The following Fedora EPEL 6 Security updates need testing:
Age URL
681
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
111
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-1.el6
28
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
23
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0536/drupal6-ctools-1.11-1.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0538/drupal7-ctools-1.4-1.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0535/drupal6-image_resize_filter-1.14-1.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0567/drupal6-filefield-3.12-1.el6
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0644/easy-rsa-2.2.2-1.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0653/perl-CGI-Application-4.50-4.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0700/v8-3.14.5.10-6.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0695/mod_auth_shadow-2.3-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0730/php-sabre-dav-1.8.9-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
ReviewBoard-1.7.22-1.el6
nf3d-0.8-2.el6
nodejs-asap-1.0.0-1.el6
opari2-1.1.2-3.el6
Details about builds:
================================================================================
ReviewBoard-1.7.22-1.el6 (FEDORA-EPEL-2014-0739)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
- New upstream security release 1.7.22
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.22/
- Security Fixes:
* An XSS vulnerability was found in the Search field's auto-complete.
- New Features:
* Added support for anonymous access to public Local Sites.
* Added support for parallel-installed versions of Django.
- API Changes:
* The documentation for Review Group Resource no longer says that review
groups cannot be created through the API.
- Bug Fixes:
* Install/Upgrade:
* Fixed compatibility with Apache 2.4's method for authorization in newly
generated config files.
* Fixed an issue on some configurations where loading in initial schema
data for the database would fail
* rb-site upgrade --all-sites no longer throws an error if there are no
valid sites configured.
* Administration:
* Administrators now have access to all repositories, instead of just
public ones or ones they're a member of.
* Repositories backed by paths that no longer exist can now be hidden.
* Fixed creating groups and repositories that had conflicting "unique"
fields.
* Password fields no longer appear blank when they have a value in forms.
* Setting https in the server URL now properly marks the server as using
HTTPS. All URLs generated for the API and e-mails will include https instead of
http.
* Fixed incorrect labelling for the review request status graph in the
Admin dashboard.
* LDAP:
* Usernames, passwords, and other information are properly encoded to UTF-8
before authenticating.
* Users without e-mail addresses in LDAP no longer break when first
authenticating.
* Dashboard:
* Fixed support for accessing watched groups through the Dashboard.
* Repositories:
* Copied files in Git diffs no longer results in File Not Found errors, and
properly handles showing the state much like moved files.
* Added better compatibility with Mercurial repository when accessing
hg-history URLs, when the server name didn't contain a trailing slash.
* Added better CVS compatibility for repositories that don’t contain
CVSROOT/modules.
* Fixed issues with Clear Case in multi-site mode when OIDs weren't yet
available on the server.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.22-1
- New upstream security release 1.7.22
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.22/
- Security Fixes:
* An XSS vulnerability was found in the Search field's auto-complete.
- New Features:
* Added support for anonymous access to public Local Sites.
* Added support for parallel-installed versions of Django.
- API Changes:
* The documentation for Review Group Resource no longer says that review
groups cannot be created through the API.
- Bug Fixes:
* Install/Upgrade:
* Fixed compatibility with Apache 2.4's method for authorization in newly
generated config files.
* Fixed an issue on some configurations where loading in initial schema
data for the database would fail
* rb-site upgrade --all-sites no longer throws an error if there are no
valid sites configured.
* Administration:
* Administrators now have access to all repositories, instead of just
public ones or ones they're a member of.
* Repositories backed by paths that no longer exist can now be hidden.
* Fixed creating groups and repositories that had conflicting "unique"
fields.
* Password fields no longer appear blank when they have a value in forms.
* Setting https in the server URL now properly marks the server as using
HTTPS. All URLs generated for the API and e-mails will include https
instead of http.
* Fixed incorrect labelling for the review request status graph in the
Admin dashboard.
* LDAP:
* Usernames, passwords, and other information are properly encoded to UTF-8
before authenticating.
* Users without e-mail addresses in LDAP no longer break when first
authenticating.
* Dashboard:
* Fixed support for accessing watched groups through the Dashboard.
* Repositories:
* Copied files in Git diffs no longer results in File Not Found errors, and
properly handles showing the state much like moved files.
* Added better compatibility with Mercurial repository when accessing
hg-history URLs, when the server name didn't contain a trailing slash.
* Added better CVS compatibility for repositories that don’t contain
CVSROOT/modules.
* Fixed issues with Clear Case in multi-site mode when OIDs weren’t yet
available on the server.
* Fri Feb 21 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.21-5
- Require patched version of Djblets to handle requires.txt
* Fri Feb 21 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.21-4
- Fix mimeparse requirement
* Fri Feb 21 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.21-3
- Support parallel-installable python-django14 package
* Mon Jan 27 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.21-2
- Fix apache configuration to support new authorization directive
--------------------------------------------------------------------------------
================================================================================
nf3d-0.8-2.el6 (FEDORA-EPEL-2014-0740)
3D Netfilter visualization utility
--------------------------------------------------------------------------------
Update Information:
Add missing Requires:
Requires: PyGreSQL
Requires: python-configobj
Requires: python-visual
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Christopher Meng <r...@cicku.me> - 0.8-2
- Add missing dependencies.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071552 - [abrt] nf3d: nf3d:23:<module>:ImportError: No module
named pg
https://bugzilla.redhat.com/show_bug.cgi?id=1071552
--------------------------------------------------------------------------------
================================================================================
nodejs-asap-1.0.0-1.el6 (FEDORA-EPEL-2014-0738)
High-priority task queue for Node.js and browser
--------------------------------------------------------------------------------
Update Information:
initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1071670 - Review Request: nodejs-asap - High-priority task queue
for Node.js and browser
https://bugzilla.redhat.com/show_bug.cgi?id=1071670
--------------------------------------------------------------------------------
================================================================================
opari2-1.1.2-3.el6 (FEDORA-EPEL-2014-0737)
An OpenMP runtime performance measurement instrumenter
--------------------------------------------------------------------------------
Update Information:
OPARI2 is a source-to-source instrumentation tool for OpenMP and hybrid codes.
It surrounds OpenMP directives and runtime library calls with calls to the
POMP2 measurement interface.
OPARI2 will provide you with a new initialization method that allows for
multi-directory and parallel builds as well as the usage of pre-instrumented
libraries. Furthermore, an efficient way of tracking parent-child relationships
was added. Additionally, we extended OPARI2 to support instrumentation of
OpenMP 3.0 tied tasks.
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
