The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/bugzilla-3.2.10-1.el5
https://admin.fedoraproject.org/updates/xml-security-c-1.5.1-2.el5
https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrowse-2.2.0-3.el5
https://admin.fedoraproject.org/updates/cgit-0.9.0.2-2.el5
https://admin.fedoraproject.org/updates/libsndfile-1.0.17-5.el5
https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
botan-1.8.13-2.el5
cgit-0.9.0.2-2.el5
etckeeper-0.56-1.el5
perl-Net-FTP-AutoReconnect-0.3-3.el5
perl-Net-FTP-RetrHandle-0.2-3.el5
python-pygments-1.4-1.el5
shorewall-4.4.21.1-3.el5
zanata-python-client-1.2.6-1.el5
Details about builds:
================================================================================
botan-1.8.13-2.el5 (FEDORA-EPEL-2011-3896)
Crypto library written in C++
--------------------------------------------------------------------------------
Update Information:
Botan 1.8.13 has been released with a fix for a recently discovered bug that
could cause crashes in multithreaded code.
A full description of the problem can be found on the mailing list:
http://lists.randombit.net/pipermail/botan-devel/2011-July/001455.html
Update to the latest version of the 1.8 series, 1.8.12.
Relevant items from the upstream changelog:
* If EMSA3(Raw) was used for more than one signature, it would produce
incorrect output.
* Fix a memory leak in the constructors of DataSource_Stream and
DataSink_Stream which would occur if opening the file failed. PR 144
See http://botan.randombit.net/log.html#version-1-8-12-2011-06-20.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 21 2011 Thomas Moschny <[email protected]> - 1.8.13-2
- Patch to revert the soname change.
* Wed Jul 20 2011 Thomas Moschny <[email protected]> - 1.8.13-1
- Update to 1.8.13.
* Sat Jul 2 2011 Thomas Moschny <[email protected]> - 1.8.12-1
- Update to 1.8.12.
* Mon Feb 7 2011 Fedora Release Engineering <[email protected]>
- 1.8.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cgit-0.9.0.2-2.el5 (FEDORA-EPEL-2011-3887)
A fast web interface for git
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential XSS vulnerability¹. A malicious user would need
push access to the git server in order to exploit this issue. Refer to the cgit
mailing list for:
Numerous minor bugs are also fixed. For details, refer to the upstream release
announcements for 0.9.0.1² and 0.9.0.2³.
¹ http://hjemli.net/pipermail/cgit/2011-July/000276.html
² http://hjemli.net/pipermail/cgit/2011-June/000183.html
³ http://hjemli.net/pipermail/cgit/2011-July/000273.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2011 Todd Zullinger <[email protected]> - 0.9.0.2-2
- Fix potential XSS vulnerability in rename hint
* Thu Jul 21 2011 Todd Zullinger <[email protected]> - 0.9.0.2-1
- Update to 0.9.0.2
--------------------------------------------------------------------------------
================================================================================
etckeeper-0.56-1.el5 (FEDORA-EPEL-2011-3884)
Store /etc in a SCM system (git, mercurial, bzr or darcs)
--------------------------------------------------------------------------------
Update Information:
Update to 0.56, a bugfix version. Relevant items from the upstream changelog:
* Handle files with % in their names.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 21 2011 Thomas Moschny <[email protected]> - 0.56-1
- Update to 0.56.
--------------------------------------------------------------------------------
================================================================================
perl-Net-FTP-AutoReconnect-0.3-3.el5 (FEDORA-EPEL-2011-3881)
FTP client class with automatic reconnect on failure
--------------------------------------------------------------------------------
Update Information:
This is a FTP client class with automatic reconnect on failure.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720085 - Review Request: perl-Net-FTP-AutoReconnect - FTP client
class with automatic reconnect on failure
https://bugzilla.redhat.com/show_bug.cgi?id=720085
--------------------------------------------------------------------------------
================================================================================
perl-Net-FTP-RetrHandle-0.2-3.el5 (FEDORA-EPEL-2011-3895)
Provides a file reading interface for reading files on a remote FTP server
--------------------------------------------------------------------------------
Update Information:
Support for skipping the beginning of the file is implemented with the FTP REST
command, which starts a retrieval at any point in the file. Support for
skipping the end of the file is implemented with the FTP ABOR command, which
stops the transfer. With these two commands and some careful tracking of the
current file position, we're able to reliably emulate a seek/read pair, and get
only the parts of the file that are actually read.
