The following Fedora EPEL 6 Security updates need testing: Age URL 710 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 57 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6 52 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6 42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6 17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0846/mediawiki119-1.19.13-1.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0888/v8-3.14.5.10-7.el6 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0889/moodle-2.4.9-1.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0938/seamonkey-2.21-5.ESR_24.4.0.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0980/perl-YAML-LibYAML-0.38-4.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0996/munin-2.0.20-1.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0990/libyaml-0.1.6-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1020/php-ZendFramework2-2.2.6-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1039/mod_security-2.7.3-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing duply-1.7.1-1.el6 iperf3-3.0.3-2.el6 mod_security-2.7.3-3.el6 nodejs-jade-1.3.0-3.el6 nodejs-supertest-0.9.0-1.el6 opendnssec-1.4.4-3.el6 pen-0.22.0-1.el6 python-fedmsg-genacls-0.2-1.el6 uglify-js-2.4.13-3.el6 xvkbd-3.5-1.el6 Details about builds: ================================================================================ duply-1.7.1-1.el6 (FEDORA-EPEL-2014-0933) Wrapper for duplicity -------------------------------------------------------------------------------- Update Information: Update to the latest released version. Changes in version 1.7.0: - disabled gpg key id plausibility check, too many valid possibilities - featreq 7 "Halt if precondition fails": added and(+), or(-) batch command(separator) support - featreq 26 "pre/post script with shebang line": if a script is flagged executable it's executed in a subshell now as opposed to sourced to bash, which is the default - bugfix: do not check if dpbx, swift credentials are set anymore - bugfix: properly escape profile name, archdir if used as arguments - add DUPL_PRECMD conf setting for use with e.g. trickle Changes in version 1.7.1: - bugfix: purge-* commands renamed to purgeFull, purgeIncr due to incompatibility with new minus batch separator -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Thomas Moschny <thomas.mosc...@gmx.de> - 1.7.1-1 - Update to 1.7.1 - Update %description. * Fri Mar 21 2014 Thomas Moschny <thomas.mosc...@gmx.de> - 1.7.0-1 - Update to 1.7.0. -------------------------------------------------------------------------------- ================================================================================ iperf3-3.0.3-2.el6 (FEDORA-EPEL-2014-1037) Measurement tool for TCP/UDP bandwidth performance -------------------------------------------------------------------------------- Update Information: Moved static library to devel section Update to 3.0.3 and added devel rpm support Update to 3.0.3 and added devel rpm support -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Susant Sahani <ssah...@redhat.com> 3.0.3-2 - Moved static library to devel section only . * Sun Mar 30 2014 Susant Sahani <ssah...@redhat.com> 3.0.3-1 - Update to 3.0.3 and added devel rpm support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1081486 - iperf3-3.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1081486 -------------------------------------------------------------------------------- ================================================================================ mod_security-2.7.3-3.el6 (FEDORA-EPEL-2014-1039) Security module for the Apache HTTP Server -------------------------------------------------------------------------------- Update Information: Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Athmane Madjoudj <athm...@fedoraproject.org> 2.7.3-3 - Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082904 - CVE-2013-5705 mod_security: bypass of intended rules via chunked requests https://bugzilla.redhat.com/show_bug.cgi?id=1082904 -------------------------------------------------------------------------------- ================================================================================ nodejs-jade-1.3.0-3.el6 (FEDORA-EPEL-2014-1035) Jade template engine for Node.js -------------------------------------------------------------------------------- Update Information: introduce symlink to /usr/bin/jade-nodejs -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 1.3.0-3 - include _bindir/jade-nodejs * Sat Mar 15 2014 <jamieli...@fedoraproject.org> - 1.3.0-2 - temporarily disable tests due to circular dependency * Mon Mar 3 2014 <jamieli...@fedoraproject.org> - 1.3.0-1 - update to upstream release 1.3.0 * Sun Mar 2 2014 <jamieli...@fedoraproject.org> - 1.2.0-1 - update to upstream release 1.2.0 * Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.28.