The following Fedora EPEL 6 Security updates need testing:
Age URL
709
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
56
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
51
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6
41
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0846/mediawiki119-1.19.13-1.el6
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0888/v8-3.14.5.10-7.el6
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0889/moodle-2.4.9-1.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0938/seamonkey-2.21-5.ESR_24.4.0.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0951/check-mk-1.2.4-1.el6
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0980/perl-YAML-LibYAML-0.38-4.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0996/munin-2.0.20-1.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0990/libyaml-0.1.6-1.el6
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1020/php-ZendFramework2-2.2.6-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
CutyCapt-0-0.2.20130714svn.el6
iperf3-3.0.3-1.el6
jemalloc-3.6.0-1.el6
mock-1.1.38-1.el6
monitorix-3.5.0-1.el6
php-ZendFramework2-2.2.6-1.el6
php-horde-Horde-Db-2.1.1-1.el6
php-pear-Net-IMAP-1.1.3-1.el6
rubygem-bundler-1.5.2-2.el6
x2godesktopsharing-3.1.1.1-1.el6
Details about builds:
================================================================================
CutyCapt-0-0.2.20130714svn.el6 (FEDORA-EPEL-2014-1025)
A small command-line utility to capture WebKit's rendering of a web page
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
================================================================================
iperf3-3.0.3-1.el6 (FEDORA-EPEL-2014-1029)
Measurement tool for TCP/UDP bandwidth performance
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.3 and added devel rpm support
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 30 2014 Susant Sahani <[email protected]> 3.0.3-1
- Update to 3.0.3 and added devel rpm support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1081486 - iperf3-3.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1081486
--------------------------------------------------------------------------------
================================================================================
jemalloc-3.6.0-1.el6 (FEDORA-EPEL-2014-1028)
General-purpose scalable concurrent malloc implementation
--------------------------------------------------------------------------------
Update Information:
New upstream release. This version contains a critical bug fix for a regression
present in 3.5.0 and 3.5.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 31 2014 Ingvar Hagelund <[email protected]> - 3.6.0-1
- New upstream release. This release fixes a critical regression
* Fri Mar 28 2014 Ingvar Hagelund <[email protected]> - 3.5.1-1
- New upstream release
- Updated nopprof patch to match new release
- Fixed a few bogus changelog entries
* Sat Aug 3 2013 Fedora Release Engineering <[email protected]>
- 3.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mock-1.1.38-1.el6 (FEDORA-EPEL-2014-1031)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Reverted change which broke fedora-review in 1.1.37
Fix incorrect requires for el6
bugfixes, internal cleanups, add aarch64, remove f18 configs
bugfixes and config changes
Fixed %%post scriptlet to properly set default.cfg symlink
various bugfixes
Removed f17 configs and added f20 configs
Fix incorrect requires for el6
bugfixes, internal cleanups, add aarch64, remove f18 configs
bugfixes and config changes
Fixed %%post scriptlet to properly set default.cfg symlink
various bugfixes
Removed f17 configs and added f20 configs
Fix incorrect requires for el6
bugfixes, internal cleanups, add aarch64, remove f18 configs
bugfixes and config changes
Fixed %%post scriptlet to properly set default.cfg symlink
various bugfixes
