The following Fedora EPEL 6 Security updates need testing:
Age URL
885
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
217
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
104
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
94
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Address-1.905-1.el6
47
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2148/drupal6-6.33-1.el6
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2561/pdns-recursor-3.6.1-1.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2634/moodle-2.5.8-1.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2655/python-oauth2-1.5.211-7.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2718/check-mk-1.2.4p5-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2750/libsrtp-1.4.4-10.20101004cvs.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2698/phpMyAdmin-4.0.10.3-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2742/TeXmacs-1.0.7.2-3.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2713/putty-0.63-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
TeXmacs-1.0.7.2-3.el6
cf-sorts-mill-goudy-fonts-3.1-7.el6
check-mk-1.2.4p5-1.el6
collectl-3.7.4-1.el6
davfs2-1.4.7-5.el6
debootstrap-1.0.62-1.el6
dnstop-20140915-1.el6
knot-1.5.3-1.el6
librabbitmq-0.5.2-1.el6
libsrtp-1.4.4-10.20101004cvs.el6
lynis-1.6.1-1.el6
moyogo-molengo-fonts-0.10-9.el6
mozilla-https-everywhere-4.0.1-1.el6
nodejs-0.10.32-1.el6
perl-Parse-CPAN-Packages-Fast-0.08-1.el6
php-horde-Horde-Imap-Client-2.25.1-1.el6
phpMyAdmin-4.0.10.3-2.el6
putty-0.63-3.el6
python-backports-ssl_match_hostname-3.4.0.2-4.el6
python-fmn-consumer-0.3.0-1.el6
python-fmn-lib-0.3.0-1.el6
python-fmn-rules-0.3.0-1.el6
python-fmn-web-0.3.0-2.el6
python-urllib2_kerberos-0.1.6-13.el6
qt5-qtbase-5.3.2-1.el6
qt5-qtconnectivity-5.3.2-1.el6
qt5-qtdeclarative-5.3.2-1.el6
qt5-qtdoc-5.3.2-1.el6
qt5-qtgraphicaleffects-5.3.2-1.el6
qt5-qtimageformats-5.3.2-1.el6
qt5-qtlocation-5.3.2-1.el6
qt5-qtmultimedia-5.3.2-1.el6
qt5-qtquick1-5.3.2-1.el6
qt5-qtquickcontrols-5.3.2-1.el6
qt5-qtscript-5.3.2-1.el6
qt5-qtsensors-5.3.2-1.el6
qt5-qtserialport-5.3.2-1.el6
qt5-qtsvg-5.3.2-1.el6
qt5-qttools-5.3.2-1.el6
qt5-qttranslations-5.3.2-1.el6
qt5-qtwebkit-5.3.2-1.el6
qt5-qtx11extras-5.3.2-1.el6
qt5-qtxmlpatterns-5.3.2-1.el6
reposurgeon-3.12-1.el6
seren-0.0.20-1.el6
sks-1.1.5-7.el6
soscleaner-0.2.2-7.el6
v8-3.14.5.10-14.el6
Details about builds:
================================================================================
TeXmacs-1.0.7.2-3.el6 (FEDORA-EPEL-2014-2742)
Structured wysiwyg scientific text editor
--------------------------------------------------------------------------------
Update Information:
CVE-2010-3394 TeXmacs: insecure library loading vulnerability
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Mark Chappell <[email protected]> - 1.0.7.2-3
- Patch for CVE-2010-3394
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #638427 - CVE-2010-3394 TeXmacs: insecure library loading
vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=638427
--------------------------------------------------------------------------------
================================================================================
cf-sorts-mill-goudy-fonts-3.1-7.el6 (FEDORA-EPEL-2014-2667)
Goudy Oldstyle and Italic fonts
--------------------------------------------------------------------------------
Update Information:
add few more fonts to el6
--------------------------------------------------------------------------------
================================================================================
check-mk-1.2.4p5-1.el6 (FEDORA-EPEL-2014-2718)
A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:
New upstream release providing many security fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Andrea Veri <[email protected]> - 1.2.4p5-1
- New upstream release. Fixes CVEs:
- CVE-2014-5338
- CVE-2014-5339
- CVE-2014-5340 (BZ: #1132337, #1132339, #1132341)
- Stop shipping the j4p_performance plugin as it's deprecated. (BZ: #1133068)
- Turn Wato_Legacy_Eval as True as we want to prevent breakages
between machines running different Python and/or check-mk releases.
