The following Fedora EPEL 6 Security updates need testing:
Age URL
512
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
31
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11198/filezilla-3.7.3-1.el6
26
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61-21.el6
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11417/graphite-web-0.9.12-1.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11445/perl-Crypt-DSA-1.17-10.el6
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11453/python-pyrad-2.0-3.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11499/roundcubemail-0.9.4-1.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11507/tinyproxy-1.8.3-1.el6
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11525/moodle-2.4.6-1.el6
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11556/openstack-swift-1.7.4-3.el6
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11552/glpi-0.83.9.1-4.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11579/proftpd-1.3.3g-3.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11585/Django14-1.4.8-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11598/wordpress-3.6.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
Django14-1.4.8-1.el6
arprec-2.2.16-3.el6
bwm-ng-0.6-6.el6.2
libstatgrab-0.90-1.el6
mysql-mmm-2.2.1-2.el6
ovirt-engine-cli-3.3.0.4-1.el6
ovirt-engine-sdk-python-3.3.0.6-1.el6
pcp-3.8.4-2.el6
php-pecl-apcu-4.0.2-2.el6
python-peewee-2.1.4-3.el6
python-wtf-peewee-0.2.2-1.el6
wordpress-3.6.1-1.el6
Details about builds:
================================================================================
Django14-1.4.8-1.el6 (FEDORA-EPEL-2013-11585)
A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:
fix CVE-2013-1443
Rebase to 1.4.7, fixes CVE-2013-4315
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Matthias Runge <mru...@redhat.com> - 1.4.8-1
- update to 1.4.8, fix CVE-2013-1443, (DoS via large passwords)
- fixes rhbz#1008282
* Thu Sep 12 2013 Matthias Runge <mru...@redhat.com> - 1.4.7-1
- update to 1.4.7, fix CVE 2013-4315, fixes rhbz 1007020
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008279 - CVE-2013-1443 python-django: DoS via large passwords
https://bugzilla.redhat.com/show_bug.cgi?id=1008279
[ 2 ] Bug #1004969 - CVE-2013-4315 python-django: directory traversal with
"ssi" template tag
https://bugzilla.redhat.com/show_bug.cgi?id=1004969
--------------------------------------------------------------------------------
================================================================================
arprec-2.2.16-3.el6 (FEDORA-EPEL-2013-11595)
Software package for performing arbitrary precision arithmetic
--------------------------------------------------------------------------------
Update Information:
ARPREC is a software package for performing arbitrary precision arithmetic. It
consists of a revision and extension of Bailey's earlier MPFUN package,
enhanced with special IEEE numerical techniques. Features include: * Written in
C++ for broad portability and fast execution. * Includes C++ and Fortran 90/95
interfaces based on custom data-types and operator/function overloading, which
permit the library to be used with only minor modifications for many
conventional C++ and Fortran-90 programs. * Includes all of the usual
arithmetic operations, as well as many transcendental functions, including cos,
sin, tan, arccos, arcsin, arctan, exp, log, log10, erf, gamma and Bessel
functions. * Supports three arbitrary precision data-types: mp_real, mp_int and
mp_complex. * Supports many mixed-mode operations between arbitrary precision
variables or constants and conventional variables or constants. * Includes
special library routines, incorporating advanced algorithms for extra-high
precision (above 1000 digits) computation. * Includes a number of sample
application programs, including programs for quadrature (numerical definite
integrals), PLSQ (integer relation finding) and polynomial root finding. *
Includes the "Experimental Mathematician's Toolkit". This is a self-contained
interactive program that performs many operations typical of modern
experimental mathematics, including arithmetic expressions, common
transcendental functions, infinite series evaluation, definite integrals,
polynomial roots, user-defined functions, all evaluated to a user-defined level
of numeric precision, up to 1000 decimal digits.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007577 - Review Request: arprec - Software package for performing
arbitrary precision arithmetic
https://bugzilla.redhat.com/show_bug.cgi?id=1007577
--------------------------------------------------------------------------------
================================================================================
bwm-ng-0.6-6.el6.2 (FEDORA-EPEL-2013-11586)
Bandwidth Monitor NG
--------------------------------------------------------------------------------
Update Information:
Build against new libstatgrab (currently broken deps).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Oliver Falk <oli...@linux-kernel.at> - 0.6-6.2
- Need to disable libstatgrab at the moment because of incompatibility
--------------------------------------------------------------------------------
================================================================================
libstatgrab-0.90-1.el6 (FEDORA-EPEL-2013-11580)
Make system statistics
--------------------------------------------------------------------------------
Update Information:
- Update
- Should fix BZ#925891
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 13 2013 Oliver Falk <oli...@linux-kernel.at> - 0.90-1
- Update
- Should fix BZ#925891
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #925891 - libstatgrab: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=925891
--------------------------------------------------------------------------------
================================================================================
mysql-mmm-2.2.1-2.el6 (FEDORA-EPEL-2013-11594)
Multi-Master Replication Manager for MySQL
--------------------------------------------------------------------------------
Update Information:
mysql-mmm-mon was missing a dependency on perl-Time-Hires
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 15 2013 Ruben Kerkhof <ru...@rubenkerkhof.com> 2.2.1-2
- Monitor needs dependency on perl-Time-HiRes (#915665)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #915665 - mysql-mmm-mon is missing a dependency on perl-Time-Hires
https://bugzilla.redhat.com/show_bug.cgi?id=915665
--------------------------------------------------------------------------------
================================================================================
ovirt-engine-cli-3.3.0.4-1.el6 (FEDORA-EPEL-2013-11589)
oVirt Engine Command Line Interface
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.3.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Juan Hernandez <juan.hernan...@redhat.com> - 3.3.0.4-1
- Update to upstream 3.3.0.4
- Use the renamed ovirt-engine-sdk-python package
- Remove the dependency on pexpect
--------------------------------------------------------------------------------
================================================================================
ovirt-engine-sdk-python-3.3.0.6-1.el6 (FEDORA-EPEL-2013-11591)
oVirt Engine Software Development Kit (Python)
--------------------------------------------------------------------------------
Update Information:
Rename from ovirt-engine-sdk to ovirt-engine-sdk-python and update to upstream
3.3.0.6
--------------------------------------------------------------------------------
================================================================================
pcp-3.8.4-2.el6 (FEDORA-EPEL-2013-11587)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Disable pcp-pmda-infiniband build on s390 platforms.
Update to latest community sources
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Nathan Scott <nath...@redhat.com> - 3.8.4-2
- Disable the pcp-pmda-infiniband sub-package on s390 platforms.
* Sun Sep 15 2013 Nathan Scott <nath...@redhat.com> - 3.8.4-1
- Very minor release containing mostly QA related changes.
- Enables many more metrics to be logged for Linux hosts.
* Mon Sep 9 2013 Nathan Scott <nath...@redhat.com> - 3.8.3-1
- Default to Unix domain socket (authenticated) local connections.
- Introduces new pcp-pmda-infiniband sub-package.
* Sat Aug 3 2013 Petr Pisar <ppi...@redhat.com> - 3.8.2-1.1
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
================================================================================
php-pecl-apcu-4.0.2-2.el6 (FEDORA-EPEL-2013-11590)
APC User Cache
--------------------------------------------------------------------------------
Update Information:
Version 4.0.2 (beta) 2013-09-14
- Fixed bug #15 APC compatibility option broken. (Anatol)
- Fixed bug #20 APCu's APCIterator constructor is not compatable with APC.
(Anatol)
- Fixed resource leak when data preload fails. (Anatol)
- Fixed issue #29 php_apcu.dll does not load anymore under X64. (Anatol)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Remi Collet <rcol...@redhat.com> - 4.0.2-2
- fix perm on config dir
- improve SCL compatibility
- always provides php-pecl-apc-devel and apc-panel
* Mon Sep 16 2013 Remi Collet <r...@fedoraproject.org> - 4.0.2-1
- Update to 4.0.2
--------------------------------------------------------------------------------
================================================================================
python-peewee-2.1.4-3.el6 (FEDORA-EPEL-2013-11597)
A small, expressive orm
--------------------------------------------------------------------------------
Update Information:
Dependency of python-flask-admin (rhbz#991730)
--------------------------------------------------------------------------------
================================================================================
python-wtf-peewee-0.2.2-1.el6 (FEDORA-EPEL-2013-11592)
WTForms integration for peewee models
--------------------------------------------------------------------------------
Update Information:
Dependency of python-flask-admin (rhbz#991730)
--------------------------------------------------------------------------------
================================================================================
wordpress-3.6.1-1.el6 (FEDORA-EPEL-2013-11598)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Fixes security issues for CVE-2013-4338 CVE-2013-4339 CVE-2013-4340
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 12 2013 Paul Wouters <pwout...@redhat.com> - 3.6.1-1
- update to 3.6.1, various bugs and security fixes:
CVE-2013-4338 CVE-2013-4339 CVE-2013-4340
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
