I figured I should give a status update on this, especially before I get too busy for the next few weeks. I'll update again in August if need be.
Thanks to those who have helped so far. I managed to wrangle a few of them myself yesterday too. ......... updated initial message below ........ There are several packages that need security updates that either have not been built yet, or there are some issues that need help and/or input from packagers. Please help out with these where you can. I'll try to organize these into categories and give a little info on them so it's easy to see if you can and want to help. Web apps -------- dokuwiki - needs updated to 2012-01-25a version, already in Cauldron. Cauldron package does have a bug that needs fixing. https://bugs.mageia.org/show_bug.cgi?id=6166 https://bugs.mageia.org/show_bug.cgi?id=6480 ocsinventory - Mageia 1 package needs to be updated or patched (patches available from MDV) https://bugs.mageia.org/show_bug.cgi?id=5252 https://bugs.mageia.org/show_bug.cgi?id=2129 mediawiki - versions we have are at or nearing EOL upstream, probably should be updated. Oliver Burger is working on this. https://bugs.mageia.org/show_bug.cgi?id=3448 wordpress - needs updated to 3.4.1, also QA has found some bugs in the current package. Damien Lallement is working on this. https://bugs.mageia.org/show_bug.cgi?id=4065 drupal - update built, issues found by QA need fixing. Oliver Burger is working on this. https://bugs.mageia.org/show_bug.cgi?id=5844 GNOME software -------------- libgdata - update needed for Mageia 1, may require patch or upgrade to libsoup https://bugs.mageia.org/show_bug.cgi?id=6330 libvirt - patch available from RedHat https://bugs.mageia.org/show_bug.cgi?id=6526 vte - vte3 still needs fixed in Mageia 2 https://bugs.mageia.org/show_bug.cgi?id=6161 gjs - doesn't rebuild against xulrunner in Mageia 1, but doesn't seem to be used by anything https://bugs.mageia.org/show_bug.cgi?id=6382 Games ----- ioquake3, openarena, urbanterror, alienarena - affected by DoS bug in quake3 engine https://bugs.mageia.org/show_bug.cgi?id=5496 Java-related ------------ jruby - just reported yesterday https://bugs.mageia.org/show_bug.cgi?id=6742 poi - In progress by D Morgan. Additional updates pending. https://bugs.mageia.org/show_bug.cgi?id=6011 apache-commons-compress - In progress by D Morgan. Mageia 1 updates pending. https://bugs.mageia.org/show_bug.cgi?id=6331 spring2 - In progress by D Morgan. Cauldron update pending. https://bugs.mageia.org/show_bug.cgi?id=6625 Ruby-related ------------ Several security issues, one possible packaging issue https://bugs.mageia.org/show_bug.cgi?id=6487 No response has been received from packagers yet ------------------------------------------------ avidemux/gstreamer0.10-ffmpeg - should be able to borrow patches from mplayer for mga1 (ffmpeg git for mga2) https://bugs.mageia.org/show_bug.cgi?id=6427 graphicsmagick - needs updated to 1.3.16 or patch backported, upstream patch linked in bug https://bugs.mageia.org/show_bug.cgi?id=6561 dropbear - Debian and upstream patches differ, no response received from upstream either. Patch proposed. https://bugs.mageia.org/show_bug.cgi?id=5611 abrt/libreport/btparser - should probably be upgraded to newer versions available from RedHat https://bugs.mageia.org/show_bug.cgi?id=6523 sos - 62 patches available from Fedora https://bugs.mageia.org/show_bug.cgi?id=6525 keepalived - possible patch from Gentoo for security issue, we have another open bug report too https://bugs.mageia.org/show_bug.cgi?id=6743 x11-server - bug has links to upstream commits used to fix this https://bugs.mageia.org/show_bug.cgi?id=6744 In progress (help needed to finish) ----------------------------------- busybox - will not build in Cauldron, tmb blames uClibc, which won't build either https://bugs.mageia.org/show_bug.cgi?id=6673 gc - links to upstream and Fedora patches available in bug, already fixed in Cauldron https://bugs.mageia.org/show_bug.cgi?id=6652 v8/chromium - In progress by D Morgan. chromium won't build for Mageia 1. https://bugs.mageia.org/show_bug.cgi?id=6679