This is necessary after the 'ast' move from 'pickle' (that was
generating a insecure API call), however the 'ast' module is still
not available for RHEL / CentOS 5 machines. The patch is there to
avoid miscommunications between different distribution releases. More
information is available at:
http://mathias-kettner.com/check_mk_werks.php?werk_id=984.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1132337 - CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 check-mk:
multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4
https://bugzilla.redhat.com/show_bug.cgi?id=1132337
--------------------------------------------------------------------------------
================================================================================
collectl-3.7.4-1.el6 (FEDORA-EPEL-2014-2691)
A utility to collect various Linux performance data
--------------------------------------------------------------------------------
Update Information:
- update to upstream version 3.7.4
- upstream changelog at http://collectl.sourceforge.net/Releases.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Dan Horák <dan[at]danny.cz> - 3.7.4-1
- upgrade to upstream version 3.7.4 (#1140499)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1140499 - collectl-3.7.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1140499
--------------------------------------------------------------------------------
================================================================================
davfs2-1.4.7-5.el6 (FEDORA-EPEL-2014-2711)
A filesystem driver for WebDAV
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
debootstrap-1.0.62-1.el6 (FEDORA-EPEL-2014-2688)
Debian GNU/Linux bootstrapper
--------------------------------------------------------------------------------
Update Information:
new upstream release
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Jan Vcelak <[email protected]> 1.0.62-1
- new upstream release:
+ fix warnings caused by change in output of dpkg 1.17.2
+ fix reporting of package versions with epoch
* Sat Aug 2 2014 Jan Vcelak <[email protected]> 1.0.60-1
- new upstream release:
+ Ubuntu utopic as a symlink to gutsy
+ Compression support in fallback method for deb archives extraction
* Tue Apr 29 2014 Lubomir Rintel <[email protected]> 1.0.59-1.2
- Fix chrooting
- Fix architecture detection
- Drop unneded MAKEDEV patch, as we don't use it anymore
* Tue Apr 29 2014 Lubomir Rintel <[email protected]> 1.0.59-1.1
- RHEL 7 does not ship MAKEDEV anymore
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1136225 - debootstrap-1.0.62 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1136225
[ 2 ] Bug #1095205 - debootstrap-1.0.60 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1095205
--------------------------------------------------------------------------------
================================================================================
dnstop-20140915-1.el6 (FEDORA-EPEL-2014-2672)
Displays information about DNS traffic on your network
--------------------------------------------------------------------------------
Update Information:
Updated to 20140915 with new-gtlds filter support
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Paul Wouters <[email protected]> - 20140915-1
- Updated to 20140915 with new-gtlds filter support
- Updated warning patch (partially merged upstream)
- Added usage patch that was missing the new filter name new-gtlds
- Enabled hardening as this application takes in network input
--------------------------------------------------------------------------------
================================================================================
knot-1.5.3-1.el6 (FEDORA-EPEL-2014-2690)
An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:
New upstream release (1.5.3):
- fix crash on specific incoming IXFR message
- fix rare synchronization error during server reload
- fix crash in reverse record synthesis module on DNSSEC signed zones
- fix message ID and opcode for AXFR-style IXFR responses
- fix sending of large responses to remote control commands
New upstream release:
- CVE-2014-0486: remote crash using crafted DNS message
- transfers: do not refuse AXFR answers to IXFR queries
- fix storing of hash character '#' in zone file
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Jan Vcelak <[email protected]> 1.5.3-1
- new upstream release:
+ fix crash on specific incoming IXFR message
+ fix rare synchronization error during server reload
+ fix crash in reverse record synthesis module on DNSSEC signed zones
+ fix message ID and opcode for AXFR-style IXFR responses
+ fix sending of large responses to remote control commands
* Mon Sep 8 2014 Jan Vcelak <[email protected]> 1.5.2-1
- new upstream release:
+ CVE-2014-0486: remote crash using crafted DNS message
+ transfers: do not refuse AXFR answers to IXFR queries
+ fix storing of hash character '#' in zone file
--------------------------------------------------------------------------------
================================================================================
librabbitmq-0.5.2-1.el6 (FEDORA-EPEL-2014-2676)
Client library for AMQP
--------------------------------------------------------------------------------
Update Information:
Changes since v0.5.1 (a.k.a., v0.5.2)
- Autoconf: check for htonll as declaration in a header file
- SSL: correctly report hostname verification errors.
