The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 754  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 101  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
  86  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
  45  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
  13  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1304/rxvt-unicode-9.20-1.el6
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1319/python-fmn-web-0.2.4-3.el6
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1312/python-fedora-0.3.34-1.el6
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1379/seamonkey-2.21-6.ESR_24.5.0.el6
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1388/botan-1.8.14-2.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1414/gajim-0.14.4-4.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    ceph-0.80.1-2.el6
    docker-io-0.11.1-4.el6
    dpm-dsi-1.9.3-2.el6
    fts-mysql-3.2.25-1.el6
    gajim-0.14.4-4.el6
    golang-1.2.2-2.el6
    nagios-plugins-bonding-1.4-1.el6
    packagedb-cli-2.2-1.el6
    pcp-3.9.4-1.el6
    piglit-1-0.15.20140414GIT8775223.el6
    python-anyjson-0.3.3-1.el6
    python-behave-1.2.3-13.el6
    python-humanize-0.5-4.el6
    python-junitxml-0.7-1.el6
    rubygem-mizuho-0.9.20-3.el6
    stompclt-1.2-1.el6
    xl2tpd-1.3.6-1.el6

Details about builds:


================================================================================
 ceph-0.80.1-2.el6 (FEDORA-EPEL-2014-1432)
 User space components of the Ceph file system
--------------------------------------------------------------------------------
Update Information:

build epel-6
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 14 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 0.80.1-2
- build epel-6
- exclude %{_libdir}/ceph/erasure-code in base package
* Tue May 13 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 0.80.1-1
- Update to latest stable upstream release, BZ 1095201
- PIE, _hardened_build, BZ 955174
* Thu Feb  6 2014 Ken Dreyer <ken.dre...@inktank.com> - 0.72.2-2
- Move plugins from -devel into -libs package (#891993). Thanks Michael
  Schwendt.
* Mon Jan  6 2014 Ken Dreyer <ken.dre...@inktank.com> 0.72.2-1
- Update to latest stable upstream release
- Use HTTPS for URLs
- Submit Automake 1.12 patch upstream
- Move unversioned shared libs from ceph-libs into ceph-devel
* Wed Dec 18 2013 Marcin Juszkiewicz <mjuszkiew...@redhat.com> 0.67.3-4
- build without tcmalloc on aarch64 (no gperftools)
* Sat Nov 30 2013 Peter Robinson <pbrobin...@fedoraproject.org> 0.67.3-3
- gperftools not currently available on aarch64
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1095201 - ceph-0.80.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1095201
  [ 2 ] Bug #955174 - ceph package should be built with PIE flags
        https://bugzilla.redhat.com/show_bug.cgi?id=955174
--------------------------------------------------------------------------------


================================================================================
 docker-io-0.11.1-4.el6 (FEDORA-EPEL-2014-1419)
 Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:

el6 capabilities fix from Vincent Batts <vba...@redhat.com>
regenerate btrfs removal patch
BZ 1080799 - upstream version bump
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 14 2014 Lokesh Mandvekar <l...@redhat.com> - 0.11.1-4
- el6 capabilities fix from Vincent Batts <vba...@redhat.com>
 
https://github.com/vbatts/docker/commit/a8b720e191e149cb9abf4230c0c5fd410282400d
* Tue May 13 2014 Stephen Price <ste...@gmail.com> - 0.11.1-3
- add selinux to sysconfig
* Tue May 13 2014 Stephen Price <ste...@gmail.com> - 0.11.1-2
- add lxc patch back
- use md2man-all.sh to generate man pages
- add selinux
* Mon May 12 2014 Stephen Price <ste...@gmail.com> - 0.11.1-1
- Upstream version bump
- Update changed paths
- Remove lxc patch
* Fri May  9 2014 Lokesh Mandvekar <l...@redhat.com> - 0.10.0-3
- remove fedora/rhel conditionals (not built)
* Mon Apr 14 2014 Lokesh Mandvekar <l...@redhat.com> - 0.10.0-2
- regenerate btrfs removal patch
- update commit value
* Mon Apr 14 2014 Lokesh Mandvekar <l...@redhat.com> - 0.10.0-1
- include manpages from contrib
* Wed Apr  9 2014 Bobby Powers <bobbypow...@gmail.com> - 0.10.0-1
- Upstream version bump
* Thu Mar 27 2014 Lokesh Mandvekar <l...@redhat.com> - 0.9.1-1
- BZ 1080799 - upstream version bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1096868 - Docker 0.11 released
        https://bugzilla.redhat.com/show_bug.cgi?id=1096868
  [ 2 ] Bug #1087223 - docker-io-0.10.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1087223
  [ 3 ] Bug #1086430 - Update to latest version 0.10.0
        https://bugzilla.redhat.com/show_bug.cgi?id=1086430
  [ 4 ] Bug #1080799 - docker-io-0.9.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1080799
--------------------------------------------------------------------------------


================================================================================
 dpm-dsi-1.9.3-2.el6 (FEDORA-EPEL-2014-1425)
 Disk Pool Manager (DPM) plugin for the Globus GridFTP server
--------------------------------------------------------------------------------
Update Information:

Patch for proper EOF handling
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2014 Alejandro Alvarez <aalva...@cern.ch> - 1.9.3-2
- Patch for proper EOF handling
--------------------------------------------------------------------------------


================================================================================
 fts-mysql-3.2.25-1.el6 (FEDORA-EPEL-2014-1428)
 File Transfer Service V3 mysql plug-in
--------------------------------------------------------------------------------
Update Information:

Update for new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 12 2014 Michal Simon <michal.si...@cern.ch> - 3.2.25-1
- Update for new upstream release
--------------------------------------------------------------------------------


================================================================================
 gajim-0.14.4-4.el6 (FEDORA-EPEL-2014-1414)
 Jabber client written in PyGTK
--------------------------------------------------------------------------------
Update Information:

patch for CVE-2012-5524

Gajim performed verification of invalid (broken / expired) x.509v3 SSL 
certificates (True as return value was returned always regardless if error 
during certificate validation occurred or not). A rogue XMPP server could use 
this flaw to conduct man-in-the-middle attack (MiTM) and trick Gajim client to 
accept the certificate even when it was invalid / should not be accepted.

This release fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 29 2014 Matěj Cepl <mc...@redhat.com> - 0.14.4-4
- CVE-2012-5524
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #875809 - CVE-2012-5524 gajim: Improper handling of invalid 
certificates
        https://bugzilla.redhat.com/show_bug.cgi?id=875809
--------------------------------------------------------------------------------


================================================================================
 golang-1.2.2-2.el6 (FEDORA-EPEL-2014-1416)
 The Go Programming Language
--------------------------------------------------------------------------------
Update Information:

Version bump to go1.2.2. Provide packages to allow cross compile of go source 
code. Provide an rpm macros file.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  9 2014 Vincent Batts <vba...@redhat.com> 1.2.2-2
- more arch file shuffling
* Fri May  9 2014 Vincent Batts <vba...@redhat.com> 1.2.2-1
- update to go1.2.2
* Thu May  8 2014 Vincent Batts <vba...@redhat.com> 1.2.1-8
- RHEL6 rpm macros can't %exlude missing files
* Wed May  7 2014 Vincent Batts <vba...@redhat.com> 1.2.1-7
- missed two arch-dependent src files
* Wed May  7 2014 Vincent Batts <vba...@redhat.com> 1.2.1-6
- put generated arch-dependent src in their respective RPMs
* Fri Apr 11 2014 Vincent Batts <vba...@redhat.com> 1.2.1-5
- skip test that is causing a SIGABRT on fc21 bz1086900
* Thu Apr 10 2014 Vincent Batts <vba...@fedoraproject.org> 1.2.1-4
- fixing file and directory ownership bz1010713
* Wed Apr  9 2014 Vincent Batts <vba...@fedoraproject.org> 1.2.1-3
- including more to macros (%go_arches)
- set a standard goroot as /usr/lib/golang, regardless of arch
- include sub-packages for compiler toolchains, for all golang supported 
architectures
* Wed Mar 26 2014 Vincent Batts <vba...@fedoraproject.org> 1.2.1-2
- provide a system rpm macros. Starting with /usr/share/gocode
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1095622 - golang-1.2.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1095622
  [ 2 ] Bug #1096218 - RFE: provide compiler bootstrapping for all go-compiler 
supported architectures
        https://bugzilla.redhat.com/show_bug.cgi?id=1096218
  [ 3 ] Bug #1010713 - create and own %{_datadir}/gocode and 
%{_datadir}/gocode/src
        https://bugzilla.redhat.com/show_bug.cgi?id=1010713
  [ 4 ] Bug #1057340 - rpm macros for golang
        https://bugzilla.redhat.com/show_bug.cgi?id=1057340
--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-bonding-1.4-1.el6 (FEDORA-EPEL-2014-1427)
 Nagios plugin to monitor Linux bonding interfaces
--------------------------------------------------------------------------------
Update Information:

Upstream release 1.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #887821 - Review Request: nagios-plugins-bonding - Nagios plugin to 
monitor Linux bonding interfaces
        https://bugzilla.redhat.com/show_bug.cgi?id=887821
--------------------------------------------------------------------------------


================================================================================
 packagedb-cli-2.2-1.el6 (FEDORA-EPEL-2014-1418)
 A CLI for pkgdb
--------------------------------------------------------------------------------
Update Information:

Update to 2.2

* Replaces `devel` by `master`
* Fix layout for groups
* Rely on /api/critpath for the get_critpath_packages method
* Log URLs before calling them rather than after

Update to 2.1, for the pkgdb2 upgrade
Update to 2.1, for the pkgdb2 upgrade
Update to 2.1, for the pkgdb2 upgrade
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2014 Pierre-Yves Chibon <pin...@pingoured.fr> - 2.2-1
- Update to 2.2
- Replaces `devel` by `master`
- Fix layout for groups
- Rely on /api/critpath for the get_critpath_packages method
- Log URLs before calling them rather than after
* Thu May 15 2014 Pierre-Yves Chibon <pin...@pingoured.fr> - 2.1-1
- Update to 2.1
- Adds supports to pkgdb2client for the critpath filtering or querying
* Wed May 14 2014 Pierre-Yves Chibon <pin...@pingoured.fr> - 2.0-1
- Update to 2.0 for pkgdb2
- Adjust spec to rely on the newly included setup.py
- Add BR on python-setuptools (and explicitely on python-requests)
- Adjust the BR now that we use setup.py, all R are also BR
--------------------------------------------------------------------------------


================================================================================
 pcp-3.9.4-1.el6 (FEDORA-EPEL-2014-1423)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:

Update to latest PCP sources
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2014 Nathan Scott <nath...@redhat.com> - 3.9.4-1
- Merged pcp-gui and pcp-doc packages into core PCP.
- Allow for conditional libmicrohttpd builds in spec file.
- Adopt slow-start capability in systemd PMDA (BZ 1073658)
- Resolve pmcollectl network/disk mis-reporting (BZ 1097095)
- Update to latest PCP sources.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1073658 - intermittent pmdasystemd failure at pmcd startup during 
system boot
        https://bugzilla.redhat.com/show_bug.cgi?id=1073658
--------------------------------------------------------------------------------


================================================================================
 piglit-1-0.15.20140414GIT8775223.el6 (FEDORA-EPEL-2014-1424)
 Collection of automated tests for OpenGL implementations
--------------------------------------------------------------------------------
Update Information:

Put ExcludeArch back for ppc64 and missing python-importlib Require
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1098113 - missing lib/ include
        https://bugzilla.redhat.com/show_bug.cgi?id=1098113
  [ 2 ] Bug #1098170 - summary.py tries to access the "templates" dir in 
current dir
        https://bugzilla.redhat.com/show_bug.cgi?id=1098170
--------------------------------------------------------------------------------


================================================================================
 python-anyjson-0.3.3-1.el6 (FEDORA-EPEL-2014-1420)
 Wraps the best available JSON implementation available
--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 0.3.3
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 14 2014 Fabian Affolter <m...@fabian-affolter.ch> - 0.3.3-1
- Update to new upstream version 0.3.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1097206 - Update python-anyjson to 0.3.3
        https://bugzilla.redhat.com/show_bug.cgi?id=1097206
--------------------------------------------------------------------------------


================================================================================
 python-behave-1.2.3-13.el6 (FEDORA-EPEL-2014-1433)
 Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:

Remove bundled compatibility libraries and add Requires
Add python-setuptools dependency (fix #1084996)
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  9 2014 Matěj Cepl <mc...@redhat.com> - 1.2.3-13
- Remove bundled compatibility libraries and add Requires
  (fix #1096220).
* Mon Apr  7 2014 Matěj Cepl <mc...@redhat.com> - 1.2.3-12
- Add python-setuptools dependency (fix #1084996)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1096220 - python-behave package should depend on python-importlib
        https://bugzilla.redhat.com/show_bug.cgi?id=1096220
  [ 2 ] Bug #1084996 - Behave package should depend on python-setuptools
        https://bugzilla.redhat.com/show_bug.cgi?id=1084996
--------------------------------------------------------------------------------


================================================================================
 python-humanize-0.5-4.el6 (FEDORA-EPEL-2014-1426)
 Turns dates in to human readable format, e.g '3 minutes ago'
--------------------------------------------------------------------------------
Update Information:

First version of package in Fedora.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1088882 - Review Request: python-humanize - Turns dates in to 
human readable format, e.g '3 minutes ago'
        https://bugzilla.redhat.com/show_bug.cgi?id=1088882
--------------------------------------------------------------------------------


================================================================================
 python-junitxml-0.7-1.el6 (FEDORA-EPEL-2014-1430)
 PyJUnitXML, a pyunit extension to output JUnit compatible XML
--------------------------------------------------------------------------------
Update Information:

Initial package. pyunit extension to output JUnit compatible XML
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1093406 - Review Request: python-junitxml - pyunit extension to 
output JUnit compatible XML
        https://bugzilla.redhat.com/show_bug.cgi?id=1093406
--------------------------------------------------------------------------------


================================================================================
 rubygem-mizuho-0.9.20-3.el6 (FEDORA-EPEL-2014-1431)
 Mizuho documentation formatting tool
--------------------------------------------------------------------------------
Update Information:

Fix native templated directory (#1072246), fix epel6 dependencies
Newpackage
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1072246 - TEMPLATES_DIR does not point to proper path
        https://bugzilla.redhat.com/show_bug.cgi?id=1072246
--------------------------------------------------------------------------------


================================================================================
 stompclt-1.2-1.el6 (FEDORA-EPEL-2014-1421)
 Versatile STOMP client
--------------------------------------------------------------------------------
Update Information:

Update to upstream, rhbz #1097055.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 13 2014 Alexandre Beche <alexandre.be...@gmail.com> 1.2-1
- Update to upstream, rhbz #1097055.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1097055 - Upgrade to new upstream version
        https://bugzilla.redhat.com/show_bug.cgi?id=1097055
--------------------------------------------------------------------------------


================================================================================
 xl2tpd-1.3.6-1.el6 (FEDORA-EPEL-2014-1415)
 Layer 2 Tunnelling Protocol Daemon (RFC 2661)
--------------------------------------------------------------------------------
Update Information:

Updated to 1.3.6 which fixes listening on the ANY address and revert of ipparam 
manipulation
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 12 2014 Paul Wouters <pwout...@redhat.com> - 1.3.6-1
- Updated to 1.3.6 - using github-only monstrosity packaging
- Resolves: rhbz#1051785 (new upstream version available)
- Resolves: rhbz#868391 - xl2tpd sends response packets from wrong IP address
- Revert: rhbz#929447 - Incorrect "ipparam" manipulation
- Removed patches merged in upstream.
- FIPS patch updated with advertising clause for openssl in xl2tpd -V
  (although the GPL code was already basically taken from openssl)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1051785 - xl2tpd-1.3.7dev1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1051785
  [ 2 ] Bug #868391 - xl2tpd sends response packets from wrong IP address
        https://bugzilla.redhat.com/show_bug.cgi?id=868391
  [ 3 ] Bug #929447 - Incorrect "ipparam" manipulation
        https://bugzilla.redhat.com/show_bug.cgi?id=929447
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

Reply via email to