Fedora EPEL 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Fri Aug 10 18:42:32 UTC 2012


The following builds have been pushed to Fedora EPEL 6 updates-testing

    ansible-0.6-1.el6
    bdii-5.2.12-2.el6
    drupal6-custom_breadcrumbs-2.0.rc1-3.el6
    drupal6-eazylaunch-1.4-3.el6
    drupal6-emfield-2.5-3.el6
    drupal6-menu_block-2.4-3.el6
    drupal7-ctools-1.1-1.el6
    drupal7-theme-adaptivetheme-3.0-1.el6
    fedmsg-0.3.1-1.el6
    fedmsg-0.3.2-1.el6
    libotr-3.2.0-5.el6
    mysql-connector-python-1.0.5-2.el6
    mysql-utilities-1.0.6-1.el6
    nut-2.6.5-1.el6
    openstack-nova-2012.1.1-14.el6
    php-pecl-cairo-0.3.2-1.el6
    python-djblets-0.6.22-2.el6
    python-flask-0.9-4.el6
    rubygem-hashr-0.0.21-3.el6
    whatsup-1.13-4.el6
    xosd-2.2.14-16.el6

Details about builds:


================================================================================
 ansible-0.6-1.el6 (FEDORA-EPEL-2012-6661)
 Minimal SSH command and control
--------------------------------------------------------------------------------
Update Information:

Release of Ansible 0.6.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  6 2012 Michael DeHaan <michael.dehaan at gmail.com> - 0.6-0
- Release of 0.6
--------------------------------------------------------------------------------


================================================================================
 bdii-5.2.12-2.el6 (FEDORA-EPEL-2012-6666)
 The Berkeley Database Information Index (BDII)
--------------------------------------------------------------------------------
Update Information:

Reapply accidentally dropped patches.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  9 2012 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.2.12-2
- Rebase and reapply accidentally dropped patches.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #843594 - init script failes
        https://bugzilla.redhat.com/show_bug.cgi?id=843594
--------------------------------------------------------------------------------


================================================================================
 drupal6-custom_breadcrumbs-2.0.rc1-3.el6 (FEDORA-EPEL-2012-6663)
 Custom Breadcrumbs Module for Drupal6
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828501 - Review Request: drupal6-custom_breadcrumbs  - Custom Breadcrumbs Module for Drupal6
        https://bugzilla.redhat.com/show_bug.cgi?id=828501
--------------------------------------------------------------------------------


================================================================================
 drupal6-eazylaunch-1.4-3.el6 (FEDORA-EPEL-2012-6667)
 Eazy Launch Module for Drupal6
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828800 - Review Request: drupal6-eazylaunch - Eazy Launch Module for Drupal6
        https://bugzilla.redhat.com/show_bug.cgi?id=828800
--------------------------------------------------------------------------------


================================================================================
 drupal6-emfield-2.5-3.el6 (FEDORA-EPEL-2012-6676)
 Embedded Media Field module for Drupal6
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828809 - Review Request: drupal6-emfield - Embedded Media Field module for Drupal6
        https://bugzilla.redhat.com/show_bug.cgi?id=828809
--------------------------------------------------------------------------------


================================================================================
 drupal6-menu_block-2.4-3.el6 (FEDORA-EPEL-2012-6660)
 Menu Block Module for Drupal6
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828458 - Review Request: drupal6-menu_block - Menu block module for Drupal6
        https://bugzilla.redhat.com/show_bug.cgi?id=828458
--------------------------------------------------------------------------------


================================================================================
 drupal7-ctools-1.1-1.el6 (FEDORA-EPEL-2012-6670)
 This suite is primarily a set of APIs and tools for other Drupal modules
--------------------------------------------------------------------------------
Update Information:

New upstream version, http://drupal.org/node/1719782.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  9 2012 Peter Borsa <peter.borsa at gmail.com> - 1.1-1
- Update to upstream 1.1 release
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 drupal7-theme-adaptivetheme-3.0-1.el6 (FEDORA-EPEL-2012-6657)
 Adaptivetheme is a powerful theme framework
--------------------------------------------------------------------------------
Update Information:

