[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/telepathy-gabble-0.8.15-1.el6
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
    https://admin.fedoraproject.org/updates/pywebdav-0.9.4.1-1.el6
    https://admin.fedoraproject.org/updates/asterisk-1.8.3-1.el6
    https://admin.fedoraproject.org/updates/moodle-1.9.11-1.el6
    https://admin.fedoraproject.org/updates/perl-Mail-Box-2.097-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    avrdude-5.10-3.el6
    bouncycastle-1.46-1.el6
    dspam-3.9.0-15.el6
    dvisvgm-1.0.5-1.el6
    perl-Mail-Box-2.097-1.el6
    pfHandle-1.1-4.el6
    php-pear-Cache-Lite-1.7.9-1.el6
    xawtv-3.100-1.el6

Details about builds:


================================================================================
 avrdude-5.10-3.el6 (FEDORA-EPEL-2011-0558)
 Software for programming Atmel AVR Microcontroller
--------------------------------------------------------------------------------
Update Information:

This release just re-syncs the git source with the actual packages. It should not change the actual package content except for changelogs and package version number.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  2 2011 Hans Ulrich Niedermann <hun n-dimensional de> - 5.10-3
- Rebuilt package from fixed sources (unchanged package content)
- Unify pkg source in git for el6, f13, f14, f15, rawhide
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 5.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 bouncycastle-1.46-1.el6 (FEDORA-EPEL-2011-0554)
 Bouncy Castle Crypto Package for Java
--------------------------------------------------------------------------------
Update Information:

Release Notes - Java APIs 1.X - Version 1.46

* Bug
    * [BJA-60] - JCE EC keypairs to be serializable
    * [BJA-151] - RFC3280/CertpathValidator infinite loop crashes as StackOverFlowError
    * [BJA-197] - Add a binary to PEM converter
    * [BJA-226] - PKCS12 KeyStore should write using DEROutputStream, not BEROutputStream
    * [BJA-227] - AccessControlException trying to put provider properties during initialisation
    * [BJA-228] - Extra array copy in BEROctetStringGenerator
    * [BJA-240] - Adding an identifier to PKCSObjectIdentifiers
    * [BJA-241] - AccessControlException creating instance of org.bouncycastle.jce.provider.symmetric.AESMappings in provider constructor
    * [BJA-242] - Parsing ESSCertIDv2 fails if Algorithm Identifier is id_sha256
    * [BJA-244] - Unprintable characters in DSAParametersGenerator.java
    * [BJA-249] - Incorrect fetching of CRLs for specified time
    * [BJA-255] - Incompatibility between TimeStampToken#validate and RFC 3161
    * [BJA-259] - Tag number check is missing in `asn1.cms.ContentInfo` parser
    * [BJA-260] - ECPoint calculation not correct
    * [BJA-268] - Can't validate SMIME message (generated by BC)
    * [BJA-271] - The method isRevoked in class X509CRLObject is not thread-safe
    * [BJA-272] - Checking revocation reason on CRL without extensions produces NPE
    * [BJA-276] - PGPUtil.getDecoderStream() and streams larger 2GB
    * [BJA-277] - Implementation of RFC 5746
    * [BJA-280] - Incomplete ISO-9796-1 padding causes verification issues
    * [BJA-283] - In OpenPGP API, encoding and decoding is not working for a sub-key
    * [BJA-284] - org.bouncycastle.asn1.DERGeneralizedTim.getDate() returns incorrect date when time string carries fractional seconds
    * [BJA-286] - PEMWriter writeObject does not encrypt KeyPair objects when asked
    * [BJA-288] - -org.bouncycastle.asn1.DERGeneralizedTim.getDate() returns incorrect date when time string carries fractional seconds with 2 decimal point
    * [BJA-289] - error constructing MAC: java.security.NoSuchAlgorithmException
    * [BJA-290] - java.io.EOFException: premature end of stream in PartialInputStream
    * [BJA-293] - BufferedBlockCipher.doFinal() does not call reset() in the case that it throws DataLengthException.  This leaves Cipher object unusable.
    * [BJA-300] - PSSSigner gives incorrect result when MGF digest and content digest are not the same
    * [BJA-302] - SignerLocation DirectoryString parsing
    * [BJA-304] - Supplied key (sun.security.pkcs11.P11Key$P11PrivateKey) is not a RSAPrivateKey instance
    * [BJA-305] - PEMReader class cannot read private keys generated by OpenSSL 1.0.0
    * [BJA-306] - Exception encoding CMSSignedData/SignerInfo with version set to 3
    * [BJA-309] - X509Name SN defaultLookup binds to SerialNumber instead of SurName
    * [BJA-311] - SMIMEGenerator.extractHeaders uses setHeader instead of addHeader and thus removes headers occuring multiple times
    * [BJA-313] - PEMReader using specific Provider problematic / useless with Sun's default Provider
    * [BJA-314] - Regression regarding Certificate Path Validation algorithm with CRL check enabled
    * [BJA-317] - Cannot open this item.Your digital id name cannot be found by the underlying security system
    * [BJA-319] - It is not possible to pass an IV to the init method of ISO9797Alg3Mac
    * [BJA-320] - Base64.decode(byte[] in) throws ArrayIndexOutOfBoundsException when bytevalue exceeds 127
    * [BJA-326] - Finding a generator in DHParametersHelper