Removed f17 configs and added f20 configs
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 31 2014 Clark Williams <[email protected]> - 1.1.38-1
- revert commit 34d0b1d815e4 for quoting (breaks fedora-review)
* Thu Mar 27 2014 Clark Williams <[email protected]> - 1.1.37-2
- fix el6 requires for yum-utils
* Mon Mar 24 2014 Clark Williams <[email protected]> - 1.1.37-1
- fix thinko in test script for running configs
- plugins: turn off package_state plugin by default
- fix automake to use 'xz' compression
- additional commits needed by scm commit
- elevate privs when accessing the chroot rpmdb [BZ# 1051474]
- quote --shell args like a shell [BZ# 966144]
- from Tuomo Soini <[email protected]>
- Fix for race in directory creation [BZ# 1052045]
- from Peter Jönsson <[email protected]>
- Add support for creating tarballs with scm data still inside
- from Tomas Kopecek <[email protected]>
- internal_dev_setup option used consistently
- from Dennis Gilmore <[email protected]>
- add rawhide aarch64 config
- remove sparc rawhide configs, she be dead
- from Ville Skyttä <[email protected]>
- Use $(mocketcdir) in install-data-hook instead of duplicating its value
- Use xz tarball to save a bit of space
- Clean up unused imports
- Install bash completion to proper dir with bash-completion 2
- Remove Fedora 18 configs
- Use install @foo instead of groupinstall foo in chroot_setup_cmd
- from Rodrigo Dias Cruz <[email protected]>
- fix scm problem with specfiles using rpm macros [BZ# 1056271]
- from Tomas Kopecek <[email protected]>
- avoid undefined variable error in try/finally block [BZ# 1063275]
* Wed Feb 5 2014 Clark Williams <[email protected]> - 1.1.36-1
- configs: first cut at epel-7 configs for x86_64 and ppc64
- Add 'extra_chroot_dirs' config option
- use repoquery --installroot to avoid yum cache corruption [BZ# 1029352 and
985681]
- mockchain: avoid special characters in repoid [BZ# 1034805]
- from Jon Disnard <[email protected]>:
- implement autoreconf call in build phase of mock rpm [BZ# 926154]
- fix --copyout by temporary drop and restore of privs [BZ# 1002142]
- from Dennis Gilmore <[email protected]>:
- rawhide and f19/f18 is hardware floating point only for arm, drop the
unneeded configs
- from Yann Droneaud <[email protected]>:
- pass root environment to repoquery calls for proxy config [BZ# 974499]
- from Miroslav Suchý <[email protected]>:
- add releasever config option to configs [BZ# 1056039]
* Tue Nov 5 2013 Clark Williams <[email protected]> - 1.1.35-1
- modified %post logic to set default config correctly
* Tue Oct 29 2013 Clark Williams <[email protected]> - 1.1.34-1
- fixed specfile to include mass rebuild changelog entry
- package_state: drop privs when writing available_packages data [BZ# 916685]
- unconditionally update default.cfg on install [BZ# 858822]
- attempt to make mock more EL5 friendly [BZ# 949616]
- do not ignore missing dependencies [BZ# 955478]
- set the group defined in chrootgid [BZ# 953519]
- add the --nocheck option to mock [BZ# 1015790]
- raise privs before deleting rpm db files in chroot [BZ# 973617]
- clean up orphan processes even if chroot not cleaned [BZ# 972868]
- do not remove the chroot builddir if not cleaning the chroot [BZ# 483486]
- use root object environment in package_state plugin [BZ# 921221]
- Pass values of --plugin-option through literal_eval [BZ# 1018359]
- add default mode to mount in tmpfs plugin [BZ# 598257]
- exit mockbuild.util.logOutput() when child process dies [BZ# 885405]
* Wed Aug 21 2013 Clark Williams <[email protected]> - 1.1.33-1
- removed f17 configs
- added f20 configs
- fixed mockchain to use mock config default setup [BZ# 962573]
- remove bogus lockfile dir in _setupDirs() [BZ# 894305]
* Sat Aug 3 2013 Fedora Release Engineering <[email protected]>
- 1.1.32-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1051474 - mock rpm db created in mode 600
