The following Fedora EPEL 6 Security updates need testing:
Age URL
900
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
232
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
119
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2750/libsrtp-1.4.4-10.20101004cvs.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2742/TeXmacs-1.0.7.2-3.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2713/putty-0.63-3.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2811/nodejs-qs-0.6.6-3.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2821/nodejs-send-0.3.0-4.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2981/check-mk-1.2.4p5-2.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3024/rssh-2.3.4-1.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3064/mediawiki119-1.19.20-1.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3082/golang-1.3.3-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3202/python-oauth2-1.5.211-8.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2850/nginx-1.0.15-8.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
R-3.1.1-7.el6
ansible-1.7.2-2.el6
elk-2.3.22-9.el6
fedmsg-0.11.0-1.el6
golang-github-SeanDolphin-bqschema-0-0.1.gita713d26.el6
golang-github-bmizerany-assert-0-0.1.gite17e998.el6
golang-github-bmizerany-pat-0-0.1.gitb8a3500.el6
golang-github-golang-glog-0-0.2.gitd1c4472.el6
golang-github-influxdb-go-cache-0-0.1.git7d1d6d6.el6
golang-github-jmhodges-levigo-0-0.1.git253793d.el6
golang-github-kr-fs-0-0.1.git2788f0d.el6
golang-github-onsi-ginkgo-0-0.1.git90d6a47.el6
golang-github-onsi-gomega-0-0.1.gita0ee4df.el6
golang-github-stretchr-objx-0-0.2.gitcbeaeb1.el6
golang-github-stretchr-testify-0-0.3.gitda775f0.el6
golang-googlecode-go-exp-0-0.1.hgbd8df7009305.el6
golang-googlecode-gomock-0-0.1.hge033c7513ca3.el6
golang-googlecode-log4go-0-0.1.hgc3294304d93f.el6
igraph-0.7.1-1.el6
inxi-2.2.14-1.el6
nagios-plugins-fts-3.2.0-1.el6
nginx-1.0.15-8.el6
perl-Redis-1.976-1.el6
perl-Test-XML-0.08-2.el6
php-phpunit-environment-1.1.0-1.el6
python-fedmsg-meta-fedora-infrastructure-0.3.5-1.el6
python-fedora-0.3.36-1.el6
python-oauth2-1.5.211-8.el6
python-urllib2_kerberos-0.1.6-14.el6
rubygem-ffi-1.0.9-10.el6
Details about builds:
================================================================================
R-3.1.1-7.el6 (FEDORA-EPEL-2014-3259)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Fix java Requires/BuildRequires to be more permissive.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 29 2014 Orion Poplawski <[email protected]> - 3.1.1-7
- Just BR/R java instead of java-1.5.0-gcj (bug #1110684)
* Tue Sep 16 2014 David Sommerseth <[email protected]> - 3.1.1-6
- Setting ulimit when running make check, to avoid segfault due to too small
stack (needed on PPC64)
* Tue Aug 26 2014 David Tardon <[email protected]> - 3.1.1-5
- rebuild for ICU 53.1
* Fri Aug 15 2014 Fedora Release Engineering <[email protected]>
- 3.1.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110684 - R-java update has new dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1110684
--------------------------------------------------------------------------------
================================================================================
ansible-1.7.2-2.el6 (FEDORA-EPEL-2014-3201)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
* fix problem with ansible --vault-password not working.
Update to 1.7.2
Update to 1.7.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Toshio Kuratomi <[email protected]> - 1.7.2-2
- Add /usr/bin/ansible to the rhel6 newer pycrypto patch
* Wed Sep 24 2014 Kevin Fenzi <[email protected]> 1.7.2-1
- Update to 1.7.2
* Thu Aug 14 2014 Kevin Fenzi <[email protected]> 1.7.1-1
- Update to 1.7.1
--------------------------------------------------------------------------------
================================================================================
elk-2.3.22-9.el6 (FEDORA-EPEL-2014-3223)
FP-LAPW Code
--------------------------------------------------------------------------------
Update Information:
build against new openmpi on fc21 + epel7 package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 7 2014 Marcin Dulak <[email protected]> - 2.3.22-9
- build against new openmpi
* Sat Aug 16 2014 Fedora Release Engineering <[email protected]>
- 2.3.22-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.11.0-1.el6 (FEDORA-EPEL-2014-3239)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
New fedmsg.meta.msg2long_form API. Other IRC-related bugfixes and enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Ralph Bean <[email protected]> - 0.11.0-1
- Fix harmless error about twisted.words at daemon startup.