* Improvement
    * [BJA-189] - Change the signature of   CMSEnvelopedDataStreamGenerator method:  private OutputStream open(OutputStream out, String encryptionOID, KeyGenerator keyGen, Provider provider) from  private to protected / public 
    * [BJA-221] - ESSCertIDv2 update for RFC 3161
    * [BJA-237] - SubjectKeyIdentifierStructure constructor throws CertificateParsingException‏ instead of InvalidKeyException
    * [BJA-238] - Request to update bzip2 classes to ASL 2.0 license
    * [BJA-243] - Improve high-level support for PKCS#8 keys
    * [BJA-248] - RFE:  New addSigner variants for CMSSignedDataStreamGenerator
    * [BJA-258] - SignerId and key usage
    * [BJA-261] - extra attributes required in manifest for BC jars to stop dialog boxes.
    * [BJA-262] - TimeStampRequest requires a provider to support RIPEMD algorithms
    * [BJA-263] - Failing decryption on mail from MS Outlook 2010 beta
    * [BJA-266] - In the j2me version J2ME  	  lcrypto-j2me-145.tar.gz  	lcrypto-j2me-145.zip
    * [BJA-287] - Make OSGi Bundle out of the JARs
    * [BJA-295] - Addition of algorithms for X.509 cert and PKCS #10 request generation
    * [BJA-298] - Kept geting "Checksum validation failed, no checksums available from the repository"
    * [BJA-327] - Validate TimeStampToken by public key

* New Feature
    * [BJA-2] - Certificate Management Protocol (CMP)
    * [BJA-155] - TLS: Access to the master secret, client random, server random
    * [BJA-231] - TLS client side authentication
    * [BJA-250] - Method for generating custom TimeStampResponse failure message
    * [BJA-291] - Add support for EC cipher suites in TLS client (RFC 4492)
    * [BJA-294] - Add support for DEFLATE compression to TLS
    * [BJA-297] - Support for RFC 5544 - Syntax binding for documents with time stamps.
    * [BJA-303] - ResponderID getters
    * [BJA-310] - Add support for ECDSA_fixed_ECDH authentication to TLS client
    * [BJA-312] - Support for LDSSecurityObject V1
    * [BJA-324] - Stream processing of TimeStampedData documents (TSD, RFC 5544) 

* Task
    * [BJA-239] - TLS Record Padding


--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  2 2011 Steve Traylen <steve traylen cern ch> - 1.46-1
- Import Bouncy Castle 1.46.
- Drop gcj.
--------------------------------------------------------------------------------


================================================================================
 dspam-3.9.0-15.el6 (FEDORA-EPEL-2011-0552)
 A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar  1 2011 Nathanael Noblet <nathanael gnat ca> - 3.9.0.-15
- Applied Matej Cepl's patch to move the web dir to /var/www/dspam
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.9.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 26 2011 Nathanael Noblet <nathanael gnat ca> - 3.9.0-13
- Fixed dspam-web cgi bug
* Wed Jan 26 2011 Nathanael Noblet <nathanael gnat ca> - 3.9.0-12
- Patch config & doc defaults to put the socket in /var/run/dspam
- remove ghosting
* Tue Nov 23 2010 Nathanael Noblet <nathanael gnat ca> - 3.9.0-11
- Updated for var-run-tmpfs feature
* Wed Sep 29 2010 jkeating - 3.9.0-10
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #672068 - dspam web interface completely broken
        https://bugzilla.redhat.com/show_bug.cgi?id=672068
--------------------------------------------------------------------------------


================================================================================
 dvisvgm-1.0.5-1.el6 (FEDORA-EPEL-2011-0555)
 DVI to SVG converter
--------------------------------------------------------------------------------
Update Information:

dvisvgm 1.0.5 is a maintenance release with the following changes:
* An optional argument to command-line option -n has been added to disable the generation of <use> elements.
* Font cache files are now validated with a checksum
* Missing measurement units have been added to the width/height attributes of the SVG root element
* A couple of minor issues have been fixed.

For further information see http://dvisvgm.sourceforge.net/
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  2 2011 Martin Gieseking <martin gieseking uos de> - 1.0.5-1
- updated to upstream release 1.0.5
--------------------------------------------------------------------------------


================================================================================
 perl-Mail-Box-2.097-1.el6 (FEDORA-EPEL-2011-0557)
 Manage a mailbox, a folder with messages
--------------------------------------------------------------------------------
Update Information:

Update perl-Mail-Box to 2.097.
No longer require spamassassin.
2.097 now randomizes boundary string to avoid (undemonstrated) security risks with boundary guessing.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  2 2011 Tom Callaway <spot fedoraproject org> - 2.097-1
- update to 2.097
- remove Mail::SpamAssassin from BuildRequires
- filter Mail::SpamAssassin out of Requires
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.095-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Dec 20 2010 Marcela Maslanova <mmaslano redhat com> - 2.095-2
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #647783 - perl-Mail-Box shouldn't force spamassassin to be installed
        https://bugzilla.redhat.com/show_bug.cgi?id=647783
--------------------------------------------------------------------------------


================================================================================
 pfHandle-1.1-4.el6 (FEDORA-EPEL-2011-0548)
 Postfix management wrapper utility
--------------------------------------------------------------------------------
Update Information:

releasing to epel
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #617400 - Review Request: pfHandle - wrapper for tools to manage postfix mail queue
        https://bugzilla.redhat.com/show_bug.cgi?id=617400
--------------------------------------------------------------------------------


================================================================================
 php-pear-Cache-Lite-1.7.9-1.el6 (FEDORA-EPEL-2011-0550)
 Fast and Safe little cache system for PHP
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog:

* If sys_get_temp_dir() is available and the 'cacheDir' option is not provided in the constructor options array its output is used to determine the suitable temporary directory. See Bug #18328

--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  2 2011 Remi Collet <Fedora FamilleCollet com> 1.7.9-1
- Version 1.7.9 (stable) - API 1.7.7 (stable)
- define timezone during build
- run test suite during %check
--------------------------------------------------------------------------------


================================================================================
 xawtv-3.100-1.el6 (FEDORA-EPEL-2011-0551)
 TV applications for video4linux compliant devices
--------------------------------------------------------------------------------
Update Information:

Fixes a few bugs found during -rc phase for xawtv.
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]