[EPEL-devel] Fedora EPEL 6 updates-testing report

updates Wed, 25 Mar 2015 13:08:06 -0700

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 1067  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 132  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
 120  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
 109  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
  70  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0232/chicken-4.9.0.1-2.el6
  45  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0696/drupal7-path_breadcrumbs-3.2-1.el6
  27  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0864/nodejs-0.10.36-3.el6,libuv-0.10.34-1.el6,v8-3.14.5.10-17.el6
  25  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0985/drupal7-entity-1.6-1.el6
   9  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1286/nx-libs-3.5.0.29-1.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1317/mongodb-2.4.13-1.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1334/drupal7-ctools-1.7-1.el6
   5  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1319/drupal7-7.35-1.el6
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1346/drupal6-6.35-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1375/python-dulwich-0.10.0-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1380/moodle-2.6.10-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1396/drupal7-webform-4.6-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1404/tor-0.2.5.11-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1366/Django14-1.4.20-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1376/owncloud-7.0.5-2.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    Django14-1.4.20-1.el6
    dnsenum-1.2.4.2-1.el6
    drupal7-webform-4.6-1.el6
    examiner-0.5-15.el6
    moodle-2.6.10-1.el6
    opendkim-2.10.1-4.el6
    owncloud-7.0.5-2.el6
    pcl-1.7.1-8.el6
    perl-MCE-1.604-1.el6
    potrace-1.12-1.el6
    python-bloom-0.5.19-1.el6
    python-dulwich-0.10.0-1.el6
    python-rosdep-0.11.2-1.el6
    python-rosdistro-0.4.1-1.el6
    python-rosinstall-0.7.5-1.el6
    python-rospkg-1.0.35-1.el6
    python-x2go-0.5.0.3-1.el6
    qsstv-8.2.11-1.el6
    qt5-qtwebsockets-5.4.0-1.el6
    srm-1.2.15-1.el6
    tor-0.2.5.11-1.el6

Details about builds:


================================================================================
 Django14-1.4.20-1.el6 (FEDORA-EPEL-2015-1366)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-2317
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Matthias Runge <[email protected]> - 1.4.20-1
- fix CVE-2015-2317 (rhbz#1203619)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1202818 - CVE-2015-2317 Django: possible XSS attack via 
user-supplied redirect URLs
        https://bugzilla.redhat.com/show_bug.cgi?id=1202818
--------------------------------------------------------------------------------


================================================================================
 dnsenum-1.2.4.2-1.el6 (FEDORA-EPEL-2015-1365)
 A tool to enumerate DNS info about domains
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release 1.2.4.2
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Fabian Affolter <[email protected]> - 1.2.4.2-1
- Update to latest upstream release 1.2.4.2
* Fri Sep 12 2014 Fabian Affolter <[email protected]> - 1.2.4.1-1
- Update to latest upstream release 1.2.4.1
--------------------------------------------------------------------------------


================================================================================
 drupal7-webform-4.6-1.el6 (FEDORA-EPEL-2015-1396)
 Webform is the module for making surveys in Drupal
--------------------------------------------------------------------------------
Update Information:

- Security fix for drupal7-webform module
- Upstream release notes: https://www.drupal.org/node/2457219
- Release notes can be found at https://www.drupal.org/node/2454063
- Update to 4.3
- Release notes can be found at https://www.drupal.org/node/2427257

- Update to 4.2
- Release notes can be found at https://www.drupal.org/node/2381793
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Peter Borsa <[email protected]> 4.6-1
- Update to 4.6
- Release notes can be found at https://www.drupal.org/node/2457219
* Fri Mar 20 2015 Peter Borsa <[email protected]> 4.5-1
- Update to 4.5
- Release notes can be found at https://www.drupal.org/node/2454063
* Fri Feb 20 2015 Peter Borsa <[email protected]> 4.3-1
- Update to 4.3
- Release notes can be found at https://www.drupal.org/node/2427257
* Tue Dec 23 2014 Peter Borsa <[email protected]> 4.2-1
- Update to 4.2
- Release notes can be found at https://www.drupal.org/node/2381793
* Tue Nov 25 2014 Peter Borsa <[email protected]> 4.1-2
- Fix el6 spec file
* Tue Nov 25 2014 Peter Borsa <[email protected]> 4.1-1
- Update to 4.1
- Release notes can be found at https://www.drupal.org/node/2351973
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 4.0-0.3.beta3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205122 - drupal webform: multiple XSS flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=1205122
--------------------------------------------------------------------------------


================================================================================
 examiner-0.5-15.el6 (FEDORA-EPEL-2015-1417)
 Utility to disassemble and comment foreign executable binaries
--------------------------------------------------------------------------------
Update Information:

Add docs
--------------------------------------------------------------------------------


================================================================================
 moodle-2.6.10-1.el6 (FEDORA-EPEL-2015-1380)
 A Course Management System
--------------------------------------------------------------------------------
Update Information:

Update to latest versions of the respective branches.  f20 has been updated 
from 2.5.x to 2.6.x because 2.5.x is EOL.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Jon Ciesla <[email protected]> - 2.6.10-1
- 2.6.10, fix for security issues.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203203 - CVE-2015-2269 CVE-2015-2268 CVE-2015-2267 CVE-2015-2266 
CVE-2015-2272 CVE-2015-2273 CVE-2015-2270 CVE-2015-2271 moodle: multiple flaws 
in moodle [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1203203
  [ 2 ] Bug #1203205 - CVE-2015-2269 CVE-2015-2268 CVE-2015-2267 CVE-2015-2266 
CVE-2015-2272 CVE-2015-2273 CVE-2015-2270 CVE-2015-2271 moodle: multiple flaws 
in moodle [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1203205
  [ 3 ] Bug #1190119 - CVE-2015-1493 moodle: Directory Traversal Attack 
possible through some files serving JS (MSA-15-0009) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1190119
--------------------------------------------------------------------------------


================================================================================
 opendkim-2.10.1-4.el6 (FEDORA-EPEL-2015-1377)
 A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:

- Fixed typo in Group Name
- Added updated libtool definition
- Additional comments in spec file
- Patch SysV initscript to stop default key generation on startup
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Steve Jenkins <[email protected]> - 2.10.1-4
- Fixed typo in Group name
- Added updated libtool definition
- Additional comments in spec file
- Patch SysV initscript to stop default key generation on startup
* Thu Mar  5 2015 Adam Jackson <[email protected]> 2.10.1-3
- Drop sysvinit subpackage from F23+
--------------------------------------------------------------------------------


================================================================================
 owncloud-7.0.5-2.el6 (FEDORA-EPEL-2015-1376)
 Private file sync and share server
--------------------------------------------------------------------------------
Update Information:

This update provides the new release 7.0.5, which resolves currently 
undisclosed security vulnerabilities in ownCloud.

It is a minor version update and should apply without any issues or special 
handling, but as usual, we recommend backing up your data, configuration, and 
database before updating.

We have also backported a post-7.0.5 fix for a 'critical' issue: 
https://github.com/owncloud/core/issues/14843 .
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Adam Williamson <[email protected]> - 7.0.5-2
- fix patch backported in previous build (upstream made a booboo)
* Mon Mar 23 2015 Adam Williamson <[email protected]> - 7.0.5-1
- new release 7.0.5 (fixes yet-undisclosed vulns, #1204821 #1204823)
- also backport fix for 'severe' upstream issue #14843
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204821 - owncloud: new security issues fixed upstream in 6.0.7 
and 7.0.5
        https://bugzilla.redhat.com/show_bug.cgi?id=1204821
--------------------------------------------------------------------------------


================================================================================
 pcl-1.7.1-8.el6 (FEDORA-EPEL-2015-1408)
 Library for point cloud processing
--------------------------------------------------------------------------------
Update Information:

Fix VTK Libraries in PCLConfig.cmake (rhbz#1198957)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Rich Mattes <[email protected]> - 1.7.1-8
- Fix VTK Libraries in PCLConfig.cmake (rhbz#1198957)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1198957 - PCLConfig.cmake expects vtk libraries that are not found 
in EPEL for RHEL6
        https://bugzilla.redhat.com/show_bug.cgi?id=1198957
--------------------------------------------------------------------------------


================================================================================
 perl-MCE-1.604-1.el6 (FEDORA-EPEL-2015-1411)
 Many-core Engine for Perl providing parallel processing capabilities
--------------------------------------------------------------------------------
Update Information:

A new version of MCE is available. See 
http://cpansearch.perl.org/src/MARIOROY/MCE-1.604/CHANGES for summary of 
changes for this release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Petr Šabata <[email protected]> - 1.604-1
- 1.604 bump
* Wed Feb 11 2015 Petr Pisar <[email protected]> - 1.600-3
- Move mce_grep tool into a separate sub-package
* Tue Feb 10 2015 Petr Pisar <[email protected]> - 1.600-2
- Correct dependencies
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204474 - perl-MCE-1.604 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1204474
--------------------------------------------------------------------------------


================================================================================
 potrace-1.12-1.el6 (FEDORA-EPEL-2015-1387)
 Transform bitmaps into vector graphics
--------------------------------------------------------------------------------
Update Information:

Update to 1.12, fixing memory overflow bug with very large bitmaps.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Susi Lehtola <[email protected]> - 1.12-1
- Update to 1.12.
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]> 
- 1.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 1.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug  4 2013 Fedora Release Engineering <[email protected]> 
- 1.11-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed May 15 2013 Susi Lehtola <[email protected]> - 1.11-2
- Support for 64 bit ARM architecture (BZ #926364).
--------------------------------------------------------------------------------


================================================================================
 python-bloom-0.5.19-1.el6 (FEDORA-EPEL-2015-1397)
 Bloom is a release automation tool
--------------------------------------------------------------------------------
Update Information:

ROS support package updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Rich Mattes <[email protected]> - 0.5.19-1
- Update to 0.5.19
--------------------------------------------------------------------------------


================================================================================
 python-dulwich-0.10.0-1.el6 (FEDORA-EPEL-2015-1375)
 A python implementation of the Git file formats and protocols
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2014-9706 (rhbz#1204889, rhbz#1204890, and rhbz#1204891)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Fabian Affolter <[email protected]> - 0.10.0-1
- Fix for CVE-2014-9706 (rhbz#1204889, rhbz#1204890, and rhbz#1204891)
- Update to new upstream version 0.10.0
* Mon Mar 23 2015 Fabian Affolter <[email protected]> - 0.9.9-1
- Update to new upstream version 0.9.9
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]> 
- 0.9.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 27 2014 Fabian Affolter <[email protected]> - 0.9.7-1
- Update to new upstream version 0.9.7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204889 - CVE-2014-9706 python-dulwich: arbitrary files allowed to 
be commited, leading to code execution
        https://bugzilla.redhat.com/show_bug.cgi?id=1204889
--------------------------------------------------------------------------------


================================================================================
 python-rosdep-0.11.2-1.el6 (FEDORA-EPEL-2015-1397)
 ROS System Dependency Installer
--------------------------------------------------------------------------------
Update Information:

ROS support package updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Rich Mattes <[email protected]> - 0.11.2-1
- Update to release 0.11.2
- Update to latest github guidelines
--------------------------------------------------------------------------------


================================================================================
 python-rosdistro-0.4.1-1.el6 (FEDORA-EPEL-2015-1397)
 File format for managing ROS Distributions
--------------------------------------------------------------------------------
Update Information:

ROS support package updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Rich Mattes <[email protected]> - 0.4.1-1
- Update to release 0.4.1
--------------------------------------------------------------------------------


================================================================================
 python-rosinstall-0.7.5-1.el6 (FEDORA-EPEL-2015-1397)
 ROS installation utilities
--------------------------------------------------------------------------------
Update Information:

ROS support package updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Rich Mattes <[email protected]> - 0.7.5-1
- Update to release 0.7.5 (rhbz#1195536)
- Add python3 package
--------------------------------------------------------------------------------


================================================================================
 python-rospkg-1.0.35-1.el6 (FEDORA-EPEL-2015-1397)
 Utilities for ROS package, stack, and distribution information
--------------------------------------------------------------------------------
Update Information:

ROS support package updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar  4 2015 Rich Mattes <[email protected]> - 1.0.35-1
- Update to release 1.0.35
- Remove Fedora 12 spec conditionals
--------------------------------------------------------------------------------


================================================================================
 python-x2go-0.5.0.3-1.el6 (FEDORA-EPEL-2015-1400)
 Python module providing X2Go client API
--------------------------------------------------------------------------------
Update Information:

Update to 0.5.0.3:

- Catch several more exceptions on connection failures.
- Adapt to recent (x2goserver 4.0.1.19) in x2gomountdirs
- Fix usage of force_password in X2GoControlSession.connect()
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2015 Orion Poplawski <[email protected]> - 0.5.0.3-1
- Update to 0.5.0.3
--------------------------------------------------------------------------------


================================================================================
 qsstv-8.2.11-1.el6 (FEDORA-EPEL-2015-1373)
 Qt-based slow-scan TV and fax
--------------------------------------------------------------------------------
Update Information:

Fix rig CAT control bug.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Richard Shaw <[email protected]> - 8.2.11-1
- Update to latest upstream release, 8.2.11.
- Fixes CAT control bug.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204475 - qsstv-8.2.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1204475
--------------------------------------------------------------------------------


================================================================================
 qt5-qtwebsockets-5.4.0-1.el6 (FEDORA-EPEL-2015-1410)
 Qt5 - WebSockets component
--------------------------------------------------------------------------------
Update Information:

Add new Qt5 module: qtwebsockets
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1177038 - Review Request: qt5-qtwebsockets - Qt5 - WebSockets 
component
        https://bugzilla.redhat.com/show_bug.cgi?id=1177038
--------------------------------------------------------------------------------


================================================================================
 srm-1.2.15-1.el6 (FEDORA-EPEL-2015-1395)
 Secure file deletion
--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 1.2.15
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Fabian Affolter <[email protected]> - 1.2.15-1
- Update to new upstream version 1.2.15
--------------------------------------------------------------------------------


================================================================================
 tor-0.2.5.11-1.el6 (FEDORA-EPEL-2015-1404)
 Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
Update Information:

Update to upstream release 0.2.5.11.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 23 2015 Jamie Nguyen <[email protected]> - 0.2.5.11-1
- update to upstream release 0.2.5.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1204773 - tor: security fixes in 0.2.4.26 and 0.2.5.11
        https://bugzilla.redhat.com/show_bug.cgi?id=1204773
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

[EPEL-devel] Fedora EPEL 6 updates-testing report

Reply via email to