[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 5 updates-testing report



The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/rt3-3.6.10-2.el5
    https://admin.fedoraproject.org/updates/loggerhead-1.18.1-1.el5
    https://admin.fedoraproject.org/updates/wordpress-3.1-1.el5
    https://admin.fedoraproject.org/updates/clamav-0.97-12.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    389-admin-1.1.16-1.el5
    389-admin-console-1.1.7-1.el5
    389-ds-base-1.2.8-0.8.rc4.el5
    389-ds-console-1.2.5-1.el5
    clamav-0.97-12.el5
    globus-gsi-sysconfig-3.1-3.el5
    grib_api-1.9.8-3.el5
    idm-console-framework-1.1.7-4.el5
    pam_shield-0.9.5-2.el5
    ruby-augeas-0.4.1-1.el5

Details about builds:


================================================================================
 389-admin-1.1.16-1.el5 (FEDORA-EPEL-2011-2938)
 389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:

This is the 1.1.16 release
1.1.15 release - git tag 389-admin-1.1.15
see Bugs for the list of bugs fixed
start-ds-admin.in -- replaced "return 1" with "exit 1"
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Rich Megginson <rmeggins redhat com> - 1.1.16-1
- 389-admin-1.1.16
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
- Bug 614690 - Don't use exec to call genrb
- Bug 158926 - Unable to install CA certificate when using
-     hardware token ( LunaSA )
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
* Wed Feb 23 2011 Rich Megginson <rmeggins redhat com> - 1.1.15-1
- 1.1.15 release - git tag 389-admin-1.1.15
- Bug 493424 - remove unneeded modules for admin server apache config
- Bug 618897 - Wrong permissions when creating instance from Console
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
- Bug 245278 - Changing to a password with a single quote does not work
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
- Bug 668950 - Add posix group support to Console
- Bug 618858 - move start-ds-admin env file into main admin server config path
- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe
ndencies
- start-ds-admin.in -- replaced "return 1" with "exit 1"
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 470576 - Migration could do addition checks before commiting actions
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
        https://bugzilla.redhat.com/show_bug.cgi?id=476925
  [ 2 ] Bug #614690 - adminutil ICU RB generation can fail
        https://bugzilla.redhat.com/show_bug.cgi?id=614690
--------------------------------------------------------------------------------


================================================================================
 389-admin-console-1.1.7-1.el5 (FEDORA-EPEL-2011-2931)
 389 Admin Server Management Console
--------------------------------------------------------------------------------
Update Information:

This is the 1.1.7 release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 30 2011 Rich Megginson <rmeggins redhat com> - 1.1.7-1
- the 1.1.7 release - git tag 389-admin-console-1.1.7
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for
-     the admin user
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
* Wed Feb 23 2011 Rich Megginson <rmeggins redhat com> - 1.1.6-1
- the 1.1.6 release - git tag 389-admin-console-1.1.6
- Bug 668950 - Add posix group support to Console
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
        https://bugzilla.redhat.com/show_bug.cgi?id=476925
--------------------------------------------------------------------------------


================================================================================
 389-ds-base-1.2.8-0.8.rc4.el5 (FEDORA-EPEL-2011-2935)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

