EPEL EL5 PPC koji builder repo broken?
The EL5 PPC koji builder seems to be unable to find at least some packages at the moment: http://koji.fedoraproject.org/koji/getfile?taskID=6923025name=mock_output.logoffset=-4000 http://kojipkgs.fedoraproject.org/repo/rhel/rhel-ppc-server-5/getPackage/gnutls-1.4.1-14.el5_10.ppc.rpm: [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found Trying other mirror. Error Downloading Packages: gnutls-1.4.1-14.el5_10.ppc: failed to retrieve gnutls-1.4.1-14.el5_10.ppc.rpm from build error was [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
Re: EPEL EL5 PPC koji builder repo broken?
On 06/04/2014 09:29 AM, Ville Skyttä wrote: The EL5 PPC koji builder seems to be unable to find at least some packages at the moment: http://koji.fedoraproject.org/koji/getfile?taskID=6923025name=mock_output.logoffset=-4000 http://kojipkgs.fedoraproject.org/repo/rhel/rhel-ppc-server-5/getPackage/gnutls-1.4.1-14.el5_10.ppc.rpm: [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found Trying other mirror. Error Downloading Packages: gnutls-1.4.1-14.el5_10.ppc: failed to retrieve gnutls-1.4.1-14.el5_10.ppc.rpm from build error was [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel It's not limited to PPC. I can see the same for i386: https://kojipkgs.fedoraproject.org//work/tasks/3011/6923011/root.log Volker ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
EPEL epel beta report: 20140604 changes
Compose started at Wed Jun 4 08:15:02 UTC 2014 New package: lhapdf-5.9.1-5.el7 Les Houches Accord PDF Interface New package: libvncserver-0.9.9-0.9.el7 Library to make writing a vnc server easy New package: pyfits-3.2.4-1.el7 Python interface to FITS New package: pythia8-8.1.80-1.el7 Pythia Event Generator for High Energy Physics New package: ratools-0.5.2-3.el7 Framework for IPv6 Router Advertisements Updated Packages: hiera-1.3.3-1.el7 - * Tue Jun 03 2014 Steve Traylen steve.tray...@cern.ch - 1.3.3-1 - New version 1.3.3, Update to latest ruby guidelines. libmediainfo-0.7.69-1.el7 - * Tue Jun 03 2014 Vasiliy N. Glazov vasc...@gmail.com 0.7.69-1 - Update to 0.7.69 * Fri May 23 2014 Vasiliy N. Glazov vasc...@gmail.com 0.7.68-2 - Update for tinyxml2 changes mediainfo-0.7.69-1.el7 -- * Tue Jun 03 2014 Vasiliy N. Glazov vasc...@gmail.com 0.7.69-1 - Update to 0.7.69 php-horde-Horde-Ldap-2.0.6-1.el7 * Tue Jun 03 2014 Remi Collet r...@fedoraproject.org - 2.0.6-1 - Update to 2.0.6 (security) qpid-cpp-0.26-9.el7 --- * Tue Jun 03 2014 Darryl L. Pierce dpie...@redhat.com - 0.26-9 - Fixed dependency of server-ha on qpid(server). zabbix20-2.0.12-2.el7 - * Tue Jun 03 2014 Volker Fröhlich volke...@gmx.at - 2.0.12-2 - Don't remove su directive from logrotate config in error - Adapt logrotate.in file and sed invocation from 2.2 packages * Tue Jun 03 2014 Volker Fröhlich volke...@gmx.at - 2.0.12-1 - New upstream release - Patch for ZBX-8238 (logrt may continue reading an old file repeatedly) Summary: Added Packages: 5 Removed Packages: 0 Modified Packages: 6 ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
Re: EPEL EL5 PPC koji builder repo broken?
