Fedora EPEL 6 updates-testing report

updates Thu, 14 Jul 2011 17:05:37 -0700

The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/libpng10-1.0.55-1.el6
    https://admin.fedoraproject.org/updates/drupal7-7.4-1.el6
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.3.1-1.el6
    https://admin.fedoraproject.org/updates/asterisk-1.8.4.4-3.el6
    https://admin.fedoraproject.org/updates/squirrelmail-1.4.22-2.el6
    https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.el6
    https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    SDL_gfx-2.0.22-1.el6
    be-1.0.1-1.el6
    django-tagging-0.3.1-3.el6
    drupal6-admin_menu-1.8-1.el6
    drupal6-diff-2.1-2.el6
    drupal6-mobile_tools-2.3-2.el6
    dspam-3.9.0-21.el6
    squirrelmail-1.4.22-2.el6

Details about builds:


================================================================================
 SDL_gfx-2.0.22-1.el6 (FEDORA-EPEL-2011-3810)
 SDL graphics drawing primitives and other support functions
--------------------------------------------------------------------------------
Update Information:

Initial EPEL6 build of the latest SDL_gfx.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #720879 - Update for EPEL 6
        https://bugzilla.redhat.com/show_bug.cgi?id=720879
--------------------------------------------------------------------------------


================================================================================
 be-1.0.1-1.el6 (FEDORA-EPEL-2011-3811)
 Bugs Everywhere, a distributed bug tracker
--------------------------------------------------------------------------------
Update Information:

Updates bugs-everywhere to the latest upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 13 2011 Michel Salim <sali...@fedoraproject.org> - 1.0.1-1
- Update to 1.0.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #721325 - be-1.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=721325
--------------------------------------------------------------------------------


================================================================================
 django-tagging-0.3.1-3.el6 (FEDORA-EPEL-2011-3806)
 A generic tagging application for Django projects
--------------------------------------------------------------------------------
Update Information:

first version in el6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #721324 - please build and push django-tagging for epel6
        https://bugzilla.redhat.com/show_bug.cgi?id=721324
--------------------------------------------------------------------------------


================================================================================
 drupal6-admin_menu-1.8-1.el6 (FEDORA-EPEL-2011-3805)
 Theme-independent administration interface for Drupal 6
--------------------------------------------------------------------------------
Update Information:

Theme-independent administration interface for Drupal 6.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #693118 - Review Request: drupal6-admin_menu - Theme-independent 
administration interface for Drupal 6
        https://bugzilla.redhat.com/show_bug.cgi?id=693118
--------------------------------------------------------------------------------


================================================================================
 drupal6-diff-2.1-2.el6 (FEDORA-EPEL-2011-3807)
 Show diff-type changes in Drupal 6
--------------------------------------------------------------------------------
Update Information:

Show diff-type changes in Drupal 6.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #699697 - Review Request: drupal6-diff - Show diff-type changes in 
Drupal 6
        https://bugzilla.redhat.com/show_bug.cgi?id=699697
--------------------------------------------------------------------------------


================================================================================
 drupal6-mobile_tools-2.3-2.el6 (FEDORA-EPEL-2011-3813)
 The Mobile Tools provides some tools to assist in making a site mobile
--------------------------------------------------------------------------------
Update Information:

The Mobile Tools module provides Drupal developers with some tools
to assist in making a site mobile.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #719108 - Review Request: drupal6-mobile_tools - The Mobile Tools 
module provides some tools to assist in making a site mobile
        https://bugzilla.redhat.com/show_bug.cgi?id=719108
--------------------------------------------------------------------------------


================================================================================
 dspam-3.9.0-21.el6 (FEDORA-EPEL-2011-3814)
 A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
Update Information:

Sets dspam to run as the dspam user instead of root
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 13 2011 Nathanael Noblet <nathan...@gnat.ca> - 3.9.0-21
- Start daemon as dspam user
* Wed May 25 2011 Nathanael Noblet <nathan...@gnat.ca> - 3.9.0-20
- add tmpfile for /var/run/dspam
- remove rpaths that suddenly show up in F15
* Tue Mar 22 2011 Nathanael Noblet <nathan...@gnat.ca> - 3.9.0-19
- Rebuilt for libmysqlclient soname bump
* Wed Mar  9 2011 Nathanael Noblet <nathan...@gnat.ca> - 3.9.0-18
- Removed patch
--------------------------------------------------------------------------------


================================================================================
 squirrelmail-1.4.22-2.el6 (FEDORA-EPEL-2011-3812)
 webmail client written in php
--------------------------------------------------------------------------------
Update Information:

fixes:
- CVE-2011-2023 : Messages containing style tags with malicious script 
attributes were being displayed without being sanitized
- CVE-2010-4555 : An attacker could use one of several small bugs in 
SquirrelMail to inject malicious script into various pages or alter the 
contents of user preferences
- CVE-2010-4554 : SquirrelMail is vulnerable to clickjacking attacks wherein 
the entire application can be loaded in a frame that could overlay other 
elements on top of SquirrelMail

--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 13 2011 Michal Hlavinka <mhlav...@redhat.com> - 1.4.22-2
- fix possible php warning
* Wed Jul 13 2011 Michal Hlavinka <mhlav...@redhat.com> - 1.4.22-1
- squirrelmail updated to 1.4.22
- fixes CVE-2010-4554, CVE-2010-4555, CVE-2011-2023
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #720693 - CVE-2010-4554 SquirrelMail: Prone to clickjacking attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=720693
  [ 2 ] Bug #720694 - CVE-2010-4555 SquirrelMail: Multiple XSS flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=720694
  [ 3 ] Bug #720695 - CVE-2011-2023 SquirrelMail: XSS in <style> tag handling
        https://bugzilla.redhat.com/show_bug.cgi?id=720695
--------------------------------------------------------------------------------


_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list

Fedora EPEL 6 updates-testing report

Reply via email to