The following Fedora EPEL 6 Security updates need testing:
Age URL
176
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
99
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13116/gitolite3-3.04-4.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13109/phpMyAdmin-3.5.3-1.el6
71
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6587/dokuwiki-0-0.10.20120125.b.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13138/drupal7-feeds-2.0-0.5.alpha6.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13151/haproxy-1.4.22-1.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13084/php-ZendFramework-1.12.0-1.el6
364
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6
46
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12763/pcp-3.6.6-1.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13090/mom-0.3.0-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
cdlabelgen-4.2.0-1.el6
icecast-2.3.3-1.el6
jglobus-2.0.4-9.20121013git597e3ac.el6
mozilla-https-everywhere-3.0.1-1.el6
pencil-2.0.2-1.el6
pytest-2.2.4-4.el6
python-django-federated-login-0.3.1-1.el6
python-django-horizon-2012.1.3-1.el6
python-gerrit-0.0.1-2.gita7ffd76.el6
python-py-1.4.9-8.el6
python-zmq-2.2.0-4.el6
ssmtp-2.61-19.el6
sticky-notes-0.3.09062012.4-8.el6
zeromq3-3.2.0-0.3.20121009git1ef63bc.el6
zziplib-0.13.62-1.el6
Details about builds:
================================================================================
cdlabelgen-4.2.0-1.el6 (FEDORA-EPEL-2012-13173)
Generates frontcards and traycards for inserting in CD jewelcases
--------------------------------------------------------------------------------
Update Information:
CD and DVD front- and traycard generator.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857740 - cdlabelgen: add EPEL-6 branch
https://bugzilla.redhat.com/show_bug.cgi?id=857740
--------------------------------------------------------------------------------
================================================================================
icecast-2.3.3-1.el6 (FEDORA-EPEL-2012-13176)
ShoutCast compatible streaming media server
--------------------------------------------------------------------------------
Update Information:
New upstream release, fixing CVE bug.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #831180 - Icecast 2.3.3 available
https://bugzilla.redhat.com/show_bug.cgi?id=831180
[ 2 ] Bug #797184 - Apply useful upstream patches
https://bugzilla.redhat.com/show_bug.cgi?id=797184
[ 3 ] Bug #768176 - CVE-2011-4612 icecast2: Newline injection in error.log
[epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=768176
[ 4 ] Bug #768175 - CVE-2011-4612 icecast2: Newline injection in error.log
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=768175
--------------------------------------------------------------------------------
================================================================================
jglobus-2.0.4-9.20121013git597e3ac.el6 (FEDORA-EPEL-2012-13179)
Globus Java client libraries
--------------------------------------------------------------------------------
Update Information:
Updated version with bugfixes and efficiency improvements. First build for EPEL
since there is no longer a spring framework dependency.
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.0.1-1.el6 (FEDORA-EPEL-2012-13170)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to
overhead. Add hundreds of new rulesets. Fix some broken ones. New translations.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 15 2012 Russell Golden <niveusl...@niveusluna.org> - 3.0.0-1
- Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory,
IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo,
Shannon Health, O'Reilly Media
https://trac.torproject.org/projects/tor/ticket/7080
https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html
- Disable broken: Springer
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html
- Updated translations: Basque, Hungarian, Traditional Chinese
* Fri Oct 12 2012 Russell Golden <niveusl...@niveusluna.org> - 3.0.0-2
- Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL
users who think updates are for sissies and/or voiding support
contracts with proprietary vendors. They can't use this if their
Firefox install is older than 3.5 anyway, so what's the harm?
* Tue Oct 9 2012 Russell Golden <niveusl...@niveusluna.org> - 3.0.0-1
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
--------------------------------------------------------------------------------
================================================================================
pencil-2.0.2-1.el6 (FEDORA-EPEL-2012-13184)
A sketching and GUI prototyping tool
--------------------------------------------------------------------------------
Update Information:
Update new release 2.0.2 from upstream for xulrunner 16.0.1 compatibility.
Initial update.
--------------------------------------------------------------------------------
================================================================================
pytest-2.2.4-4.el6 (FEDORA-EPEL-2012-13171)
Simple powerful testing with Python
--------------------------------------------------------------------------------
Update Information:
New packages:
The py lib is a Python development support library featuring the
following tools and modules:
* py.path: uniform local and svn path objects
* py.apipkg: explicit API control and lazy-importing
* py.iniconfig: easy parsing of .ini files
* py.code: dynamic code generation and introspection
* py.path: uniform local and svn path objects
py.test provides simple, yet powerful testing for Python.
