[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora EPEL 5 updates-testing report



The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 277  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
 171  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
  53  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0171/moodle-1.9.19-5.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0173/couchdb-1.0.4-2.el5.1
  19  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0011/drupal7-context-3.0-0.3.beta6.el5
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0116/drupal6-6.28-1.el5
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0102/ettercap-0.7.3-21.el5
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0139/proftpd-1.3.3g-2.el5
   1  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0148/drupal7-7.19-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    couchdb-1.0.4-2.el5.1
    moodle-1.9.19-5.el5
    mozilla-https-everywhere-3.1.3-1.el5
    nordugrid-arc-2.0.1-2.el5
    packagedb-cli-1.3.0-1.el5
    ucarp-1.5.2-7.el5
    weechat-0.4.0-2.el5
    whatsup-1.14-1.el5
    zabbix20-2.0.4-4.el5

Details about builds:


================================================================================
 couchdb-1.0.4-2.el5.1 (FEDORA-EPEL-2013-0173)
 A document database server, accessible via a RESTful JSON API
--------------------------------------------------------------------------------
Update Information:

* Ver. 1.0.4 (security release)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Peter Lemenkov <lemenkov gmail com> - 1.0.4-2
- Fix for EPEL 5 (Erlang R12B)
* Wed Jan 23 2013 Peter Lemenkov <lemenkov gmail com> - 1.0.4-1
- Ver. 1.0.4
- Fixes CVE-2012-5649, CVE-2012-5650
* Mon Aug 15 2011 Kalev Lember <kalevlember gmail com> - 1.0.3-2
- Rebuilt for rpm bug #728707
* Thu Jul 21 2011 Peter Lemenkov <lemenkov gmail com> - 1.0.3-1
- Ver. 1.0.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #784792 - Request: update CouchDB to 1.0.3
        https://bugzilla.redhat.com/show_bug.cgi?id=784792
  [ 2 ] Bug #895599 - CVE-2012-5649 CVE-2012-5650 couchdb various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=895599
--------------------------------------------------------------------------------


================================================================================
 moodle-1.9.19-5.el5 (FEDORA-EPEL-2013-0171)
 A Course Management System
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2012-6098 and CVE-2012-6100.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #903264 - CVE-2012-6100 CVE-2012-6098 moodle various flaws [epel-5]
        https://bugzilla.redhat.com/show_bug.cgi?id=903264
--------------------------------------------------------------------------------


================================================================================
 mozilla-https-everywhere-3.1.3-1.el5 (FEDORA-EPEL-2013-0187)
 HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:

Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s
and product images), Libav, Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698

Disable broken: Coursera, EBay, Etsy, OpenOffice,
Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865

Update cert whitelist
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 Russell Golden <niveusluna niveusluna org> - 3.1.3-1
- Internet Freedom Day stable bugfix release
  - Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s and product images), Libav, 
           Google Maps, UserEcho
    https://trac.torproject.org/projects/tor/ticket/7931
    https://trac.torproject.org/projects/tor/ticket/7888
    https://trac.torproject.org/projects/tor/ticket/7594
    https://trac.torproject.org/projects/tor/ticket/7539
    https://trac.torproject.org/projects/tor/ticket/7698
  - Disable broken: Coursera, EBay, Etsy, OpenOffice, Ping.fm, Pinterest :(
    https://trac.torproject.org/projects/tor/ticket/7336
    https://trac.torproject.org/projects/tor/ticket/7825
    https://trac.torproject.org/projects/tor/ticket/7774
    https://trac.torproject.org/projects/tor/ticket/7695
    https://trac.torproject.org/projects/tor/ticket/7777
    https://trac.torproject.org/projects/tor/ticket/7865
  - Update cert whitelist
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc-2.0.1-2.el5 (FEDORA-EPEL-2013-0183)
 Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:

SE Linux fixes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Mattias Ellert <mattias ellert fysast uu se> - 2.0.1-2
- Additional selinux contexts
- Fix for python wrappers using swig 2.0.9
--------------------------------------------------------------------------------


================================================================================
 packagedb-cli-1.3.0-1.el5 (FEDORA-EPEL-2013-0179)
 A CLI for pkgdb
--------------------------------------------------------------------------------
Update Information:

Update to 1.3.0 which provides some bugs fix including one for the use of the 'all' keyword for the branch.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #887950 - packagedb-cli: silently fails to change ACLs
        https://bugzilla.redhat.com/show_bug.cgi?id=887950
--------------------------------------------------------------------------------


================================================================================
 ucarp-1.5.2-7.el5 (FEDORA-EPEL-2013-0196)
 Common Address Redundancy Protocol (CARP) for Unix
--------------------------------------------------------------------------------
Update Information:

Remove MASTER from init script.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Jon Ciesla <limburgher gmail com> - 1.5.2-7
- Dropped MASTER from init, BZ 896576.
* Tue Dec 11 2012 Jon Ciesla <limburgher gmail com> - 1.5.2-6
- init fix from Alexander Bostrom, BZ 809421.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #896576 - New init.d ucarp script wrong setting advskew=1 to all nodes if no MASTER variable set.
        https://bugzilla.redhat.com/show_bug.cgi?id=896576
--------------------------------------------------------------------------------


================================================================================
 weechat-0.4.0-2.el5 (FEDORA-EPEL-2013-0191)
 Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:

Reimplement enchant patch, with new support for spelling suggestions
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 22 2013 Jamie Nguyen <jamielinux fedoraproject org> - 0.4.0-2
- reimplement enchant support as a separate patch
- implement additional enchant support for displaying spelling suggestions
  in weechat_aspell_get_suggestions(), which is a new function introduced by
  upstream in 0.4.0
* Mon Jan 21 2013 Jamie Nguyen <jamielinux fedoraproject org> - 0.4.0-1
- update to upstream release 0.4.0
- add CMAKE options (DPREFIX and DLIBDIR) which negate the need to patch
- remove enchant patches to keep close to upstream
--------------------------------------------------------------------------------


================================================================================
 whatsup-1.14-1.el5 (FEDORA-EPEL-2013-0184)
 Node up/down detection utility
--------------------------------------------------------------------------------
Update Information:

New upstream version and fixes opensm linking problem.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 David Brown <david brown pnnl gov> - 1.14-1
- New upstream version of whatsup
- added libtool-ltdl-devel build deps
- added genders build deps and sub packages
* Mon Sep 10 2012 David Brown <david brown pnnl gov> - 1.13-6
- get the damn macro right for postun
* Mon Sep 10 2012 David Brown <david brown pnnl gov> - 1.13-5
- add systemd macros to post postun preun
--------------------------------------------------------------------------------


================================================================================
 zabbix20-2.0.4-4.el5 (FEDORA-EPEL-2013-0195)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

zabbix20 packages the 2.0 series of Zabbix. EPEL policy only allows for bugfix releases, avoiding breaking things. Hence this package came into existence.

Notice, there's no SSH support, due to the version of libssh2.

While updating an agent is straight forward, you'll have to run multiple database schema upgrades when upgrading a server.

There are a number of changes compared to earlier packages, documented in zabbix-fedora.README. If you're upgrading, you're strongly advised to go through this document. Please don't hesitate to contact volker27 gmx at if something is wrong, hard to understand or missing there. You can file a bug as well, of course!
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #867159 - Review Request: zabbix20 - Open-source monitoring solution for your IT infrastructure
        https://bugzilla.redhat.com/show_bug.cgi?id=867159
--------------------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]