[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0835/asterisk-1.8.10.1-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0728/libpng10-1.0.58-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3.4.14-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0763/php-pear-CAS-1.3.0-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0795/nginx-1.0.14-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    asterisk-1.8.10.1-1.el6
    dbmail-3.0.2-2.el6
    mod_pubcookie-3.3.4a-3.el6.1
    perl-Config-Validator-0.3-1.el6
    perl-Net-DNS-SEC-0.16-9.el6
    php-pecl-amqp-1.0.1-3.el6
    trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.el6
    trac-sumfields-plugin-1.0.1-1.20120227svn10482.el6
    z80dasm-1.1.2-1.el6

Details about builds:


================================================================================
 asterisk-1.8.10.1-1.el6 (FEDORA-EPEL-2012-0835)
 The Open Source PBX
--------------------------------------------------------------------------------
Update Information:

Update to 1.8.10.1, which fixes 2 security vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 17 2012 Russell Bryant <russell russellbryant net> - 1.8.10.1-1
- Update to 1.8.10.1 from upstream.
- Fix remote stack overflow in app_milliwatt.
- Fix remote stack overflow, including possible code injection, in HTTP digest
  authentication handling.
- Diable build of SRTP on ppc64, as it doesn't build right now.
- Resolves: rhbz#804045, rhbz#804038, rhbz#804042
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #804038 - CVE-2012-1183 asterisk: Stack-based buffer overwrite by processing large audio packet in Miliwatt application (AST-2012-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=804038
  [ 2 ] Bug #804042 - CVE-2012-1184 asterisk: Stack-based buffer overflow by processing certain HTTP Digest Authentication headers (AST-2012-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=804042
--------------------------------------------------------------------------------


================================================================================
 dbmail-3.0.2-2.el6 (FEDORA-EPEL-2012-0840)
 A database backed mail storage system
--------------------------------------------------------------------------------
Update Information:

- Add precedence: bulk headers to auto-reply messages #959
- POP3: reset timeout after authentication #951
- IMAP: internal_date and memleaks cleanups
- IMAP: improve sorting by date
- IMAP: sanitize searchable storage of addresses
- IMAP: revert another misguided LIST/LSUB change 2/2
- IMAP: revert another misguided LIST/LSUB change
- IMAP: rework \recent flag handling
- IMAP: improve mailboxstate tracking
- IMAP: improve reliabity of SEARCH SENTON
- IMAP: improve searchable cache value of address headers
- Merge branch 'master' of git.dbmail.eu:/var/git/paul/dbmail
- IMAP: partial revert
- IMAP: fix FETCH regression
- IMAP: update test-runners
- IMAP: small leak in SEARCH unkeyword
- IMAP: fix validation of sequences
- IMAP: prevent premature flushing of recent flag
- IMAP: implement "SEARCH keyword"
- IMAP: update tests
- IMAP: test and fix sequence-set builder
- IMAP: test and fix date converter
- IMAP: re-organize tests
- IMAP: fix small leak
- update THANKS
- SIEVE: fix broken vacation reply
- DELIVERY: fix check_destination during autoreply
- IMAP: revert misguided LIST/LSUB change
- IMAP: small ENVELOPE fix
- IMAP: fix minor compiler warnings
- HTTP: update test-script
- LMTP: fix segfault
- IMAP: improve LIST/LSUB response
- IMAP: improve mailbox atomicity
- LMTP: PEP8 integration tests
- add test for #960
- POP3: another RETR fix
- POP3: fix TOP command
- bump version to 3.0.1
- tweak debian build flags
- plug a couple of memory leaks
- PEP8 and test fixing
- POP3 fix RETR regression
- move referencefield caching back to header cache
- speedup maintenance run
- no default for auto_increment
- fix regression in migration
- debian: i18n update
- lower loglevel for low-level SSL errors (#893)
- [PATCH] Changed INDEX dropping for sievescripts on mysql upgrade
- debian: fix typo
- lmtp: unescape dot-stuffed data
- no autoreply is not an error
- list internal forwards as aliases
- no quotes around NOW()
- [PATCH] Better mysql upgrade and create table scripts
- prevent stack-overflow in debug call
- mysql: use NOW() rather than CURRENT_TIMESTAMP
- postgresql: use NOW() rather than CURRENT_TIMESTAMP
- cache referencefield and envelope separately
- lower loglevel for default hash type
- PEP8 cleanup
- plug memory leak from search optimization
- another missing whitespace fix
- missing whitespace in query
- improve search optimization
- add search optimization
- regenerate autoconf files
- update autotools chain
- update LDFLAGS and CFLAGS for gmodule-2.0
- update dbmail-util man-page for migration option
- fix subaddress regression (#954)
- fix compilation with clang
- silence compiler warning
- silence autoconf warnings
- add warning to UPGRADING regarding bytea_output for pg9 users
- add note regarding bytea_output for pg9 users
- drop old index during migration in postgresql
- send crlf encoded data for pop3 (#945)
- Revert "parse From_ time as localtime"
- fix typo in debian script (#946)
- fix regression in IMAP FETCH
- [PATCH 3/3] fix indentation
- [PATCH 2/3] drop unnecessary lock
- [PATCH 1/3] lock only if necessary
- fix SSL regression
- add mutex around iconv_t access (#940)
- expose possible gmime bug
- more packaging fixes
- add test for utf7 decoding #930
- change debug tracing of blobs
- fix packaging bug
- make SSL_accept non-blocking (#941)
- add test for possible gmime bug
- parse From_ time as localtime
- re-indent php code
- gmime-2.6 compatibility (#935)
- call database schema version check on all connections
- reset timeout after idle is done (#932)
- gracefully degrade after decoding error (#930)
- handle hangups better during read (#932)
- fix IDLE regression (#927)
- fix dbmail.h generation (#916)
- fix broken SEARCH TEXT (#912)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 19 2012 Bernard Johnson <bjohnson symetrix com> - 3.0.2-2
- EL patch reworked for gthread only
* Sun Mar 18 2012 Bernard Johnson <bjohnson symetrix com> - 3.0.2-1
- 3.0.2
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.0.0-0.7.rc3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #797118 - dbmail 3.0.2 is released
        https://bugzilla.redhat.com/show_bug.cgi?id=797118
--------------------------------------------------------------------------------


