[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0417/pam_yubico-2.10-1.el6,ykclient-2.7-1.el6,libyubikey-1.7-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0413/nagios-3.3.1-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0415/glpi-0.80.7-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0337/pdns-2.9.22.6-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0310/drupal6-6.24-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0317/phpldapadmin-1.2.2-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0311/drupal7-7.12-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.14-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0287/ettercap-0.7.4-3.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0292/wicd-1.7.0-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0374/drupal7-field_permissions-1.0-0.2.beta2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    PyMunin-0.9.4-2.el6
    apcupsd-3.14.8-4.el6
    glpi-0.80.7-1.el6
    libyubikey-1.7-2.el6
    nagios-3.3.1-2.el6
    orc-0.4.16-6.el6
    pam_yubico-2.10-1.el6
    perl-Config-GitLike-1.07-2.el6
    perl-Messaging-Message-0.8-1.el6
    perl-Module-Implementation-0.05-1.el6
    perl-local-lib-1.006007-3.el6
    php-pdepend-PHP-Depend-1.0.1-1.el6
    python-gunicorn-0.13.4-3.el6
    rubygem-rbovirt-0.0.5-1.el6
    rubygem-session-3.1.0-2.el6
    trac-0.12.3-1.el6
    ykclient-2.7-1.el6

Details about builds:


================================================================================
 PyMunin-0.9.4-2.el6 (FEDORA-EPEL-2012-0409)
 Python Module for developing Munin Multigraph Monitoring Plugins
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #786359 - Review Request: PyMunin - Python Module for developing Munin Multigraph Monitoring Plugins
        https://bugzilla.redhat.com/show_bug.cgi?id=786359
--------------------------------------------------------------------------------


================================================================================
 apcupsd-3.14.8-4.el6 (FEDORA-EPEL-2012-0411)
 APC UPS Power Control Daemon for Linux
--------------------------------------------------------------------------------
Update Information:

- do not remove nologin file on apcupsd startup
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 10 2012 Michal Hlavinka <mhlavink redhat com> - 3.14.8-4
- do not remove nologin file on apcupsd startup (#788707)
* Wed Feb  9 2011 Michal Hlavinka <mhlavink redhat com> - 3.14.8-3
- add readme file to doc explaining needed configuration of halt script
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #788707 - apcupsd initscript deletes /etc/nologin
        https://bugzilla.redhat.com/show_bug.cgi?id=788707
--------------------------------------------------------------------------------


================================================================================
 glpi-0.80.7-1.el6 (FEDORA-EPEL-2012-0415)
 Free IT asset management software
--------------------------------------------------------------------------------
Update Information:

This version correct several bugs and a security bug. 

You are strongly encouraged to update your actual version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  9 2012 Remi Collet <remi fedoraproject org> - 0.80.7-1
- version 0.80.7 released (security)
  https://forge.indepnet.net/projects/glpi/versions/685
--------------------------------------------------------------------------------


================================================================================
 libyubikey-1.7-2.el6 (FEDORA-EPEL-2012-0417)
 C library for decrypting and parsing Yubikey One-time passwords
--------------------------------------------------------------------------------
Update Information:

CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jan  8 2012 - Maxim Burgerhout <maxim wzzrd com> - 1.7-2
- Rebuild for gcc 4.7
* Sun Feb  6 2011 - Maxim Burgerhout <maxim wzzrd com> - 1.7-1
- New upstream version 1.7; new features in 1.6 and 1.7 listed below
- yubikey.h: Possible to use from C++ using extern namespace scoping.
- New API to generate OTPs.
- ykgenerate: New tool to generate OTPs.
- ykdebug/ykparse: The old tool "ykdebug" has been renamed to "ykparse"
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #751727 - CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=751727
--------------------------------------------------------------------------------


================================================================================
 nagios-3.3.1-2.el6 (FEDORA-EPEL-2012-0413)
 Nagios monitors hosts and services and yells if somethings breaks
--------------------------------------------------------------------------------
Update Information:

Add php to the requirements list
Update to version 3.3.1.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 10 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.3.1-2
- Add php to the requirements list (#519371, et al.).
* Tue Feb  7 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.3.1-1
- Upgrade to 3.3.1 (#732329);
  includes fixes for CVE-2011-1523 and CVE-2011-2179 (#690880, #690881, #709874).
- Make nagios-common own the /usr/lib{,64}/nagios/plugins directories (#756839).
- Change the ownership of /etc/nagios to the nagios-common package (#756839).
- Retab (tabs -> spaces).
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.2.3-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec  6 2011 Adam Jackson <ajax redhat com> - 3.2.3-12
- Rebuild for new libpng
* Tue Jun 21 2011 Marcela Mašláňová <mmaslano redhat com> - 3.2.3-11
- Perl mass rebuild
* Wed Mar 23 2011 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.2.3-10
- Rebuild against new mysql.
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.2.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #519371 - nagios web interface now requires php as rpm dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=519371
  [ 2 ] Bug #732329 - Updating nagios-3.2.3 SRPM to nagios 3.3.1 requires patches
        https://bugzilla.redhat.com/show_bug.cgi?id=732329
  [ 3 ] Bug #690880 - CVE-2011-2179 nagios various flaws [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=690880
  [ 4 ] Bug #690881 - Nagios: XSS in the network status map CGI [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=690881
  [ 5 ] Bug #709874 - CVE-2011-2179 nagios: XSS in configuration command expansion [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=709874
  [ 6 ] Bug #756839 - Unowned %{_libdir}/nagios/plugins dir
        https://bugzilla.redhat.com/show_bug.cgi?id=756839
--------------------------------------------------------------------------------


