The following Fedora EPEL 6 Security updates need testing: Age URL 505 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 24 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11198/filezilla-3.7.3-1.el6 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61-21.el6 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11393/nagios-3.5.1-1.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11417/graphite-web-0.9.12-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11429/mediawiki119-1.19.8-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11445/perl-Crypt-DSA-1.17-10.el6 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11453/python-pyrad-2.0-3.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11499/roundcubemail-0.9.4-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing bdii-5.2.22-1.el6 mysql-utilities-1.3.5-1.el6 nodejs-dateformat-1.0.6-1.el6 php-pecl-redis-2.2.4-1.el6 qpdf-5.0.0-5.el6 roundcubemail-0.9.4-1.el6 Details about builds: ================================================================================ bdii-5.2.22-1.el6 (FEDORA-EPEL-2013-11498) The Berkeley Database Information Index (BDII) -------------------------------------------------------------------------------- Update Information: - New upstream version 5.2.22 - Do not hardcode run directory -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 9 2013 Mattias Ellert <mattias.ell...@fysast.uu.se> - 5.2.22-1 - New upstream version 5.2.22 - Do not hardcode run directory -------------------------------------------------------------------------------- ================================================================================ mysql-utilities-1.3.5-1.el6 (FEDORA-EPEL-2013-11495) MySQL Utilities -------------------------------------------------------------------------------- Update Information: Upstream changelog: Release 1.3.5 (Released August 21, 2013) - BUG#17061126: mysqldiff needs an auto_increment ignoring option - BUG#17205680: non-deterministic failure of rpl_admin tests - BUG#17256821: Commercial and GPL msi distro shares build descriptor - BUG#17271100: mysqldbexport does not export fkeys - BUG#17316515: Community distros contain both GPL and Commercial license - BUG#17353571: GPL & Commercial msi installers create separate installs -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 9 2013 Remi Collet <r...@fedoraproject.org> - 1.3.5-1 - update to 1.3.5 GA -------------------------------------------------------------------------------- ================================================================================ nodejs-dateformat-1.0.6-1.el6 (FEDORA-EPEL-2013-11496) Steven Levithan's excellent dateFormat() function for Node.js -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #977118 - Review Request: nodejs-dateformat - Steven Levithan's excellent dateFormat() function for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=977118 -------------------------------------------------------------------------------- ================================================================================ php-pecl-redis-2.2.4-1.el6 (FEDORA-EPEL-2013-11501) Extension for communicating with the Redis key-value store -------------------------------------------------------------------------------- Update Information: Features / Improvements * Randomized reconnect delay for RedisArray @mobli. This feature adds an optional parameter when constructing a RedisArray object such that a random delay will be introduced if reconnections are made, mitigating any 'thundering herd' type problems. * Lazy connections to RedisArray servers @mobli. By default, RedisArray will attempt to connect to each server you pass in the ring on construction. This feature lets you specify that you would rather have RedisArray only attempt a connection when it needs to get data from a particular node (throughput/performance improvement). * Allow LONG and STRING keys in MGET/MSET * Extended SET options for Redis >= 2.6.12 * Persistent connections and UNIX SOCKET support for RedisArray * Allow aggregates for ZUNION/ZINTER without weights @mheijkoop * Support for SLOWLOG command * Reworked MGET algorithm to run in linear time regardless of key count. * Reworked ZINTERSTORE/ZUNIONSTORE algorithm to run in linear time Bug fixes * C99 Compliance (or rather lack thereof) fix @mobli * Added ZEND_ACC_CTOR and ZEND_ACC_DTOR @euskadi31 * Stop throwing and clearing an exception on connect failure @matmoi * Fix a false positive unit test failure having to do with TTL returns -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 9 2013 Remi Collet <r...@fedoraproject.org> - 2.2.4-1 - Update to 2.2.4 -------------------------------------------------------------------------------- ================================================================================ qpdf-5.0.0-5.el6 (FEDORA-EPEL-2013-11497) Command-line tools and library for transforming PDF files -------------------------------------------------------------------------------- Update Information: This brings qpdf into EPEL-6. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1004710 - [RFE] Pleas create EPEL-6 branch for this component https://bugzilla.redhat.com/show_bug.cgi?id=1004710 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-0.9.4-1.el6 (FEDORA-EPEL-2013-11499) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: 0.9.4, latest upstream. Require webserver rather than httpd. Two XSS flaws were fixed in roundcube 0.9.3 [1]: * Fix XSS vulnerability when saving HTML signatures [2],[3] * Fix XSS vulnerability when editing a message "as new" or draft [2],[4] [1] http://trac.roundcube.net/wiki/Changelog#RELEASE0.9.3 [2] http://trac.roundcube.net/ticket/1489251 [3] http://trac.roundcube.net/changeset/ce5a6496fd6039962ba7424d153278e41ae8761b/github [4] http://trac.roundcube.net/changeset/93b0a30c1c8aa29d862b587b31e52bcc344b8d16/github -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 9 2013 Jon Ciesla <limburg...@gmail.com> - 0.9.4-1 - 0.9.4 - Change httpd dep to webserver, BZ 1005696. * Fri Aug 23 2013 Adam Williamson <awill...@redhat.com> - 0.9.3-2 - patch tinymce to cope elegantly with Flash binary being removed * Fri Aug 23 2013 Jon Ciesla <limburg...@gmail.com> - 0.9.3-1 - Fix two XSS vulnerabilities: - http://trac.roundcube.net/ticket/1489251 * Fri Aug 16 2013 Jon Ciesla <limburg...@gmail.com> - 0.9.2-3 - Drop precompiled flash. * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jun 17 2013 Adam Williamson <awill...@redhat.com> - 0.9.2-1 - latest upstream - correct License field, add comment on complex licensing case * Wed May 1 2013 Adam Williamson <awill...@redhat.com> - 0.9.0-1 - latest upstream - drop MDB2 dependencies, add php-pdo dependency (upstream now using pdo not MDB2) - drop the update.sh script as it requires the installer framework we don't ship - update the Fedora README for changes to sqlite and update process - drop strict.patch, upstream actually merged it years ago, just in a slightly different format, and we kept dumbly diffing it - drop references to obsolete patches (all merged upstream long ago) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1005696 - roundcubemail depends on httpd (apache) https://bugzilla.redhat.com/show_bug.cgi?id=1005696 [ 2 ] Bug #1000511 - roundcubemail: two XSS flaws fixed in 0.9.3 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1000511 [ 3 ] Bug #1000512 - roundcubemail: two XSS flaws fixed in 0.9.3 [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1000512 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel