[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 277  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0112/ettercap-0.7.5-3.el6.1.20120906gitc796e5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0174/tinymce-spellchecker-2.0.5-6.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0193/couchdb-1.0.4-2.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0194/seamonkey-2.15.1-1.el6
  19  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0018/drupal7-context-3.0-0.3.beta6.el6
  53  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6
 199  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
 465  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
  10  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0081/nagios-3.4.4-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0123/python-tw2-jquery-2.0.3-5.el6
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0106/moodle-2.1.10-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0128/php-symfony2-Yaml-2.1.7-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0157/proftpd-1.3.3g-2.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0144/zabbix-1.8.16-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0170/asterisk-1.8.20.0-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0141/drupal7-7.19-1.el6
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0155/zabbix20-2.0.4-3.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    canl-c-2.0.3-1.el6
    couchdb-1.0.4-2.el6
    fedmsg-0.6.6-1.el6
    ghc-rpm-macros-0.15.11-1.el6
    ghc-xmonad-contrib-0.10-7.el6
    libguac-client-rdp-0.7.2-1.el6
    libguac-client-vnc-0.7.0-2.el6
    mozilla-https-everywhere-3.1.3-1.el6
    nordugrid-arc-2.0.1-2.el6
    packagedb-cli-1.3.0-1.el6
    php-PsrLog-1.0.0-2.el6
    php-Raven-0.4.0-2.el6
    python-cliff-1.3-1.el6
    python-fedora-0.3.31-1.el6
    python-pkgwat-api-0.5-1.el6
    seamonkey-2.15.1-1.el6
    tinymce-spellchecker-2.0.5-6.el6
    ucarp-1.5.2-7.el6
    weechat-0.4.0-2.el6
    whatsup-1.14-1.el6
    xmonad-0.10-3.4.2.el6

Details about builds:


================================================================================
 canl-c-2.0.3-1.el6 (FEDORA-EPEL-2013-0190)
 EMI Common Authentication library - bindings for C
--------------------------------------------------------------------------------
Update Information:

This is the C part of the EMI caNl -- the Common Authentication Library.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #867368 - Review Request: canl-c - Common Authentication Library for C
        https://bugzilla.redhat.com/show_bug.cgi?id=867368
--------------------------------------------------------------------------------


================================================================================
 couchdb-1.0.4-2.el6 (FEDORA-EPEL-2013-0193)
 A document database server, accessible via a RESTful JSON API
--------------------------------------------------------------------------------
Update Information:

* Ver. 1.0.4 (security release)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Peter Lemenkov <lemenkov gmail com> - 1.0.4-2
- Fix for EPEL 5 (Erlang R12B)
* Wed Jan 23 2013 Peter Lemenkov <lemenkov gmail com> - 1.0.4-1
- Ver. 1.0.4
- Fixes CVE-2012-5649, CVE-2012-5650
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #784792 - Request: update CouchDB to 1.0.3
        https://bugzilla.redhat.com/show_bug.cgi?id=784792
  [ 2 ] Bug #895599 - CVE-2012-5649 CVE-2012-5650 couchdb various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=895599
--------------------------------------------------------------------------------


================================================================================
 fedmsg-0.6.6-1.el6 (FEDORA-EPEL-2013-0129)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 Ralph Bean <rbean redhat com> - 0.6.6-1
- Typofix.
- Support loading remote CA cert for end-user message validation.
* Mon Jan 21 2013 Ralph Bean <rbean redhat com> - 0.6.5-1
- Latest upstream
- Fix JSON encoding between php and python
- Stop fedmsg-tweet from falling over.
- Improved logging.
- Improved crl cache location; don't keep it in /tmp/
- Fix a crl permissions issue with fedmsg-tail.
- Remove duplicate help strings for commands.
- Added systemd service files.
- Multiple outbound relay endpoints are now possible.
- Removed old chkconfig statements.
* Fri Dec  7 2012 Ralph Bean <rbean redhat com> - 0.6.3-2
- Removed a file that shouldn't have been included.
--------------------------------------------------------------------------------


