[EPEL-devel] Fedora EPEL 6 updates-testing report

updates Thu, 14 May 2015 13:10:07 -0700

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 1117  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 182  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
  43  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1501/strongswan-5.3.0-1.el6
  34  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5742/asterisk-1.8.32.3-1.el6
  14  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6089/drupal7-views-3.11-1.el6
   8  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6158/libssh-0.5.5-4.el6
   8  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6164/t1utils-1.39-1.el6
   6  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5933/wordpress-4.2.2-1.el6
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6279/phpMyAdmin-4.0.10.10-1.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    burp-1.4.36-5.el6
    createrepo_c-0.8.2-1.el6
    mock-1.2.9-1.el6
    perl-Parse-Debian-Packages-0.03-2.el6
    phpMyAdmin-4.0.10.10-1.el6
    python-geoip-geolite2-2015.0303-4.el6

Details about builds:


================================================================================
 burp-1.4.36-5.el6 (FEDORA-EPEL-2015-6274)
 A network-based backup and restore program
--------------------------------------------------------------------------------
Update Information:

A network backup and restore program
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1186819 - Review Request: burp - Network backup / restore program
        https://bugzilla.redhat.com/show_bug.cgi?id=1186819
--------------------------------------------------------------------------------


================================================================================
 createrepo_c-0.8.2-1.el6 (FEDORA-EPEL-2015-6285)
 Creates a common metadata repository
--------------------------------------------------------------------------------
Update Information:

Update to 0.8.2
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 14 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.2-1
- doc: Add man pages for sqliterepo and update manpages for other tools
- mergerepo: Work only with noarch packages if --koji is used and
  no archlist is specified
- mergerepo: Use file:// protocol in local baseurl
- mergerepo: Do not include baseurl for first repo if --koji is specified 
(RhBug: 1220082)
- mergerepo_c: Support multilib arch for --koji repos
- mergerepo_c: Refactoring
- Print debug message with version in each tool when --verbose is used
- modifyrepo: Don't override file with itself (RhBug: 1215229)
* Wed May  6 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.1-1
- Fix bash completion for RHEL 6
* Tue May  5 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.0-1
- New tool Sqliterepo_c - It generates sqlite databases into repos
  where the sqlite is missing.
- Internal refactoring and code cleanup
* Fri Feb 20 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.7-1
- Proper directory for temporary files when --local-sqlite is used (Issue #12)
- Bring bash completion install dir and filenames up to date with current 
bash-completion
* Thu Jan  8 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.6-1
- Python: Add __contains__ method to Repomd() class
* Sun Dec 28 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.5-1
- Python repomd: Support for iteration and indexing by type - e.g. record = 
repomd['primary']
- Show warning if an XML parser probably parsed a bad type of medata (New XML 
parser warning type CR_XML_WARNING_BADMDTYPE)
- drpm library: Explicitly try to locate libdrpm.so.0
- deltarpms: Don't show options for delta rpms if support is not available
--------------------------------------------------------------------------------


================================================================================
 mock-1.2.9-1.el6 (FEDORA-EPEL-2015-6068)
 Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:

 * new upstream release 1.2.9
 * new plugin pm_request
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 13 2015 Miroslav Suchý <[email protected]> - 1.2.9-1
- scm: do not keep copy of environ, this is now handled by uidmanager 
[RHBZ#1204395]
- Add pm_request plugin
- Drop lvm2-python-libs requires and enable lvm subpackage on el6
- Use lvs instead of lvm python bindings
- Unshare IPC ns only for chroot processes
- Add missing flush in logOutput
- Avoid infinite recursion in selinux plugin
* Wed Apr 29 2015 Miroslav Suchý <[email protected]> - 1.2.8-1
- LVM plugin is removed on F22+ due RHBZ 1136366
- allow the chroot's location to be configurable [RHBZ#452730]
- send output of --chroot to log [RHBZ#1214178]
- chroot_scan: implement "only_failed" option [RHBZ#1190763]
- add comment why this previous commit was done [RHBZ#1192128]
- use rpm macros instead of cmd option for --nocheck [RHBZ#1192128]
- plugin options can be string if specified on command line [RHBZ#1193487]
- root_cache: do not assume volatile root with tmpfs [RHBZ#1193487]
- use CONFIG instead of CHROOT in help/man for --root option [RHBZ#1197131]
- more clarification on --dnf-cmd/--yum-cmd [RHBZ#1211621]
- scm correct the logic of exclude_vcs [RHBZ#1204240]
- ignore missing files in ccache [RHBZ#1210569]
- install buildsys-macros in el5 chroot [RHBZ#1213482]
- remove forgotten print statement [RHBZ#1202845]
- add a plugin that calls command (from the host) on the produced rpms.
- save/restore os.environ when dropping/restoring Privs [RHBZ#1204395]
- mock-scm pull tarball name from specfile instead of hardcoding [RHBZ#1204935]
- clarify "--yum-cmd" / "--dnf-cmd" options [RHBZ#1211621]
- return the SRPM name from do_buildsrpm (required for SCM builds) [1190450]
- binding DNF cache directory with yum_cache [RHBZ#1176560]
- suggest user to install dnf-plugins-core [RHBZ#1196248]
- ignore btrfs errors on non-btrfs systems [RHBZ#1205564]
- on F21- use hard deps instead of soft [RHBZ#1198769]
- delete btrfs subvolumes on exit [RHBZ#1205564]
- on python3 convert err from bytes to str [RHBZ#1211199]
- on F22+ use yum-deprecated instead of yum [RHBZ#1211978]
- if mountpoint is inside chroot, remove chroot part [RHBZ#1208299]
- chmod directory only if we really created it [RHBZ#1209532]
- port epel-5 configs to Python 3 [RHBZ#1204662]
- use nosync only for package management and chroot init [RHBZ#1184964]
- missing config file should not be fatal [RHBZ#1195749]
- pass variable "name" [RHBZ#1194171]
- correct chroot_scan configuration sample in site-defaults
- install missing chroot_scan plugin
- avoid creating resultdir as root
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1192128 - --nocheck does not work with older rpm
        https://bugzilla.redhat.com/show_bug.cgi?id=1192128
  [ 2 ] Bug #1204240 - the exclude_vcs option seems to be behaving opposite its 
intended meaning
        https://bugzilla.redhat.com/show_bug.cgi?id=1204240
  [ 3 ] Bug #1204935 - RFE: mock-scm pull tarball name from specfile instead of 
hardcoding
        https://bugzilla.redhat.com/show_bug.cgi?id=1204935
  [ 4 ] Bug #1211199 - mockchain: TypeError: must be str, not bytes
        https://bugzilla.redhat.com/show_bug.cgi?id=1211199
  [ 5 ] Bug #1204662 - epel-5-x86_64 can't be initialilzed
        https://bugzilla.redhat.com/show_bug.cgi?id=1204662
  [ 6 ] Bug #452730 - RFE: Allow mock chroot's location to be configurable
        https://bugzilla.redhat.com/show_bug.cgi?id=452730
  [ 7 ] Bug #1211621 - doc: unclear "--yum-cmd" / "--dnf-cmd" options
        https://bugzilla.redhat.com/show_bug.cgi?id=1211621
  [ 8 ] Bug #1213482 - Please provide buildsys-macros for EPEL5 builds
        https://bugzilla.redhat.com/show_bug.cgi?id=1213482
  [ 9 ] Bug #1190450 - SCM build fails with "CRITICAL: No package specified to 
rebuild command."
        https://bugzilla.redhat.com/show_bug.cgi?id=1190450
  [ 10 ] Bug #1198769 - mock invokes dnf builddep but doesn't say 
dnf-plugins-core needs to be installed
        https://bugzilla.redhat.com/show_bug.cgi?id=1198769
  [ 11 ] Bug #1209532 - [abrt] mock: mockchain:250:main:OSError: [Errno 1] 
Operation not permitted: '/var/tmp/taskotron-mockchain'
        https://bugzilla.redhat.com/show_bug.cgi?id=1209532
  [ 12 ] Bug #1184964 - mock builds with the nosync plugin result in nosync.so 
being a dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=1184964
  [ 13 ] Bug #1194171 - mock exits with traceback: NameError: global name 
'name' is not defined
        https://bugzilla.redhat.com/show_bug.cgi?id=1194171
  [ 14 ] Bug #1214178 - mock --chroot do not send output to log files
        https://bugzilla.redhat.com/show_bug.cgi?id=1214178
  [ 15 ] Bug #1197131 - CONFIG instead of CHROOT in help for -r option
        https://bugzilla.redhat.com/show_bug.cgi?id=1197131
  [ 16 ] Bug #1202845 - --copyin has gotten noisy
        https://bugzilla.redhat.com/show_bug.cgi?id=1202845
  [ 17 ] Bug #1176560 - RFE: support binding the DNF cache directory like Yum's
        https://bugzilla.redhat.com/show_bug.cgi?id=1176560
  [ 18 ] Bug #1208299 - mock archives bind mounts in root cache tar file
        https://bugzilla.redhat.com/show_bug.cgi?id=1208299
  [ 19 ] Bug #1195749 - mock exits with traceback if there is no 
/etc/resolv.conf
        https://bugzilla.redhat.com/show_bug.cgi?id=1195749
  [ 20 ] Bug #1190763 - RFE: Can Koji be made to grab logs from a tree it has 
just built or failed to build?
        https://bugzilla.redhat.com/show_bug.cgi?id=1190763
  [ 21 ] Bug #1193487 - root_cache plug-in overwrites root data if the tmpfs 
plug-in is enabled
        https://bugzilla.redhat.com/show_bug.cgi?id=1193487
  [ 22 ] Bug #1210569 - Race condition in mock's ccache plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=1210569
  [ 23 ] Bug #1204395 - mock-scm not using SSH_AUTH_SOCK environment variable
        https://bugzilla.redhat.com/show_bug.cgi?id=1204395
  [ 24 ] Bug #1196248 - Unable to build package for rawhide (f22)
        https://bugzilla.redhat.com/show_bug.cgi?id=1196248
  [ 25 ] Bug #1205564 - systemd creates 'var/lib/machines' btrfs subvolumes in 
mock root
        https://bugzilla.redhat.com/show_bug.cgi?id=1205564
  [ 26 ] Bug #1211978 - mock does not use "yum-deprecated" if yum >= 3.4.3-505 
is installed
        https://bugzilla.redhat.com/show_bug.cgi?id=1211978
--------------------------------------------------------------------------------