New upstream version, http://drupal.org/node/1706168.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 10 2012 Peter Borsa <peter.borsa at gmail.com> - 3.0-1
- Updated to 3.0
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 fedmsg-0.3.1-1.el6 (FEDORA-EPEL-2012-6680)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

0.3.1 for msg2repr updates and fedmsg-logger grepping.
Bugfix to -logger and enhancement to -irc
Require latest moksha.
API enhancement.
0.2.5 with more realistic X509 capacity
0.2.4 with fix for disabled ssl
0.2.3 with upstream typo fixes
Added deps on m2crypto and python-m2ext
/var/log/fedmsg wasn't being created correctly.
Require moksha >= 0.8.3.
python-argparse fix for epel-6.
Bugfix - Added a forgotten new requirement on python-requests.
Fix to creation of /var/run/fedmsg.
Remove unnecessary %%ghost on /var/run/fedmsg
Nicer messages from fedmsg-irc.  New fedmsg.text.msg2repr.
bugfix to fedmsg.text.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  8 2012 Ralph Bean <rbean at redhat.com> - 0.3.1-1
- msg2repr updates
- fedmsg-logger grepping.
* Tue Aug  7 2012 Ralph Bean <rbean at redhat.com> - 0.3.0-1
- Bugfix to fedmsg.text.
* Tue Aug  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.9-1
- Upstream update including nicer message for fedmsg-irc.
- fedmsg.text.msg2repr
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-4
- Remove unnecessary %ghost on /var/run/fedmsg.
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-3
- Hopefully fix to creation of /var/run/fedmsg.
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-2
- Added a forgotten new requirement on python-requests.
* Sun Aug  5 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-1
- Upstream bugfix to -logger and enhancement to -irc.
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-2
- Require moksha >= 0.8.8
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-1
- Upstream bugfixes and API enhancements.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jul 15 2012 Ralph Bean <rbean at redhat.com> - 0.2.5-1
- Upstream crypto updates in preparation for a more realistic X509 setup.
* Fri Jul 13 2012 Ralph Bean <rbean at redhat.com> - 0.2.4-1
- Upstream bugfix for when ssl is disabled.
* Wed Jul 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.3-1
- Upstream bump that fixes some typos.
* Tue Jul 10 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-3
- Added deps on python-argparse for py < 2.7 (rhel6)
* Sat Jul  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-2
- Added deps on m2crypto and python-m2ext
* Sat Jul  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-1
- Update to fedmsg-irc to fix lineRate issues
- fedmsg.crypto module - sign and validate messages
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.1-2
- Require moksha >= 0.8.3
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.1-1
- Override producers and consumers entry-points in the hub.  Should fix a
  collision that fedmsg-irc is having with fedoracommunity.
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.0-4
- Introduce temporary hard dep on orbited.
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.0-3
- /var/log/fedmsg wasn't being created correctly.
--------------------------------------------------------------------------------


================================================================================
 fedmsg-0.3.2-1.el6 (FEDORA-EPEL-2012-6683)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

fedmsg.text updates for scm.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  8 2012 Ralph Bean <rbean at redhat.com> - 0.3.2-1
- msg2repr updates for scm.
* Wed Aug  8 2012 Ralph Bean <rbean at redhat.com> - 0.3.1-1
- msg2repr updates
- fedmsg-logger grepping.
* Tue Aug  7 2012 Ralph Bean <rbean at redhat.com> - 0.3.0-1
- Bugfix to fedmsg.text.
* Tue Aug  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.9-1
- Upstream update including nicer message for fedmsg-irc.
- fedmsg.text.msg2repr
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-4
- Remove unnecessary %ghost on /var/run/fedmsg.
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-3
- Hopefully fix to creation of /var/run/fedmsg.
* Mon Aug  6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-2
- Added a forgotten new requirement on python-requests.
* Sun Aug  5 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-1
- Upstream bugfix to -logger and enhancement to -irc.
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-2
- Require moksha >= 0.8.8
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-1
- Upstream bugfixes and API enhancements.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jul 15 2012 Ralph Bean <rbean at redhat.com> - 0.2.5-1
- Upstream crypto updates in preparation for a more realistic X509 setup.
* Fri Jul 13 2012 Ralph Bean <rbean at redhat.com> - 0.2.4-1
- Upstream bugfix for when ssl is disabled.
* Wed Jul 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.3-1
- Upstream bump that fixes some typos.
* Tue Jul 10 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-3
- Added deps on python-argparse for py < 2.7 (rhel6)
* Sat Jul  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-2
- Added deps on m2crypto and python-m2ext
* Sat Jul  7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-1
- Update to fedmsg-irc to fix lineRate issues
- fedmsg.crypto module - sign and validate messages
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.1-2
- Require moksha >= 0.8.3
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.1-1
- Override producers and consumers entry-points in the hub.  Should fix a
  collision that fedmsg-irc is having with fedoracommunity.
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.0-4
- Introduce temporary hard dep on orbited.
* Mon Jun 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.0-3
- /var/log/fedmsg wasn't being created correctly.
--------------------------------------------------------------------------------


