The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/cgit-0.9-1.el6
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
https://admin.fedoraproject.org/updates/clamav-0.97-11.el6
https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.10-1.el6
https://admin.fedoraproject.org/updates/wordpress-3.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
crlibm-1.0-0.4.beta4.el6
phpMyAdmin-3.3.10-1.el6
python-cli-1.1-1.el6
wordpress-3.1-1.el6
zarafa-6.40.6-1.el6
Details about builds:
================================================================================
crlibm-1.0-0.4.beta4.el6 (FEDORA-EPEL-2011-2882)
Correctly Rounded mathematical library
--------------------------------------------------------------------------------
Update Information:
Correctly Rounded mathematical library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #676159 - Review Request: crlibm - Correctly Rounded mathematical
library
https://bugzilla.redhat.com/show_bug.cgi?id=676159
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-3.3.10-1.el6 (FEDORA-EPEL-2011-2877)
Web based MySQL browser written in php
--------------------------------------------------------------------------------
Update Information:
Changes for 3.3.10.0 (2011-03-19)
- [structure] Aria table size printed as unknown, thanks to erickoh75 -
erickoh75
- [structure] Ordering by size gives incorrect results, thanks to Madhura
Jayaratne - madhuracj
- [core] 0 row(s) affected
- [core] Edit relational page and page number
- [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
- [lang] German update, thanks to [email protected].
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 21 2011 Robert Scheck <[email protected]> 3.3.10-1
- Upstream released 3.3.10 (#661335, #662366, #662367, #689213)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #661335 - CVE-2010-4480 phpMyAdmin: XSS vulnerability via crafted
BBCode tag in error.php
https://bugzilla.redhat.com/show_bug.cgi?id=661335
[ 2 ] Bug #662366 - CVE-2010-4481 phpMyAdmin: information disclosure flaw
(PMASA-2010-10)
https://bugzilla.redhat.com/show_bug.cgi?id=662366
--------------------------------------------------------------------------------
================================================================================
python-cli-1.1-1.el6 (FEDORA-EPEL-2011-2875)
A CLI construction toolkit for Python
--------------------------------------------------------------------------------
Update Information:
New Package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #688922 - Review Request: python-cli - A CLI construction toolkit
for Python
https://bugzilla.redhat.com/show_bug.cgi?id=688922
--------------------------------------------------------------------------------
================================================================================
wordpress-3.1-1.el6 (FEDORA-EPEL-2011-2879)
WordPress blogging software
--------------------------------------------------------------------------------
Update Information:
In order to protect against two CVEs*, I'm upgrading Wordpress in all
releases to 3.1. In addition, this will obsolete wordpress-mu, since this
functionality has been migrated to the main wordpress release as of wordpress
3.0, and wordpress-mu has been deprecated upstream. I would not normally make
so drastic a change on any stable release, especially EPEL, but backporting
patches to the 2.x series is becoming increasingly unmaintainable. This is
already done for rawhide and F15, and I intend to build for F13, F14, EL5 and
EL6 today, and send them to testing, and then push to stable one the
appropriate period has elapsed.
Please redistribute this to anyone you know who might be affected and may
not be on this list.
Thank you, Jon
* https://bugzilla.redhat.com/show_bug.cgi?id=687909
https://bugzilla.redhat.com/show_bug.cgi?id=687911
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 23 2011 Jon Ciesla <[email protected]> - 3.1-1
- 3.1.
* Mon Feb 7 2011 Fedora Release Engineering <[email protected]>
- 3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 3 2011 Jon Ciesla <[email protected]> - 3.0.4-2
- Obsoletes wordpress-mu, deprecated by upstream as of 3.0.x.
* Mon Jan 3 2011 Jon Ciesla <[email protected]> - 3.0.4-1
- 3.0.4. Security fixes, BZ 666782.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #687909 - CVE-2011-0700 CVE-2011-0701 wordpress: multiple
vulnerabilities corrected in 3.0.5 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=687909
--------------------------------------------------------------------------------
================================================================================
zarafa-6.40.6-1.el6 (FEDORA-EPEL-2011-2878)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Changelog 6.40.6 final [25584]
==============================
Backend:
- Feature #6630: Zarafa-gateway hostname in greeting.