================================================================================
 perl-Parse-Debian-Packages-0.03-2.el6 (FEDORA-EPEL-2015-6284)
 Parse the data from a Debian Packages.gz
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1168260 - Review Request: perl-Parse-Debian-Packages - Parse the 
data from a debian Packages.gz
        https://bugzilla.redhat.com/show_bug.cgi?id=1168260
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-4.0.10.10-1.el6 (FEDORA-EPEL-2015-6279)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 4.0.10.10 (2015-05-13)
=================================

  - [security] CSRF vulnerability in setup
  - [security] Vulnerability allowing Man-in-the-middle attack
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 14 2015 Robert Scheck <[email protected]> 4.0.10.10-1
- Upgrade to 4.0.10.10 (#1221588, #1221580, #1221581)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1221580 - CVE-2015-3902 phpMyAdmin: XSRF/CSRF vulnerability in 
phpMyAdmin setup
        https://bugzilla.redhat.com/show_bug.cgi?id=1221580
  [ 2 ] Bug #1221581 - CVE-2015-3903 phpMyAdmin: Vulnerability allowing 
man-in-the-middle attack on API call to GitHub
        https://bugzilla.redhat.com/show_bug.cgi?id=1221581
--------------------------------------------------------------------------------


================================================================================
 python-geoip-geolite2-2015.0303-4.el6 (FEDORA-EPEL-2015-6277)
 GeoIP database access for Python under a BSD license
--------------------------------------------------------------------------------
Update Information:

2015.0303-5
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

[EPEL-devel] Fedora EPEL 6 updates-testing report

Reply via email to