The following Fedora EPEL 6 Security updates need testing:
Age URL
990
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
209
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
80
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
55
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
43
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
32
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
23
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5.16-1.el6
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4766/mediawiki119-1.19.23-1.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4884/mapserver-6.0.4-1.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4918/dokuwiki-0-0.23.20140929b.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0151/docker-io-1.4.1-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
docker-io-1.4.1-2.el6
drupal7-features-2.3-1.el6
php-horde-Horde-Idna-1.0.1-1.el6
php-horde-Horde-Imap-Client-2.26.0-1.el6
php-horde-Horde-Kolab-Server-2.0.3-1.el6
php-horde-Horde-Mail-2.5.1-1.el6
php-horde-Horde-Smtp-1.8.0-1.el6
php-true-punycode-1.0.1-1.el6
python-flask-login-0.2.11-3.el6
python-gnupg-0.3.7-1.el6
python-trollius-1.0.4-1.el6
tito-0.5.6-2.el6
Details about builds:
================================================================================
docker-io-1.4.1-2.el6 (FEDORA-EPEL-2015-0151)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
don't require fish for fish-completion as it's unavailable
Resolves: rhbz#1175144 - update to 1.4.1
Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Lokesh Mandvekar <[email protected]> - 1.4.1-2
- don't require fish for fish-completion as it's unavailable
* Mon Jan 5 2015 Lokesh Mandvekar <[email protected]> - 1.4.1-1
- Resolves: rhbz#1175144 - update to 1.4.1
- patch to make 'docker exec' work
via Vincent Batts <[email protected]>
https://github.com/docker/libcontainer/issues/309
- subpackages for fish, zsh completion, vim highlighting and logrotate cron
job
* Mon Dec 15 2014 Lokesh Mandvekar <[email protected]> - 1.4.0-2
- Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
* Thu Dec 11 2014 Lokesh Mandvekar <[email protected]> - 1.4.0-1
- Resolves: rhbz#1173325
- Resolves: rhbz#1172761 - CVE-2014-9356
- Resolves: rhbz#1172782 - CVE-2014-9357
- Resolves: rhbz#1172787 - CVE-2014-9358
- update to upstream v1.4.0
- override DOCKER_CERT_PATH in sysconfig instead of patching the source
- update metaprovides
- define PR_SET_CHILD_SUBREAPER as per newer kernel-headers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172761 - CVE-2014-9356 docker: Path traversal during processing
of absolute symlinks
https://bugzilla.redhat.com/show_bug.cgi?id=1172761
[ 2 ] Bug #1172782 - CVE-2014-9357 docker: Escalation of privileges during
decompression of LZMA archives
https://bugzilla.redhat.com/show_bug.cgi?id=1172782
[ 3 ] Bug #1172787 - CVE-2014-9358 docker: Path traversal and spoofing
opportunities presented through image identifiers
https://bugzilla.redhat.com/show_bug.cgi?id=1172787
--------------------------------------------------------------------------------
================================================================================
drupal7-features-2.3-1.el6 (FEDORA-EPEL-2015-0123)
Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
Fixes an issue added in Drupal 7.33 that can cause merge conflicts when
collaborating on Features.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Paul W. Frields <[email protected]> - 2.3-1
- Update to upstream 2.3 release for bug fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179190 - drupal7-features-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1179190
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Idna-1.0.1-1.el6 (FEDORA-EPEL-2015-0154)
IDNA backend normalization package
--------------------------------------------------------------------------------
Update Information:
Normalized access to various backends providing IDNA (Internationalized Domain
Names in Applications) support.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179711 - Review Request: php-horde-Horde-Idna - IDNA backend
normalization package
https://bugzilla.redhat.com/show_bug.cgi?id=1179711
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.26.0-1.el6 (FEDORA-EPEL-2015-0124)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.26.0
* [mms] Fix handling mailbox cache data when the mailbox returns NOMODSEQ.
* [mms] IMAP alerts can now be handled by registering an observer with the new
Horde_Imap_Client_Base_Alerts object.
Horde_Smtp 1.8.0
* [mms] Failed recipients can now be determined via the
Horde_Smtp_Exception_Recipients exception thrown when calling Horde_Smtp#send().
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <[email protected]> - 2.26.0-1
- Update to 2.26.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Kolab-Server-2.0.3-1.el6 (FEDORA-EPEL-2015-0147)
A package for manipulating the Kolab user database
--------------------------------------------------------------------------------
Update Information:
Horde_Kolab_Server 2.0.3
* [jan] Improve PSR-2 compatibility.