On Wed, 04 Jun 2014 10:08:59 +0200 Volker Fröhlich volke...@gmx.at wrote: On 06/04/2014 09:29 AM, Ville Skyttä wrote: The EL5 PPC koji builder seems to be unable to find at least some packages at the moment: http://koji.fedoraproject.org/koji/getfile?taskID=6923025name=mock_output.logoffset=-4000 http://kojipkgs.fedoraproject.org/repo/rhel/rhel-ppc-server-5/getPackage/gnutls-1.4.1-14.el5_10.ppc.rpm: [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found Trying other mirror. Error Downloading Packages: gnutls-1.4.1-14.el5_10.ppc: failed to retrieve gnutls-1.4.1-14.el5_10.ppc.rpm from build error was [Errno 14] PYCURL ERROR 22 - The requested URL returned error: 404 Not Found ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel It's not limited to PPC. I can see the same for i386: https://kojipkgs.fedoraproject.org//work/tasks/3011/6923011/root.log This happens when rhel updates and the buildsys hasn't been able to get a new repo regen task in yet. I have forced one: http://koji.fedoraproject.org/koji/taskinfo?taskID=6924129 once thats done things should be back to normal. kevin signature.asc Description: PGP signature ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
Re: EPEL Maintaining libntlm for ppc64
On Mon, 2 Jun 2014 16:26:55 +0200 Till Maas opensou...@till.name wrote: Hi, libntlm is not available for ppc in RHEL7 and it is a dependency for a package I would like to build for EPEL7. Therefore I intend to create a package according to https://fedoraproject.org/wiki/EPEL:Packaging#Limited_Arch_Packages Are there any objections/other comments? We might want to hold off on limited arch packages until rhel7 is actually released... since we don't really know whats in the final set until it's there. Otherwise I think it should work fine. kevin signature.asc Description: PGP signature ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
Re: EPEL Maintaining libntlm for ppc64
On Wed, Jun 04, 2014 at 08:47:27AM -0600, Kevin Fenzi wrote: We might want to hold off on limited arch packages until rhel7 is actually released... since we don't really know whats in the final set until it's there. Unless RHEL will not publish packages with a lower EVR than before, it is easy to go on, because the EPEL package can either be retired or its version/release can be bumped. Regards Till ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
Re: EPEL Maintaining libntlm for ppc64
On 4 June 2014 18:18, Till Maas opensou...@till.name wrote: On Wed, Jun 04, 2014 at 08:47:27AM -0600, Kevin Fenzi wrote: We might want to hold off on limited arch packages until rhel7 is actually released... since we don't really know whats in the final set until it's there. Unless RHEL will not publish packages with a lower EVR than before, it is easy to go on, because the EPEL package can either be retired or its version/release can be bumped. +1 Yesterday I requested libvncserver for ppc64: http://koji.fedoraproject.org/koji/buildinfo?buildID=521113 Regards, --Simone -- You cannot discover new oceans unless you have the courage to lose sight of the shore (R. W. Emerson). http://xkcd.com/229/ http://negativo17.org/ ___ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
EPEL Fedora 5 updates-testing report
The following Fedora EPEL 5 Security updates need testing:
Age URL
774
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
228
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
108
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1.el5
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1515/check-mk-1.2.4p2-2.el5
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1544/python26-mod_wsgi-3.5-1.el5,mod_wsgi-3.5-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1575/chkrootkit-0.49-9.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
chkrootkit-0.49-9.el5
davix-0.3.1-1.el5
tomcat-native-1.1.30-1.el5
zabbix20-2.0.12-1.el5
Details about builds:
chkrootkit-0.49-9.el5 (FEDORA-EPEL-2014-1575)
Tool to locally check for signs of a rootkit
Update Information:
A quoting issue was found in chkrootkit which would lead to a file in /tmp/
being executed, if /tmp/ was mounted without the noexec option. chkrootkit is
typically run as the root user. A local attacker could use this flaw to
escalate their privileges.
The problematic part was:
file_port=$file_port $i
Which is changed to file_port=$file_port $i to fix the issue. From the Debian
diff:
--- chkrootkit-0.49.orig/debian/patches/CVE-2014-0476.patch
+++ chkrootkit-0.49/debian/patches/CVE-2014-0476.patch
@@ -0,0 +1,13 @@
+Index: chkrootkit/chkrootkit
+===
+--- chkrootkit.orig/chkrootkit
chkrootkit/chkrootkit
+@@ -117,7 +117,7 @@ slapper (){
+fi
+for i in ${SLAPPER_FILES}; do
+ if [ -f ${i} ]; then
+- file_port=$file_port $i
++ file_port=$file_port $i
+ STATUS=1
+ fi
+done
Acknowledgements:
Red Hat would like to thank Thomas Stangner for reporting this issue.
ChangeLog:
* Wed Jun 4 2014 Jon Ciesla limburg...@gmail.com - 0.49-9
- Patch for CVE-2014-0476, BZ 1104456, 11044567.
- Reapply vendor tag for el5.
References:
[ 1 ] Bug #1104456 - CVE-2014-0476 chkrootkit: local privilege escalation
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104456
[ 2 ] Bug #1104457 - CVE-2014-0476 chkrootkit: local privilege escalation
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104457
davix-0.3.1-1.el5 (FEDORA-EPEL-2014-1578)
Toolkit for Http-based file management
Update Information:
davix 0.3.1 release, see RELEASE-NOTES for changes
ChangeLog:
* Wed Jun 4 2014 Adrien Devresse adevress at cern.ch - 0.3.1-1
- davix 0.3.1 release, see RELEASE-NOTES for changes
* Tue Jun 3 2014 Adrien Devresse adevress at cern.ch - 0.3.0-1
- davix 0.3.0 release, see RELEASE-NOTES for changes
* Tue Jan 28 2014 Adrien Devresse adevress at cern.ch - 0.2.10-1
- davix 0.2.10 release, see RELEASE-NOTES for details
tomcat-native-1.1.30-1.el5 (FEDORA-EPEL-2014-1569)
Tomcat native library
Update Information:
Update to version 1.1.30 for Tomcat 7.0.54 compatibility.