================================================================================
 ghc-rpm-macros-0.15.11-1.el6 (FEDORA-EPEL-2013-0140)
 Macros for building packages for GHC
--------------------------------------------------------------------------------
Update Information:

- fix ownership of package library dir
- add cabal-tweak-flag script
- new %ghc_fix_dynamic_rpath
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Jens Petersen <petersen redhat com> - 0.15.11-1
- simplify cabal-tweak-flag script to take one flag value
- new ghc_fix_dynamic_rpath macro for cleaning up package executables
  linked against their own libraries
* Sat Jan 19 2013 Jens Petersen <petersen redhat com> - 0.15.10-1
- be more careful about library pkgdir ownership (#893777)
- add cabal-tweak-flag script for toggling flag default
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #893777 - duplicate directory between ghc-base and ghc-base-devel
        https://bugzilla.redhat.com/show_bug.cgi?id=893777
--------------------------------------------------------------------------------


================================================================================
 ghc-xmonad-contrib-0.10-7.el6 (FEDORA-EPEL-2013-0176)
 Third party extensions for xmonad
--------------------------------------------------------------------------------
Update Information:

Backport current Fedora changes
- fix input focus issue with Java applications
- backport xmonad-basic subpackage

--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 17 2012 Jens Petersen <petersen redhat com> - 0.10-7
- add ICCCMFocus patch from upstream for WM_TAKE_FOCUS move to core (#874855)
- use a patch for use_xft flag
- condition X11-1.6 patch to fedora >= 18
- update packaging with cabal-rpm
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.10-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #874855 - xmonad does not follow ICCCM and ignores WM_TAKE_FOCUS protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=874855
--------------------------------------------------------------------------------


================================================================================
 libguac-client-rdp-0.7.2-1.el6 (FEDORA-EPEL-2013-0172)
 RDP support for guacd
--------------------------------------------------------------------------------
Update Information:

Guacamole stack 0.7.2 update
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Simone Caronni <negativo17 gmail com> - 0.7.2-1
- Updated to 0.7.2, still requires libguac 0.7.0.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application
        https://bugzilla.redhat.com/show_bug.cgi?id=853922
--------------------------------------------------------------------------------


================================================================================
 libguac-client-vnc-0.7.0-2.el6 (FEDORA-EPEL-2013-0172)
 VNC support for guacd
--------------------------------------------------------------------------------
Update Information:

Guacamole stack 0.7.2 update
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Simone Caronni <negativo17 gmail com> - 0.7.0-2
- Require libguac 0.7.0.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application
        https://bugzilla.redhat.com/show_bug.cgi?id=853922
--------------------------------------------------------------------------------


================================================================================
 mozilla-https-everywhere-3.1.3-1.el6 (FEDORA-EPEL-2013-0180)
 HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:

Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s
and product images), Libav, Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698

Disable broken: Coursera, EBay, Etsy, OpenOffice,
Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865

Update cert whitelist
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 Russell Golden <niveusluna niveusluna org> - 3.1.3-1
- Internet Freedom Day stable bugfix release
  - Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s and product images), Libav, 
           Google Maps, UserEcho
    https://trac.torproject.org/projects/tor/ticket/7931
    https://trac.torproject.org/projects/tor/ticket/7888
    https://trac.torproject.org/projects/tor/ticket/7594
    https://trac.torproject.org/projects/tor/ticket/7539
    https://trac.torproject.org/projects/tor/ticket/7698
  - Disable broken: Coursera, EBay, Etsy, OpenOffice, Ping.fm, Pinterest :(
    https://trac.torproject.org/projects/tor/ticket/7336
    https://trac.torproject.org/projects/tor/ticket/7825
    https://trac.torproject.org/projects/tor/ticket/7774
    https://trac.torproject.org/projects/tor/ticket/7695
    https://trac.torproject.org/projects/tor/ticket/7777
    https://trac.torproject.org/projects/tor/ticket/7865
  - Update cert whitelist
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc-2.0.1-2.el6 (FEDORA-EPEL-2013-0192)
 Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:

SE Linux fixes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Mattias Ellert <mattias ellert fysast uu se> - 2.0.1-2
- Additional selinux contexts
- Fix for python wrappers using swig 2.0.9
--------------------------------------------------------------------------------