* [jan] Remove PHPUnit dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <[email protected]> - 2.0.3-1
- Update to 2.0.3
- raise dependency on Horde_Test 2.4.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mail-2.5.1-1.el6 (FEDORA-EPEL-2015-0135)
Horde Mail Library
--------------------------------------------------------------------------------
Update Information:
Horde_Mail 2.5.1
* [mms] IDN support no longer requires intl to be built-in to PHP.
This package now requires php-horde-Horde-Idna and php-true-punycode.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <[email protected]> - 2.5.1-1
- Update to 2.5.1
- add required dependency on Horde_Idna
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Smtp-1.8.0-1.el6 (FEDORA-EPEL-2015-0124)
Horde SMTP Client
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.26.0
* [mms] Fix handling mailbox cache data when the mailbox returns NOMODSEQ.
* [mms] IMAP alerts can now be handled by registering an observer with the new
Horde_Imap_Client_Base_Alerts object.
Horde_Smtp 1.8.0
* [mms] Failed recipients can now be determined via the
Horde_Smtp_Exception_Recipients exception thrown when calling Horde_Smtp#send().
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2015 Remi Collet <[email protected]> - 1.8.0-1
- Update to 1.8.0
--------------------------------------------------------------------------------
================================================================================
php-true-punycode-1.0.1-1.el6 (FEDORA-EPEL-2015-0122)
A Bootstring encoding of Unicode for IDNA
--------------------------------------------------------------------------------
Update Information:
A Bootstring encoding of Unicode for Internationalized Domain Names in
Applications (IDNA).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179665 - Review Request: php-true-punycode - A Bootstring
encoding of Unicode for IDNA
https://bugzilla.redhat.com/show_bug.cgi?id=1179665
--------------------------------------------------------------------------------
================================================================================
python-flask-login-0.2.11-3.el6 (FEDORA-EPEL-2015-0132)
User session management for Flask
--------------------------------------------------------------------------------
Update Information:
add python3- subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 3 2015 Miroslav Suchy <[email protected]> - 0.2.11-3
- add python3- subpackage
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.2.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-gnupg-0.3.7-1.el6 (FEDORA-EPEL-2015-0126)
Python module for GnuPG
--------------------------------------------------------------------------------
Update Information:
Updated to 0.3.7 Merged in export-minimal and armor options, many encoding fixes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 6 2015 Paul Wouters <[email protected]> - 0.3.7-1
- Updated to 0.3.7 Merged in export-minimal and armor options, many encoding
fixes
--------------------------------------------------------------------------------
================================================================================
python-trollius-1.0.4-1.el6 (FEDORA-EPEL-2015-0148)
A port of the Tulip asyncio module to Python 2
--------------------------------------------------------------------------------
Update Information:
update to 1.0.4
update to 1.0.1
fix python-ordereddict dependency typo
Update to 0.2 release
add python-futures as build-dep
add python-futures as build-dep
--------------------------------------------------------------------------------
================================================================================
tito-0.5.6-2.el6 (FEDORA-EPEL-2015-0129)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Cleanup underlying builder when releaser completes.
Fixed bugs building old tags.
Add support for checking bugzilla flags before proceeding with a release.
Allow overriding builder for all releasers.
Requires new srpm_disttag setting for rsync/yum releasers.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 23 2014 Devan Goodwin <[email protected]> 0.5.6-1
- Require new srpm_disttag for rsync/yum releasers. ([email protected])
- Drop more test only requirements from spec. ([email protected])
- NameError: global name 'RawConfigParser' is not defined ([email protected])
- NameError: global name 'getoutput' is not defined ([email protected])
- E:166,16: Undefined variable 'config' (undefined-variable)
([email protected])
- defattr is not needed ([email protected])
- get rid of wildcards imports ([email protected])
- E:112,24: Instance of BuilderBase has no REQUIRED_ARGS member (no-member)
([email protected])
- change inheritance for ObsReleaser ([email protected])
- raw_input was renamed under python3 ([email protected])
- TypeError: __init__() takes exactly 1 argument (2 given) ([email protected])
- MockBuilder: cleanup underlying builder on completion ([email protected])
- Fix bugs building old tag with custom tito.props. (at that time)
([email protected])
- add links to upstream announcements and how-to articles
([email protected])
- add rpmdevtools as build dep for el5 ([email protected])
- Fix failing tests with no ~/.bugzillarc. ([email protected])
- Add documentation for bugzilla flag checking. ([email protected])
- Hookup bugzilla flag checking with dist git releasers. ([email protected])
- Fixes for Python 3. ([email protected])
- Add support for checking bz flags. ([email protected])
- Refactor dist-git releasers to separate module. ([email protected])
- fix the configuration examples to match the code ([email protected])
- add mailmap for cleaner shortlog output ([email protected])
- Allow overriding of builder on all releasers ([email protected])
- Cleanup builders on interruption when called directly ([email protected])
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