This was originally designed for use with Archive::Zip; it's reliable enough
that the table of contents and individual files can be extracted from a remote
ZIP archive without downloading the whole thing.
An interface compatible with IO::Handle is provided, along with a tie-based
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720086 - Review Request: perl-Net-FTP-RetrHandle - Provides a file
reading interface for reading files on a remote FTP server
https://bugzilla.redhat.com/show_bug.cgi?id=720086
--------------------------------------------------------------------------------
================================================================================
python-pygments-1.4-1.el5 (FEDORA-EPEL-2011-3880)
A syntax highlighting engine written in Python
--------------------------------------------------------------------------------
Update Information:
(from http://pygments.org/docs/changelog/#version-1-4)
Lexers added:
Factor (#520)
PostScript (#486)
Verilog (#491)
BlitzMax Basic (#478)
Ioke (#465)
Java properties, split out of the INI lexer (#445)
Scss (#509)
Duel/JBST
XQuery (#617)
Mason (#615)
GoodData (#609)
SSP (#473)
Autohotkey (#417)
Google Protocol Buffers
Hybris (#506)
Do not fail in analyse_text methods (#618).
Performance improvements in the HTML formatter (#523).
With the noclasses option in the HTML formatter, some styles present in the
stylesheet were not added as inline styles.
Four fixes to the Lua lexer (#480, #481, #482, #497).
More context-sensitive Gherkin lexer with support for more i18n
translations.
Support new OO keywords in Matlab lexer (#521).
Small fix in the CoffeeScript lexer (#519).
A bugfix for backslashes in ocaml strings (#499).
Fix unicode/raw docstrings in the Python lexer (#489).
Allow PIL to work without PIL.pth (#502).
Allow seconds as a unit in CSS (#496).
Support application/javascript as a JavaScript mime type (#504).
Support Offload C++ Extensions as keywords in the C++ lexer (#484).
Escape more characters in LaTeX output (#505).
Update Haml/Sass lexers to version 3 (#509).
Small PHP lexer string escaping fix (#515).
Support comments before preprocessor directives, and unsigned/ long long
literals in C/C++ (#613, #616).
Support line continuations in the INI lexer (#494).
Fix lexing of Dylan string and char literals (#628).
Fix class/procedure name highlighting in VB.NET lexer (#624).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 24 2011 Steve Milner <[email protected]> - 1.4-1
- update for upstream release
- Add python2.6 support done by Steve Traylen <[email protected]>.
BZ#662755.
* Tue Feb 8 2011 Fedora Release Engineering <[email protected]>
- 1.3.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Aug 25 2010 Thomas Spura <[email protected]> - 1.3.1-7
- update to most recent python guidelines
- rebuild with python3.2
http://lists.fedoraproject.org/pipermail/devel/2010-August/141368.html
* Thu Jul 22 2010 David Malcolm <[email protected]> - 1.3.1-6
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Thu May 6 2010 Gareth Armstrong <[email protected]> - 1.3.1-5
- Enforce that Pygments requires Python 2.4 or later via an explicit BR
- Minor tweaks to spec file
- Deliver html and reST doc files to specifically named directories
- Align description with that of http://pygments.org/
- Add %check section for Python2 and add BR on python-nose
* Fri Apr 23 2010 Steve 'Ashcrow' Milner <[email protected]> - 1.3.1-4
- switched with_python3 back to 1
* Fri Apr 23 2010 David Malcolm <[email protected]> - 1.3.1-3
- add python3 subpackage (BZ#537244), ignoring soft-dep on imaging for now
* Tue Apr 13 2010 Steve 'Ashcrow' Milner <[email protected]> - 1.3.1-2
- added python-imaging as a dependency per BZ#581663.
* Sat Mar 6 2010 Steve 'Ashcrow' Milner <[email protected]> - 1.3.1-1
- Updated for release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #662755 - RFE: Add a python26-pygments package to EPEL5
https://bugzilla.redhat.com/show_bug.cgi?id=662755
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.21.1-3.el5 (FEDORA-EPEL-2011-3883)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.2/releasenotes.txt
Update to 4.4.17.