This is the 1.2.8 release candidate 4 release
This is 389-ds-base-1.2.8 RC 2 - this fixes several bugs found in alpha and RC 1 testing
This is the 389-ds-base-1.2.8 release candidate 1 build
Split off 389-ds-base-libs to solve multilib issues
1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
see bugs for a list of bugs fixed
This is the 1.2.8 alpha 2 release - many bug fixes
389-ds-base 1.2.8 alpha 1
contains many bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.8.rc4
- 389-ds-base-1.2.8.rc4
- Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv
ice is restarted
- 389-ds-base-1.2.8.rc3
- Bug 690955 - Mrclone fails due to the replica generation id mismatch
* Tue Mar 22 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.7.rc2
- 389-ds-base-1.2.8 release candidate 2 - git tag 389-ds-base-1.2.8.rc2
- Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences
- Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format
- Bug 681015 - RFE: allow fine grained password policy duration attributes
-              in days, hours, minutes, as well
- Bug 684996 - Exported tombstone cannot be imported correctly
- Bug 683250 - slapd crashing when traffic replayed
- Bug 668909 - Can't modify replication agreement in some cases
- Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1
- Bug 644784 - Memory leak in "testbind.c" plugin
- Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree
* Wed Mar  2 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.6.rc1
- 389-ds-base-1.2.8 release candidate 1 - git tag 389-ds-base-1.2.8.rc1
- Bug 518890 - setup-ds-admin.pl - improve hostname validation
- Bug 681015 - RFE: allow fine grained password policy duration attributes in 
-     days, hours, minutes, as well
- Bug 514190 - setup-ds-admin.pl --debug does not log to file
- Bug 680555 - ns-slapd segfaults if I have more than 100 DBs
- Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
- Bug 674852 - crash in ldap-agent when using OpenLDAP
- Bug 679978 - modifying attr value crashes the server, which is supposed to
-     be indexed as substring type, but has octetstring syntax
- Bug 676655 - winsync stops working after server restart
- Bug 677705 - ds-logpipe.py script is failing to validate "-s" and
-     "--serverpid" options with "-t".
- Bug 625424 - repl-monitor.pl doesn't work in hub node
* Mon Feb 28 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.5.a3
- Bug 676598 - 389-ds-base multilib: file conflicts
- split off libs into a separate -libs package
* Thu Feb 24 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.4.a3
- do not create /var/run/dirsrv - setup will create it instead
- remove the fedora-ds initscript upgrade stuff - we do not support that anymore
- convert the remaining lua stuff to plain old shell script
* Wed Feb  9 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.3.a3
- 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
- Bug 675320 - empty modify operation with repl on or lastmod off will crash server
- Bug 675265 - preventryusn gets added to entries on a failed delete
- Bug 677774 - added support for tmpfiles.d
- Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search
es
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
- Bug 671199 - Don't allow other to write to rundir
- Bug 678646 - Ignore tombstone operations in managed entry plug-in
- Bug 676053 - export task followed by import task causes cache assertion
- Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
- Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
- Bug 676689 - crash while adding a new user to be synced to windows
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv
ice is restarted
- Bug 675853 - dirsrv crash segfault in need_new_pw()
* Thu Feb  3 2011 Rich Megginson <rmeggins redhat com> - 1.2.8-0.2.a2
- 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2
- Bug 674430 - Improve error messages for attribute uniqueness
- Bug 616213 - insufficient stack size for HP-UX on PA-RISC
- Bug 615052 - intrinsics and 64-bit atomics code fails to compile
-    on PA-RISC
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 668862 - init scripts return wrong error code
- Bug 670616 - Allow SSF to be set for local (ldapi) connections
- Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the 
-    log output to the text file
- Bug 668619 - slapd stops responding
- Bug 624547 - attrcrypt should query the given slot/token for
-    supported ciphers
- Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any 
-    error message in logs
* Fri Jan 21 2011 Nathan Kinder <nkinder redhat com> - 1.2.8-0.1.a1
- 1.2.8-0.1.a1 release - git tag 389-ds-base-1.2.8.a1
- many bug fixes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
        https://bugzilla.redhat.com/show_bug.cgi?id=668385
  [ 2 ] Bug #690955 - Mrclone fails due to the replica generation id mismatch
        https://bugzilla.redhat.com/show_bug.cgi?id=690955
  [ 3 ] Bug #689537 - Fix Coverity NULL pointer dereferences
        https://bugzilla.redhat.com/show_bug.cgi?id=689537
  [ 4 ] Bug #689866 - ns-newpwpolicy.pl needs to use the new DN format
        https://bugzilla.redhat.com/show_bug.cgi?id=689866
  [ 5 ] Bug #681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
        https://bugzilla.redhat.com/show_bug.cgi?id=681015
  [ 6 ] Bug #684996 - Exported tombstone cannot be imported correctly.
        https://bugzilla.redhat.com/show_bug.cgi?id=684996
  [ 7 ] Bug #683250 - slapd crashing when traffic replayed
        https://bugzilla.redhat.com/show_bug.cgi?id=683250
  [ 8 ] Bug #668909 - Can't modify replication agreement in some cases
        https://bugzilla.redhat.com/show_bug.cgi?id=668909
  [ 9 ] Bug #504803 - Not possible to set nsslapd-*-logmaxdiskspace to -1 through fedora-idm-console
        https://bugzilla.redhat.com/show_bug.cgi?id=504803
  [ 10 ] Bug #644784 - Memory leak in "testbind.c" plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=644784
  [ 11 ] Bug #680558 - Winsync plugin fails to restrain itself to the configured subtree
        https://bugzilla.redhat.com/show_bug.cgi?id=680558
--------------------------------------------------------------------------------


