The following Fedora EPEL 5 Security updates need testing:
Age URL
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.08-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0400/bitlbee-3.2-1.el5
304
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
199
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
81
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0237/wordpress-3.5.1-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
bitlbee-3.2-1.el5
re2-20130115-2.el5
Details about builds:
================================================================================
bitlbee-3.2-1.el5 (FEDORA-EPEL-2013-0400)
IRC to other chat networks gateway
--------------------------------------------------------------------------------
Update Information:
BitlBee 3.2
===========
* By far the most important change, a thorough update to the Twitter module:
* Now using Twitter API 1.1,
* which means it's now using JSON instead of XML,
* which means access to the streaming API (Twitter only, other Twitter API
services don't seem to have it). No more 60-second polls, #twitter looks even
more like real IRC now!
* Also, the streaming API means nice things like receiving DMs.
* show_ids, already enabled by default for a while, now uses hexadecimal
numbers, which means a 256-entry backlog instead of just 100.
* Added a mode=strict setting which requires everything to be a command.
The "post" command should then be used to post a Tweet.
* Jabber module bugfix that fixes connection issues with at least Google Talk
but reportedly some other servers (OpenFire?) as well.
* SSL modules improved a little bit. GnuTLS module now supports SNI and
session caching. Shouldn't change much, but hopefully reduces latency and
bandwidth usage a little bit.
* A bunch of other fixes/improvements here and there.
BitlBee 3.0.6
=============
* Updated MSN module to speak MSNP18:
* Biggest change is that this brings MPOP support (you can sign in to one
account from multiple locations).
* Restored support for *sending* offline messages.
* Some support for federated (i.e. Yahoo!) contacts. (Only messages might
work, you won't see them online.)
* Twitter:
* Work-around for stalls that are still happening sometimes.
* Added "favourite" command.
* "show_ids" enabled by default.
* Handle see-other-host Jabber messages which should fix support for MSN-XMPP.
* Misc. fixes and improvements.
BitlBee 3.0.5
=============
* SSL certificate verification (edit your bitlbee.conf to enable it). Works
only with GnuTLS!
* OAuth2 support in Jabber module (works with Google Talk, Facebook and MSN
Messenger).
* Support for ad-hoc Jabber groupchats. Just create a channel and start
inviting people, similar to how this works on other IM networks. Works fine
with GTalk, depends on a conference server being set up on other networks.
* Allow old-style Jabber login (non-SASL), this solves problems with some
old/buggy Jabber servers. (acc jabber set sasl off)
* Use HTTPS for OAuth1 authentication traffic.
* Awareness of Twitter's t.co URL lengt^Wshortening when checking message
length.
* Fixed identi.ca OAuth support. OAuth will now always be used for both Twitter
and identi.ca accounts.
* Fix nick_format=%full_name with libpurple.
* Instead of "protocol(handle)", use the account tags introduced in 3.0 when
root wants to refer to an account (in log messages, queries, etc.)
* Many small bugfixes, improvements, etc.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 20 2013 Robert Scheck <[email protected]> 3.2-1
- Upgrade to 3.2 (#912675, thanks to Eike Hein and Rex Dieter)
- Use the new systemd macros (#850048, thanks to Václav Pavlín)
* Wed Feb 13 2013 Fedora Release Engineering <[email protected]>
- 3.0.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jul 24 2012 Matej Cepl <[email protected]> - 3.0.5-4
- The last version of SSL/NSS patch for the upstream #714
* Wed Jul 18 2012 Fedora Release Engineering <[email protected]>
- 3.0.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jun 21 2012 Matej Cepl <[email protected]> - 3.0.5-2
- Add more error handling to lib/ssl_nss.c
- Checking patches for compatibility with the current state of the word
and updating comments.
- Improve otr conditional
* Sat Mar 31 2012 Adam Williamson <[email protected]> - 3.0.5-1
- new upstream release 3.0.5
* Sat Jan 14 2012 Adam Williamson <[email protected]> - 3.0.4-3
- add upstream fix for a high-priority twitter disconnect/crasher
* Thu Jan 12 2012 Fedora Release Engineering <[email protected]>
- 3.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #912675 - Package BitlBee 3.2 (current package will break with
Twitter on 2013-03-05 due to new API)
https://bugzilla.redhat.com/show_bug.cgi?id=912675
[ 2 ] Bug #805302 - CVE-2012-1187 bitlbee: does not drop extra group
privileges [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=805302
--------------------------------------------------------------------------------
================================================================================
re2-20130115-2.el5 (FEDORA-EPEL-2013-0403)
C++ fast alternative to backtracking RE engines
--------------------------------------------------------------------------------
Update Information:
C++ fast alternative to backtracking RE engines
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #868578 - Review Request: re2 - C++ fast alternative to
backtracking RE engines
https://bugzilla.redhat.com/show_bug.cgi?id=868578
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list
