[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 5 updates-testing report



The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0431/fail2ban-0.8.4-29.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0425/glpi-0.78.5-4.svn17464.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0352/bugzilla-3.2.10-4.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0586/python-paste-script-1.7.5-1.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0376/drupal7-field_permissions-1.0-0.2.beta2.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0578/puppet-2.6.14-1.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3762/couchdb-1.0.2-8.el5,erlang-ibrowse-2.2.0-3.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0102/libarchive-2.8.4-4.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    drupal7-views-3.3-1.el5
    globus-simple-ca-3.0-2.el5
    puppet-2.6.14-1.el5
    python-httplib2-0.7.2-1.el5
    python-paste-script-1.7.5-1.el5
    snappy-1.0.5-1.el5

Details about builds:


================================================================================
 drupal7-views-3.3-1.el5 (FEDORA-EPEL-2012-0576)
 Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:

Update to upstream 3.3 release
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 23 2012 Jared Smith <jsmith fedoraproject org> - 3.3-1
- Update to upstream 3.3 release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #795712 - drupal7-views-3.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=795712
--------------------------------------------------------------------------------


================================================================================
 globus-simple-ca-3.0-2.el5 (FEDORA-EPEL-2012-0587)
 Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for their cause.

The globus-simple-ca package contains: Simple CA Utility

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #772994 - Review Request: globus-simple-ca - Globus Toolkit - Simple CA Utility
        https://bugzilla.redhat.com/show_bug.cgi?id=772994
--------------------------------------------------------------------------------


================================================================================
 puppet-2.6.14-1.el5 (FEDORA-EPEL-2012-0578)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

Please refer to the upstream release notes for details:

http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 22 2012 Todd Zullinger <tmz pobox com> - 2.6.14-1
- Update to 2.6.14, fixes CVE-2012-1053 and CVE-2012-1054
* Mon Feb 13 2012 Todd Zullinger <tmz pobox com> - 2.6.13-3
- Move rpmlint fixes to %prep, add a few additional fixes
- Bump minimum ruby version to 1.8.5 now that EL-4 is all but dead
- Update install locations for Fedora-17 / Ruby-1.9
- Use ruby($lib) for augeas and shadow requirements
- Only try to run 0.25.x -> 2.6.x pid file updates on EL
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #791001 - CVE-2012-1053 Puppet 2.6.13 group ID handling issues
        https://bugzilla.redhat.com/show_bug.cgi?id=791001
  [ 2 ] Bug #791002 - CVE-2012-1054 Puppet 2.6.13 Klogin File Handling Issue
        https://bugzilla.redhat.com/show_bug.cgi?id=791002
--------------------------------------------------------------------------------


================================================================================
 python-httplib2-0.7.2-1.el5 (FEDORA-EPEL-2012-0584)
 A comprehensive HTTP client library
--------------------------------------------------------------------------------
Update Information:

Upstream update to 0.7.2
Note this version uses fedora's cert file bundle instead of httplib2
default.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 24 2012 Ding-Yi Chen <dchen at redhat.com> - 0.7.2-1
- Upstream update to 0.7.2
  Which may fixed http://code.google.com/p/httplib2/issues/detail?id=62
  Note this version uses fedora's cert file bundle instead of httplib2
  default.
* Fri Jul 29 2011 Ding-Yi Chen <dchen at redhat.com>  - 0.4.0-5
- Apply that address python-httplib2 (GoogleCode Hosted) issue 39
  http://code.google.com/p/httplib2/issues/detail?id=39
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Aug 25 2010 Thomas Spura <tomspur fedoraproject org> - 0.6.0-4
- rebuild with python3.2
  http://lists.fedoraproject.org/pipermail/devel/2010-August/141368.html
* Thu Jul 22 2010 David Malcolm <dmalcolm redhat com> - 0.6.0-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Tue Apr 20 2010 Tom "spot" Callaway <tcallawa redhat com>
- minor spec cleanups
- enable python3 support
* Fri Apr  2 2010 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 0.6.0-1
- version upgrade (#566721)
--------------------------------------------------------------------------------


================================================================================
 python-paste-script-1.7.5-1.el5 (FEDORA-EPEL-2012-0586)
 A pluggable command-line frontend
--------------------------------------------------------------------------------
Update Information:

This update fixes a security flaw with Paster that prevents it from properly dropping privileges when run as root.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 23 2012 Luke Macken <lmacken redhat com> - 1.7.5-1
- Update to 1.7.5
- Apply a patch from upstream to fix a security issue when running Paster as
  root (#796790)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #796790 - CVE-2012-0878 python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root
        https://bugzilla.redhat.com/show_bug.cgi?id=796790
--------------------------------------------------------------------------------


================================================================================
 snappy-1.0.5-1.el5 (FEDORA-EPEL-2012-0574)
 Fast compression and decompression library
--------------------------------------------------------------------------------
Update Information:

This is a maintenance release that provides faster decompression. For a complete list of changes see:
http://snappy.googlecode.com/svn-history/r61/trunk/NEWS
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 24 2012 Martin Gieseking <martin gieseking uos de> 1.0.5-1
- updated to release 1.0.5
- made dependency of devel package on base package arch dependant
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]