================================================================================
 389-ds-console-1.2.5-1.el5 (FEDORA-EPEL-2011-2947)
 389 Directory Server Management Console
--------------------------------------------------------------------------------
Update Information:

This is the 1.2.5 release
the 1.2.4 release - git tag 389-ds-console-1.2.4 - see Bugs for a list of bugs fixed
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 30 2011 Rich Megginson <rmeggins redhat com> 1.2.5-1
- the 1.2.5 release - git tag 389-ds-console-1.2.5
- Bug 616707 - Add attribute matching rule UI to Console
- Bug 533505 - Warn about CA cert trust when enabling SSL in Console
- Bug 158262 - Windows Sync UI is inconistent
- Bug 504803 - Allow nsslapd-*-logmaxdiskspace to be set to -1 in UI
- Bug 474113 - Allow access log level to be configured from Console
- Bug 229693 - Update naming attribute when objectclass is removed
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
* Wed Feb 23 2011 Rich Megginson <rmeggins redhat com> 1.2.4-1
- the 1.2.4 release - git tag 389-ds-console-1.2.4
- Bug 450016 - RFE- Console display values in KB/MB/GB
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
- Bug 661116 - 389-console Configuration tab admin permissions (nsslapd-referral ?) and folder not expending immediatly
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 553066 - Directory Console: do not display "subtree" index type
- Bug 599732 - Root node in directory browser shows DN syntax error
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #616707 - Allow editing of attributes matching rules from console
        https://bugzilla.redhat.com/show_bug.cgi?id=616707
--------------------------------------------------------------------------------


================================================================================
 clamav-0.97-12.el5 (FEDORA-EPEL-2011-2944)
 Anti-virus software
--------------------------------------------------------------------------------
Update Information:

Trivial change to freshclam configuration and cronjob to not override the defaults the upstream clamav sets for NotifyClamd. 

* Wed Mar 30 2011 Jan-Frode Myklebust <janfrode tanso net> - 0.97-12 - Move deletion of /var/lib/clamav/mirrors.dat to db package. - Don't enable NotifyClamd in freshclam config and cronjob, as not everybody is running clamd. Running clamd's will anyway notice when db is updated.

https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html




https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html



https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html



--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 30 2011 Jan-Frode Myklebust <janfrode tanso net> - 0.97-12
- Move deletion of /var/lib/clamav/mirrors.dat to db package.
- Don't enable NotifyClamd in freshclam config and cronjob, as not
  everybody is running clamd. Running clamd's will anyway notice
  when db is updated.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #692016 - NotifyClamd: Can't find or parse configuration file /etc/clamd.conf
        https://bugzilla.redhat.com/show_bug.cgi?id=692016
  [ 2 ] Bug #579370 - Update to newest version 0.96
        https://bugzilla.redhat.com/show_bug.cgi?id=579370
  [ 3 ] Bug #667203 - CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious PDF file(s) [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=667203
  [ 4 ] Bug #655636 - clamav-scanner, clamav-scanner-sysvinit in EPEL
        https://bugzilla.redhat.com/show_bug.cgi?id=655636
  [ 5 ] Bug #580676 - CVE-2010-0098 CVE-2010-1311 Multiple clamav vulnerabilities [Fedora all]
        https://bugzilla.redhat.com/show_bug.cgi?id=580676
  [ 6 ] Bug #679793 - CVE-2011-1003 clamav: Double free error by reading VBA project strings [epel-4]
        https://bugzilla.redhat.com/show_bug.cgi?id=679793
  [ 7 ] Bug #538425 - Wrong milter.conf file template in clamav-milter
        https://bugzilla.redhat.com/show_bug.cgi?id=538425
  [ 8 ] Bug #495502 - 0.95.1 is busted
        https://bugzilla.redhat.com/show_bug.cgi?id=495502
  [ 9 ] Bug #679794 - CVE-2011-1003 clamav: Double free error by reading VBA project strings [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=679794
--------------------------------------------------------------------------------


