The following Fedora EPEL 6 Security updates need testing:
Age URL
299
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4.08-1.el6
76
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctools-1.10-1.el6
222
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.el6
487
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribble-0.83.4.1-10.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0267/mediawiki119-1.19.3-3.el6
24
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0123/python-tw2-jquery-2.0.3-5.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0298/roundcubemail-0.8.5-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0233/wordpress-3.5.1-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
datanommer-commands-0.4.2-1.el6
fail2ban-0.8.8-3.el6
openconnect-4.08-1.el6
openstack-packstack-2012.2.2-0.8.dev406.el6
php-jsonlint-1.1.1-1.el6
php-twig-Twig-1.12.2-1.el6
python-datanommer-models-0.4.2-1.el6
sipp-3.3-1.el6
sx-2.14-1.el6
tomcat-native-1.1.27-1.el6
yourls-1.5.1-3.el6
Details about builds:
================================================================================
datanommer-commands-0.4.2-1.el6 (FEDORA-EPEL-2013-0370)
Console commands for datanommer
--------------------------------------------------------------------------------
Update Information:
Latest upstream with a fix to datanommer-latest.
Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 14 2013 Ralph Bean <[email protected]> - 0.4.2-1
- Latest upstream with a bugfix to datanommer-latest.
* Thu Feb 7 2013 Ralph Bean <[email protected]> - 0.4.1-1
- Latest upstream from Jessica Anderson.
- Various enhancements and bugfixes.
- New datanommer-latest command.
- Tests now require python-mock.
- New dep on fedmsg.meta Fedora Infrastructure plugin.
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.8.8-3.el6 (FEDORA-EPEL-2013-0375)
Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:
- Add patch from upstream to fix module imports (Bug #892365)
- Add patch from upstream to UTF-8 characters in syslog (Bug #905097)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 14 2013 Orion Poplawski <[email protected]> - 0.8.8-3
- Add patch from upstream to fix module imports (Bug #892365)
- Add patch from upstream to UTF-8 characters in syslog (Bug #905097)
--------------------------------------------------------------------------------
================================================================================
openconnect-4.08-1.el6 (FEDORA-EPEL-2013-0376)
Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential buffer overflow in HTTP request generation, which
could be triggered by a malicious server generating a large number of cookies
or redirecting to a large path or hostname.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 13 2013 David Woodhouse <[email protected]> - 4.08-1
- Update to 4.08 release (#910331 CVE-2012-6128)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #910330 - CVE-2012-6128 openconnect: Stack-based buffer overflow
when processing certain host names, paths, or cookie lists
https://bugzilla.redhat.com/show_bug.cgi?id=910330
--------------------------------------------------------------------------------
================================================================================
openstack-packstack-2012.2.2-0.8.dev406.el6 (FEDORA-EPEL-2013-0367)
Openstack Install Utility
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
Here is where you give an explanation of your update.
Here is where you give an explanation of your update.
Here is where you give an explanation of your update.
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905083 - Endless loop if scp is missing on nodes
https://bugzilla.redhat.com/show_bug.cgi?id=905083
[ 2 ] Bug #906254 - packstack will fail if ntpd is running while ntpdate is
executed
https://bugzilla.redhat.com/show_bug.cgi?id=906254
[ 3 ] Bug #906269 - Please support Scientific Linux
https://bugzilla.redhat.com/show_bug.cgi?id=906269
[ 4 ] Bug #909111 - python-keystone dependency is missing
https://bugzilla.redhat.com/show_bug.cgi?id=909111
--------------------------------------------------------------------------------
================================================================================
php-jsonlint-1.1.1-1.el6 (FEDORA-EPEL-2013-0365)
JSON Lint for PHP
--------------------------------------------------------------------------------
Update Information:
1.1.1 (2013-02-12)
* Fixed handling of empty keys in objects in certain cases
Full change log: https://github.com/Seldaek/jsonlint/blob/1.1.1/CHANGELOG.mdown
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #910280 - php-jsonlint-1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=910280
--------------------------------------------------------------------------------
================================================================================
php-twig-Twig-1.12.2-1.el6 (FEDORA-EPEL-2013-0372)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
1.12.2 (2013-02-09)
* fixed the timezone used by the date filter and function when the given date
contains a timezone (like 2010-01-28T15:00:00+02:00)
* fixed globals when getGlobals is called early on
* added the first and last filter
Full change log: https://github.com/fabpot/Twig/blob/v1.12.2/CHANGELOG
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 12 2013 Shawn Iwinski <[email protected]> 1.12.2-1
- Updated to upstream version 1.12.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #909916 - php-twig-Twig-1.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=909916
--------------------------------------------------------------------------------
================================================================================
python-datanommer-models-0.4.2-1.el6 (FEDORA-EPEL-2013-0368)
SQLAlchemy models for datanommer
--------------------------------------------------------------------------------
Update Information:
Latest upstream with enhanced alembic migration.
Alembic upgrade scripts
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 14 2013 Ralph Bean <[email protected]> - 0.4.2-1
- Latest upstream with improved alembic migration.
* Thu Feb 7 2013 Ralph Bean <[email protected]> - 0.4.1-1
- Latest upstream contributed by Jessica Anderson.
- Included alembic upgrade scripts in /usr/share/datanommer.models/
--------------------------------------------------------------------------------
================================================================================
sipp-3.3-1.el6 (FEDORA-EPEL-2013-0371)
SIP test tool / traffic generator
--------------------------------------------------------------------------------
Update Information:
* Ver. 3.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 15 2013 Peter Lemenkov <[email protected]> - 3.3-1
- Ver. 3.3
* Fri Feb 15 2013 Fedora Release Engineering <[email protected]>
- 3.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <[email protected]>
- 3.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Feb 28 2012 Fedora Release Engineering <[email protected]>
- 3.2-5
- Rebuilt for c++ ABI breakage
* Sat Jan 14 2012 Fedora Release Engineering <[email protected]>
- 3.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sx-2.14-1.el6 (FEDORA-EPEL-2013-0374)
Tool to extract reports and run plug-ins against those extracted reports
--------------------------------------------------------------------------------
Update Information:
New upstream release to resolve bugs and add new features enhancements. No
backward compatibility issues known.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 15 2013 Niels de Vos <[email protected]> - 2.14-1
- Update to sx-2.14 (RHBZ#911620)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #911620 - Update to sx-2.14
https://bugzilla.redhat.com/show_bug.cgi?id=911620
--------------------------------------------------------------------------------
================================================================================
tomcat-native-1.1.27-1.el6 (FEDORA-EPEL-2013-0369)
Tomcat native library
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.27.
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 13 2013 Ville Skyttä <[email protected]> - 1.1.27-1
- Update to 1.1.27.
- Clean up specfile constructs no longer needed in Fedora or EL6+.
* Sat Jul 21 2012 Fedora Release Engineering <[email protected]>
- 1.1.24-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #910694 - tomcat-native-1.1.27 is available
https://bugzilla.redhat.com/show_bug.cgi?id=910694
--------------------------------------------------------------------------------
================================================================================
yourls-1.5.1-3.el6 (FEDORA-EPEL-2013-0373)
Your Own URL Shortener
--------------------------------------------------------------------------------
Update Information:
Add README.fedora
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 15 2013 Martin Krizek <[email protected]> - 1.5.1-3
- Add README.fedora
* Fri Feb 15 2013 Fedora Release Engineering <[email protected]>
- 1.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list