================================================================================
 packagedb-cli-1.3.0-1.el6 (FEDORA-EPEL-2013-0182)
 A CLI for pkgdb
--------------------------------------------------------------------------------
Update Information:

Update to 1.3.0 which provides some bugs fix including one for the use of the 'all' keyword for the branch.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #887950 - packagedb-cli: silently fails to change ACLs
        https://bugzilla.redhat.com/show_bug.cgi?id=887950
--------------------------------------------------------------------------------


================================================================================
 php-PsrLog-1.0.0-2.el6 (FEDORA-EPEL-2013-0185)
 Common interface for logging libraries
--------------------------------------------------------------------------------
Update Information:

This package holds all interfaces/classes/traits related to PSR-3
(https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md).

Note that this is not a logger of its own. It is merely an interface that
describes a logger. See the specification for more details.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #894167 - Review Request: php-PsrLog - Common interface for logging libraries
        https://bugzilla.redhat.com/show_bug.cgi?id=894167
--------------------------------------------------------------------------------


================================================================================
 php-Raven-0.4.0-2.el6 (FEDORA-EPEL-2013-0177)
 A PHP client for Sentry
--------------------------------------------------------------------------------
Update Information:

A PHP client for Sentry (http://getsentry.com).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #901742 - Review Request: php-Raven - A PHP client for Sentry
        https://bugzilla.redhat.com/show_bug.cgi?id=901742
--------------------------------------------------------------------------------


================================================================================
 python-cliff-1.3-1.el6 (FEDORA-EPEL-2013-0186)
 Command Line Interface Formulation Framework
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Ralph Bean <rbean redhat com> - 1.3-1
- Latest upstream.
- Enabled python3 subpackage.
- Remove requirement on python-tablib
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902707 - auto-creation of pkgwat.log
        https://bugzilla.redhat.com/show_bug.cgi?id=902707
--------------------------------------------------------------------------------


================================================================================
 python-fedora-0.3.31-1.el6 (FEDORA-EPEL-2013-0175)
 Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:

* Fixes a problem with soprovidercsrf if the database doesn't set an encoding
* Fixes an issue with the login templates if the template is being translated.
* Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url()
  to allow generating gravaar urls without looking up email addresses in fas.
* Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending
  the csrf_token.
* Add an auth adapter for flask web apps to authenticate to FAS
* New minimum version of python: requires python-2.5 or higher
* Fix localization of login templates (laxathom)

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Toshio Kuratomi <toshio fedoraproject org> - 0.3.31-1
- Minor bugfix release
* Thu Jan 10 2013 Toshio Kuratomi <toshio fedoraproject org> - 0.3.30-1
- Make TG's loginForm and CSRF's text translated from tg-apps (laxathom).
- Fix a bug in fedora.tg.utils.tg_absolute_url
- Add a lookup email parameter to gravatar lookups
- Add an auth provider for flask
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.3.29-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 python-pkgwat-api-0.5-1.el6 (FEDORA-EPEL-2013-0189)
 Python API for querying the fedora packages webapp
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
Latest upstream with support for newer python-requests.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Ralph Bean <rbean redhat com> - 0.5-1
- Latest upstream; Fix to the karma formatting.
* Wed Jan 16 2013 Ralph Bean <rbean redhat com> - 0.4-1
- Latest upstream with support for newer python-requests.
* Sat Aug  4 2012 David Malcolm <dmalcolm redhat com> - 0.3-5
- rebuild for https://fedoraproject.org/wiki/Features/Python_3.3
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902714 - mangled releases output
        https://bugzilla.redhat.com/show_bug.cgi?id=902714
--------------------------------------------------------------------------------


================================================================================
 seamonkey-2.15.1-1.el6 (FEDORA-EPEL-2013-0194)
 Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:

Update to 2.15.1
Update to 2.15

Fixes CVE-2013-0743, CVE-2013-{0744-0760},
CVE-2013-0762, CVE-2013-0764, CVE-2013-{0766-0770}