================================================================================
 globus-gsi-sysconfig-3.1-3.el5 (FEDORA-EPEL-2011-2943)
 Globus Toolkit - Globus GSI System Config Library
--------------------------------------------------------------------------------
Update Information:

Fixes a bug that caused globus not to identify directories correctly on filesystems were the directory inode size is reported as 0, e.g. CIFS.

--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Mattias Ellert <mattias ellert fysast uu se> - 3.1-3
- Allow zero-size dirs
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 grib_api-1.9.8-3.el5 (FEDORA-EPEL-2011-2946)
 WMO FM-92 GRIB (v1,v2) interface accessible from C and FORTRAN programs
--------------------------------------------------------------------------------
Update Information:

- Add Requires jasper-devel to devel sub-package


--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Orion Poplawski <orion cora nwra com> - 1.9.8-3
- Add Requires jasper-devel to -devel
* Mon Mar 14 2011 Orion Poplawski <orion cora nwra com> - 1.9.8-2
- Change /usr/bin/ksh to /bin/ksh in grib1to2
--------------------------------------------------------------------------------


================================================================================
 idm-console-framework-1.1.7-4.el5 (FEDORA-EPEL-2011-2933)
 Identity Management Console Framework
--------------------------------------------------------------------------------
Update Information:

This is the 1.1.7 release
The 1.1.6 release see Bugs for a list of bugs fixed
fix fourth step of cert wizard for installing cert
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Rich Megginson <rmeggins redhat com> - 1.1.7-1
- The 1.1.7 release
- Bug 158926 - Unable to install CA certificate when using hardware token
-             ( LunaSA )
- Bug 622436 - Removal of Security:domestic from Console
- Bug 229699 - objectclass without parent causes StringIndexOutOfBounds in console
- Bug 583652 - Console caches magic numbers instead of DNA-generated values
* Wed Feb 23 2011 Rich Megginson <rmeggins redhat com> - 1.1.6-1
- The 1.1.6 release
- Bug: 594939 - ACI editing dialog initial size is not big enough to display
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- fix fourth step of cert wizard for installing cert
- Bug 668950 - Add posixGroup support to Console
- Bug 583652 - Console caches magic numbers instead of DNA-generated values
--------------------------------------------------------------------------------


================================================================================
 pam_shield-0.9.5-2.el5 (FEDORA-EPEL-2011-2940)
 Pam Shield - A pam module to counter brute force attacks
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=691153
--------------------------------------------------------------------------------


================================================================================
 ruby-augeas-0.4.1-1.el5 (FEDORA-EPEL-2011-2941)
 Ruby bindings for Augeas
--------------------------------------------------------------------------------
Update Information:

Adds bindings for the full augeas-0.8.0 API
Backport the setm binding for the Ruby API
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 David Lutterkort <lutter redhat com> - 0.4.1-1
- New version
* Tue Mar 29 2011 David Lutterkort <lutter redhat com> - 0.4.0-1
- Require augeas-0.8.0; remove patch for 'setm', now upstream
* Sun Feb 13 2011 Jeroen van Meeuwen <jeroen van meeuwen ergo-project org> - 0.3.0-2
- Expose 'setm' command in Ruby API
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]