- Build: disable OpenSSL deprecation warnings on OSX
- Lib: include platform, version and copyright in AMQP handshake
- Examples: print message body in amqp[s]_listen[q] examples
- Tools: Add flag to set prefetch for amqp-consume tool
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Remi Collet <[email protected]> - 0.5.2-1
- update to 0.5.2
--------------------------------------------------------------------------------
================================================================================
libsrtp-1.4.4-10.20101004cvs.el6 (FEDORA-EPEL-2014-2750)
An implementation of the Secure Real-time Transport Protocol (SRTP)
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2013-2139 - buffer overflow in application of crypto profiles
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 10 2014 Tom Callaway <[email protected]> - 1.4.4-10.20101004cvs
- rename internal functions to avoid conflicts (bz 956340)
* Mon Dec 30 2013 Tom Callaway <[email protected]> - 1.4.4-9.20101004cvs
- apply fix for CVE-2013-2139 from https://github.com/cisco/libsrtp/pull/27
* Sat Aug 3 2013 Fedora Release Engineering <[email protected]>
- 1.4.4-8.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <[email protected]>
- 1.4.4-7.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Sep 25 2012 Karsten Hopp <[email protected]> 1.4.4-6.20101004cvs
- use __PPC64__, not __ppc64__ which is undefined on PPC64 arch
* Thu Jul 19 2012 Fedora Release Engineering <[email protected]>
- 1.4.4-5.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #970697 - CVE-2013-2139 libsrtp: buffer overflow in application of
crypto profiles
https://bugzilla.redhat.com/show_bug.cgi?id=970697
--------------------------------------------------------------------------------
================================================================================
lynis-1.6.1-1.el6 (FEDORA-EPEL-2014-2692)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
== 1.6.1 ==
New:
- Added --pentest parameter to run a non-privileged scans (e.g. for pentesting)
- Show skipped tests in report if they require root and scan is non-privileged
Changes:
- Improved vulnerable packages test on Debian based systems (apt-check)
[PKGS-7392]
- Don't show warnings for 'swap' in 4th column fstab file [FILE-6336]
- Remove warning for old files in /tmp [FILE-6354]
- CheckUpdates function will have better output when no connection is available
- Changes to parameters and functions, to allow penetration tests with Lynis
- Test for actual files in /etc/modprobe.d before grepping in it
- Improved chown command when file permissions are incorrect
- Changed output of update test, show when status is unknown
- No scanning of symlinked directories (binaries test)
- Extended SafePerms function to also check for UID
- Several tests will have root-only bit set now
- Improved netstat tests on Arch Linux
== 1.6.0 ==
New:
- Added several new plugins to default profile
- HostID detection for AIX
Changes:
- Improvements for log file
- GetHostID function improved
- Improved detection of security repository for Debian based systems [PKGS-7388]
- Set default values for update check, to avoid error message on screen
- Cleanup for mail section, adding IMAP and POP3 protocols
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 12 2014 Christopher Meng <[email protected]> - 1.6.1-1
- Update to 1.6.1
--------------------------------------------------------------------------------
================================================================================
moyogo-molengo-fonts-0.10-9.el6 (FEDORA-EPEL-2014-2667)
A Latin typeface for documents
--------------------------------------------------------------------------------
Update Information:
add few more fonts to el6
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-4.0.1-1.el6 (FEDORA-EPEL-2014-2675)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
4.0.0 changes
- Ruleset fixes to wikimedia, stanford-university, joyent, and gaytorrents.
