update.
* Sun May  2 2010 Marcela Maslanova <mmaslano redhat com> - 0.13-3
- Mass rebuild with perl-5.12.0
* Mon Dec  7 2009 Stepan Kasal <skasal redhat com> - 0.13-2
- rebuild against perl 5.10.1
--------------------------------------------------------------------------------


================================================================================
 perl-Sys-Hostname-Long-1.4-5.el6 (FEDORA-EPEL-2011-3861)
 Try every conceivable way to get full hostname
--------------------------------------------------------------------------------
Update Information:

New package. Perl module that tries every conceivable way to get full hostname.
--------------------------------------------------------------------------------


================================================================================
 php-ZendFramework-1.11.9-1.el6 (FEDORA-EPEL-2011-3862)
 Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:

Update to 1.11.9 fixes some nasty bugs (typos in code, etc.) introduced with 1.11.8
Update to 1.11.8
Unbundled Dojo
Update to 1.11.8
Unbundled Dojo
Added Zend Framework to EPEL Repo
--------------------------------------------------------------------------------


================================================================================
 python-anyjson-0.3.1-1.el6 (FEDORA-EPEL-2011-3865)
 Wraps the best available JSON implementation available
--------------------------------------------------------------------------------
Update Information:

Python wrapper for JSON
--------------------------------------------------------------------------------


================================================================================
 python-celery-2.2.7-3.el6 (FEDORA-EPEL-2011-3847)
 Distributed Task Queue
--------------------------------------------------------------------------------
Update Information:

Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #722444 - Review Request: python-celery - Distributed Task Queue
        https://bugzilla.redhat.com/show_bug.cgi?id=722444
--------------------------------------------------------------------------------


================================================================================
 python-importlib-1.0.2-1.el6 (FEDORA-EPEL-2011-3846)
 Backport of importlib.import_module() from Python 2.7
--------------------------------------------------------------------------------
Update Information:

Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #722427 - Review Request: python-importlib - Backport of importlib.import_module() from Python 2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=722427
--------------------------------------------------------------------------------


================================================================================
 python-migrate0.5-0.5.4-1.el6 (FEDORA-EPEL-2011-3843)
 Schema migration tools for SQLAlchemy
--------------------------------------------------------------------------------
Update Information:

Minor upstream bugfix
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 15 2011 Toshio Kuratomi <toshio fedoraproject org> - 0.5.4-1
- Update to new upstream bugfix release
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.5.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #722665 - python-migrate0.5-0.5.4.tar.gz">sqlalchemy-migrate-0.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=722665
--------------------------------------------------------------------------------


================================================================================
 python-oauth2-1.5.170-1.el6 (FEDORA-EPEL-2011-3868)
 Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:

Python support for improved oauth
--------------------------------------------------------------------------------


================================================================================
 python-unidecode-0.04.7-3.el6 (FEDORA-EPEL-2011-3844)
 US-ASCII transliterations of Unicode text
--------------------------------------------------------------------------------
Update Information:

US-ASCII transliterations of Unicode text
--------------------------------------------------------------------------------


================================================================================
 python-unidecode-0.04.7-4.el6 (FEDORA-EPEL-2011-3851)
 US-ASCII transliterations of Unicode text
--------------------------------------------------------------------------------
Update Information:

mark package as architecture independent
--------------------------------------------------------------------------------


================================================================================
 rt3-3.8.10-2.el6.1 (FEDORA-EPEL-2011-3860)
 Request tracker 3
--------------------------------------------------------------------------------
Update Information:

Update for CVE-2011-1685, CVE-2011-1686, CVE-2011-1687, CVE-2011-1688, CVE-2011-1689, CVE-2011-1690
--------------------------------------------------------------------------------
ChangeLog:

* Tue May  3 2011 Xavier Bachelot <xavier bachelot org> - 3.8.10-2.1
- Add BR: perl(Digest::SHA).
* Sat Apr 16 2011 Ralf Corsépius <corsepiu fedoraproject org> - 3.8.10-2
- Work-around rpm's depgenerator defect: 
  Filter Requires: perl(DBIx::SearchBuilder::Handle::).
* Sat Apr 16 2011 Ralf Corsépius <corsepiu fedoraproject org> - 3.8.10-1
- Upstream update.
- Rebase patches.
- Spec cleanup.
* Thu Feb 17 2011 Ralf Corsépius <corsepiu fedoraproject org> - 3.8.9-1
- Upstream update (CVE-2011-0009, BZ 672257).
- Rebase patches.
- Switch to using perl-filters
  (Work around broken deps caused by rpm dep-tracker changes).
- Spec file overhaul.
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.8.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Sep  3 2010 Mark Chappell <tremble fedoraproject org> - 3.8.8-3.1
- Enable GPG2 for the EPEL build
* Thu Jul  8 2010 Ralf Corsépius <corsepiu fedoraproject org> - 3.8.8-3
- Add COPYING to rt3-mailgate.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #696795 - CVE-2011-1685 CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690 rt3: several security flaws fixed in 3.6.11, 3.8.10
        https://bugzilla.redhat.com/show_bug.cgi?id=696795
--------------------------------------------------------------------------------


================================================================================
 rubygem-rhc-0.71.2-2.el6 (FEDORA-EPEL-2011-3876)
 OpenShift Express Client Tools
--------------------------------------------------------------------------------
Update Information:

OpenShift Express Client Tools allows you to create and deploy applications to the cloud.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #716469 - Review Request: rubygem-rhc - Openshift Express Client Tools
        https://bugzilla.redhat.com/show_bug.cgi?id=716469
--------------------------------------------------------------------------------


================================================================================
 trac-spamfilter-plugin-0.4.7-0.11.20110716svn10756.el6 (FEDORA-EPEL-2011-3848)
 Spam-Filter plugin for Trac
--------------------------------------------------------------------------------
Update Information:

This update to the current subversion snapshot release includes a number of bugfixes from upstream, plus an enhancement to make it easy to remove user accounts that submit spam.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 17 2011 Paul Howarth <paul city-fan org> - 0.4.7-0.11.20110716svn10756
- Update to current svn snapshot
  - Various Blogspam timeout fixes
  - Add links to kill spammy users (Upstream #10093)
  - Add proper check for Defensio and python < 2.6 (Upstream #10195)
  - Add cleanup code to remove obsolete captcha db entries
  - Fix issues with different SQL engines (Upstream #10227)
  - Fix wrong argument count in log message (Upstream #10264)
  - Fix possibly uninitialized value (Upstream #10261)
- No need for %defattr
--------------------------------------------------------------------------------


================================================================================
 xml-security-c-1.6.0-2.el6 (FEDORA-EPEL-2011-3858)
 C++ Implementation of W3C security standards for XML
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2011-2516: Apache Santuario XML Security for C++
contains buffer overflows signing or verifying with large keys.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul  8 2011 Antti Andreimann <Antti Andreimann mail ee> - 1.6.0-2
- Backported a patch to fix CVE-2011-2516 (#719698)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #719698 - CVE-2011-2516 xml-security-c: Stack-based buffer overflows when creating or verifying XML Signatures with RSA keys of sizes >= 8192 bits
        https://bugzilla.redhat.com/show_bug.cgi?id=719698
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]