--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 Dmitry Butskoy <Dmitry Butskoy name> 2.15.1-1
- update to 2.15.1
- add fix for #304121 (derived from Xulrunner)
* Wed Jan  9 2013 Dmitry Butskoy <Dmitry Butskoy name> 2.15-1
- update to 2.15
- disable WebRTC support until nss >= 3.14 appear in RHEL6
- fix build with RHEL6 system nss-3.13.5 (actually cosmetic things was changed)
- fix build with RHEL6 libjpeg library (just use some little old stuff from 3.14.1)
- don't try to change global user settings for default browser/mail etc.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902244 - seamonkey-2.15.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=902244
  [ 2 ] Bug #893717 - seamonkey-2.15 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=893717
--------------------------------------------------------------------------------


================================================================================
 tinymce-spellchecker-2.0.5-6.el6 (FEDORA-EPEL-2013-0174)
 TinyMCE spellchecker plugin
--------------------------------------------------------------------------------
Update Information:

backport security fix for CVE-2012-6112
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Matthias Runge <mrunge redhat com> - 2.0.5-6
- fix CVE-2012-6112
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902726 - CVE-2012-6112 tinymce-spellchecker (Google Spellchecker): Control characters not sanitized properly from $lang and $str arguments in _getMatches
        https://bugzilla.redhat.com/show_bug.cgi?id=902726
--------------------------------------------------------------------------------


================================================================================
 ucarp-1.5.2-7.el6 (FEDORA-EPEL-2013-0188)
 Common Address Redundancy Protocol (CARP) for Unix
--------------------------------------------------------------------------------
Update Information:

Remove MASTER from init script.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Jon Ciesla <limburgher gmail com> - 1.5.2-7
- Dropped MASTER from init, BZ 896576.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #896576 - New init.d ucarp script wrong setting advskew=1 to all nodes if no MASTER variable set.
        https://bugzilla.redhat.com/show_bug.cgi?id=896576
--------------------------------------------------------------------------------


================================================================================
 weechat-0.4.0-2.el6 (FEDORA-EPEL-2013-0178)
 Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:

Reimplement enchant patch, with new support for spelling suggestions
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Jamie Nguyen <jamielinux fedoraproject org> - 0.4.0-2
- reimplement enchant support as a separate patch
- implement additional enchant support for displaying spelling suggestions
  in weechat_aspell_get_suggestions(), which is a new function introduced by
  upstream in 0.4.0
* Mon Jan 21 2013 Jamie Nguyen <jamielinux fedoraproject org> - 0.4.0-1
- update to upstream release 0.4.0
- add CMAKE options (DPREFIX and DLIBDIR) which negate the need to patch
- remove enchant patches to keep close to upstream
--------------------------------------------------------------------------------


================================================================================
 whatsup-1.14-1.el6 (FEDORA-EPEL-2013-0181)
 Node up/down detection utility
--------------------------------------------------------------------------------
Update Information:

This is an upstream version bump.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 David Brown <david brown pnnl gov> - 1.14-1
- New upstream version of whatsup
- added libtool-ltdl-devel build deps
- added genders build deps and sub packages
* Mon Sep 10 2012 David Brown <david brown pnnl gov> - 1.13-6
- get the damn macro right for postun
* Mon Sep 10 2012 David Brown <david brown pnnl gov> - 1.13-5
- add systemd macros to post postun preun
--------------------------------------------------------------------------------


================================================================================
 xmonad-0.10-3.4.2.el6 (FEDORA-EPEL-2013-0176)
 A tiling window manager
--------------------------------------------------------------------------------
Update Information:

Backport current Fedora changes
- fix input focus issue with Java applications
- backport xmonad-basic subpackage

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Jens Petersen <petersen redhat com> - 0.10-3.4.2
- xmonad-gnome now requires gnome-panel and gnome-settings-daemon to start
- add upstream patches for ICCCM WM_TAKE_FOCUS protocol and
  tracking currently processing event to fix focus for Java apps:
  see http://code.google.com/p/xmonad/issues/detail?id=177 (#874855)
- update to cabal-rpm packaging
- change prof BRs to devel
- allow building with X11-1.6
- backport xmonad-basic subpackaging
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #874855 - xmonad does not follow ICCCM and ignores WM_TAKE_FOCUS protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=874855
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]