================================================================================
 libotr-3.2.0-5.el6 (FEDORA-EPEL-2012-6671)
 Off-The-Record Messaging library and toolkit
--------------------------------------------------------------------------------
Update Information:

Patch for multiple heap-based buffer overflows in the Base64
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  8 2012 Paul Wouters <pwouters at redhat.com> - 3.2.0-5
- Patch for Multiple heap-based buffer overflows in the Base64 decoder
  (rhbz#846377, upstream will not release 3.2.1 for this)
- Don't build static lib
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #846377 - CVE-2012-3461 libotr: Multiple heap-based buffer overflows in the Base64 decoder
        https://bugzilla.redhat.com/show_bug.cgi?id=846377
--------------------------------------------------------------------------------


================================================================================
 mysql-connector-python-1.0.5-2.el6 (FEDORA-EPEL-2012-6664)
 MySQL Connector for Python 2
--------------------------------------------------------------------------------
Update Information:

Upstream changelog:

Added SQL Modes as constants, making it easier to use them (WL#6411)
* Setting the SQL Modes meant that developers had to make sure the string passed to MySQL was correctly formatted and contains the correct modes. To make it easier, a new class constants.SQLMode containing all the SQL Modes was added: for example, constants.SQLMode.TRADITIONAL will return the string 'TRADITIONAL'.
* Additonally, MySQLConnection.sql_mode property now accepts a sequence of SQL Modes. For example, to set 2 SQL Modes, you can do the following cnx.sql_mode = [SQLMode.REAL_AS_FLOAT, SQLMode.NO_ZERO_DATE]

Added descriptive error codes for both client and server errors (WL#6351)
* The errorcode module contains client and server error codes which can be used instead of the error numbers. For example, errorcode.CR_CONNECTION_ERROR is 2002.
* A new locales sub-package has been created in mysql.connector. This will provided localized content. The first support language is the default English and contains the client error messages: locales.eng.client_error. To retrieve a client error based on the error number or code (name) you can use the get_client_error() function importing it from locales: from mysql.connector.locales import get_client_error()
* Error messages and error codes are automatically fetch from the latest development release of MySQL. The errorcode.py and all files in the locales package are generated. You can see the generation date and the version of MySQL which was used in those files.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 10 2012 Remi Collet <remi at fedoraproject.org> - 1.0.5-2
- disable test_bugs with MySQL 5.1 (EL-6)
* Wed Aug  8 2012 Remi Collet <remi at fedoraproject.org> - 1.0.5-1
- version 1.0.5 (beta)
- move from launchpad (devel) to dev.mysql.com
--------------------------------------------------------------------------------


