The following Fedora EPEL 6 Security updates need testing:
Age URL
240
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13636/weechat-0.3.9.2-2.el6
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13671/bogofilter-1.2.3-1.el6
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13537/claws-mail-3.9.0-1.el6,claws-mail-plugins-3.9.0-2.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13733/v8-3.13.7.5-1.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13740/pcp-3.6.10-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13787/Django14-1.4.2-3.el6
63
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13172/ssmtp-2.61-19.el6
63
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13176/icecast-2.3.3-1.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13629/openstack-keystone-2012.2.1-1.el6
17
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6
162
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
428
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13786/fail2ban-0.8.8-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13784/openstack-nova-2012.2.2-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
Django14-1.4.2-3.el6
armadillo-3.6.1-1.el6
fail2ban-0.8.8-1.el6
hylafax+-5.5.2-7.el6
openstack-nova-2012.2.2-1.el6
php-JsonSchema-1.2.2-2.el6
python-dogpile-core-0.4.0-2.el6
shinken-1.0.1-7.el6
Details about builds:
================================================================================
Django14-1.4.2-3.el6 (FEDORA-EPEL-2012-13787)
A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:
Backport fixes from https://www.djangoproject.com/weblog/2012/dec/10/security
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 17 2012 Matthias Runge <mru...@redhat.com> - 1.4.2-3
- backport Fixes for
https://www.djangoproject.com/weblog/2012/dec/10/security/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #887798 - Please backport fixes
https://bugzilla.redhat.com/show_bug.cgi?id=887798
--------------------------------------------------------------------------------
================================================================================
armadillo-3.6.1-1.el6 (FEDORA-EPEL-2012-13781)
Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:
Armadillo 3.6.1 contains some important bugfixes and updates.
Update Armadillo to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 17 2012 José Matos <jama...@fedoraproject.org> - 3.6.1-1
- Update to latest stable release
* Sat Dec 8 2012 José Matos <jama...@fedoraproject.org> - 3.6.0-1
- Update to latest stable release
* Mon Dec 3 2012 José Matos <jama...@fedoraproject.org> - 3.4.4-1
- Update to latest stable release
- Clean the spec files (documentation has a special treatment with rpm)
* Wed Jul 25 2012 José Matos <jama...@fedoraproject.org> - 3.2.4-1
- Update to version 3.2.4
* Wed Jul 18 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jan 12 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.8.8-1.el6 (FEDORA-EPEL-2012-13786)
Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.8 (CVE-2012-5642 Bug #887914)
- Fixes:
Alan Jenkins
* [8c38907] Removed 'POSSIBLE BREAK-IN ATTEMPT' from sshd filter to avoid
banning due to misconfigured DNS. Close gh-64
Yaroslav Halchenko
* [83109bc] IMPORTANT: escape the content of <matches> (if used in
custom action files) since its value could contain arbitrary
symbols. Thanks for discovery go to the NBS System security
team
* [b159eab] do not enable pyinotify backend if pyinotify < 0.8.3
* [37a2e59] store IP as a base, non-unicode str to avoid spurious messages
in the console. Close gh-91
- New features:
David Engeset
* [2d672d1,6288ec2] 'unbanip' command for the client + avoidance of touching
the log file to take 'banip' or 'unbanip' in effect. Close gh-81, gh-86
Yaroslav Halchenko
- Enhancements:
* [2d66f31] replaced uninformative "Invalid command" message with warning log
exception why command actually failed
* [958a1b0] improved failregex to "support" auth.backend = "htdigest"
* [9e7a3b7] until we make it proper module -- adjusted sys.path only if
system-wide run
* [f52ba99] downgraded "already banned" from WARN to INFO level. Closes gh-79
* [f105379] added hints into the log on some failure return codes (e.g.
0x7f00
for this gh-87)
* Various others: travis-ci integration, script to run tests
against all available Python versions, etc
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 17 2012 Orion Poplawski <or...@cora.nwra.com> - 0.8.8-1
- Update to 0.8.8 (CVE-2012-5642 Bug #887914)
* Thu Oct 11 2012 Orion Poplawski <or...@cora.nwra.com> - 0.8.7.1-1
- Update to 0.8.7.1
- Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream
- Rebase sshd and notmp patches
- Use _initddir macro
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #887914 - CVE-2012-5642 fail2ban: does not escape the content of
<matches>
https://bugzilla.redhat.com/show_bug.cgi?id=887914
--------------------------------------------------------------------------------
================================================================================
hylafax+-5.5.2-7.el6 (FEDORA-EPEL-2012-13790)
An enterprise-strength fax server
--------------------------------------------------------------------------------
Update Information:
an enterprise-strength fax server
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #188542 - Review Request: hylafax+
https://bugzilla.redhat.com/show_bug.cgi?id=188542
--------------------------------------------------------------------------------
================================================================================
openstack-nova-2012.2.2-1.el6 (FEDORA-EPEL-2012-13784)
OpenStack Compute (nova)
--------------------------------------------------------------------------------
Update Information:
- Update to folsom stable release 2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 14 2012 Pádraig Brady <pbr...@redhat.com> - 2012.2.2-1
- Update to folsom stable release 2 (fixes CVE-2012-5625)
* Thu Dec 6 2012 Nikola Đipanov <ndipa...@redhat.com> - 2012.2.1-3
- signing_dir renamed from incorrect signing_dirname in default nova.conf
* Tue Dec 4 2012 Nikola Đipanov <ndipa...@redhat.com> - 2012.2.1-2
- Fix rpc_control_exchange regression
* Fri Nov 30 2012 Nikola Đipanov <ndipa...@redhat.com> - 2012.2.1-1
- Update to folsom stable release 1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #884293 - CVE-2012-5625 OpenStack Nova: Information leak in libvirt
LVM-backed instances
https://bugzilla.redhat.com/show_bug.cgi?id=884293
--------------------------------------------------------------------------------
================================================================================
php-JsonSchema-1.2.2-2.el6 (FEDORA-EPEL-2012-13783)
PHP implementation of JSON schema
--------------------------------------------------------------------------------
Update Information:
A PHP implementation for validating JSON structures against a given schema.
See http://json-schema.org for more details.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #880882 - Review Request: php-JsonSchema - PHP implementation of
JSON schema
https://bugzilla.redhat.com/show_bug.cgi?id=880882
--------------------------------------------------------------------------------
================================================================================
python-dogpile-core-0.4.0-2.el6 (FEDORA-EPEL-2012-13788)
A 'dogpile' lock, typically used as a component of a larger caching solution
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #886221 - Review Request: python-dogpile-core - A 'dogpile' lock,
typically used as a component of a larger caching solution
https://bugzilla.redhat.com/show_bug.cgi?id=886221
--------------------------------------------------------------------------------
================================================================================
shinken-1.0.1-7.el6 (FEDORA-EPEL-2012-13789)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
fix uninstall receiver
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 14 2012 David Hannequin <david.hanneq...@gmail.com> - 1.0.1-7
- Fix uninstall receiver .
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list
