The following Fedora EPEL 6 Security updates need testing:
Age URL
821
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
168
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
153
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
62
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8.0.6-2.el6
59
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-3.8-1.el6
43
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1584/python-djblets-0.7.30-2.el6
40
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
31
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Address-1.905-1.el6
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1745/mediawiki119-1.19.17-1.el6
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1807/chrony-1.30-1.el6
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1782/zarafa-7.1.10-2.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1889/php-ZendFramework-1.12.7-1.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1906/polarssl-1.3.2-2.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1913/ipython-0.13.2-5.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1934/drupal7-7.29-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1961/cobbler-2.6.3-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1923/sdcc-3.2.0-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1947/drupal6-6.32-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1984/ansible-1.6.7-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1980/moodle-2.4.11-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
ansible-1.6.7-1.el6
ansifilter-1.8-2.el6
cpulimit-0.1-1.20140722gitcabeb99.el6
easytag-2.1.7-1.el6
fail2ban-0.8.13-1.el6
gridsite-2.2.5-2.el6
lua-ldap-1.1.0-3.el6
moodle-2.4.11-1.el6
perl-Clone-PP-1.06-1.el6
perl-Date-Holidays-DE-1.6-2.el6
perl-DateTime-Format-RFC3339-1.0.5-1.el6
php-horde-Horde-CssMinify-1.0.1-1.el6
php-horde-Horde-JavascriptMinify-1.1.0-1.el6
php-horde-Horde-Mail-Autoconfig-1.0.0-1.el6
php-horde-Horde-OpenXchange-1.0.0-1.el6
php-horde-Horde-Service-Gravatar-1.0.0-1.el6
php-horde-wicked-2.0.1-2.el6
php-mikey179-vfsstream-1.3.0-1.el6
php-ocramius-instantiator-1.0.0-1.el6
php-ocramius-lazy-map-1.0.0-1.el6
php-pecl-solr2-2.0.0-1.el6
php-pecl-ssdeep-1.0.4-1.el6
python-behave-1.2.4-2.el6
python-enum34-1.0-4.el6
python-parse_type-0.3.4-2.el6
repo_manager-0.1.0-3.el6
shinken-2.0.3-5.el6
Details about builds:
================================================================================
ansible-1.6.7-1.el6 (FEDORA-EPEL-2014-1984)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.7 Fixes CVE-2014-4966 and CVE-2014-4967
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 Kevin Fenzi <[email protected]> 1.6.7-1
- Update to 1.6.7
- Fixes CVE-2014-4966 and CVE-2014-4967
--------------------------------------------------------------------------------
================================================================================
ansifilter-1.8-2.el6 (FEDORA-EPEL-2014-1973)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
Ansifilter handles text files containing ANSI terminal escape codes. The
command sequences may be stripped or be interpreted to generate formatted
output (HTML, RTF, TeX, LaTeX, BBCode).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1111541 - Review Request: ansifilter - ANSI terminal escape code
converter
https://bugzilla.redhat.com/show_bug.cgi?id=1111541
--------------------------------------------------------------------------------
================================================================================
cpulimit-0.1-1.20140722gitcabeb99.el6 (FEDORA-EPEL-2014-1976)
CPU Usage Limiter for Linux
--------------------------------------------------------------------------------
Update Information:
Rebuild based on the github sources
--------------------------------------------------------------------------------
================================================================================
easytag-2.1.7-1.el6 (FEDORA-EPEL-2014-1991)
Tag editor for mp3, ogg, flac and other music files
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.7 final
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.8.13-1.el6 (FEDORA-EPEL-2014-1985)
Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:
- Update to 0.8.13 (should fix bug #1047363)
- Use upstream's logrotate script (bug #891798)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 Orion Poplawski <[email protected]> - 0.8.13-1
- Update to 0.8.13 (should fix bug #1047363)
- Use upstream's logrotate script (bug #891798)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1047363 - fail2ban [asterisk] jail doesn't create both tcp and udp
iptables rules
https://bugzilla.redhat.com/show_bug.cgi?id=1047363
[ 2 ] Bug #891798 - fail2ban logrotate script is either useless or mangles up
the setting of fail2ban's logtarget
https://bugzilla.redhat.com/show_bug.cgi?id=891798
--------------------------------------------------------------------------------
================================================================================
gridsite-2.2.5-2.el6 (FEDORA-EPEL-2014-1982)
Grid Security for the Web, Web platforms for Grids
--------------------------------------------------------------------------------
Update Information:
Revision of GridSite fixing several issues:
* two or more simultaneous (overlapping) delegation operations