- Merge Android Firefox branch, so Android now has the same release cycle
-- as the stable HTTPS Everywhere branch for Firefox.
- Remove old unused ContentPolicy code.
- FEDORA/RHEL SPECIFIC - Place version conditionals for GNOME Software
-- Center metadata in spec file.
4.0.1 changes
- Significant new coverage: Reddit, Quora
- Fixes include:
-- Frontier Networks, Hotmail / Live, Microsoft, Mozilla, Ohio State,
Rackspace, SJ.se, Timbo.se
-- https://github.com/EFForg/https-everywhere/issues/310
-- https://github.com/EFForg/https-everywhere/issues/500
-- https://trac.torproject.org/projects/tor/ticket/11402
-- https://trac.torproject.org/projects/tor/ticket/11418
-- https://trac.torproject.org/projects/tor/ticket/12583
-- https://trac.torproject.org/projects/tor/ticket/12104
-- https://trac.torproject.org/projects/tor/ticket/9466
-- https://github.com/EFForg/https-everywhere/issues/144
- Enhancements to MCB detection and subsequent ruleset fixes
-- https://github.com/EFForg/https-everywhere/issues/529
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 13 2014 Russell Golden <[email protected]> - 4.0.1-1
- Significant new coverage: Reddit, Quora
- Fixes include:
-- Frontier Networks, Hotmail / Live, Microsoft, Mozilla, Ohio State,
Rackspace, SJ.se, Timbo.se
-- https://github.com/EFForg/https-everywhere/issues/310
-- https://github.com/EFForg/https-everywhere/issues/500
-- https://trac.torproject.org/projects/tor/ticket/11402
-- https://trac.torproject.org/projects/tor/ticket/11418
-- https://trac.torproject.org/projects/tor/ticket/12583
-- https://trac.torproject.org/projects/tor/ticket/12104
-- https://trac.torproject.org/projects/tor/ticket/9466
-- https://github.com/EFForg/https-everywhere/issues/144
- Enhancements to MCB detection and subsequent ruleset fixes
-- https://github.com/EFForg/https-everywhere/issues/529
* Thu Sep 4 2014 Russell Golden <[email protected]> - 4.0.0-1
- Ruleset fixes to wikimedia, stanford-university, joyent, and gaytorrents.
- Merge Android Firefox branch, so Android now has the same release cycle
-- as the stable HTTPS Everywhere branch for Firefox.
- Remove old unused ContentPolicy code.
- FEDORA/RHEL SPECIFIC - Place version conditionals for GNOME Software
-- Center metadata in spec file.
* Tue Aug 19 2014 Richard Hughes <[email protected]> - 3.5.3-2
- Add a MetaInfo file for GNOME Software and Apper.
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.32-1.el6 (FEDORA-EPEL-2014-2719)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
This update provides the latest stable version of Node.js and corresponding
backports to the v8 package.
This update resolves CVE-2013-6668, which has only a minor impact since Node.js
is not typically used to execute untrusted JavaScript. For more information on
the fixed vulnerability, please see the CVE bugs listed below.
Changes in this update include:
* v8: fix a crash introduced by previous release (Fedor Indutny)
* crypto: use domains for any callback-taking method (Chris Dickinson)
* http: do not send `0rnrn` in TE HEAD responses (Fedor Indutny)
* querystring: fix unescape override (Tristan Berger)
* url: Add support for RFC 3490 separators (Mathias Bynens)
* v8: backport CVE-2013-6668
* cluster: disconnect should not be synchronous (Sam Roberts)
* fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
* stream: fix Readable.wrap objectMode falsy values (James Halliday)
* timers: fix timers with non-integer delay hanging. (Julien Gilli)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 18 2014 T.C. Hollingsworth <[email protected]> - 0.10.32-1
- new upstream release 0.10.32
http://blog.nodejs.org/2014/08/19/node-v0-10-31-stable/
http://blog.nodejs.org/2014/09/16/node-v0-10-32-stable/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1074737 - CVE-2013-6668 v8: multiple vulnerabilities fixed in
Google Chrome version 33.0.1750.146
https://bugzilla.redhat.com/show_bug.cgi?id=1074737
--------------------------------------------------------------------------------
================================================================================
perl-Parse-CPAN-Packages-Fast-0.08-1.el6 (FEDORA-EPEL-2014-2682)
Alternative parser for CPAN's package index
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138924 - Review Request: perl-Parse-CPAN-Packages-Fast -
Alternative parser for CPAN's package index
https://bugzilla.redhat.com/show_bug.cgi?id=1138924
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.25.1-1.el6 (FEDORA-EPEL-2014-2484)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.25.1
* [mms] Fix IMAP search results for recent and total messages when it is the
only query and the mailbox is not selected.
* [mms] Fix client-side message sorting when there are multiple sort criteria
and at least one tie in the first sorting criteria.
* [mms] Better error handling when attempting to authenticate via IMAP LOGIN
command with non-ASCII credentials (Bug #13554).
* [mms] Fix sending IMAP APPEND data when the UTF-8 capability is enabled.
* [mms] Fix parsing IMAP mailbox list requests when UTF-8 mode is enabled.
* [mms] Ensure client sorting tests work reproducibly across systems with
varying default locales.
Horde_Imap_Client 2.25.0
* [mms] Add support for Gmail-specific WEBALERT response code.
* [mms] IMAP/POP3 URL generation split into a more modular library structure.
* [mms] Ignore message-specific URL parameters if a search query appears in an
IMAP URL.
* [mms] Fix encoding/decoding URL elements in IMAP/POP3 URLs.
* [mms] Fix setting default port for POP3 URLs.
* [mms] Fix client-side reverse sorting.
* [mms] Fix client-side sequence sorting, when that is the only sort criteria.
* [mms] Use Collator class, if present, to sort string fields on the client
side.
* [mms] Fix client-side sorting of display addresses.
* [mms] Even more improved pseudo-UIDNEXT value for POP3 servers.
* [mms] Improved sanity checking so that non-ASCII data is not sent to server
in commands where it is not supported.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Remi Collet <[email protected]> - 2.25.1-1
- Update to 2.25.1
* Thu Sep 4 2014 Remi Collet <[email protected]> - 2.25.0-1
- Update to 2.25.0
- add dependency on php-intl
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.0.10.3-2.el6 (FEDORA-EPEL-2014-2698)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.3 (2014-09-13)
================================
* [security] DOM based XSS that results to a CSRF that creates a ROOT account
in certain conditions
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Robert Scheck <[email protected]> 4.0.10.3-2
- Move rm(1) calls from %install to %prep (#1121355 #c10)
* Tue Sep 16 2014 Robert Scheck <[email protected]> 4.0.10.3-1
- Upgrade to 4.0.10.3 (#1141635)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141635 - CVE-2014-6300 phpMyAdmin: XSS flaw possibly leading to
root account creation (PMASA-2014-10)
https://bugzilla.redhat.com/show_bug.cgi?id=1141635
--------------------------------------------------------------------------------
================================================================================
putty-0.63-3.el6 (FEDORA-EPEL-2014-2713)
SSH, Telnet and Rlogin client
--------------------------------------------------------------------------------
Update Information:
Various bug fixes and security updates
Including
CVE-2013-4852 Integer overflow, leading to heap-based buffer overflow during
SSH handshake
CVE-2011-4607 keyboard-interactive replies are not wiped from memory after
authentication
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 0.63-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.63-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Aug 12 2013 Jaroslav Škarvada <[email protected]> - 0.63-1
- New version
Resolves: rhbz#995610
- Dropped perms, CVE-2013-4852, CVE-2013-4206, CVE-2013-4207,
CVE-2013-4208 patches (all in upstream)
* Thu Aug 8 2013 Jaroslav Škarvada <[email protected]> - 0.62-7
- Fixed a heap-corrupting buffer underrun bug in the modmul function
Resolves: CVE-2013-4206
- Fixed a buffer overflow vulnerability in the calculation of modular
inverses when verifying a DSA signature
Resolves: CVE-2013-4207
- Fixed problem when private keys are left in memory after being
used by PuTTY tools
Resolves: CVE-2013-4208
* Mon Aug 5 2013 Jaroslav Škarvada <[email protected]> - 0.62-6
- Fixed integer overflow
Resolves: CVE-2013-4852
- Fixed bogus dates in changelog (best estimated)
* Sun Aug 4 2013 Fedora Release Engineering <[email protected]>
- 0.62-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <[email protected]>
- 0.62-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Sep 26 2012 Jaroslav Škarvada <[email protected]> - 0.62-3
- Added missing ImageMagick BuildRequires
* Wed Sep 19 2012 Jaroslav Škarvada <[email protected]> - 0.62-2
- Generated icon from sources
* Tue Aug 7 2012 Jaroslav Škarvada <[email protected]> - 0.62-1
- New version