- Feature #6950: Added more logging to spooler, dagent server and Outlook
client.
- Fix #6730: Error in server.log: SQL Failed: Mixing of GROUP columns.
- Fix #7068: Indexer not used for searches in shared folders.
- Fix #7152: unable to run zarafa-msr.
- Fix #7156: Zarafa-msr does not work on a 6.40.6 server (non-unicode).
- Fix #6774: BES license check fails.
- Fix #6810: Some fields are not shown in the GAB contact details.
- Fix #7056: Merge mail store relocator for 6.40.
- Fix #7112: Rules are not working any more after store relocated via
zarafa-msr.
- Fix #7116: Webaccess still destubed archived messages the wrong way.
- Fix #7124: Permissions on store are missing after msr move action.
- Fix #7126: Windows 7 ssl shows cert accept dialogue or can not create
profile.
- Fix #7146: zarafa-msr has no man-page.
- Fix #6876: zarafa-admin/outlook crash with ldap attribute 0x3A4E001E.
- Fix #7111: Zarafa-msr will not migrate WebAccess settings and out of office
settings.
- Fix #7058 Upgrading from 6.40.4 to 6.40.5 can break the rules.
- Fix #6067: Installer does not install the indexer or checks if initscript is
available to enable.
- Fix #7079: Segfault Zarafa-indexer 6.40.5.(Rare occasion).
- Fix #7028: Zarafa-indexer still fails in certain cases when
index_sync_stream is enabled.
- Fix #7098: Message stay in the outbox with cached mode.
- Fix #7072: No error given when wrong options are in the admin.cfg.
- Fix #7039: Unable to dismiss specific reminders.
- Fix #7030: Mac Ical cannot work with German(non English) folder names.
- Fix #6964: Search on attachment content in Sent Items of Outlook 2007 will
show no results.
- Fix #6887: Segfault zarafa-server 6.40.4. (Rare occasion).
- Fix #6165: Recursive restore does not stop on error.
- Fix #6326: caldav: Deleted appointments are still shown in sunbird.
- Fix #6825: ZARAFA_USERSCRIPT_LOCALE is not defined in any configuration file
when using Debian.
- Fix #6858: migration with exchange, RTF mail with large body crashes.
- Fix #6891: Memleak in spooler, introduced in [15597].
- Fix #6901: php-ext: don't use short tags in library classes.
- Fix #6913: Spooler log contains "BUG: invalid data in OutgoingQueue"
notifications.
- Fix #6915: Zarafa-dagent.cfg(5) manpage missing in deb packages.
- Fix #6930: Installer gives false errors on Ubuntu / Debian.
- Fix #6937: IMAP literal problem.
- Fix #7007: Error in include configfile gives wrong error on screen.
Webaccess:
- Fix #5939: Possible to execute shell commands with WebAccess
- Fix #7138: Tasks requests with umlauts in body will break.
- Fix #5962: Dropdown box Zoom in MUC does not work in Safari and Chromium.
- Fix #7022: Meting request occurence can be changed by an attendee without
permission from the organizer.
- Fix #6425: Script error pop-up when adding categories to email.
- Fix #6461: Caldav: reminder times in sunbird/lightning are different than in
WebAccess
- Fix #6484: Switching weeks in you calendar with arrow top right will show
empty calendar if you have all day event.
- Fix #6589: Limit the TO field in print view of email always to 1 line (max
20 addresses).
- Fix #6838: Cannot open task request message with preview pane off or bottom
view.
- Fix #6864: Convert to task doesn't set default priority.
- Fix #6910: Folder list view is not set to last opened folder if scrollbar is
present.
- Fix #6948: Unsaved appointment print dialog doesn't show anything, and never
stops loading.
- Fix #6951: Rename convert to task to "Create task from email" for better
understanding of the function.
- Fix #6952: Webaccess in en_US language will still show military time format
in print overview.
- Fix #6992: Using the edit as new option in your Sent Items twice does not
work, it will edit the first message.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 21 2011 Robert Scheck <[email protected]> 6.40.6-1
- Upgrade to 6.40.6
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list