- Optional shortening of links in IRC.
- IRC bot now reconnects when dropped.
- New fedmsg.meta.msg2long_form API.
--------------------------------------------------------------------------------
================================================================================
golang-github-SeanDolphin-bqschema-0-0.1.gita713d26.el6 (FEDORA-EPEL-2014-3248)
Package for creating Google Big Query from Go structs
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148460 - Review Request: golang-github-SeanDolphin-bqschema -
Package for creating Google Big Query from Go structs
https://bugzilla.redhat.com/show_bug.cgi?id=1148460
--------------------------------------------------------------------------------
================================================================================
golang-github-bmizerany-assert-0-0.1.gite17e998.el6 (FEDORA-EPEL-2014-3233)
Assertions for Go tests
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148700 - Review Request: golang-github-bmizerany-assert -
Assertions for Go tests
https://bugzilla.redhat.com/show_bug.cgi?id=1148700
--------------------------------------------------------------------------------
================================================================================
golang-github-bmizerany-pat-0-0.1.gitb8a3500.el6 (FEDORA-EPEL-2014-3217)
A Sinatra style pattern muxer for Go's net/http library
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148702 - Review Request: golang-github-bmizerany-pat - A Sinatra
style pattern muxer for Go's net/http library
https://bugzilla.redhat.com/show_bug.cgi?id=1148702
--------------------------------------------------------------------------------
================================================================================
golang-github-golang-glog-0-0.2.gitd1c4472.el6 (FEDORA-EPEL-2014-3245)
Leveled execution logs for Go
--------------------------------------------------------------------------------
Update Information:
New golang package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141861 - Review Request: golang-github-golang-glog - Leveled
execution logs for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1141861
--------------------------------------------------------------------------------
================================================================================
golang-github-influxdb-go-cache-0-0.1.git7d1d6d6.el6 (FEDORA-EPEL-2014-3256)
An in-memory key:value store/cache library for Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148692 - Review Request: golang-github-influxdb-go-cache - An
in-memory key:value store/cache library for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1148692
--------------------------------------------------------------------------------
================================================================================
golang-github-jmhodges-levigo-0-0.1.git253793d.el6 (FEDORA-EPEL-2014-3237)
Go wrapper for LevelDB
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148705 - Review Request: golang-github-jmhodges-levigo - Go
wrapper for LevelDB
https://bugzilla.redhat.com/show_bug.cgi?id=1148705
--------------------------------------------------------------------------------
================================================================================
golang-github-kr-fs-0-0.1.git2788f0d.el6 (FEDORA-EPEL-2014-3213)
Provides Go filesystem-related functions
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148447 - Review Request: golang-github-kr-fs - Provides Go
filesystem-related functions
https://bugzilla.redhat.com/show_bug.cgi?id=1148447
--------------------------------------------------------------------------------
================================================================================
golang-github-onsi-ginkgo-0-0.1.git90d6a47.el6 (FEDORA-EPEL-2014-3247)
A Golang BDD Testing Framework
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148456 - Review Request: golang-github-onsi-ginkgo - A Golang BDD
Testing Framework
https://bugzilla.redhat.com/show_bug.cgi?id=1148456
--------------------------------------------------------------------------------
================================================================================
golang-github-onsi-gomega-0-0.1.gita0ee4df.el6 (FEDORA-EPEL-2014-3240)
Ginkgo's Preferred Matcher Library
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148452 - Review Request: golang-github-onsi-gomega - Ginkgo's
Preferred Matcher Library
https://bugzilla.redhat.com/show_bug.cgi?id=1148452
--------------------------------------------------------------------------------
================================================================================
golang-github-stretchr-objx-0-0.2.gitcbeaeb1.el6 (FEDORA-EPEL-2014-3243)
Go package for dealing with maps, slices, JSON and other data
--------------------------------------------------------------------------------
Update Information:
New golang package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141864 - Review Request: golang-github-stretchr-objx - Go package
for dealing with maps, slices, JSON and other data
https://bugzilla.redhat.com/show_bug.cgi?id=1141864
--------------------------------------------------------------------------------
================================================================================
golang-github-stretchr-testify-0-0.3.gitda775f0.el6 (FEDORA-EPEL-2014-3227)
Tools for testifying that your code will behave as you intend
--------------------------------------------------------------------------------
Update Information:
New golang package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools
for testifying that your code will behave as you intend
https://bugzilla.redhat.com/show_bug.cgi?id=1141872
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-go-exp-0-0.1.hgbd8df7009305.el6 (FEDORA-EPEL-2014-3203)
Experimental tools and packages for Go
--------------------------------------------------------------------------------
Update Information:
new golang package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148481 - Review Request: golang-googlecode-go-exp - Experimental
tools and packages for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1148481
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-gomock-0-0.1.hge033c7513ca3.el6 (FEDORA-EPEL-2014-3246)
Mocking framework for the Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148477 - Review Request: golang-googlecode-gomock - Mocking
framework for the Go
https://bugzilla.redhat.com/show_bug.cgi?id=1148477
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-log4go-0-0.1.hgc3294304d93f.el6 (FEDORA-EPEL-2014-3257)
Logging package similar to log4j for the Go programming language
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148735 - Review Request: golang-googlecode-log4go - Logging
package similar to log4j for the Go programming language
https://bugzilla.redhat.com/show_bug.cgi?id=1148735
--------------------------------------------------------------------------------
================================================================================
igraph-0.7.1-1.el6 (FEDORA-EPEL-2014-3219)
Library for creating and manipulating graphs
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.1 in EPEL 6 and EPEL7
--------------------------------------------------------------------------------
================================================================================
inxi-2.2.14-1.el6 (FEDORA-EPEL-2014-3221)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.14
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 29 2014 Vasiliy N. Glazov <[email protected]> 2.2.14-1
- Update to 2.2.14
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-fts-3.2.0-1.el6 (FEDORA-EPEL-2014-3210)
Nagios probes to be run remotely against FTS3 machines
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1149178 - Review Request: nagios-plugins-fts - provides the nagios
probes for FTS3
https://bugzilla.redhat.com/show_bug.cgi?id=1149178
--------------------------------------------------------------------------------
================================================================================
nginx-1.0.15-8.el6 (FEDORA-EPEL-2014-2850)
A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:
* Security fix for CVE-2014-3616
* Create nginx-filesystem subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Jamie Nguyen <[email protected]> - 1.0.15-8
- fix typo in Requires
* Mon Sep 22 2014 Jamie Nguyen <[email protected]> - 1.0.15-7
- create nginx-filesystem subpackage (patch from Remi Collet)
* Mon Sep 22 2014 Jamie Nguyen <[email protected]> - 1.0.15-6
- fix CVE-2014-3616 virtual host confusion (#1142573, #1142576)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1142573 - CVE-2014-3616 nginx: virtual host confusion
https://bugzilla.redhat.com/show_bug.cgi?id=1142573
--------------------------------------------------------------------------------
================================================================================
perl-Redis-1.976-1.el6 (FEDORA-EPEL-2014-3242)
Perl binding for Redis database
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.976.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 David Dick <[email protected]> - 1.976-1
- Upgrade to 1.976.