================================================================================
 orc-0.4.16-6.el6 (FEDORA-EPEL-2012-0416)
 The Oil Run-time Compiler
--------------------------------------------------------------------------------
Update Information:

Initial build for epel6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #789192 - Package Change Request - orc 'The Oil Run-Time Compiler' - SCM Request For EL6
        https://bugzilla.redhat.com/show_bug.cgi?id=789192
--------------------------------------------------------------------------------


================================================================================
 pam_yubico-2.10-1.el6 (FEDORA-EPEL-2012-0417)
 A Pluggable Authentication Module for yubikeys
--------------------------------------------------------------------------------
Update Information:

CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  8 2012 Nick Bebout <nb fedoraproject org> - 2.10-1
- Upgrade to 2.10
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Nov  7 2011 Dennis Gilmore <dennis ausil us> - 2.8-1
- update to 2,8 fixes bz#733322
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #751727 - CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=751727
--------------------------------------------------------------------------------


================================================================================
 perl-Config-GitLike-1.07-2.el6 (FEDORA-EPEL-2012-0422)
 Git-compatible config file parsing
--------------------------------------------------------------------------------
Update Information:

New package - perl-Config-GitLike
--------------------------------------------------------------------------------


================================================================================
 perl-Messaging-Message-0.8-1.el6 (FEDORA-EPEL-2012-0420)
 Abstraction of a message
--------------------------------------------------------------------------------
Update Information:

New Upstream Version
This perl module provides an abstraction of a "message", as used in messaging.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #760943 - Review Request: perl-Messaging-Message - This perl module provides an abstraction of a "message", as used in messaging
        https://bugzilla.redhat.com/show_bug.cgi?id=760943
--------------------------------------------------------------------------------


================================================================================
 perl-Module-Implementation-0.05-1.el6 (FEDORA-EPEL-2012-0385)
 Loads one of several alternate underlying implementations for a module
--------------------------------------------------------------------------------
Update Information:

This is the first release of perl-Module-Implementation.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #788258 - Review Request: perl-Module-Implementation - Loads one of several alternate underlying implementations for a module
        https://bugzilla.redhat.com/show_bug.cgi?id=788258
--------------------------------------------------------------------------------


================================================================================
 perl-local-lib-1.006007-3.el6 (FEDORA-EPEL-2012-0408)
 Create and use a local lib/ for perl modules
--------------------------------------------------------------------------------
Update Information:

This update fixes perl-homedir to avoid unconditionally creating a ~/perl5/ directory for all users.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 10 2012 Iain Arnell <iarnell gmail com> 1.006007-3
- avoid creating ~/perl5/ for all users (rhbz#789146)
- drop defattr in files lists
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #789146 - ~/perl5/ is created for all users
        https://bugzilla.redhat.com/show_bug.cgi?id=789146
--------------------------------------------------------------------------------


================================================================================
 php-pdepend-PHP-Depend-1.0.1-1.el6 (FEDORA-EPEL-2012-0414)
 PHP_Depend design quality metrics for PHP package
--------------------------------------------------------------------------------
Update Information:

upstream 1.0.1
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  9 2012 Christof Damian <christof damian net> - 1.0.1-1
- upstream 1.0.1
--------------------------------------------------------------------------------


================================================================================
 python-gunicorn-0.13.4-3.el6 (FEDORA-EPEL-2012-0410)
 Python WSGI application server
--------------------------------------------------------------------------------
Update Information:

Gunicorn ("Green Unicorn") is a Python WSGI HTTP server for UNIX. It uses the 
pre-fork worker model, ported from Ruby's Unicorn project. It supports WSGI, 
Django, and Paster applications.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #785943 - Review Request: python-gunicorn - Python WSGI application server
        https://bugzilla.redhat.com/show_bug.cgi?id=785943
--------------------------------------------------------------------------------


================================================================================
 rubygem-rbovirt-0.0.5-1.el6 (FEDORA-EPEL-2012-0421)
 A Ruby client for oVirt REST API
--------------------------------------------------------------------------------
Update Information:

Initial import (#788592).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #788592 - Review Request: rubygem-rbovirt - A Ruby client for oVirt REST API
        https://bugzilla.redhat.com/show_bug.cgi?id=788592
--------------------------------------------------------------------------------


================================================================================
 rubygem-session-3.1.0-2.el6 (FEDORA-EPEL-2012-0419)
 Session drives external progams
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #787990 - License should be "BSD or Ruby"
        https://bugzilla.redhat.com/show_bug.cgi?id=787990
--------------------------------------------------------------------------------


================================================================================
 trac-0.12.3-1.el6 (FEDORA-EPEL-2012-0418)
 Enhanced wiki and issue tracking system
--------------------------------------------------------------------------------
Update Information:

New upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  9 2012 Jon Ciesla <limburgher gmail com> - 0.12.3-1
- Update to 0.12.3, BZ 788775.
* Mon Feb  6 2012 Jon Ciesla <limburgher gmail com> - 0.12.2-8
- Only ship trac.wsgi in doc, updated README.
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.12.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #788775 - trac: please update to version 0.12.3
        https://bugzilla.redhat.com/show_bug.cgi?id=788775
--------------------------------------------------------------------------------


================================================================================
 ykclient-2.7-1.el6 (FEDORA-EPEL-2012-0417)
 Yubikey management library and client
--------------------------------------------------------------------------------
Update Information:

CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  8 2012 Nick Bebout <nb fedoraproject org> - 2.7-1
- Update to 2.7
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Nov  7 2011 Dennis Gilmore <dennis ausil us> - 2.6-1
- update to 2.6 release.
- include all .h  header files
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #751727 - CVE-2011-4120 pam_yubico: Authentication bypass via NULL password [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=751727
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]