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082964 - no commandline jade https://bugzilla.redhat.com/show_bug.cgi?id=1082964 -------------------------------------------------------------------------------- ================================================================================ nodejs-supertest-0.9.0-1.el6 (FEDORA-EPEL-2014-1042) A superagent driven library for testing HTTP servers -------------------------------------------------------------------------------- Update Information: initial package -------------------------------------------------------------------------------- ================================================================================ opendnssec-1.4.4-3.el6 (FEDORA-EPEL-2014-1033) DNSSEC key and zone management software -------------------------------------------------------------------------------- Update Information: Add buildrequires for ods-kasp2html (rhbz#1073313), bump ZSK to 2048bits -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Paul Wouters <pwout...@redhat.com> - 1.4.4-3 - Add buildrequires for ods-kasp2html (rhbz#1073313) * Fri Mar 28 2014 Paul Wouters <pwout...@redhat.com> - 1.4.4-2 - Add requires for ods-kasp2html (rhbz#1073313) - Updated to 1.4.4 (rhbz#1080862) (compatibility with non RFC 5155 errata 3441 implementations) - Change the default ZSK policy from 1024 to 2048 bit RSA keys - Fix post to be quiet when upgrading opendnssec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073313 - libxslt is missing in Requires and BuildRequires https://bugzilla.redhat.com/show_bug.cgi?id=1073313 -------------------------------------------------------------------------------- ================================================================================ pen-0.22.0-1.el6 (FEDORA-EPEL-2014-1038) Load balancer for "simple" tcp based protocols such as http or smtp -------------------------------------------------------------------------------- Update Information: 140331 * Updated pen manpage to clarify what the control socket does. * Resist opening control socket running as root. * Remove the default file name for web log. * New feature: unix domain listening sockets. * Released 0.22.0. 140204 * Moved defines for ACE_IPV4 et al outside #ifdef HAVE_SSL clause. * Otherwise pen won't compile without ssl. * Released 0.21.1. 140204 * GeoIP access lists. * Released 0.21.0. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Christopher Meng <r...@cicku.me> - 0.22.0-1 - Update to 0.22.0 - Built with GeoIP support. -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-genacls-0.2-1.el6 (FEDORA-EPEL-2014-1034) A fedmsg consumer that sets gitosis acls in response to pkgdb messages -------------------------------------------------------------------------------- Update Information: Fix mis-use of subprocess.Popen. New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1080094 - Review Request: python-fedmsg-genacls - A fedmsg consumer that sets gitosis acls in response to pkgdb messages https://bugzilla.redhat.com/show_bug.cgi?id=1080094 -------------------------------------------------------------------------------- ================================================================================ uglify-js-2.4.13-3.el6 (FEDORA-EPEL-2014-1043) JavaScript parser, mangler/compressor and beautifier toolkit -------------------------------------------------------------------------------- Update Information: pretrans script should run in js-uglify subpackage (#1082946) port to new multi-version and browser JavaScript guidelines -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 2.4.13-3 - pretrans script should run in js-uglify subpackage (#1082946) * Sat Mar 15 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 2.4.13-2 - add logic for building on EPEL 6 as web-assets-{devel,filesystem} are not yet available * Thu Mar 13 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 2.4.13-1 - update to upstream release 2.4.13 * Mon Jan 20 2014 T.C. Hollingsworth <tchollingswo...@gmail.com> - 2.2.5-4 - port to new JS guidelines - provide the nodejs- form * Sun Jan 19 2014 Tom Hughes <t...@compton.nu> - 2.2.5-3 - use new multi-version packaging rules - update to latest nodejs packaging standards * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082946 - Update from uglify-js-common to js-uglify fails https://bugzilla.redhat.com/show_bug.cgi?id=1082946 [ 2 ] Bug #1055177 - uglify-js should be using the proper system for packaging multiple npm versions https://bugzilla.redhat.com/show_bug.cgi?id=1055177 -------------------------------------------------------------------------------- ================================================================================ xvkbd-3.5-1.el6 (FEDORA-EPEL-2014-1040) Virtual Keyboard for X Window System -------------------------------------------------------------------------------- Update Information: xvkbd is a virtual (graphical) keyboard program for X Window System which provides facility to enter characters onto other clients (software) by clicking on a keyboard displayed on the screen. This may be used for systems without a hardware keyboard such as kiosk terminals or hand-held devices. This program also has facility to send characters specified as the command line option to another client. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel