EPEL Fedora 6 updates-testing report

updates Thu, 19 Jun 2014 09:38:40 -0700

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 788  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 135  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
 120  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
  79  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
  29  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8.0.6-2.el6
  25  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-3.8-1.el6
  15  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1563/mono-2.10.8-2.el6,libgdiplus-2.10-1.el6
  14  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1572/chkrootkit-0.49-9.el6
  10  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1584/python-djblets-0.7.30-2.el6
   7  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
   7  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1608/mcollective-2.2.3-2.el6
   7  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1612/tor-0.2.4.22-1.el6
   7  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1628/hiera-1.0.0-4.el6
   6  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1634/python-django-evolution-0.6.9-4.el6
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1648/owncloud-6.0.3-1.el6
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1649/python-jinja2-26-2.6-3.el6
   3  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1657/lynis-1.5.6-1.el6
   1  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1627/php-horde-Horde-Ldap-2.2.0-1.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    iperf3-3.0.5-1.el6
    isorelax-0-0.5.release20050331.el6.1
    knot-1.4.7-1.el6
    mom-0.4.1-1.el6
    nodejs-0.10.29-1.el6
    pcp-3.9.5-1.el6
    pen-0.23.0-1.el6
    perl-Tree-R-0.06-1.el6
    python-django-dajaxice-0.6-1.el6
    rubygem-deep_merge-1.0.1-5.el6
    udt-4.11-2.el6
    v8-3.14.5.10-9.el6

Details about builds:


================================================================================
 iperf3-3.0.5-1.el6 (FEDORA-EPEL-2014-1679)
 Measurement tool for TCP/UDP bandwidth performance
--------------------------------------------------------------------------------
Update Information:

Update to 3.0.5
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2014 Susant Sahani <[email protected]> 3.0.5-1
- Update to 3.0.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1111027 - iperf3-3.0.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1111027
--------------------------------------------------------------------------------


================================================================================
 isorelax-0-0.5.release20050331.el6.1 (FEDORA-EPEL-2014-1670)
 Public interfaces for RELAX Core
--------------------------------------------------------------------------------
Update Information:

Build of isorelax for el6.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #719665 - Please build isorelax for EPEL 6
        https://bugzilla.redhat.com/show_bug.cgi?id=719665
--------------------------------------------------------------------------------


================================================================================
 knot-1.4.7-1.el6 (FEDORA-EPEL-2014-1681)
 An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:

update to 1.4.7
update to 1.4.6, DNSSEC: fix possible signing loop when doing key rollover, 
RRL: fixed sending of malformed UDP empty responses
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2014 Jan Vcelak <[email protected]> 1.4.7-1
- update to 1.4.7
  + Fixed DDNS corner cases
  + Fixed zone EXPIRE timer
  + Fixed semantic checks false positives
  + Fixed sending malformed IXFR with automatic DNSSEC
  + Fixed NAPTR record serialization
* Thu May 22 2014 Jan Vcelak <[email protected]> 1.4.6-2
- update to 1.4.6
  + DNSSEC: fix possible signing loop when doing key rollover
  + RRL: fixed sending of malformed UDP empty responses
--------------------------------------------------------------------------------


================================================================================
 mom-0.4.1-1.el6 (FEDORA-EPEL-2014-1683)
 Dynamically manage system resources on virtualization hosts
--------------------------------------------------------------------------------
Update Information:

Update MOM to version 0.4.1
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2014 Adam Litke <[email protected]> - 0.4.1-1
- Upgrade to 0.4.1
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 0.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 nodejs-0.10.29-1.el6 (FEDORA-EPEL-2014-1680)
 JavaScript runtime
--------------------------------------------------------------------------------
Update Information:

2014.06.05, Version 0.10.29 (Stable)

* child_process: do not set args before throwing (Greg Sabia Tucker)

* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)

* constants: export O_NONBLOCK (Fedor Indutny)

* crypto: improve memory usage (Alexis Campailla)

* fs: close file if fstat() fails in readFile() (cjihrig)

* lib: name EventEmitter prototype methods (Ben Noordhuis)

* tls: fix performance issue (Alexis Campailla)

The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot 
be done in a stable distribution release.  This build of nodejs will behave as 
if NODE_INVALID_UTF8 was set.  For more information on the implications, see: 
http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/

Additionally, a minor bug in v8 has been fixed that caused certain integer 
comparisons to return true when they should have returned false.

Please note that there is no OpenSSL security fixes as part of this update as 
there were upstream; nodejs in EPEL uses the system OpenSSL library included 
with RHEL and thus receives security updates as soon as the "openssl" packages 
on your system are updated.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2014 T.C. Hollingsworth <[email protected]> - 0.10.29-1
- new upstream release 0.10.29
  http://blog.nodejs.org/2014/06/16/node-v0-10-29-stable/
- The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot
  be done in a stable distribution release.  This build of nodejs will behave as
  if NODE_INVALID_UTF8 was set.  For more information on the implications, see:
  http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/
--------------------------------------------------------------------------------


================================================================================
 pcp-3.9.5-1.el6 (FEDORA-EPEL-2014-1678)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:

Daemon signal handlers no longer use unsafe APIs (BZ 847343), Handle /var/run 
setups on a temporary filesystem (BZ 656659), Resolve pmlogcheck sigsegv for 
some archives (BZ 1077432), Ensure pcp-gui-{testsuite,debuginfo} packages get 
replaced,  Revive support for EPEL5 builds, post pcp-gui merge, Update to 
latest PCP sources.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2014 Dave Brolley <[email protected]> - 3.9.5-1
- Daemon signal handlers no longer use unsafe APIs (BZ 847343)
- Handle /var/run setups on a temporary filesystem (BZ 656659)
- Resolve pmlogcheck sigsegv for some archives (BZ 1077432)
- Ensure pcp-gui-{testsuite,debuginfo} packages get replaced.
- Revive support for EPEL5 builds, post pcp-gui merge.
- Update to latest PCP sources.
* Fri Jun  6 2014 Fedora Release Engineering <[email protected]> 
- 3.9.4-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #847343 - pcp: pmcd signal handlers are unsafe
        https://bugzilla.redhat.com/show_bug.cgi?id=847343
  [ 2 ] Bug #656659 - Please Update Spec File to use %ghost on files in 
/var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656659
  [ 3 ] Bug #1077432 - pmlogcheck SEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1077432
--------------------------------------------------------------------------------


================================================================================
 pen-0.23.0-1.el6 (FEDORA-EPEL-2014-1675)
 Load balancer for "simple" tcp based protocols such as http or smtp
--------------------------------------------------------------------------------
Update Information:

This release adds support for IPv6 for backend servers as well as the listening 
socket.

Usage: 
http://morestuff.siag.nu/2014/04/14/using-pen-as-an-address-family-adapter/
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2014 Christopher Meng <[email protected]> - 0.23.0-1
- Update to 0.23.0
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 0.22.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Apr  3 2014 Christopher Meng <[email protected]> - 0.22.1-1
- Update to 0.22.1
- Patch merged upstream.
* Wed Apr  2 2014 Christopher Meng <[email protected]> - 0.22.0-2
- Patch messed with syntax.
--------------------------------------------------------------------------------


================================================================================
 perl-Tree-R-0.06-1.el6 (FEDORA-EPEL-2014-1671)
 Perl extension for the R-tree data structure and algorithms
--------------------------------------------------------------------------------
Update Information:

Initial release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1110246 - Review Request: perl-Tree-R - Perl extension for the 
Rtree data structure and algorithms
        https://bugzilla.redhat.com/show_bug.cgi?id=1110246
--------------------------------------------------------------------------------


================================================================================
 python-django-dajaxice-0.6-1.el6 (FEDORA-EPEL-2014-1672)
 Agnostic and easy to use AJAX library for Django
--------------------------------------------------------------------------------
Update Information:

New upstream release 0.6. You can find the changes in the upstream description 
at http://django-dajaxice.readthedocs.org/en/latest/changelog.html#id1
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 17 2014 Richard Marko <[email protected]> - 0.6-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 rubygem-deep_merge-1.0.1-5.el6 (FEDORA-EPEL-2014-1673)
 Merge Deeply Nested Hashes
--------------------------------------------------------------------------------
Update Information:

New package rubygem-deep_merge - Merges deep hashes in ruby
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1064352 - Review Request: rubygem-deep_merge - Merges deep hashes 
in ruby.
        https://bugzilla.redhat.com/show_bug.cgi?id=1064352
--------------------------------------------------------------------------------


================================================================================
 udt-4.11-2.el6 (FEDORA-EPEL-2014-1676)
 UDP based Data Transfer Protocol
--------------------------------------------------------------------------------
Update Information:

UDT is a reliable UDP based application level data transport protocol for 
distributed data intensive applications over wide area high-speed networks. UDT 
uses UDP to transfer bulk data with its own eliability control and congestion 
control mechanisms. The new protocol can transfer data at a much higher speed 
than TCP does. UDT is also a highly configurable framework that can accommodate 
various congestion control algorithms.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1107441 - Review Request: udt - UDP based Data Transfer Protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=1107441
--------------------------------------------------------------------------------


================================================================================
 v8-3.14.5.10-9.el6 (FEDORA-EPEL-2014-1680)
 JavaScript Engine
--------------------------------------------------------------------------------
Update Information:

2014.06.05, Version 0.10.29 (Stable)

* child_process: do not set args before throwing (Greg Sabia Tucker)

* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)

* constants: export O_NONBLOCK (Fedor Indutny)

* crypto: improve memory usage (Alexis Campailla)

* fs: close file if fstat() fails in readFile() (cjihrig)

* lib: name EventEmitter prototype methods (Ben Noordhuis)

* tls: fix performance issue (Alexis Campailla)

The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot 
be done in a stable distribution release.  This build of nodejs will behave as 
if NODE_INVALID_UTF8 was set.  For more information on the implications, see: 
http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/

Additionally, a minor bug in v8 has been fixed that caused certain integer 
comparisons to return true when they should have returned false.

Please note that there is no OpenSSL security fixes as part of this update as 
there were upstream; nodejs in EPEL uses the system OpenSSL library included 
with RHEL and thus receives security updates as soon as the "openssl" packages 
on your system are updated.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2014 T.C. Hollingsworth <[email protected]> - 1:3.14.5.10-9
- fix corner case in integer comparisons (v8 bug#2416; nodejs bug#7528)
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

EPEL Fedora 6 updates-testing report

Reply via email to