* Sat Jan 14 2012 Fedora Release Engineering <[email protected]>
- 0.60-9.20100910svn
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 6 2011 Adam Jackson <[email protected]> - 0.60-8.20100910svn
- Rebuild for new libpng
* Wed Feb 9 2011 Fedora Release Engineering <[email protected]>
- 0.60-7.20100910svn
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #766868 - putty: keyboard-interactive replies are not wiped from
memory after authentication [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=766868
[ 2 ] Bug #766869 - putty: keyboard-interactive replies are not wiped from
memory after authentication [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=766869
[ 3 ] Bug #993034 - CVE-2013-4852 putty: Integer overflow, leading to
heap-based buffer overflow during SSH handshake [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=993034
--------------------------------------------------------------------------------
================================================================================
python-backports-ssl_match_hostname-3.4.0.2-4.el6 (FEDORA-EPEL-2014-2758)
The ssl.match_hostname() function from Python 3
--------------------------------------------------------------------------------
Update Information:
Apply upstream patch to fix namespace handling
https://bitbucket.org/brandon/backports.ssl_match_hostname/pull-request/1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Ralph Bean <[email protected]> - 3.4.0.2-4
- Apply upstream patch to fix python namespace handling.
- Narrow down directory ownership to just the ssl_match_hostname module.
* Thu Jul 31 2014 Tom Callaway <[email protected]> - 3.4.0.2-3
- fix license handling
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 3.4.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066625 - UserWarning when importing fedmsg.meta
https://bugzilla.redhat.com/show_bug.cgi?id=1066625
--------------------------------------------------------------------------------
================================================================================
python-fmn-consumer-0.3.0-1.el6 (FEDORA-EPEL-2014-2738)
Backend worker daemon for Fedora Notifications
--------------------------------------------------------------------------------
Update Information:
Make new users active by default. Improve some cache locking.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Ralph Bean <[email protected]> - 0.3.0-1
- Nip time deltas from the future. They are due to clock skew.
- Make new users active by default.
- Lock the cache on preference update.
- Allow group maintainers of packages.
--------------------------------------------------------------------------------
================================================================================
python-fmn-lib-0.3.0-1.el6 (FEDORA-EPEL-2014-2715)
Internal API components and model for Fedora Notifications
--------------------------------------------------------------------------------
Update Information:
Negate-able rules and disable-able filters.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Ralph Bean <[email protected]> - 0.3.0-1
- Latest upstream.
- New database fields.
- Negate-able rules.
- Disable-able filters.
--------------------------------------------------------------------------------
================================================================================
python-fmn-rules-0.3.0-1.el6 (FEDORA-EPEL-2014-2736)
Message processing rules for Fedora Notifications
--------------------------------------------------------------------------------
Update Information:
More rules.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 15 2014 Ralph Bean <[email protected]> - 0.3.0-1
- Latest upstream.
- Remove patch.
--------------------------------------------------------------------------------
================================================================================
python-fmn-web-0.3.0-2.el6 (FEDORA-EPEL-2014-2762)
Frontend Web Application for Fedora Notifications
--------------------------------------------------------------------------------
Update Information:
Negate-able rules and disable-able filters.
Negate-able rules and disable-able filters.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Ralph Bean <[email protected]> - 0.3.0-2
- Patch two bugs caught in staging.