* time handling in signature verification functions
* memory leaks
* stability and memory handling problems
Upstream release notes:
* https://github.com/CESNET/gridsite/wiki/Gridsite-release-page#GridSite_2221
* https://github.com/CESNET/gridsite/wiki/Gridsite-release-page#GridSite_2231
* https://github.com/CESNET/gridsite/wiki/Gridsite-release-page#GridSite_2251
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 František Dvořák <[email protected]> - 2.2.5-2
- Bumped release versions and rebuilt properly
* Mon Jul 21 2014 František Dvořák <[email protected]> - 2.2.5-1
- Gridsite 2.2.5 Release, several bugfixes
- Removed cgi-bin-location.patch, move files in %install instead
- Replace MYFLAGS by CFLAGS, removed gridsite internal build flags
- Owning icons dir
- Only major version needed in library wildcard now (libgridsite.so.2.*)
- Cleanups (EL5, noarch doc subpackage, buildroot macro, formatting)
--------------------------------------------------------------------------------
================================================================================
lua-ldap-1.1.0-3.el6 (FEDORA-EPEL-2014-1987)
LDAP client library for Lua, using OpenLDAP
--------------------------------------------------------------------------------
Update Information:
LuaLDAP is a simple interface from Lua to an LDAP client.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1105015 - Review Request: lua-ldap - LDAP client library for Lua
https://bugzilla.redhat.com/show_bug.cgi?id=1105015
--------------------------------------------------------------------------------
================================================================================
moodle-2.4.11-1.el6 (FEDORA-EPEL-2014-1980)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Fixes for:
CVE-2014-3541, CVE-2014-3542, CVE-2014-3543, CVE-2014-3544, CVE-2014-3545,
CVE-2014-3546, CVE-2014-3547, CVE-2014-3548, CVE-2014-3549, CVE-2014-3550,
CVE-2014-3551, CVE-2014-3552, CVE-2014-3553
https://moodle.org/mod/forum/discuss.php?d=263858
http://seclists.org/oss-sec/2014/q3/195
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 Jon Ciesla <[email protected]> - 2.4.11-1
- 2.4.11, Fix for CVE-2014-3541, CVE-2014-3542, CVE-2014-3543,
- CVE-2014-3544, CVE-2014-3545, CVE-2014-3546, CVE-2014-3547,
- CVE-2014-3548, CVE-2014-3549, CVE-2014-3550, CVE-2014-3551,
- CVE-2014-3552, CVE-2014-3553
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1120979 - moodle: security issues fixed in the upstream 2.7.1,
2.6.4, 2.5.7, and 2.4.11 releases [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1120979
[ 2 ] Bug #1120980 - moodle: security issues fixed in the upstream 2.7.1,
2.6.4, 2.5.7, and 2.4.11 releases [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1120980
--------------------------------------------------------------------------------
================================================================================
perl-Clone-PP-1.06-1.el6 (FEDORA-EPEL-2014-1983)
Recursively copy Perl data-types
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1118960 - Review Request: perl-Clone-PP - Recursively copy Perl
data-types
https://bugzilla.redhat.com/show_bug.cgi?id=1118960
--------------------------------------------------------------------------------
================================================================================
perl-Date-Holidays-DE-1.6-2.el6 (FEDORA-EPEL-2014-1997)
Perl module to determine German holidays
--------------------------------------------------------------------------------
Update Information:
A perl module that creates a list of German holidays in a given year. It knows
about special holiday regulations for all of Germany's federal states and also
about "semi-holidays" and religious "silent days" that will be treated as
holidays on request. Holidays that occur on weekends can be excluded from the
generated list. The generated list can also be freely formatted using regular
strftime() format definitions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #847420 - Review Request: perl-Date-Holidays-DE - Perl module to
determine German holidays
https://bugzilla.redhat.com/show_bug.cgi?id=847420
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-Format-RFC3339-1.0.5-1.el6 (FEDORA-EPEL-2014-1992)
Parse and format RFC3339 datetime strings
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1121302 - Review Request: perl-DateTime-Format-RFC3339 - Parse and
format RFC3339 datetime strings
https://bugzilla.redhat.com/show_bug.cgi?id=1121302
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-CssMinify-1.0.1-1.el6 (FEDORA-EPEL-2014-1993)
CSS Minification
--------------------------------------------------------------------------------
Update Information:
Abstracted interface to various CSS minification backends.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1117438 - Review Request: php-horde-Horde-CssMinify - CSS
Minification
https://bugzilla.redhat.com/show_bug.cgi?id=1117438
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-JavascriptMinify-1.1.0-1.el6 (FEDORA-EPEL-2014-1977)
Javascript Minification
--------------------------------------------------------------------------------
Update Information:
Abstracted interface to various javascript minification backends.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1117444 - Review Request: php-horde-Horde-JavascriptMinify -