================================================================================
 mysql-utilities-1.0.6-1.el6 (FEDORA-EPEL-2012-6669)
 MySQL Utilities
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog for Release 1.0.6 (Released July 14, 2012):
* BUG#13986713: Wrong slave health output when slave uses loopback addr
* BUG#13986931: Parser code in wrong location
* BUG#14008015: Minor spelling errors
* BUG#14008057: Missing man page build
* BUG#14021531: Replication user check fails for global host
* BUG#14021551: mysqlrplcheck not reading slave_master_info table
* BUG#14021576: exception thrown for GTID servers without password
* BUG#14031894: mysqlfailover fails to cleanup on error
* BUG#14080657: Slave election can fail if FILE vs TABLE used
* BUG#14123022: mysqlfailover fails to report stopped slaves
* BUG#14140174: failover doesn't see new slave
* BUG#14147098: mysqlfailover fails if --force used on initial load
* BUG#14158085: connection fails to connect for aliases
* BUG#14159369: fail|switchover can fail if --master-info-repository=file
* BUG#14208442: incorrect help text for --discover-slaves-login
* BUG#14298750: slave_master_info not updated 
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 10 2012 Remi Collet <remi at fedoraproject.org> - 1.0.6-1
- update to 1.0.6
--------------------------------------------------------------------------------


================================================================================
 nut-2.6.5-1.el6 (FEDORA-EPEL-2012-6656)
 Network UPS Tools
--------------------------------------------------------------------------------
Update Information:

- updated to 2.6.5
- This release Fix an important regression in upssched:
  any upssched.conf command that takes a second argument resulted in a defective frame sent to the parent process. Thus, the command was not executed (report and patch from Oliver Schonefeld)

- support for new devices:
  Eaton ePDU Switched
  Online Zinto A (USB ID 0x06da:0x0601)
  REDi Blazer 400VA / 600VA / 800VA
  UNITEK Alpha650ipF and Alpha650ipE (USB ID 0x0f03:0x0001)

- mge-shut driver has been replaced by a new implementation (newmge-shut). In case of issue with this new version, users can revert to oldmge-shut.

- IPMI support (nut-ipmipsu driver and nut-scanner): prepare for supporting API changes in upcoming FreeIPMI versions 1.1.x and 1.2.x.

- snmp-ups now supports high precision values for APC, and more variables

- the NUT variables and commands namespace has been fixed and completed, with the known and used variables that were missing.

- more bugfixes, cleanup and improvements, on both source code and documentation.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 10 2012 Michal Hlavinka <mhlavink at redhat.com> - 2.6.5-1
- updated to 2.6.5
--------------------------------------------------------------------------------


================================================================================
 openstack-nova-2012.1.1-14.el6 (FEDORA-EPEL-2012-6679)
 OpenStack Compute (nova)
--------------------------------------------------------------------------------
Update Information:

- Fix CA cert permissions issue introduced in 2012.1.1-10
- Fix group installation issue introduced in 2012.1.1-10

- Split out into more sub packages

- Update from stable upstream including...
- Fix metadata file injection with xen
- Fix affinity filters when hints is None
- Fix marker behavior for flavors
- Handle local remote exceptions consistently
- Fix qcow2 size on libvirt live block migration
- Fix for API listing of os hosts
- Avoid lazy loading errors on instance_type
- Avoid casts in network manager to prevent races
- Conditionally allow queries for deleted flavours
- Fix wrong regex in cleanup_file_locks
- Add net rules to VMs on compute service start
- Tolerate parsing null connection info in BDM
- Support EC2 CreateImage API for boot from volume
- EC2 DescribeImages reports correct rootDeviceType
- Reject EC2 CreateImage for instance store
- Fix EC2 CreateImage no_reboot logic
- Convert remaining network API casts to calls
- Move where the fixed ip deallocation happens
- Fix the qpid_heartbeat option so that it's effective
- Update to latest essex stable branch

- Enable auto cleanup of old cached instance images
- Fix ram_allocation_ratio based over subscription
- Expose over quota exceptions via native API
- Return 413 status on over quota in the native API
- Fix call to network_get_all_by_uuids
- Fix libvirt get_memory_mb_total with xen
- Use compute_api.get_all in affinity filters (CVE-2012-3371)
- Use default qemu img cluster size in libvirt connect
- Ensure libguestfs has completed before proceeding

- Distinguish volume overlimit exceptions
- Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361)
- Support injecting new .ssh/authorized_keys files to SELinux enabled guests
- Improve performance and stability of file injection
- add upstart jobs, alternative to sysv initscripts
- fix an exception caused by the fix for CVE-2012-2654
- fix the encoding of the dns_domains table (requires a db sync)
- fix a crash due to a nova services startup race (#825051)
- Fix for protocol case handling (CVE-2012-2654)