https://bugzilla.redhat.com/show_bug.cgi?id=1051474
[ 2 ] Bug #966144 - mock: --shell argument not properly quoted internally
https://bugzilla.redhat.com/show_bug.cgi?id=966144
[ 3 ] Bug #1052045 - race condition in util.py when creating directories
https://bugzilla.redhat.com/show_bug.cgi?id=1052045
[ 4 ] Bug #1056271 - Spec files that depend on macros cannot be built from SCM
https://bugzilla.redhat.com/show_bug.cgi?id=1056271
[ 5 ] Bug #1063275 - Undeclared variable causing traceback
https://bugzilla.redhat.com/show_bug.cgi?id=1063275
[ 6 ] Bug #1029352 - windows 2008 R2 guest BSOD with '-no-kvm'
https://bugzilla.redhat.com/show_bug.cgi?id=1029352
[ 7 ] Bug #985681 - repoquery writes /var/run/yum.pid, only one can run at a
time
https://bugzilla.redhat.com/show_bug.cgi?id=985681
[ 8 ] Bug #1034805 - [PATCH] Do not pass $ to repo id in mockchain
https://bugzilla.redhat.com/show_bug.cgi?id=1034805
[ 9 ] Bug #926154 - mock: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=926154
[ 10 ] Bug #1002142 - mock --copyout breaks cleanup of the selinux plug-in
https://bugzilla.redhat.com/show_bug.cgi?id=1002142
[ 11 ] Bug #974499 - can't init mock behind a proxy
https://bugzilla.redhat.com/show_bug.cgi?id=974499
[ 12 ] Bug #1056039 - [PATCH] $releasever in Repos field is not expanded
https://bugzilla.redhat.com/show_bug.cgi?id=1056039
[ 13 ] Bug #916685 - mock ... foo.src.rpm fails if foo.src.rpm is on nfs
filesytem
https://bugzilla.redhat.com/show_bug.cgi?id=916685
[ 14 ] Bug #858822 - Mock's default configuration is not updated, becomes
outdated over time
https://bugzilla.redhat.com/show_bug.cgi?id=858822
[ 15 ] Bug #949616 - Suggested patches to mock 1.1.30 to build and work on EL5
https://bugzilla.redhat.com/show_bug.cgi?id=949616
[ 16 ] Bug #955478 - Unresolved dependencies silently ignored
https://bugzilla.redhat.com/show_bug.cgi?id=955478
[ 17 ] Bug #953519 - After changing config_opts['chrootgid'], the process
still runs with mock group privileges
https://bugzilla.redhat.com/show_bug.cgi?id=953519
[ 18 ] Bug #1015790 - Add --nocheck to mock
https://bugzilla.redhat.com/show_bug.cgi?id=1015790
[ 19 ] Bug #973617 - [abrt] mock-1.1.32-1.fc19:
backend.py:540:_nuke_rpm_db:OSError: [Errno 13] Permission denied:
'/var/lib/mock/fedora-rawhide-x86_64/root/var/lib/rpm/__db.001'
https://bugzilla.redhat.com/show_bug.cgi?id=973617
[ 20 ] Bug #972868 - [abrt] mock-1.1.32-1.fc18: shutil.py:252:rmtree:OSError:
[Errno 16] Device or resource busy: '/var/lib/mock/epel-6-x86_64/root/dev/shm'
https://bugzilla.redhat.com/show_bug.cgi?id=972868
[ 21 ] Bug #483486 - Can't build 'nosrc' srpms using mock (--no-clean does
not work)
https://bugzilla.redhat.com/show_bug.cgi?id=483486
[ 22 ] Bug #921221 - Activation of package_state in 1.1.29 breaks setups with
http proxy servers
https://bugzilla.redhat.com/show_bug.cgi?id=921221
[ 23 ] Bug #1018359 - [PATCH] Pass values of --plugin-option through
literal_eval
https://bugzilla.redhat.com/show_bug.cgi?id=1018359
[ 24 ] Bug #885405 - mock hangs when rpm %check fails (reproducer)
https://bugzilla.redhat.com/show_bug.cgi?id=885405
[ 25 ] Bug #962573 - mockchain fails on complicated config files
https://bugzilla.redhat.com/show_bug.cgi?id=962573
[ 26 ] Bug #894305 - directory /var/lock/rpm unowned
https://bugzilla.redhat.com/show_bug.cgi?id=894305
[ 27 ] Bug #1063283 - internal_dev_setup option is not used in all places
https://bugzilla.redhat.com/show_bug.cgi?id=1063283
--------------------------------------------------------------------------------
================================================================================
monitorix-3.5.0-1.el6 (FEDORA-EPEL-2014-1032)
A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:
This new version introduces a lot of changes, lots of new features and of
course, lots of bugs have been fixed.
