Fedora EPEL 6 updates-testing report

updates Fri, 22 Apr 2011 10:55:18 -0700

The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-8.el6
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
    https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6
    https://admin.fedoraproject.org/updates/libmodplug-0.8.8.2-1.el6
    https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.el6
    https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.el6
    https://admin.fedoraproject.org/updates/tmux-1.4-3.el6
    https://admin.fedoraproject.org/updates/asterisk-1.8.3.3-1.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    ack-1.94-1.el6
    asterisk-1.8.3.3-1.el6
    lua-wsapi-1.3.4-4.el6
    perl-JavaScript-Minifier-1.05-6.el6
    python-demjson-1.6-1.el6

Details about builds:


================================================================================
 ack-1.94-1.el6 (FEDORA-EPEL-2011-3137)
 Grep-like text finder
--------------------------------------------------------------------------------
Update Information:

Update to 1.94
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 21 2011 <[email protected]> - 1.94-1
- Update to 1.94
--------------------------------------------------------------------------------


================================================================================
 asterisk-1.8.3.3-1.el6 (FEDORA-EPEL-2011-3141)
 The Open Source PBX
--------------------------------------------------------------------------------
Update Information:

The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
issues:

* File Descriptor Resource Exhaustion (AST-2011-005)
* Asterisk Manager User Shell Access (AST-2011-006)

The issues and resolutions are described in the AST-2011-005 and AST-2011-006
security advisories.

For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-005 and AST-2011-006, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3

Security advisory AST-2011-005 and AST-2011-006 are available at:

http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 21 2011 Jeffrey C. Ollie <[email protected]> - 1.8.3.3-1
- The Asterisk Development Team has announced security releases for Asterisk
- branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
- released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve 
two
- issues:
-
- * File Descriptor Resource Exhaustion (AST-2011-005)
- * Asterisk Manager User Shell Access (AST-2011-006)
-
- The issues and resolutions are described in the AST-2011-005 and AST-2011-006
- security advisories.
-
- For more information about the details of these vulnerabilities, please read 
the
- security advisories AST-2011-005 and AST-2011-006, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- 
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1
- 
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25
- 
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
- 
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3
-
- Security advisory AST-2011-005 and AST-2011-006 are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
* Wed Mar 23 2011 Jeffrey C. Ollie <[email protected]> - 1.8.3.2-2
- Bump release and rebuild for mysql 5.5.10 soname change.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #698916 - CVE-2011-1507 Asterisk: file descriptor resource 
exhaustion (AST-2011-005)
        https://bugzilla.redhat.com/show_bug.cgi?id=698916
  [ 2 ] Bug #698917 - CVE-2011-1599 Asterisk: Shell command execution via 
manager Originate action (AST-2011-006)
        https://bugzilla.redhat.com/show_bug.cgi?id=698917
--------------------------------------------------------------------------------


================================================================================
 lua-wsapi-1.3.4-4.el6 (FEDORA-EPEL-2011-3138)
 Lua Web Server API
--------------------------------------------------------------------------------
Update Information:

Require lua-coxpcall, fixes #666090
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 22 2011 Tim Niemueller <[email protected]> - 1.3.4-4
- Require lua-coxpcall, fixes #666090
* Tue Feb  8 2011 Fedora Release Engineering <[email protected]> 
- 1.3.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666090 - broken lua-wsapi package
        https://bugzilla.redhat.com/show_bug.cgi?id=666090
--------------------------------------------------------------------------------


================================================================================
 perl-JavaScript-Minifier-1.05-6.el6 (FEDORA-EPEL-2011-3139)
 Perl extension for minifying JavaScript code
--------------------------------------------------------------------------------
Update Information:

First EPEL build.
--------------------------------------------------------------------------------


================================================================================
 python-demjson-1.6-1.el6 (FEDORA-EPEL-2011-3136)
 Python JSON module and lint checker
--------------------------------------------------------------------------------
Update Information:

Update to version 1.6, with these improvements and changes:

* Bug fix: The jsonlint tool failed to accept a JSON document from standard 
input (stdin). Also added a --version and --copyright option support to 
jsonlint.
--------------------------------------------------------------------------------


_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list

Fedora EPEL 6 updates-testing report

Reply via email to