[EPEL-devel] Fedora EPEL 5 updates-testing report

updates Mon, 27 Jul 2015 16:13:19 -0700

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 646  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
 410  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
 260  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
  10  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7241/xrdp-0.6.1-4.el5
   7  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7269/drupal7-path_breadcrumbs-3.3-1.el5
   4  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7293/mantis-1.2.19-3.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7340/drupal6-cck-2.10-1.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7337/lighttpd-1.4.36-1.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7370/wordpress-4.2.3-1.el5



The following builds have been pushed to Fedora EPEL 5 updates-testing

    check-mk-1.2.6p9-1.el5
    drupal6-cck-2.10-1.el5
    drupal7-ds-2.11-1.el5
    drupal7-metatag-1.7-1.el5
    globus-ftp-client-8.23-1.el5
    globus-ftp-control-6.7-1.el5
    globus-gridftp-server-8.0-1.el5
    globus-gss-assist-10.15-1.el5
    globus-net-manager-0.12-1.el5
    globus-xio-gridftp-driver-2.11-1.el5
    globus-xio-gridftp-multicast-1.6-1.el5
    lighttpd-1.4.36-1.el5
    nordugrid-arc-doc-2.0.3-1.el5
    wordpress-4.2.3-1.el5

Details about builds:


================================================================================
 check-mk-1.2.6p9-1.el5 (FEDORA-EPEL-2015-7343)
 A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:

New upstream release: 1.2.6p9
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Andrea Veri <[email protected]> - 1.2.6p9-1
- New upstream release.
--------------------------------------------------------------------------------


================================================================================
 drupal6-cck-2.10-1.el5 (FEDORA-EPEL-2015-7340)
 Allows you to add custom fields to nodes using a web browser
--------------------------------------------------------------------------------
Update Information:

https://www.drupal.org/project/cck
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 23 2015 Jon Ciesla <[email protected]> - 2.10-1
- Update to 2.10.
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 2.9-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 2.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug  3 2013 Fedora Release Engineering <[email protected]> 
- 2.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <[email protected]> 
- 2.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <[email protected]> 
- 2.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <[email protected]> 
- 2.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1232973 - drupal7-feeds-2.0-alpha9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1232973
--------------------------------------------------------------------------------


================================================================================
 drupal7-ds-2.11-1.el5 (FEDORA-EPEL-2015-7322)
 Extend the display options for every entity type
--------------------------------------------------------------------------------
Update Information:

## 7.x-2.11

* Issue #2492661 by Erik Frèrejean: Incorrect field info api documentation for 
'block fields'
* Issue #2507163 by aspilicious: Block regions cannot be deleted following 
upgrade to 2.10
* Issue #2497445 by aspilicious: Upgrading from DS 7.x-2.8 > DS 7.x-2.10 
changes view mode on nodes from full content to default on page
* Issue #2493145 by artis: Typo in recent commit for Token support in 7.x-2.x 
branch
* Issue #2490932: Undefined property: DatabaseConnection_mysql::$sid in 
node_ds_search_execute() (line 488 of ds_search.module)
* Issue #2453137 by aspilicious: Unable to overwrite theme_ds_field_expert
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Shawn Iwinski <[email protected]> - 2.11-1
- Updated to 2.11 (RHBZ #1246471)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1246471 - drupal7-ds-2.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1246471
--------------------------------------------------------------------------------


================================================================================
 drupal7-metatag-1.7-1.el5 (FEDORA-EPEL-2015-7358)
 Adds support and an API to implement meta tags
--------------------------------------------------------------------------------
Update Information:

## 7.x-1.7

This includes a few fixes to the previous release and is a recommended update 
for all sites.

The most important changes are:

* There's no longer any crazy logic to identify whether a given view is used 
for a particular entity's display, instead it just handles the core entities 
and adds a hook to allow custom modules to expand it further; see 
metatag.api.php for details of the new hook.
* The Viewport meta tag will no longer try splitting onto separate tags because 
it finds a comma; incidentally it's now only possible to have one Viewport meta 
tag.
* An update script is provided to convert data from the Page Title module; see 
the README.txt file in the metatag_importer submodule for details.