See the release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.17/releasenotes.txt
And also the notes on migrating from 4.0 to 4.4:
http://www.shorewall.net/LennyToSqueeze.html
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 21 2011 Jonathan G. Underwood <[email protected]> -
4.4.21-3
- Properly use PERLLIB environment variable for installation of the perl
libraries
* Thu Jul 21 2011 Jonathan G. Underwood <[email protected]> -
4.4.21-2
- Fix Source URL versioning in spec file
* Thu Jul 21 2011 Jonathan G. Underwood <[email protected]> -
4.4.21-1
- Update to 4.4.21.1
- Fix BZ 720713 (incorrect init file LSB headers)
* Wed May 25 2011 Orion Poplawski <[email protected]> - 4.4.19.4-1
- Update to 4.4.19.4
* Sat Mar 5 2011 Jonathan G. Underwood <[email protected]> -
4.4.17-2
- Add executable permission to getparams
* Mon Feb 14 2011 Jonathan G. Underwood <[email protected]> -
4.4.17-1
- Update to 4.4.17
* Wed Feb 9 2011 Fedora Release Engineering <[email protected]>
- 4.4.11.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sat Aug 7 2010 Jonathan G. Underwood <[email protected]> -
4.4.11.1-1
- Update to version 4.4.11.1
* Fri Jul 2 2010 Jonathan G. Underwood <[email protected]> -
4.4.10-4
- Fix spec file typo
* Wed Jun 16 2010 Jonathan G. Underwood <[email protected]> -
4.4.10-3
- Remove separate macros for each tarball version - upstream now releases all
tarballs with the same version number
- Add virtual Provides for shorewall(firewall) to shorewall, shorewall-lite
and shorewall6-lite, and a Requires shorewall(firewall) to shorewall-init.
Note that shorewall6 Requires shorewall, so virtual provides not needed there
* Sun Jun 13 2010 Jonathan G. Underwood <[email protected]> -
4.4.10-2
- Add doc files to shorewall-lite subpackage
* Sun Jun 13 2010 Jonathan G. Underwood <[email protected]> -
4.4.10-1
- Update to version 4.4.10
- Add new shorewall-init subpackage
- Rename init.sh to shorewall-foo-init.sh
- Add shorewall-init.sh for init subpackage
* Thu Apr 1 2010 Jonathan G. Underwood <[email protected]> - 4.4.8-1
- Update to version 4.4.8
- Remove %buildroot setting
- Remove cleaning of buildroot during %install
- Fix %files
* Tue Feb 9 2010 Jonathan G. Underwood <[email protected]> - 4.4.6-2
- Fix missing man pages in file lists
* Mon Feb 8 2010 Jonathan G. Underwood <[email protected]> - 4.4.6-1
- Update to version 4.4.6
* Thu Dec 10 2009 Jonathan G. Underwood <[email protected]> -
4.4.4.2-3
- Fix typo in logrotate script name for shorewall6-lite
* Thu Dec 10 2009 Jonathan G. Underwood <[email protected]> -
4.4.4.2-2
- Add logrotate files to packages
* Thu Dec 10 2009 Jonathan G. Underwood <[email protected]> -
4.4.4.2-1
- Update to 4.4.4.2
* Fri Nov 6 2009 Jonathan G. Underwood <[email protected]> - 4.4.3-1
- Update to 4.4.3
* Thu Sep 3 2009 Jonathan G. Underwood <[email protected]> - 4.4.1-1
- Update to 4.4.1
* Tue Aug 18 2009 Jonathan G. Underwood <[email protected]> - 4.4.0-2
- Spec file cleanups with respect to package versioning
* Tue Aug 18 2009 Orion Poplawski <[email protected]> - 4.4.0-1
- Update to 4.4.0 final
* Sun Jul 26 2009 Fedora Release Engineering <[email protected]>
- 4.4.0-0.2.Beta3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jul 7 2009 Jonathan G. Underwood <[email protected]> -
4.4.0-0.1.Beta3
- Update to 4.4.0-Beta3
* Sat Jun 13 2009 Jonathan G. Underwood <[email protected]> -
4.3.12-3
- Fix filelist for shorewall6 to include macro.Trcrt
* Sat Jun 13 2009 Jonathan G. Underwood <[email protected]> -
4.3.12-2
- Remove rfc1918 entries from filelists as no longer included
* Fri Jun 12 2009 Jonathan G. Underwood <[email protected]> -
4.3.12-1
- Update to version 4.3.12
