[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/rt3-3.8.10-2.el6.1
    https://admin.fedoraproject.org/updates/bugzilla-3.4.11-1.el6
    https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-1.el6
    https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el6
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.5-1.el6
    https://admin.fedoraproject.org/updates/perl-FCGI-0.71-4.el6
    https://admin.fedoraproject.org/updates/puppet-2.6.6-2.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    RBTools-0.3.4-1.el6
    askbot-0.7.23-1.el6
    django-authenticator-0.1.4-1.el6
    mongodb-1.8.2-2.el6
    moodle-2.1.1-2.el6
    proftpd-1.3.3f-1.el6
    puppet-2.6.6-2.el6
    shorewall-4.4.23.3-1.el6

Details about builds:


================================================================================
 RBTools-0.3.4-1.el6 (FEDORA-EPEL-2011-4555)
 Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:

* Tue Sep 27 2011 Stephen Gallagher <sgallagh redhat com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
-   post-review:
-     Added a --change-description option for setting the Change Description
      text on drafts
- Bugfixes:
-   post-review:
-     Newlines in summaries on Git are now converted to spaces, preventing
      errors when using --guess-summary
-     Fixed authentication failures when accessing a protected /api/info/
      URL. This was problematic particularly on RBCommons
-     Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Stephen Gallagher <sgallagh redhat com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
-   post-review:
-     Added a --change-description option for setting the Change Description
      text on drafts
- Bugfixes:
-   post-review:
-     Newlines in summaries on Git are now converted to spaces, preventing
      errors when using --guess-summary
-     Fixed authentication failures when accessing a protected /api/info/
      URL. This was problematic particularly on RBCommons
-     Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------


================================================================================
 askbot-0.7.23-1.el6 (FEDORA-EPEL-2011-4550)
 Question and Answer forum
--------------------------------------------------------------------------------
Update Information:

upfiles alias for httpd configuration.  several minor enhancements and bug fixes
* if RHEL, then depend on python-dateutil15 instead of python-dateutil

* add README.fedora and configuration files for multi-site deployment

* update wsgi, apache httpd configuration and settings.py setup template

* thanks to Toshio Kuriotami for suggesting and reviewing the changes
--------------------------------------------------------------------------------


================================================================================
 django-authenticator-0.1.4-1.el6 (FEDORA-EPEL-2011-4557)
 Authentication client for django
--------------------------------------------------------------------------------
Update Information:

django-authenticator isn a forked version of django-authopenid module. It is developed for the Askbot project.

--------------------------------------------------------------------------------


================================================================================
 mongodb-1.8.2-2.el6 (FEDORA-EPEL-2011-4552)
 High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:

Update EPEL 6 to mongodb 1.8.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 13 2011 Chris Lalancette <clalance redhat com> - 1.8.2-2
- Make mongodb-devel require boost-devel (BZ 703184)
* Fri Jul  1 2011 Chris Lalancette <clalance redhat com> - 1.8.2-1
- Update to upstream 1.8.2
- Add patch to ignore TERM
* Fri Jul  1 2011 Chris Lalancette <clalance redhat com> - 1.8.0-3
- Bump release to build against new boost package
* Sat Mar 19 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.8.0-2
- Make mongod bind only to 127.0.0.1 by default
* Sat Mar 19 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.8.0-1
- Update to 1.8.0
- Remove upstreamed nonce patch
* Wed Feb 16 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.7.5-5
- Add nonce patch
* Sun Feb 13 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.7.5-4
- Manually define to use boost-fs v2
* Sat Feb 12 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.7.5-3
- Disable extra warnings
* Fri Feb 11 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.7.5-2
- Disable compilation errors on warnings
* Fri Feb 11 2011 Nathaniel McCallum <nathaniel natemccallum com> - 1.7.5-1
- Update to 1.7.5
- Remove CPPFLAGS override
- Added libmongodb package
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1.6.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 moodle-2.1.1-2.el6 (FEDORA-EPEL-2011-4551)
 A Course Management System
--------------------------------------------------------------------------------
Update Information:

Minor change to cron setup.
Update to 2.1.1.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Jon Ciesla <limb jcomserv net> - 2.1.1-2
- Switched to cli cron script, BZ 733957.
* Tue Aug 16 2011 Jon Ciesla <limb jcomserv net> - 2.1.1-1
- New upstream.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #733957 - cron path change in moodle-2.1.1-1.el6.noarch
        https://bugzilla.redhat.com/show_bug.cgi?id=733957
--------------------------------------------------------------------------------


================================================================================
 proftpd-1.3.3f-1.el6 (FEDORA-EPEL-2011-4556)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This update, to the current upstream maintenance release, fixes a number of bugs as described in the changelog.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Paul Howarth <paul city-fan org> 1.3.3f-1
- Update to 1.3.3f, fixing a large number of bugs reported upstream:
  - Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639)
  - Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used
    (bug 3642)
  - Disable signal handling for exiting session processes (bug 3644)
  - TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652)
  - TLSVerifyOrder directive is broken (bug 3658)
  - Segmentation fault if there is regex <IfUser> section in a <VirtualHost>
    section; this is a regression caused by a bad backport of the fix for
    Bug#3625 to the 1.3.3 branch (bug 3659)
  - Filenames with embedded IAC do not get processed correctly (bug 3697)
- Drop upstreamed nostrip patch
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
--------------------------------------------------------------------------------


================================================================================
 puppet-2.6.6-2.el6 (FEDORA-EPEL-2011-4553)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

A vulnerability was discovered in puppet that would allow an attacker to install a valid X509 Certificate Signing Request at any location on disk, with the privileges of the Puppet Master application.  For Fedora and EPEL, this is the puppet user.

Further details can be found in the upstream announcement:

http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740feb9406

Unless you enable puppet's listen mode on clients, only the puppet master is vulnerable to this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Todd Zullinger <tmz pobox com> - 2.6.6-2
- Apply upstream patch for CVE-2011-3848
--------------------------------------------------------------------------------


================================================================================
 shorewall-4.4.23.3-1.el6 (FEDORA-EPEL-2011-4558)
 An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:

Update to 4.4.23.3
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.23/releasenotes.txt
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]