Full changelog since v7.x-1.6:

* Issue #2537738 by deepak_zyxware: Incorrect path to fb_social settings page.
* Issue #2535178 by DamienMcKenna: 'multiple' option on Viewport causes 
problems with the meta tag's intended values.
* Issue #2524460 by DamienMcKenna, adriancotter, gbirch, jrb: Remove custom 
wrangling for Views-based custom entity displays, added new hook to allow other 
modules to customize as needed (hook_metatag_views_post_render_get_entity).
* Issue #2199533 by Adrian Richardson, DamienMcKenna, mairi: Don't reload 
entities when processing tokens, it causes problems with content workflows.
* Issue #2513892 by DamienMcKenna: Tests for user objects.
* Issue #1658970 by DamienMcKenna, stefan.r, subhojit777, HyperGlide, 
jenlampton: Drush script to convert data from the Page Title module.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Shawn Iwinski <[email protected]> - 1.7-1
- Updated to 1.7 (RHBZ #1246704)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1246704 - drupal7-metatag-1.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1246704
--------------------------------------------------------------------------------


================================================================================
 globus-ftp-client-8.23-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 8.23-1
- GT6 update (Fix crash in error handling)
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 8.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 globus-ftp-control-6.7-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - GridFTP Control Library
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 6.7-1
- GT6 update (Fix old-style function definitions, Fix variable scope)
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 globus-gridftp-server-8.0-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 8.0-1
- GT6 update
- Add update_bytes api that sets byte counters and range markers separately
--------------------------------------------------------------------------------


================================================================================
 globus-gss-assist-10.15-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - GSSAPI Assist library
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 10.15-1
- GT6 update (Fix gridmap parsing error)
* Sun Jul 12 2015 Mattias Ellert <[email protected]> - 10.14-1
- GT6 update (Fix uninitialized variable)
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 10.13-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 globus-net-manager-0.12-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - Network Manager
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 0.12-1
- GT6 update (Fix memory leaks, NULL pointer derefs, and dead assignments)
* Sun Jul 12 2015 Mattias Ellert <[email protected]> - 0.10-1
- GT6 update (Fix uninitialized value, Remove unused variables)
--------------------------------------------------------------------------------


================================================================================
 globus-xio-gridftp-driver-2.11-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - Globus XIO GridFTP Driver
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 2.11-1
- GT6 update (Fix missing va_arg in attr_cntl, Fix memory leak)
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 2.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 globus-xio-gridftp-multicast-1.6-1.el5 (FEDORA-EPEL-2015-7357)
 Globus Toolkit - Globus XIO GridFTP Multicast Driver
--------------------------------------------------------------------------------
Update Information:

Globus Toolkit updates from upstream developers:

* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.0
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
* globus-xio-udt-driver 1.18

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Mattias Ellert <[email protected]> - 1.6-1
- GT6 update (Remove dead code, uninitialized variables, string parsing error)
* Wed Jun 17 2015 Fedora Release Engineering <[email protected]> 
- 1.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 lighttpd-1.4.36-1.el5 (FEDORA-EPEL-2015-7337)
 Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:

Latest upstream security release:

http://www.lighttpd.net/2015/7/26/1.4.36/
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 27 2015 Jon Ciesla <[email protected]> - 1.4.36-1
- 1.4.36 1246857, 1224910, 1224911.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1224911 - CVE-2015-3200 lighttpd: log injection via malformed 
base64 string in Authentication header [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1224911
  [ 2 ] Bug #1224910 - CVE-2015-3200 lighttpd: log injection via malformed 
base64 string in Authentication header [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1224910
  [ 3 ] Bug #1246857 - lighttpd-1.4.36 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1246857
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc-doc-2.0.3-1.el5 (FEDORA-EPEL-2015-7328)
 Advanced Resource Connector Documentation
--------------------------------------------------------------------------------
Update Information:

Minor documentation update.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 26 2015 Mattias Ellert <[email protected]> - 2.0.3-1
- 2.0.3 Final Release
--------------------------------------------------------------------------------


================================================================================
 wordpress-4.2.3-1.el5 (FEDORA-EPEL-2015-7370)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

**WordPress 4.2.3 Security and Maintenance Release**

WordPress 4.2.3 is now available. This is a security release for all previous 
versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.2.2 and earlier are affected by a cross-site scripting 
vulnerability, which could allow users with the Contributor or Author role to 
compromise a site. This was initially reported by Jon Cave and fixed by Robert 
Chapin, both of the WordPress security team, and later reported by Jouko 
Pynnönen.

We also fixed an issue where it was possible for a user with Subscriber 
permissions to create a draft through Quick Draft. Reported by Netanel Rubin 
from Check Point Software Technologies.

Our thanks to those who have practiced responsible disclosure of security 
issues.

WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, 
see:
* the release notes: https://codex.wordpress.org/Version_4.2.3
* the list of changes: 
https://core.trac.wordpress.org/log/branches/4.2?rev=33382&stop_rev=32430

--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 24 2015 Remi Collet <[email protected]> - 4.2.3-1
- WordPress 4.2.3 Security and Maintenance Release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1246396 - CVE-2015-5622 CVE-2015-5623 wordpress: cross-site 
scripting and permission issue fixed in
        https://bugzilla.redhat.com/show_bug.cgi?id=1246396
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

[EPEL-devel] Fedora EPEL 5 updates-testing report

Reply via email to