- Prohibit host file corruption through file injection (CVE-2012-3447)

--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 10 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-14
- Fix CA cert permissions issue introduced in 2012.1.1-10
* Wed Aug  8 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-13
- Log live migration errors
- Prohibit host file corruption through file injection (CVE-2012-3447)
* Mon Aug  6 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-12
- Fix group installation issue introduced in 2012.1.1-10
* Mon Jul 30 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-11
- Update from stable upstream including...
- Fix metadata file injection with xen
- Fix affinity filters when hints is None
- Fix marker behavior for flavors
- Handle local remote exceptions consistently
- Fix qcow2 size on libvirt live block migration
- Fix for API listing of os hosts
- Avoid lazy loading errors on instance_type
- Avoid casts in network manager to prevent races
- Conditionally allow queries for deleted flavours
- Fix wrong regex in cleanup_file_locks
- Add net rules to VMs on compute service start
- Tolerate parsing null connection info in BDM
- Support EC2 CreateImage API for boot from volume
- EC2 DescribeImages reports correct rootDeviceType
- Reject EC2 CreateImage for instance store
- Fix EC2 CreateImage no_reboot logic
- Convert remaining network API casts to calls
- Move where the fixed ip deallocation happens
- Fix the qpid_heartbeat option so that it's effective
* Fri Jul 27 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-10
- Split out into more sub packages
* Fri Jul 20 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-4
- Enable auto cleanup of old cached instance images
- Fix ram_allocation_ratio based over subscription
- Expose over quota exceptions via native API
- Return 413 status on over quota in the native API
- Fix call to network_get_all_by_uuids
- Fix libvirt get_memory_mb_total with xen
- Use compute_api.get_all in affinity filters (CVE-2012-3371)
- Use default qemu img cluster size in libvirt connect
- Ensure libguestfs has completed before proceeding
* Thu Jul  5 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-3
- Distinguish volume overlimit exceptions
- Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361)
* Wed Jun 27 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-2
- Update to latest essex stable branch
- Support injecting new .ssh/authorized_keys files to SELinux enabled guests
* Fri Jun 22 2012 Pádraig Brady <P at draigBrady.com> - 2012.1.1-1
- Update to essex stable release 2012.1.1
- Improve performance and stability of file injection
- add upstart jobs, alternative to sysv initscripts
* Fri Jun 15 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-12
- update performance and stability fixes from essex stable
* Mon Jun 11 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-11
- fix an exception caused by the fix for CVE-2012-2654
- fix the encoding of the dns_domains table (requires a db sync)
- fix a crash due to a nova services startup race (#825051)
* Fri Jun  8 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-10
- Enable libguestfs image inspection
* Wed Jun  6 2012 Pádraig Brady <P at draigBrady.com> - 2012.1-9
- Sync up with Essex stable branch, including...
- Fix for protocol case handling (#829441, CVE-2012-2654)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #825052 - Restarting nova-network removes ip packet filters
        https://bugzilla.redhat.com/show_bug.cgi?id=825052
  [ 2 ] Bug #825051 - qpid timeout causing compute service to crash
        https://bugzilla.redhat.com/show_bug.cgi?id=825051
  [ 3 ] Bug #829441 - CVE-2012-2654 OpenStack Nova security groups fail to be set correctly [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=829441
  [ 4 ] Bug #844040 - CVE-2012-3360 OpenStack-Nova: compute nodes file injection in disk images [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=844040
  [ 5 ] Bug #844039 - CVE-2012-3361 OpenStack-Nova: compute nodes disk image file corruption [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=844039
  [ 6 ] Bug #844041 - CVE-2012-3371 OpenStack-Nova: Scheduler denial of service through scheduler_hints [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=844041
  [ 7 ] Bug #846625 - CVE-2012-3447 OpenStack-Nova: compute nodes disk image file corruption (incomplete fix for CVE-2012-3361) [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=846625
--------------------------------------------------------------------------------


================================================================================
 php-pecl-cairo-0.3.2-1.el6 (FEDORA-EPEL-2012-6658)
 PECL package for drawing using cairo via PHP scripts
--------------------------------------------------------------------------------
Update Information:

PHP cairo bindings
--------------------------------------------------------------------------------


================================================================================
 python-djblets-0.6.22-2.el6 (FEDORA-EPEL-2012-6678)
 A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:

Previous version of python-djblets contained embedded / own copy of python-feedparser (BUILD/Djblets-0.6.22/djblets/feedview feedparser.py) code, which is vulnerable to numerous security flaws (CVE-2009-5065, CVE-2011-1156, CVE-2011-1157, and CVE-2011-1158 to mention some of them).