* Mon Sep 15 2014 Ralph Bean <[email protected]> - 0.3.0-1
- Latest upstream.
--------------------------------------------------------------------------------
================================================================================
python-urllib2_kerberos-0.1.6-13.el6 (FEDORA-EPEL-2014-2747)
Kerberos over HTTP Negotiate/SPNEGO support for urllib2
--------------------------------------------------------------------------------
Update Information:
Fix logging format for Python 2.6 (#1065576)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 3 2014 Matěj Cepl <[email protected]> - 0.1.6-13
- Fix logging format for Python 2.6 (#1065576)
* Mon Jun 30 2014 Toshio Kuratomi <[email protected]> - 0.1.6-12
- Replace python-setuptools-devel BR with python-setuptools
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065576 - Add additional patches to urllib2_kerberos
https://bugzilla.redhat.com/show_bug.cgi?id=1065576
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Wed Aug 27 2014 David Tardon <[email protected]> - 5.3.1-8
- do a normal build with docs
* Tue Aug 26 2014 David Tardon <[email protected]> - 5.3.1-7
- rebuild for ICU 53.1
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtconnectivity-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - Connectivity components
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtdeclarative-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtDeclarative component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.1-3
- -qt5 wrappers for qml qmlbundle qmlmin qmlscene
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtdoc-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Main Qt5 Reference Documentation
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
--------------------------------------------------------------------------------
================================================================================
qt5-qtgraphicaleffects-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtGraphicalEffects component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtimageformats-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtImageFormats component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtlocation-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - Location component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtmultimedia-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - Multimedia support
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 17 2014 Rex Dieter <[email protected]> 5.3.1-1.1
- rebuild (for pulseaudio, bug #1117683)
--------------------------------------------------------------------------------
================================================================================
qt5-qtquick1-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
A declarative language for describing user interfaces in Qt5
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Tue Sep 16 2014 Rex Dieter <[email protected]>
- 5.3.1-3
- move qml1plugindump, qmlviewer to -devel
- qml1plugindump-qt5 wrapper (since qtchooser can handle it)
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtquickcontrols-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - module with set of QtQuick controls
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtscript-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtScript component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtsensors-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - Sensors component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtserialport-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - SerialPort component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtsvg-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - Support for rendering and displaying SVG
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qttools-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtTool components
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qttranslations-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtTranslations module
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
--------------------------------------------------------------------------------
================================================================================
qt5-qtwebkit-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtWebKit components
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Tue Aug 26 2014 David Tardon <[email protected]> - 5.3.1-3
- rebuild for ICU 53.1
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtx11extras-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - X11 support library
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Rex Dieter <[email protected]> - 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qt5-qtxmlpatterns-5.3.2-1.el6 (FEDORA-EPEL-2014-2732)
Qt5 - QtXmlPatterns component
--------------------------------------------------------------------------------
Update Information:
Qt 5.3.2 bugfix release, see also
http://blog.qt.digia.com/blog/2014/09/16/qt-5-3-2-released-with-qt-creator-3-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 16 2014 Rex Dieter <[email protected]> 5.3.2-1
- 5.3.2
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
reposurgeon-3.12-1.el6 (FEDORA-EPEL-2014-2749)
SCM Repository Manipulation Tool
--------------------------------------------------------------------------------
Update Information:
- Explicit svn:ignore patterns aren't recursive to lower directories; cope.
- A new 'ignores' command has obtions for translation of ignore files.
- The --noignores option has been retired.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 18 2014 Christopher Meng <[email protected]> - 3.12-1
- Update to 3.12
- Explicit svn:ignore patterns aren't recursive to lower directories; cope.
- A new 'ignores' command has obtions for translation of ignore files.
- The --noignores option has been retired.
* Thu Aug 28 2014 Christopher Meng <[email protected]> - 3.11-1
- Update to 3.11
- When converting SVN, ignore explicit .gitignores created by git-svn.
