[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 6 updates-testing report



The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6468/dropbear-0.55-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6531/nsd-3.2.13-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6432/puppet-2.6.17-2.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6561/perl-RT-Authen-ExternalAuth-0.11-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6559/Django-1.3.2-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6547/openstack-nova-2012.1.1-11.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6422/mediawiki119-1.19.1-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6504/moodle-2.1.7-1.el6
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    Django-1.3.2-1.el6
    dsniff-2.4-0.14.b1.el6
    fedmsg-0.2.6-1.el6
    is-interface-1.13.0-0.el6
    libyuv-0-0.12.20120727svn312.el6
    perl-RT-Authen-ExternalAuth-0.11-1.el6
    phpMyAdmin-3.5.2-1.el6
    salt-0.10.2-1.el6
    srm-ifce-1.13.0-0.el6

Details about builds:


================================================================================
 Django-1.3.2-1.el6 (FEDORA-EPEL-2012-6559)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

security release https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Alan Pevec <apevec redhat com> 1.3.2-1
- security release
  https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #844518 - CVE-2012-3442 Django: 1.3.1 and 1.4.0 Cross-site scripting in authentication views
        https://bugzilla.redhat.com/show_bug.cgi?id=844518
  [ 2 ] Bug #844522 - CVE-2012-3443 Django: 1.3.1 and 1.4.0 Denial-of-service in image validation
        https://bugzilla.redhat.com/show_bug.cgi?id=844522
  [ 3 ] Bug #844526 - CVE-2012-3444 Django: 1.3.1 and 1.4.0 Denial-of-service via get_image_dimensions()
        https://bugzilla.redhat.com/show_bug.cgi?id=844526
--------------------------------------------------------------------------------


================================================================================
 dsniff-2.4-0.14.b1.el6 (FEDORA-EPEL-2012-6563)
 Tools for network auditing and penetration testing
--------------------------------------------------------------------------------
Update Information:

- Added a patch which adds further link layer offsets
- Avoid opportunity for DoS in tabular data stream protocol handler
- Added a memset in msgsnarf to correctly 0 out the C struct
- Patched urlsnarf to use timestamps from pcap file if available
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Robert Scheck <robert fedoraproject org> 2.4-0.14.b1
- Added a patch which adds further link layer offsets
- Avoid opportunity for DoS in tabular data stream protocol handler
- Added a memset in msgsnarf to correctly 0 out the C struct
- Patched urlsnarf to use timestamps from pcap file if available
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.4-0.13.b1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Mar 30 2012 Jon Ciesla <limburgher gmail com> - 2.4-0.12.b1
- libnet rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.4-0.11.b1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng lists fedoraproject org> - 2.4-0.10.b1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 fedmsg-0.2.6-1.el6 (FEDORA-EPEL-2012-6562)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

API enhancement.
0.2.5 with more realistic X509 capacity
0.2.4 with fix for disabled ssl
0.2.3 with upstream typo fixes
Added deps on m2crypto and python-m2ext
/var/log/fedmsg wasn't being created correctly.
Require moksha >= 0.8.3.
python-argparse fix for epel-6.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Ralph Bean <rbean redhat com> - 0.2.6-1
- Upstream bugfixes and API enhancements.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jul 15 2012 Ralph Bean <rbean redhat com> - 0.2.5-1
- Upstream crypto updates in preparation for a more realistic X509 setup.
* Fri Jul 13 2012 Ralph Bean <rbean redhat com> - 0.2.4-1
- Upstream bugfix for when ssl is disabled.
* Wed Jul 11 2012 Ralph Bean <rbean redhat com> - 0.2.3-1
- Upstream bump that fixes some typos.
* Tue Jul 10 2012 Ralph Bean <rbean redhat com> - 0.2.2-3
- Added deps on python-argparse for py < 2.7 (rhel6)
* Sat Jul  7 2012 Ralph Bean <rbean redhat com> - 0.2.2-2
- Added deps on m2crypto and python-m2ext
* Sat Jul  7 2012 Ralph Bean <rbean redhat com> - 0.2.2-1
- Update to fedmsg-irc to fix lineRate issues
- fedmsg.crypto module - sign and validate messages
* Mon Jun 11 2012 Ralph Bean <rbean redhat com> - 0.2.1-2
- Require moksha >= 0.8.3
* Mon Jun 11 2012 Ralph Bean <rbean redhat com> - 0.2.1-1
- Override producers and consumers entry-points in the hub.  Should fix a
  collision that fedmsg-irc is having with fedoracommunity.
* Mon Jun 11 2012 Ralph Bean <rbean redhat com> - 0.2.0-4
- Introduce temporary hard dep on orbited.
* Mon Jun 11 2012 Ralph Bean <rbean redhat com> - 0.2.0-3
- /var/log/fedmsg wasn't being created correctly.
--------------------------------------------------------------------------------


