The following Fedora EPEL 6 Security updates need testing:
Age URL
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13529/moodle-2.1.9-1.el6
225
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13636/weechat-0.3.9.2-2.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6
52
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13155/cobbler-2.4.0-beta2.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13552/seamonkey-2.14-1.el6
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13525/pcp-3.6.10-1.el6
49
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6
49
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13635/totpcgi-0.5.4-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13629/openstack-keystone-2012.2.1-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13642/php-symfony2-HttpFoundation-2.1.4-1.el6
148
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13478/mod_security-2.7.1-3.el6,mod_security_crs-2.2.6-3.el6
413
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13575/php-symfony-symfony-1.4.20-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
geome-1.4-2.el6
openstack-keystone-2012.2.1-1.el6
pam_url-0.3.1-1.el6
pencil-2.0.3-1.el6
php-Pimple-1.0.0-2.el6
php-symfony2-Console-2.1.4-1.el6
php-symfony2-DependencyInjection-2.1.4-1.el6
php-symfony2-Filesystem-2.1.4-1.el6
php-symfony2-Form-2.1.4-1.el6
php-symfony2-HttpFoundation-2.1.4-1.el6
php-symfony2-HttpKernel-2.1.4-1.el6
php-symfony2-Locale-2.1.4-1.el6
php-symfony2-Process-2.1.4-1.el6
php-symfony2-Routing-2.1.4-1.el6
php-symfony2-Security-2.1.4-1.el6
php-symfony2-Translation-2.1.4-1.el6
php-symfony2-Validator-2.1.4-1.el6
python-django-horizon-2012.2.1-1.el6
rubygem-rspec-expectations-2.6.0-1.el6
rubygem-rspec-mocks-2.6.0-1.el6
totpcgi-0.5.4-1.el6
vile-9.8i-1.el6
weechat-0.3.9.2-2.el6
Details about builds:
================================================================================
geome-1.4-2.el6 (FEDORA-EPEL-2012-13634)
Obtain your geo-location data from Google using NetworkManager
--------------------------------------------------------------------------------
Update Information:
Fix dependancy for python-geome
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 3 2012 Paul Wouters <pwout...@redhat.com> - 1.4-2
- Properly split library and command tool in subpackage
(rhbz#656454)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656454 - log levels don't seem to match ISC levels
https://bugzilla.redhat.com/show_bug.cgi?id=656454
--------------------------------------------------------------------------------
================================================================================
openstack-keystone-2012.2.1-1.el6 (FEDORA-EPEL-2012-13629)
OpenStack Identity Service
--------------------------------------------------------------------------------
Update Information:
update to stable folsom release 2012.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 28 2012 Alan Pevec <ape...@redhat.com> 2012.2.1-1
- updated to stable folsom release 2012.2.1 CVE-2012-5563 CVE-2012-5571
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #879402 - CVE-2012-5563 OpenStack: Extension of token validity
through token chaining
https://bugzilla.redhat.com/show_bug.cgi?id=879402
[ 2 ] Bug #880399 - CVE-2012-5571 OpenStack: Keystone EC2-style credentials
invalidation issue
https://bugzilla.redhat.com/show_bug.cgi?id=880399
--------------------------------------------------------------------------------
================================================================================
pam_url-0.3.1-1.el6 (FEDORA-EPEL-2012-13631)
PAM module to authenticate with HTTP servers
--------------------------------------------------------------------------------
Update Information:
Initial release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #880842 - Review Request: pam_url - PAM module to authenticate with
HTTP servers
https://bugzilla.redhat.com/show_bug.cgi?id=880842
--------------------------------------------------------------------------------
================================================================================
pencil-2.0.3-1.el6 (FEDORA-EPEL-2012-13641)
A sketching and GUI prototyping tool
--------------------------------------------------------------------------------
Update Information:
Update new release 2.0.3 from upstream for xulrunner 17 compatibility.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 3 2012 Truong Anh Tuan <tua...@iwayvietnam.com> - 2.0.3-1
- Update new release 2.0.3 from upstream for xulrunner 17 compatibility.