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html
ChangeLog:
* Tue Apr 15 2014 Ville Skyttä ville.sky...@iki.fi - 1.1.30-1
- Update to 1.1.30
zabbix20-2.0.12-1.el5 (FEDORA-EPEL-2014-1574)
Open-source monitoring solution for your IT infrastructure
Update Information:
Release notes: http://www.zabbix.com/rn2.0.12.php
This build contains a patch for ZBX-8238:
https://support.zabbix.com/browse/ZBXNEXT-3238
logrt may continue reading an old file repeatedly.
ChangeLog:
* Tue Jun 3 2014 Volker Fröhlich volke...@gmx.at - 2.0.12-1
- New upstream release
- Patch for ZBX-8238 (logrt may
EPEL Fedora 6 updates-testing report
The following Fedora EPEL 6 Security updates need testing:
Age URL
774
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
121
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
106
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
65
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1414/gajim-0.14.4-4.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8.0.6-2.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-3.8-1.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1475/moodle-2.4.10-1.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1522/check-mk-1.2.4p2-2.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1536/xmlsec1-1.2.19-3.el6
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1563/mono-2.10.8-2.el6,libgdiplus-2.10-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1572/chkrootkit-0.49-9.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
chkrootkit-0.49-9.el6
davix-0.3.1-1.el6
perl-Net-Statsd-0.08-1.el6
python-moksha-hub-1.3.3-1.el6
python-pyramid-chameleon-0.1-1.el6
python-rxjson-0.2-1.el6
tomcat-native-1.1.30-1.el6
zabbix20-2.0.12-1.el6
Details about builds:
chkrootkit-0.49-9.el6 (FEDORA-EPEL-2014-1572)
Tool to locally check for signs of a rootkit
Update Information:
A quoting issue was found in chkrootkit which would lead to a file in /tmp/
being executed, if /tmp/ was mounted without the noexec option. chkrootkit is
typically run as the root user. A local attacker could use this flaw to
escalate their privileges.
The problematic part was:
file_port=$file_port $i
Which is changed to file_port=$file_port $i to fix the issue. From the Debian
diff:
--- chkrootkit-0.49.orig/debian/patches/CVE-2014-0476.patch
+++ chkrootkit-0.49/debian/patches/CVE-2014-0476.patch
@@ -0,0 +1,13 @@
+Index: chkrootkit/chkrootkit
+===
+--- chkrootkit.orig/chkrootkit
chkrootkit/chkrootkit
+@@ -117,7 +117,7 @@ slapper (){
+fi
+for i in ${SLAPPER_FILES}; do
+ if [ -f ${i} ]; then
+- file_port=$file_port $i
++ file_port=$file_port $i
+ STATUS=1
+ fi
+done
Acknowledgements:
Red Hat would like to thank Thomas Stangner for reporting this issue.
ChangeLog:
* Wed Jun 4 2014 Jon Ciesla limburg...@gmail.com - 0.49-9
- Patch for CVE-2014-0476, BZ 1104456, 11044567.
References:
[ 1 ] Bug #1104456 - CVE-2014-0476 chkrootkit: local privilege escalation
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104456
[ 2 ] Bug #1104457 - CVE-2014-0476 chkrootkit: local privilege escalation
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104457
davix-0.3.1-1.el6 (FEDORA-EPEL-2014-1577)
Toolkit for Http-based file management
Update Information:
davix 0.3.1 release, see RELEASE-NOTES for changes
ChangeLog:
* Wed Jun 4 2014 Adrien Devresse adevress at cern.ch - 0.3.1-1
- davix 0.3.1 release, see RELEASE-NOTES for changes
* Tue Jun 3 2014 Adrien Devresse adevress at cern.ch - 0.3.0-1
- davix 0.3.0 release, see RELEASE-NOTES for changes
* Tue Jan 28 2014 Adrien Devresse adevress at cern.ch - 0.2.10-1
- davix 0.2.10 release, see RELEASE-NOTES for details
perl-Net-Statsd-0.08-1.el6 (FEDORA-EPEL-2014-1570)
Sends statistics to the stats daemon over UDP
Update Information:
Initial release
References:
[ 1 ] Bug #1103466 - Review Request: perl-Net-Statsd - Sends statistics to
the stats daemon over UDP
https://bugzilla.redhat.com/show_bug.cgi?id=1103466