- Change init files to start as number 28 (previously 25) to ensure starting
after NetworkManager (BZ 505444)
* Wed May 27 2009 Jonathan G. Underwood <[email protected]> -
4.3.10-2
- Fix up /var/lib directories (BZ 502929)
* Fri May 8 2009 Jonathan G. Underwood <[email protected]> -
4.3.10-1
- Update to development branch, rearrange sub-packages accordingly
- Remove shorewall-shell, shorewall-perl, shorewall-common subpackages
* Fri May 8 2009 Jonathan G. Underwood <[email protected]> - 4.2.8-1
- Update to version 4.2.8
- Update shorewall-perl to 4.2.8.2
- Use global instead of define in macros to comply with packaging guidelines
* Mon Apr 13 2009 Jonathan G. Underwood <[email protected]> - 4.2.7-5
- Update shorewall-perl to version 4.2.7.3
* Fri Apr 3 2009 Jonathan G. Underwood <[email protected]> - 4.2.7-4
- Update shorewall-perl to version 4.2.7.1 (BZ 493984)
* Thu Mar 26 2009 Jonathan G. Underwood <[email protected]> - 4.2.7-3
- Really make the perl compiler default
* Tue Mar 24 2009 Jonathan G. Underwood <[email protected]> - 4.2.7-2
- Make the perl compiler the default. Drop shorewall-shell requirement from
shorewall package
* Tue Mar 24 2009 Jonathan G. Underwood <[email protected]> - 4.2.7-1
- Update to version 4.2.7
* Fri Mar 6 2009 Jonathan G. Underwood <[email protected]> - 4.2.6-2
- Update shorewall-perl to version 4.6.2.2
* Thu Feb 26 2009 Jonathan G. Underwood <[email protected]> - 4.2.6-1
- Update to version 4.2.6
* Wed Feb 25 2009 Fedora Release Engineering <[email protected]>
- 4.2.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sun Feb 1 2009 Jonathan G. Underwood <[email protected]> - 4.2.5-2
- Update shorewal-perl to version 4.2.5.1
* Sat Jan 24 2009 Jonathan G. Underwood <[email protected]> - 4.2.5-1
- Update to version 4.2.5
* Thu Jan 15 2009 Jonathan G. Underwood <[email protected]> - 4.2.4-4
- Really update shorewall-perl to 4.2.4.6
* Thu Jan 15 2009 Jonathan G. Underwood <[email protected]> - 4.2.4-3
- Update shorewall-perl to 4.2.4.6
* Thu Jan 15 2009 Jonathan G. Underwood <[email protected]> - 4.2.4-2
- Fix up dependencies between sub-packages
- No longer attempt to own all files in /var/lib/shorewall* but rather clean
them up on package removal
* Sun Jan 11 2009 Jonathan G. Underwood <[email protected]> - 4.2.4-1
- Update to version 4.2.4 which adds IPV6 support and two new sub-packages
(shorewall6 and shorewall6-lite)
- Add proper versioning to sub-packages
- Remove patch patch-perl-4.2.3.1
* Tue Dec 30 2008 Jonathan G. Underwood <[email protected]> - 4.2.3-2
- Add upstream patch patch-perl-4.2.3.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720713 - Copy-and-paste error in /etc/rc.d/init.d/shorewall6
https://bugzilla.redhat.com/show_bug.cgi?id=720713
[ 2 ] Bug #654787 - shorewall-4.4.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=654787
--------------------------------------------------------------------------------
================================================================================
zanata-python-client-1.2.6-1.el5 (FEDORA-EPEL-2011-3903)
Python Client for Zanata Server
--------------------------------------------------------------------------------
Update Information:
Fix bugs and improve usability
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 20 2011 James Ni <[email protected]> - 1.2.6-1
- Change to version 1.2.6
* Thu Jun 2 2011 James Ni <[email protected]> - 1.2.5-3
- Fix error of onditionals of RHEL5
* Thu Jun 2 2011 James Ni <[email protected]> - 1.2.5-2
- Add python-simplejson requires for RHEL5
* Wed Jun 1 2011 James Ni <[email protected]> - 1.2.5-1
- Bug fix and usability improvement
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list