Javascript Minification
https://bugzilla.redhat.com/show_bug.cgi?id=1117444
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mail-Autoconfig-1.0.0-1.el6 (FEDORA-EPEL-2014-1971)
Horde Mail Autoconfiguration
--------------------------------------------------------------------------------
Update Information:
Attempts to automatically determine configuration options for various remote
mail services (IMAP/POP3/SMTP).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1117476 - Review Request: php-horde-Horde-Mail-Autoconfig - Horde
Mail Autoconfiguration
https://bugzilla.redhat.com/show_bug.cgi?id=1117476
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-OpenXchange-1.0.0-1.el6 (FEDORA-EPEL-2014-1981)
Open-Xchange Connector
--------------------------------------------------------------------------------
Update Information:
Library to interact with Open-Xchange servers.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1118273 - Review Request: php-horde-Horde-OpenXchange -
Open-Xchange Connector
https://bugzilla.redhat.com/show_bug.cgi?id=1118273
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Service-Gravatar-1.0.0-1.el6 (FEDORA-EPEL-2014-1975)
API accessor for gravatar.com
--------------------------------------------------------------------------------
Update Information:
A library for accessing the Avatar services at gravatar.com.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1118289 - Review Request: php-horde-Horde-Service-Gravatar -
php-horde-Horde-Service-Gravatar
https://bugzilla.redhat.com/show_bug.cgi?id=1118289
--------------------------------------------------------------------------------
================================================================================
php-horde-wicked-2.0.1-2.el6 (FEDORA-EPEL-2014-1974)
Wiki application
--------------------------------------------------------------------------------
Update Information:
Wicked is a wiki application for Horde.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1087769 - Review Request: php-horde-wicked - Wiki application
https://bugzilla.redhat.com/show_bug.cgi?id=1087769
--------------------------------------------------------------------------------
================================================================================
php-mikey179-vfsstream-1.3.0-1.el6 (FEDORA-EPEL-2014-1989)
PHP stream wrapper for a virtual file system
--------------------------------------------------------------------------------
Update Information:
1.3.0 (2014-07-21)
* implemented #79: possibility to mock large files without large memory
footprint, see https://github.com/mikey179/vfsStream/wiki/MockingLargeFiles
* implemented #67: added partial support for text-mode translation flag (i.e.,
no actual translation of line endings takes place) so it no longer throws an
exception (provided by Anthon Pang)
* fixed issue #74: issue with trailing windows path separators (provided by
Sebastian Krüger)
* fixed issue #50: difference between real file system and vfs with
`RecursiveDirectoryIterator`
* fixed issue #80: touch with no arguments for modification and access time
behave incorrect
* deprecated `org\bovigo\vfs\vfsStreamFile::readUntilEnd()`
* deprecated `org\bovigo\vfs\vfsStreamFile::getBytesRead()`
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 22 2014 Remi Collet <[email protected]> - 1.3.0-1
- update to 1.3.0
- fix license handling
--------------------------------------------------------------------------------
================================================================================
php-ocramius-instantiator-1.0.0-1.el6 (FEDORA-EPEL-2014-1978)
Instantiate objects in PHP without invoking their constructors
--------------------------------------------------------------------------------
Update Information:
This library provides a way of avoiding usage of constructors when
instantiating PHP classes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1120563 - Review Request: php-ocramius-instantiator - Instantiate
objects in PHP without invoking their constructors
https://bugzilla.redhat.com/show_bug.cgi?id=1120563
--------------------------------------------------------------------------------
================================================================================
php-ocramius-lazy-map-1.0.0-1.el6 (FEDORA-EPEL-2014-1986)
Lazy instantiation logic for a map of objects
--------------------------------------------------------------------------------
Update Information:
This small library aims at providing a very simple and efficient map of
lazy-instantiating objects.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1120543 - Review Request: php-ocramius-lazy-map - Lazy
instantiation logic for a map of objects
https://bugzilla.redhat.com/show_bug.cgi?id=1120543
--------------------------------------------------------------------------------
================================================================================
php-pecl-solr2-2.0.0-1.el6 (FEDORA-EPEL-2014-1969)
Object oriented API to Apache Solr
--------------------------------------------------------------------------------
Update Information:
It effectively simplifies the process of interacting with Apache Solr using
PHP5 and it already comes with built-in readiness for the latest features.