================================================================================
 is-interface-1.13.0-0.el6 (FEDORA-EPEL-2012-6558)
 Information service library for the lcg bdii system
--------------------------------------------------------------------------------
Update Information:

update 1.13.0, synchronised with EMI 2 Update
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Adrien Devresse <adevress at cern.ch> - 1.13.0-0
- crash fix related to get_details
 - wildcard support in INFOSYS
 - minor bug fix
 - synchronisation with EMI 2 update
--------------------------------------------------------------------------------


================================================================================
 libyuv-0-0.12.20120727svn312.el6 (FEDORA-EPEL-2012-6557)
 YUV conversion and scaling functionality library
--------------------------------------------------------------------------------
Update Information:

* SVN snapshot 312
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Peter Lemenkov <lemenkov gmail com> - 0-0.12.20120727svn312
- Next svn snapshot - ver. 312
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 0-0.11.20120627svn296
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jul  5 2012 Peter Lemenkov <lemenkov gmail com> - 0-0.10.20120627svn296
- Next svn snapshot - ver. 296
- Dropped patch3 (header conflict) - fixed upstream
* Thu Jun 14 2012 Tom Callaway <spot fedoraproject org> - 0-0.9.20120518svn268
- resolve header conflict with duplicate definition in scale*.h
--------------------------------------------------------------------------------


================================================================================
 perl-RT-Authen-ExternalAuth-0.11-1.el6 (FEDORA-EPEL-2012-6561)
 RT Authentication using External Sources
--------------------------------------------------------------------------------
Update Information:

update to 0.11
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Gabriel Somlo <somlo cmu edu> 0.11-1
- update to 0.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #844457 - CVE-2012-2770 RT::Authen::ExternalAuth: RSS feed URL session hijacking [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=844457
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-3.5.2-1.el6 (FEDORA-EPEL-2012-6564)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

Changes for 3.5.2.0 (2012-07-07):

- [interface] JS error when editing index
- [core] Call to undefined function __()
- [edit] NOW() function incorrectly selected
- [GUI] Invalid HTML code on transformation_overview.php
- [browse] Missing validation in Ajax mode
- [other] Fix popup message on build SQL of import
- [core] Make X-WebKit-CSP work better
- [other] replace Highcharts with jqplot for query profiling, zoom search
- [interface] No form validation in change password dialog
- [interface] Broken password validation in copy user form
- [unterface] Add user form prints JSON when user presses enter
- [config] duplicate line in config.sample.inc.php
- bug #3534311 [interface] Grid editing incorrectly parses ENUM/SET values
- bug #3510196 [core] More clever URL rewriting with ForceSSL
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 30 2012 Robert Scheck <robert fedoraproject org> 3.5.2-1
- Upgrade to 3.5.2 (#838310)
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 3.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #838310 - phpMyAdmin-3.5.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=838310
--------------------------------------------------------------------------------


================================================================================
 salt-0.10.2-1.el6 (FEDORA-EPEL-2012-6567)
 A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:

Update to 0.10.2
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 31 2012 Clint Savage <herlo1 gmail com> - 0.10.1-1
- Moved to upstream release 0.10.2
- Removed PyXML as a dependency
--------------------------------------------------------------------------------


================================================================================
 srm-ifce-1.13.0-0.el6 (FEDORA-EPEL-2012-6569)
 SRM client side library
--------------------------------------------------------------------------------
Update Information:

update 1.13.0, synchronised with EMI 2 Update
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2012 Adrien Devresse <adevress at cern.ch> - 1.13.0-0
- Synchronise with EMI 2 Update 13
 - introduction of operation timeout
 - buffer overflow  and memory corruption corrections
 - minor warning corrections
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]