* Fri Aug 29 2014 Jitka Plesnikova <[email protected]> - 1.975-2
- Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150530 - perl-Redis-1.976 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150530
--------------------------------------------------------------------------------
================================================================================
perl-Test-XML-0.08-2.el6 (FEDORA-EPEL-2014-3207)
Compare XML in perl tests
--------------------------------------------------------------------------------
Update Information:
This is the first Fedora/EPEL release of perl-Test-XML.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148580 - Review Request: perl-Test-XML - Compare XML in perl tests
https://bugzilla.redhat.com/show_bug.cgi?id=1148580
--------------------------------------------------------------------------------
================================================================================
php-phpunit-environment-1.1.0-1.el6 (FEDORA-EPEL-2014-3231)
Handle HHVM/PHP environments
--------------------------------------------------------------------------------
Update Information:
* Add Console::hasColorSupport()
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Remi Collet <[email protected]> - 1.1.0-1
- update to 1.1.0
- enable test suite
- composer dependencies
- add generated autoload.php
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.3.5-1.el6 (FEDORA-EPEL-2014-3238)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Fix to anitya processor.
Bugfixes to anitya and pkgdb processors.
New koschei and anitya processors.
Handle new pkgdb messages, certain legacy messages, and new bugzilla messages.
git messages now return the full patch via a call to msg2long_form
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Ralph Bean <[email protected]> - 0.3.5-1
- Further fixes to anitya.
* Wed Oct 8 2014 Ralph Bean <[email protected]> - 0.3.4-1
- Fixes to pkgdb and anitya processors.
* Fri Oct 3 2014 Ralph Bean <[email protected]> - 0.3.3-1
- New koschei and anitya processors.
* Mon Sep 29 2014 Ralph Bean <[email protected]> - 0.3.2-1
- Latest upstream.
- Handle different types of legacy messages.
- git messages now return the full patch via a call to msg2long_form.
- future-proofing against new types of bugzilla messages.
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.36-1.el6 (FEDORA-EPEL-2014-3205)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing logging in openidbaseclient
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 7 2014 Toshio Kuratomi <[email protected]> - 0.3.36-1
- New upstream release fixing logging in openidbaseclient
* Wed Aug 6 2014 Toshio Kuratomi <[email protected]> - 0.3.35-1
- Upstream 0.3.35 release that adds openidbaseclient
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.3.34-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name
'NullHandler' is not defined"
https://bugzilla.redhat.com/show_bug.cgi?id=1150301
--------------------------------------------------------------------------------
================================================================================
python-oauth2-1.5.211-8.el6 (FEDORA-EPEL-2014-3202)
Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Tom Callaway <[email protected]> - 1.5.211-8
- actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson)
* Fri Sep 12 2014 Tom Callaway <[email protected]> - 1.5.211-7
- Fix CVE-2013-4346 and CVE-2013-4347 (thanks to Philippe Makowski)
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 1.5.211-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores
the nonce value when validating signed urls
https://bugzilla.redhat.com/show_bug.cgi?id=1007746
[ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce
https://bugzilla.redhat.com/show_bug.cgi?id=1007758
--------------------------------------------------------------------------------
================================================================================
python-urllib2_kerberos-0.1.6-14.el6 (FEDORA-EPEL-2014-2747)
Kerberos over HTTP Negotiate/SPNEGO support for urllib2
--------------------------------------------------------------------------------
Update Information:
Fix logging format for Python 2.6 (#1065576)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Steve Traylen <[email protected]> - 0.1.6-14
- Remove debug from add-logging.patch. #1065576
* Thu Jul 3 2014 Matěj Cepl <[email protected]> - 0.1.6-13
- Fix logging format for Python 2.6 (#1065576)
* Mon Jun 30 2014 Toshio Kuratomi <[email protected]> - 0.1.6-12
- Replace python-setuptools-devel BR with python-setuptools
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065576 - Add additional patches to urllib2_kerberos
https://bugzilla.redhat.com/show_bug.cgi?id=1065576
--------------------------------------------------------------------------------
================================================================================
rubygem-ffi-1.0.9-10.el6 (FEDORA-EPEL-2014-3216)
FFI Extensions for Ruby
--------------------------------------------------------------------------------
Update Information:
- Fix support for bools in structs
- Backport of fix for upstream issue #114
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Dominic Cleal <[email protected]> - 1.0.9-10
- Fix support for bools in structs (upstream #114)
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
