[EPEL-devel] Fedora EPEL 6 updates-testing report

updates Fri, 30 Jan 2015 08:04:24 -0800

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 1013  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 103  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
  78  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
  66  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
  54  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
  36  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4884/mapserver-6.0.4-1.el6
  34  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4918/dokuwiki-0-0.23.20140929b.el6
  16  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0232/chicken-4.9.0.1-2.el6
  15  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0278/Django14-1.4.18-1.el6
  13  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0315/docker-io-1.4.1-3.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0363/polarssl-1.3.2-4.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0368/puppetlabs-stdlib-4.5.1-1.20150121git7a91f20.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0407/seamonkey-2.28-3.ESR_31.4.0.el6
   3  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0436/privoxy-3.0.23-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0557/clamav-0.98.6-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0560/websvn-2.3.3-8.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    clamav-0.98.6-1.el6
    koji-1.9.0-10.el6.gitcd45e886
    php-pecl-http-2.2.0-1.el6
    websvn-2.3.3-8.el6

Details about builds:


================================================================================
 clamav-0.98.6-1.el6 (FEDORA-EPEL-2015-0557)
 Anti-virus software
--------------------------------------------------------------------------------
Update Information:

ClamAV 0.98.6
=============

ClamAV 0.98.6 is a bug fix release correcting the following:

  * library shared object revisions.
  * installation issues on some Mac OS X and FreeBSD platforms.
  * includes a patch from Sebastian Andrzej Siewior making ClamAV pid files 
compatible with systemd.
  * Fix a heap out of bounds condition with crafted Yoda's crypter files. This 
issue was discovered by Felix Groebert of the Google Security Team.
  * Fix a heap out of bounds condition with crafted mew packer files. This 
issue was discovered by Felix Groebert of the Google Security Team.
  * Fix a heap out of bounds condition with crafted upx packer files. This 
issue was discovered by Kevin Szkudlapski of Quarkslab.
  * Fix a heap out of bounds condition with crafted upack packer files. This 
issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
  * Compensate a crash due to incorrect compiler optimization when handling 
crafted petite packer files. This issue was discovered by Sebastian Andrzej 
Siewior.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 29 2015 Robert Scheck <[email protected]> - 0.98.6-1
- Upgrade to 0.98.6 and updated daily.cvd (#1187050)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1187050 - CVE-2014-9328 clamav: heap out of bounds condition with 
crafted upack packer files
        https://bugzilla.redhat.com/show_bug.cgi?id=1187050
--------------------------------------------------------------------------------


================================================================================
 koji-1.9.0-10.el6.gitcd45e886 (FEDORA-EPEL-2015-0552)
 Build system tools
--------------------------------------------------------------------------------
Update Information:

update to git snapshot to pull in lates upstream bugfixes and enhancements
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 27 2015 Dennis Gilmore <[email protected]> - 1.9.0-10.gitcd45e886
- update to git tarball
* Thu Dec 11 2014 Dennis Gilmore <[email protected]> - 1.9.0-9
- add upstream patch switching to TLS1 from sslv3
* Tue Sep 30 2014 Dennis Gilmore <[email protected]> - 1.9.0-8
- don't exclude koji-vm from ppc and ppc64
--------------------------------------------------------------------------------


================================================================================
 php-pecl-http-2.2.0-1.el6 (FEDORA-EPEL-2015-0555)
 Extended HTTP support
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog
* var_dump(http\Message) no longer automatically creates an empty body
* Added http\Message\Parser class
* Made http\Client::once() and http\Client::wait() available when using events
* Added http\Url::PARSE_MBLOC, http\Url::PARSE_MBUTF8, http\Url::PARSE_TOIDN 
and http\Url::PARSE_TOPCT constants
* Added http\Env\Response::setCookie()
* Added http\Env\Request::getCookie()
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 27 2015 Remi Collet <[email protected]> - 2.2.0-1
- Update to 2.2.0 (stable)
- add dependency on libidn
--------------------------------------------------------------------------------


================================================================================
 websvn-2.3.3-8.el6 (FEDORA-EPEL-2015-0560)
 Online subversion repository browser
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2013-6892
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 21 2015 Xavier Bachelot <[email protected]> 2.3.3-8
- Add patch for CVE-2013-6892 (RHBZ#1183632).
* Sun Jun  8 2014 Fedora Release Engineering <[email protected]> 
- 2.3.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug  4 2013 Fedora Release Engineering <[email protected]> 
- 2.3.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <[email protected]> 
- 2.3.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Dec  2 2012 Johan Cwiklinski <johan AT x-tnd DOT be> - 2.3.3-4
- Fix apache 2.4 configuration (bz #871495)
* Sun Jul 22 2012 Fedora Release Engineering <[email protected]> 
- 2.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1183632 - CVE-2013-6892 websvn: arbitrary file access when 
downloads enabled for users with commit access
        https://bugzilla.redhat.com/show_bug.cgi?id=1183632
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

[EPEL-devel] Fedora EPEL 6 updates-testing report

Reply via email to