--------------------------------------------------------------------------------
================================================================================
python-django-federated-login-0.3.1-1.el6 (FEDORA-EPEL-2012-13178)
Provides federated logins to django projects
--------------------------------------------------------------------------------
Update Information:
Provides federated logins to django projects
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 15 2012 Luis Bazan <lba...@fedoraproject.org> - 0.3.1-1
- New Upstream Version
--------------------------------------------------------------------------------
================================================================================
python-django-horizon-2012.1.3-1.el6 (FEDORA-EPEL-2012-13180)
Django application for talking to Openstack
--------------------------------------------------------------------------------
Update Information:
This is a bugfix update to latest Essex stable release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 15 2012 Matthias Runge <mru...@redhat.com> - 2012.1.3-1
- update to essex stable release 2012.1.3
--------------------------------------------------------------------------------
================================================================================
python-gerrit-0.0.1-2.gita7ffd76.el6 (FEDORA-EPEL-2012-13183)
Python interface to Gerrit
--------------------------------------------------------------------------------
Update Information:
First package release.
--------------------------------------------------------------------------------
================================================================================
python-py-1.4.9-8.el6 (FEDORA-EPEL-2012-13171)
Library with cross-python path, ini-parsing, io, code, log facilities
--------------------------------------------------------------------------------
Update Information:
New packages:
The py lib is a Python development support library featuring the
following tools and modules:
* py.path: uniform local and svn path objects
* py.apipkg: explicit API control and lazy-importing
* py.iniconfig: easy parsing of .ini files
* py.code: dynamic code generation and introspection
* py.path: uniform local and svn path objects
py.test provides simple, yet powerful testing for Python.
--------------------------------------------------------------------------------
================================================================================
python-zmq-2.2.0-4.el6 (FEDORA-EPEL-2012-13177)
Software library for fast, message-based applications
--------------------------------------------------------------------------------
Update Information:
Initial import of zeromq version 3.X.X and rebuild python-zmq against it
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 15 2012 Thomas Spura <toms...@fedoraproject.org> - 2.2.0-4
- move to BR zeromq3
* Fri Aug 3 2012 David Malcolm <dmalc...@redhat.com> - 2.2.0-3
- remove rhel logic from with_python3 conditional
* Sat Jul 21 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Apr 26 2012 Thomas Spura <toms...@fedoraproject.org> - 2.2.0-1
- update to 2.2.0
* Wed Mar 7 2012 Thomas Spura <toms...@fedoraproject.org> - 2.1.11-1
- update to new version
* Sat Jan 14 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.1.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #864937 - Review Request: zeromq3 - Software library for fast,
message-based applications
https://bugzilla.redhat.com/show_bug.cgi?id=864937
--------------------------------------------------------------------------------
================================================================================
ssmtp-2.61-19.el6 (FEDORA-EPEL-2012-13172)
Extremely simple MTA to get mail off the system to a Mailhub
--------------------------------------------------------------------------------
Update Information:
This version adds to sSMTP the ability to validate the TLS servers
it connects to. It also enables use of separate files for client key and
certificate files.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 14 2012 Manuel "lonely wolf" Wolfshant <wo...@fedoraproject.org> -
2.61-19
- Optional separation of TLS client key and certificate files
- Add patch enabling verification of TLS server ( #864894 )
- Correct %description and the source in order to reflect that sSMTP expands
aliases
which are read from a plain text file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #864894 - ssmtp: Does not validate server certificates when using
TLS connection
https://bugzilla.redhat.com/show_bug.cgi?id=864894
--------------------------------------------------------------------------------
================================================================================
sticky-notes-0.3.09062012.4-8.el6 (FEDORA-EPEL-2012-13181)
Sticky notes is a free and open source paste-bin application
--------------------------------------------------------------------------------
Update Information:
Fix hostname issue in rss URLs when reverse proxy is used.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 12 2012 Athmane Madjoudj <athm...@fedoraproject.org> 0.3.09062012.4-8
- Fix hostname issue in rss URLs when reverse proxy is used.
--------------------------------------------------------------------------------
================================================================================
zeromq3-3.2.0-0.3.20121009git1ef63bc.el6 (FEDORA-EPEL-2012-13177)
Software library for fast, message-based applications
--------------------------------------------------------------------------------
Update Information:
Initial import of zeromq version 3.X.X and rebuild python-zmq against it
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #864937 - Review Request: zeromq3 - Software library for fast,
message-based applications
https://bugzilla.redhat.com/show_bug.cgi?id=864937
--------------------------------------------------------------------------------
================================================================================
zziplib-0.13.62-1.el6 (FEDORA-EPEL-2012-13175)
Lightweight library to easily extract data from zip files
--------------------------------------------------------------------------------
Update Information:
This is the initial EPEL release of the package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #861927 - zziplib: Could we have an EL6 branch?
https://bugzilla.redhat.com/show_bug.cgi?id=861927
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list