This package modifies Djblets to use the system copy of feedparser.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  8 2012 Stephen Gallagher <sgallagh at redhat.com> - 0.6.22-2
- Use the system feedparser.py
- Resolves: rhbz#846762 - Current version of python-djblets in Fedora EPEL-6
  contains embeded copy of python-feedparser, vulnerable to CVE-2009-5065,
  CVE-2011-1156, CVE-2011-1157, and CVE-2011-1158
* Tue Jul 31 2012 Stephen Gallagher <sgallagh at redhat.com> - 0.6.22-1
- New upstream releae 0.6.22
- Fixes to support Review Board 1.6.11
- djblets.datagrid:
-     Improved performance of the datagrids
- djblets.util:
-     The ifuserorperm template tag now accepts both IDs and User
      objects, allowing comparisons to be made without fetching the
      User
-     Fixed a bug with ifuserorperm and non-int IDs
-     User and AnonymousUser are no longer imported globally in
      the djblets_utils templatetags. This fixes some breakages in
      apps that imported this file to get access to filters, but weren't
      running in a Django settings environment
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #846762 - Current version of python-djblets in Fedora EPEL-6 contains embeded copy of python-feedparser, vulnerable to CVE-2009-5065, CVE-2011-1156, CVE-2011-1157, and CVE-2011-1158
        https://bugzilla.redhat.com/show_bug.cgi?id=846762
--------------------------------------------------------------------------------


================================================================================
 python-flask-0.9-4.el6 (FEDORA-EPEL-2012-6654)
 A micro-framework for Python based on Werkzeug, Jinja 2 and good intentions
--------------------------------------------------------------------------------
Update Information:

Unified spec for EL6 and rawhide.
Upstream 0.9
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #757816 - FTBFS in EPEL-6 ... please upgrade to package from F16
        https://bugzilla.redhat.com/show_bug.cgi?id=757816
--------------------------------------------------------------------------------


================================================================================
 rubygem-hashr-0.0.21-3.el6 (FEDORA-EPEL-2012-6677)
 Simple Hash extension to make working with nested hashes
--------------------------------------------------------------------------------
Update Information:

new package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #845799 - Review Request: rubygem-hashr -  Simple Hash extension to make working with nested hashes
        https://bugzilla.redhat.com/show_bug.cgi?id=845799
--------------------------------------------------------------------------------


================================================================================
 whatsup-1.13-4.el6 (FEDORA-EPEL-2012-6655)
 Node up/down detection utility
--------------------------------------------------------------------------------
Update Information:

Resolved some of the issues with handling the service on EPEL 6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  9 2012 David Brown <david.brown at pnnl.gov> - 1.13-4
- add dependancies for EPEL 5/6 service and chkconfig
- fixes bug #844900
* Wed Aug  1 2012 David Brown <david.brown at pnnl.gov> - 1.13-3
- fix issues with restarting services on EPEL 5/6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #844900 - rpm scriptlets of whatsup-pingd don't work for el5 and el6
        https://bugzilla.redhat.com/show_bug.cgi?id=844900
--------------------------------------------------------------------------------


================================================================================
 xosd-2.2.14-16.el6 (FEDORA-EPEL-2012-6652)
 On-screen display library for X
--------------------------------------------------------------------------------
Update Information:

Add xosd to EPEL-6 on user request.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #756780 - Review Request: xosd - On-screen display library for X
        https://bugzilla.redhat.com/show_bug.cgi?id=756780
--------------------------------------------------------------------------------





More information about the epel-devel-list mailing list