The extension has features such as built-in, serializable query string builder
objects which effectively simplifies the manipulation of name-value pair
request parameters across repeated requests.
The response from the Solr server is also automatically parsed into native php
objects whose properties can be accessed as array keys or object properties
without any additional configuration on the client-side.
Its advanced HTTP client reuses the same connection across multiple requests
and provides built-in support for connecting to Solr servers secured behind
HTTP Authentication or HTTP proxy servers. It is also able to connect to
SSL-enabled containers.
Please consult the documentation for more details on features.
* http://php.net/solr
Warning: PECL Solr 2 is not compatible with Solr Server < 4.0. PECL Solr 1 is
available in php-pecl-solr package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1112705 - Review Request: php-pecl-solr2 - Object oriented API to
Apache Solr
https://bugzilla.redhat.com/show_bug.cgi?id=1112705
--------------------------------------------------------------------------------
================================================================================
php-pecl-ssdeep-1.0.4-1.el6 (FEDORA-EPEL-2014-1994)
Wrapper for libfuzzy library
--------------------------------------------------------------------------------
Update Information:
The ssdeep project page describes it as a library for "...computing context
triggered piecewise hashes (CTPH). Also called fuzzy hashes, CTPH can match
inputs that have homologies. Such inputs have sequences of identical bytes in
the same order, although bytes in between these sequences may be different in
both content and length".
For an in depth paper explaining context triggered piecewise hashes please see
http://dfrws.org/2006/proceedings/12-Kornblum.pdf
This extensions wraps the ssdeep fuzzy hashing API created by Jesse Kornblum.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104032 - Review Request: php-pecl-ssdeep - Wrapper for libfuzzy
library
https://bugzilla.redhat.com/show_bug.cgi?id=1104032
--------------------------------------------------------------------------------
================================================================================
python-behave-1.2.4-2.el6 (FEDORA-EPEL-2014-1979)
Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:
Upgrade to the latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 17 2014 Matěj Cepl <[email protected]> - 1.2.4-2
- Build documentation even on EPEL-7.
* Thu Jun 19 2014 Matěj Cepl <[email protected]> - 1.2.4-1
- New upstream release
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 1.2.3-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-enum34-1.0-4.el6 (FEDORA-EPEL-2014-1990)
Backport of Python 3.4 Enum
--------------------------------------------------------------------------------
Update Information:
Make package available on all versions of Fedora/EPEL
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 Matěj Cepl <[email protected]> - 1.0-4
- No, we don’t have python3 in RHEL-7 :'(
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 28 2014 Kalev Lember <[email protected]> - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Mon May 26 2014 Eric Smith <[email protected]> 1.0-1
- Updated to latest upstream.
--------------------------------------------------------------------------------
================================================================================
python-parse_type-0.3.4-2.el6 (FEDORA-EPEL-2014-1972)
Simplifies to build parse types based on the parse module
--------------------------------------------------------------------------------
Update Information:
Fix FTBFS
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1121710 - FTBFS on EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1121710
--------------------------------------------------------------------------------
================================================================================
repo_manager-0.1.0-3.el6 (FEDORA-EPEL-2014-1995)
Manage your RPM repositories easily
--------------------------------------------------------------------------------
Update Information:
New package : repo_manager to easily manage RPM repositories
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114696 - Review Request: repo_manager - Manage your RPM
repositories easily
https://bugzilla.redhat.com/show_bug.cgi?id=1114696
--------------------------------------------------------------------------------
================================================================================
shinken-2.0.3-5.el6 (FEDORA-EPEL-2014-1988)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
Add forgot doc dir.
Add forgot dir.
Add shinken manpage.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 21 2014 David Hannequin <[email protected]> - 2.0.3-5
- Add forgot doc dir.
* Fri Jul 18 2014 David Hannequin <[email protected]> - 2.0.3-4
- Add forgot dir.
* Mon Jul 7 2014 David Hannequin <[email protected]> - 2.0.3-3
- Add shinken manpage.
* Thu Jul 3 2014 David Hannequin <[email protected]> - 2.0.3-2
- Delete python mysql require.
* Fri Jun 13 2014 David Hannequin <[email protected]> - 2.0.3-1
- Update from upstream.
* Fri Apr 25 2014 David Hannequin <[email protected]> - 2.0.2-1
- Update from upstream.
* Thu Apr 17 2014 David Hannequin <[email protected]> - 2.0-1
- Update from upstream.
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