There are two new graphs; one to monitor an unlimited number of APC UPS devices
(using the apcupsd daemon), and the other to monitor the details of the current
network connections (IPv4 and IPv6) including protocol-specific statistics
using the netstat command.
The rest of changes and bugs fixed are, as always, reflected in the Changes
file.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 31 2014 Jordi Sanfeliu <[email protected]> - 3.5.0-1
- Updated to 3.5.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1080845 - monitorix-3.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1080845
--------------------------------------------------------------------------------
================================================================================
php-ZendFramework2-2.2.6-1.el6 (FEDORA-EPEL-2014-1020)
Zend Framework 2
--------------------------------------------------------------------------------
Update Information:
Upstream release notes:
https://github.com/zendframework/zf2/releases/tag/release-2.2.6
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 1 2014 Remi Collet <[email protected]> 2.2.6-1
- Updated to 2.2.6 for CVE-2014-2681 CVE-2014-2682
CVE-2014-2683 CVE-2014-2684 CVE-2014-2685
- new package ZendXml
- fix for unversioned doc directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1081287 - CVE-2014-2681 CVE-2014-2682 CVE-2014-2683
php-ZendFramework: XML eXternal Entity (XXE) and XML Entity Expansion (XEE)
flaws fixed in 1.12.4, 2.1.6, and 2.2.6 (ZF2014-01)
https://bugzilla.redhat.com/show_bug.cgi?id=1081287
[ 2 ] Bug #1081288 - CVE-2014-2684 CVE-2014-2685 php-ZendFramework: OpenID
identity provider could be used to spoof other identity providers (ZF2014-02)
https://bugzilla.redhat.com/show_bug.cgi?id=1081288
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.1.1-1.el6 (FEDORA-EPEL-2014-1026)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Db 2.1.1:
* [mms] Fix regression preventing caching of any internal DB information.
* [mms] SECURITY: Dont leak PDO DSN authentication/connection information in
exception messages.
* [jan] Fix columnCount() result of PDO result objects.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 1 2014 Remi Collet <[email protected]> - 2.1.1-1
- Update to 2.1.1
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-IMAP-1.1.3-1.el6 (FEDORA-EPEL-2014-1022)
Provides an implementation of the IMAP protocol
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
QA release
* Bug #17482 Please, consider updating license to PHP 3.01 (doconnor)
* Bug #19730 Malformed or incomplete distributed tar.gz file (doconnor)
* Bug #19875 Please provide LICENSE file (doconnor)
* Bug #19876 Bad role (doconnor)
* Bug #19946 Login fails when using password with double quotes (doconnor)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 1 2014 Remi Collet <[email protected]> - 1.1.3-1
- Update to 1.1.3
--------------------------------------------------------------------------------
================================================================================
rubygem-bundler-1.5.2-2.el6 (FEDORA-EPEL-2014-1024)
Library and utilities to manage a Ruby application's gem dependencies
--------------------------------------------------------------------------------
Update Information:
Update to bundler 1.5.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078539 - Update Request: update rubygem-bundler to latest
upstream release (1.5.3)
https://bugzilla.redhat.com/show_bug.cgi?id=1078539
--------------------------------------------------------------------------------
================================================================================
x2godesktopsharing-3.1.1.1-1.el6 (FEDORA-EPEL-2014-1027)
Share X11 desktops with other users via X2Go
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.1.1 (fixes bug #1065575):
- Update man pages (Fixes: #281).
- Use x2gopath in scripts rather than deprecated x2gobasepath. (Fixes: #427).
- Different Linux distros have pidof installed in different locations. If pidof
is not available, we brutally kill all instances of x2godesktopsharing when a
session suspends. (Fixes: #426).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 31 2014 Orion Poplawski <[email protected]> - 3.1.1.1-1
- Update to 3.1.1.1 (fixes bug #1065575)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065575 - Wrong path in x2godesktopsharing scripts on x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1065575
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