--------------------------------------------------------------------------------
================================================================================
php-Pimple-1.0.0-2.el6 (FEDORA-EPEL-2012-13640)
A simple Dependency Injection Container for PHP
--------------------------------------------------------------------------------
Update Information:
Pimple is a small Dependency Injection Container for PHP that consists of
just one file and one class.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #882418 - Review Request: php-Pimple - A simple Dependency
Injection Container for PHP 5.3
https://bugzilla.redhat.com/show_bug.cgi?id=882418
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Console-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Console Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-DependencyInjection-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 DependencyInjection Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Filesystem-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Filesystem Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Form-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Form Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-HttpFoundation-2.1.4-1.el6 (FEDORA-EPEL-2012-13642)
Symfony2 HttpFoundation Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-HttpKernel-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 HttpKernel Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
- Added php-mbstring require
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Locale-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Locale Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Process-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Process Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Routing-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Routing Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Security-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Security Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Translation-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Translation Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Validator-2.1.4-1.el6 (FEDORA-EPEL-2012-13643)
Symfony2 Validator Component
--------------------------------------------------------------------------------
Update Information:
Updated to version 2.1.4
Changelog: https://github.com/symfony/symfony/blob/v2.1.4/CHANGELOG-2.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 30 2012 Shawn Iwinski <shawn.iwin...@gmail.com> 2.1.4-1
- Updated to upstream version 2.1.4
--------------------------------------------------------------------------------
================================================================================
python-django-horizon-2012.2.1-1.el6 (FEDORA-EPEL-2012-13628)
Django application for talking to Openstack
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 3 2012 Matthias Runge <mru...@redhat.com> - 2012.2.1-1
- update to latest stable release 2012.2.1
--------------------------------------------------------------------------------
================================================================================
rubygem-rspec-expectations-2.6.0-1.el6 (FEDORA-EPEL-2012-13639)
Rspec-2 expectations (should and matchers)
--------------------------------------------------------------------------------
Update Information:
New package brought in from epel 6
--------------------------------------------------------------------------------
================================================================================
rubygem-rspec-mocks-2.6.0-1.el6 (FEDORA-EPEL-2012-13633)
Rspec-2 doubles (mocks and stubs)
--------------------------------------------------------------------------------
Update Information:
Pull in the latest fedora 16 package for epel
--------------------------------------------------------------------------------
================================================================================
totpcgi-0.5.4-1.el6 (FEDORA-EPEL-2012-13635)
A centralized totp solution based on google-authenticator
--------------------------------------------------------------------------------
Update Information:
Make sure totpcgi-provisioning is setting no-cache headers.
Initial release of totpcgi in Fedora.
Initial release of totpcgi in Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #880863 - Review Request: totpcgi - A centralized totp solution
based on google-authenticator
https://bugzilla.redhat.com/show_bug.cgi?id=880863
--------------------------------------------------------------------------------
================================================================================
vile-9.8i-1.el6 (FEDORA-EPEL-2012-13638)
VI Like Emacs
--------------------------------------------------------------------------------
Update Information:
upgrade to 9.8i
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 2 2012 Mark McKinstry <mmcki...@nexcess.net> - 9.8i-1
- upgrade to 9.8i
- use better icons
--------------------------------------------------------------------------------
================================================================================
weechat-0.3.9.2-2.el6 (FEDORA-EPEL-2012-13636)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
New upstream version
Fix arbitrary code execution due to call of shell when executing command within
hook_process
Fix the security bug in the linked Bugzilla.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 2 2012 Paul Komkoff <i...@stingr.net> - 0.3.9.2-2
- add zlib-devel dependency for epel6/ppc build
* Sat Dec 1 2012 Paul P. Komkoff Jr <i...@stingr.net> - 0.3.9.2-1
- new upstream, long overdue
* Mon Nov 19 2012 Paul P. Komkoff Jr <i...@stingr.net> - 0.3.8-4
- fix bz#878025
* Fri Nov 9 2012 Paul P. Komkoff Jr <i...@stingr.net> - 0.3.8-3
- fix bz#875181
* Sun Jul 22 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 0.3.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #878025 - CVE-2012-5534 weechat (scripts / plug-ins): Arbitrary
code execution due to call of shell when executing command within hook_process
https://bugzilla.redhat.com/show_bug.cgi?id=878025
[ 2 ] Bug #875181 - CVE-2012-5854 weechat: Heap-based buffer overflow when
decoding IRC colors
https://bugzilla.redhat.com/show_bug.cgi?id=875181
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list