================================================================================
 mod_pubcookie-3.3.4a-3.el6.1 (FEDORA-EPEL-2012-0829)
 A solution for single sign-on authentication to websites
--------------------------------------------------------------------------------
Update Information:

httpd-mmn requires added (#803073)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 19 2012 Gabriel Somlo <somlo at cmu.edu> 3.3.4a-3.el6.1
- httpd-mmn requires added (#803073)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #803073 - Missing Requires: httpd-mmn
        https://bugzilla.redhat.com/show_bug.cgi?id=803073
--------------------------------------------------------------------------------


================================================================================
 perl-Config-Validator-0.3-1.el6 (FEDORA-EPEL-2012-0839)
 Schema based configuration validation
--------------------------------------------------------------------------------
Update Information:

Schema based configuration validation.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #798254 - Review Request: perl-Config-Validator - Schema based configuration validation
        https://bugzilla.redhat.com/show_bug.cgi?id=798254
--------------------------------------------------------------------------------


================================================================================
 perl-Net-DNS-SEC-0.16-9.el6 (FEDORA-EPEL-2012-0828)
 DNSSEC modules for Perl
--------------------------------------------------------------------------------
Update Information:

Added a patch to fix NSEC record parsing
Upstream pause #75892
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 19 2012 Wes Hardaker <wjhns174 hardakers net> - 0.16-9
- Added a patch to fix the NSEC shouldn't be downcased issue
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Jul 19 2011 Petr Sabata <contyk redhat com> - 0.16-7
- Perl mass rebuild
* Thu Jun 23 2011 Wes Hardaker <wjhns174 hardakers net> - 0.16-6
- added support for the v1.3 private key format
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.16-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Dec 21 2010 Marcela Maslanova <mmaslano redhat com> - 0.16-4
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------


================================================================================
 php-pecl-amqp-1.0.1-3.el6 (FEDORA-EPEL-2012-0838)
 Communicate with any AMQP compliant server
--------------------------------------------------------------------------------
Update Information:

This extension can communicate with any AMQP spec 0-9-1 compatible server, such as RabbitMQ, OpenAMQP and Qpid, giving you the ability to create and delete exchanges and queues, as well as publish to any exchange and consume from any queue.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #802037 - Review Request: php-pecl-amqp - Communicate with any AMQP compliant server
        https://bugzilla.redhat.com/show_bug.cgi?id=802037
--------------------------------------------------------------------------------


================================================================================
 trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.el6 (FEDORA-EPEL-2012-0836)
 Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
Update Information:

New package - Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #798014 - Review Request: trac-advancedticketworkflow-plugin - Advanced workflow operations Trac plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=798014
--------------------------------------------------------------------------------


================================================================================
 trac-sumfields-plugin-1.0.1-1.20120227svn10482.el6 (FEDORA-EPEL-2012-0830)
 Sums specified fields in custom queries
--------------------------------------------------------------------------------
Update Information:

New package: A trac plugin that allows you to sum fields in Trac custom queries.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #797945 - Review Request: trac-sumfields-plugin - Sums specified fields in custom queries
        https://bugzilla.redhat.com/show_bug.cgi?id=797945
--------------------------------------------------------------------------------


================================================================================
 z80dasm-1.1.2-1.el6 (FEDORA-EPEL-2012-0832)
 Z80 Disassembler
--------------------------------------------------------------------------------
Update Information:

z80dasm is a Z80 disassembler.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #798074 - Review Request: z80dasm - Z80 Disassembler
        https://bugzilla.redhat.com/show_bug.cgi?id=798074
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]