* Sun Jun 8 2014 Fedora Release Engineering <[email protected]>
- 3.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1143007 - reposurgeon-3.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1143007
--------------------------------------------------------------------------------
================================================================================
seren-0.0.20-1.el6 (FEDORA-EPEL-2014-2707)
Simple VoIP program to create conferences from the terminal
--------------------------------------------------------------------------------
Update Information:
Version bump
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 14 2014 Francesco Frassinelli <[email protected]> - 0.0.20-1
- Version bump
* Mon Aug 18 2014 Fedora Release Engineering <[email protected]>
- 0.0.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Aug 1 2014 Francesco Frassinelli <[email protected]> - 0.0.19-1
- Version bump
* Sun Jun 8 2014 Fedora Release Engineering <[email protected]>
- 0.0.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sks-1.1.5-7.el6 (FEDORA-EPEL-2014-2699)
Synchronizing Key Server
--------------------------------------------------------------------------------
Update Information:
Init script fixes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 11 2014 Nick Bebout <[email protected]> - 1.1.5-7
- Fix systemd files
* Thu Sep 11 2014 Nick Bebout <[email protected]> - 1.1.5-6
- Add systemd support
* Thu Aug 21 2014 Kevin Fenzi <[email protected]> - 1.1.5-5
- Rebuild for rpm bug 1131960
* Mon Aug 18 2014 Fedora Release Engineering <[email protected]>
- 1.1.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Aug 15 2014 Peter Robinson <[email protected]> 1.1.5-3
- All supprted (primary/secondary) Fedora architectures have ocaml
--------------------------------------------------------------------------------
================================================================================
soscleaner-0.2.2-7.el6 (FEDORA-EPEL-2014-2678)
To clean and filter sensitive data from a standard sosreport
--------------------------------------------------------------------------------
Update Information:
updating soscleaner to 0.2.2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 13 2014 Jamie Duncan <[email protected]> 0.2.2
- ability to scrub arbitrary keywords from lists - #41
- updated move to RedHatGov - #40
- stronger processing for /etc/hosts - #38
- better error announcements when user is not root - #37
- artifact location is configurable - #39
* Sun Jul 20 2014 Jamie Duncan <[email protected]> 0.2.1
- cleaned up version and help output for binary - #29,#35
- made uuid random instead of time-based - #36
- allow for aritrary file scanning - #28
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141538 - update soscleaner to latest version - 0.2.2-7
https://bugzilla.redhat.com/show_bug.cgi?id=1141538
--------------------------------------------------------------------------------
================================================================================
v8-3.14.5.10-14.el6 (FEDORA-EPEL-2014-2719)
JavaScript Engine
--------------------------------------------------------------------------------
Update Information:
This update provides the latest stable version of Node.js and corresponding
backports to the v8 package.
This update resolves CVE-2013-6668, which has only a minor impact since Node.js
is not typically used to execute untrusted JavaScript. For more information on
the fixed vulnerability, please see the CVE bugs listed below.
Changes in this update include:
* v8: fix a crash introduced by previous release (Fedor Indutny)
* crypto: use domains for any callback-taking method (Chris Dickinson)
* http: do not send `0rnrn` in TE HEAD responses (Fedor Indutny)
* querystring: fix unescape override (Tristan Berger)
* url: Add support for RFC 3490 separators (Mathias Bynens)
* v8: backport CVE-2013-6668
* cluster: disconnect should not be synchronous (Sam Roberts)
* fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
* stream: fix Readable.wrap objectMode falsy values (James Halliday)
* timers: fix timers with non-integer delay hanging. (Julien Gilli)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 T.C. Hollingsworth <[email protected]> -
1:3.14.5.10-14
- backport bugfix that eliminates unused-local-typedefs warning
- backport security fix: Fix Hydrogen bounds check elimination (CVE-2013-6668;
RHBZ#1086120)
- backport fix to segfault caused by the above patch
* Tue Aug 26 2014 David Tardon <[email protected]> - 1:3.14.5.10-13
- rebuild for ICU 53.1
* Mon Aug 18 2014 Fedora Release Engineering <[email protected]>
- 1:3.14.5.10-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1074737 - CVE-2013-6668 v8: multiple vulnerabilities fixed in
Google Chrome version 33.0.1750.146
https://bugzilla.redhat.com/show_bug.cgi?id=1074737
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
