The following Fedora EPEL 6 Security updates need testing: Age URL 600 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 114 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61-21.el6 56 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11865/quassel-0.9.1-1.el6 29 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-1.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12222/drupal6-6.29-1.el6 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12238/seamonkey-2.21-2.esr1.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12290/zabbix20-2.0.9-2.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12301/zabbix-1.8.18-2.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12324/munin-2.0.19-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12321/munin-2.0.18-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12361/libreswan-3.7-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing ReviewBoard-1.7.20-1.el6 dokuwiki-0-0.21.20131208.el6 globus-xio-gridftp-driver-1.2-2.el6 libreswan-3.7-1.el6 libuv-0.10.20-1.el6 mash-0.6.02-1.el6 nodejs-0.10.23-1.el6 pcp-3.8.9-1.el6 pidgin-sipe-1.17.3-1.el6 python-djblets-0.7.27-1.el6 satyr-0.12-1.el6 Details about builds: ================================================================================ ReviewBoard-1.7.20-1.el6 (FEDORA-EPEL-2013-12365) Web-based code review tool -------------------------------------------------------------------------------- Update Information: * Thu Dec 12 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.20-1 - New upstream bugfix release 1.7.20 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.20/ - Web API Changes: * When posting a review request and using submit-as, the given username will now be looked up in the auth backend (LDAP, Active Directory, etc.), instead of just the local database. - Bug Fixes: * Accessing file attachments without review UIs through the API no longer causes an HTTP 500 error. * Fields in the administration UI containing JSON will no longer cause errors during save. Furthermore, the JSON is now valid and properly editable. * Usernames with plus signs are now allowed. - Internal Changes * Rewrote the Mercurial support to use the command line tool. * Wed Nov 27 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.19-1 - New upstream bugfix release 1.7.19 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.19/ - New Features: * Added support for two-factor authentication for GitHub. - Performance Improvements: * Re-introduced browser caching on the review request page. - Web API Changes: * Added the mirror_path field to Repository Resource. - Bug Fixes: * Fixed the default focus on the Review dialog. The top-most field now always has default focus. * Fixed displaying review requests for groups on a Local Site. * Prevented rare crashes with Local Sites using the new permissions support without any granted permissions. * Fixed HTTP basic authentication with the web API when using fastcgi. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.20-1 - New upstream bugfix release 1.7.20 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.20/ - Web API Changes: * When posting a review request and using submit-as, the given username will now be looked up in the auth backend (LDAP, Active Directory, etc.), instead of just the local database. - Bug Fixes: * Accessing file attachments without review UIs through the API no longer causes an HTTP 500 error. * Fields in the administration UI containing JSON will no longer cause errors during save. Furthermore, the JSON is now valid and properly editable. * Usernames with plus signs are now allowed. - Internal Changes * Rewrote the Mercurial support to use the command line tool. * Wed Nov 27 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.19-1 - New upstream bugfix release 1.7.19 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.19/ - New Features: * Added support for two-factor authentication for GitHub. - Performance Improvements: * Re-introduced browser caching on the review request page. - Web API Changes: * Added the mirror_path field to Repository Resource. - Bug Fixes: * Fixed the default focus on the Review dialog. The top-most field now always has default focus. * Fixed displaying review requests for groups on a Local Site. * Prevented rare crashes with Local Sites using the new permissions support without any granted permissions. * Fixed HTTP basic authentication with the web API when using fastcgi. -------------------------------------------------------------------------------- ================================================================================ dokuwiki-0-0.21.20131208.el6 (FEDORA-EPEL-2013-12359) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information: Update to the latest release which contains various bugfixes and enhancements. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 Adam Tkac <von...@gmail.com> - 0-0.21.20131208 - fix upstream source link - use macros for dokuwiki release numbers - update to the latest upstream -------------------------------------------------------------------------------- ================================================================================ globus-xio-gridftp-driver-1.2-2.el6 (FEDORA-EPEL-2013-12366) Globus Toolkit - Globus XIO GridFTP Driver -------------------------------------------------------------------------------- Update Information: New package from Globus Toolkit 5.2.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1028164 - Review Request: globus-xio-gridftp-driver - Globus Toolkit - Globus XIO GridFTP Driver https://bugzilla.redhat.com/show_bug.cgi?id=1028164 -------------------------------------------------------------------------------- ================================================================================ libreswan-3.7-1.el6 (FEDORA-EPEL-2013-12361) IPsec implementation with IKEv1 and IKEv2 keying protocols -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM support Improved Cisco interop, IKEv2 improvements, bugfixes -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031830 - CVE-2013-4564 libreswan: DoS due to how mangled IKE packets are handled https://bugzilla.redhat.com/show_bug.cgi?id=1031830 -------------------------------------------------------------------------------- ================================================================================ libuv-0.10.20-1.el6 (FEDORA-EPEL-2013-12364) Platform layer for node.js -------------------------------------------------------------------------------- Update Information: 2013.12.12, node.js Version 0.10.23 (Stable) * build: include postmortem symbols on linux (Timothy J Fontaine) * crypto: Make Decipher._flush() emit errors. (Kai Groner) * dgram: fix abort when getting `fd` of closed dgram (Fedor Indutny) * events: do not accept NaN in setMaxListeners (Fedor Indutny) * events: avoid calling `once` functions twice (Tim Wood) * events: fix TypeError in removeAllListeners (Jeremy Martin) * fs: report correct path when EEXIST (Fedor Indutny) * process: enforce allowed signals for kill (Sam Roberts) * tls: emit 'end' on .receivedShutdown (Fedor Indutny) * tls: fix potential data corruption (Fedor Indutny) * tls: handle `ssl.start()` errors appropriately (Fedor Indutny) * tls: reset NPN callbacks after SNI (Fedor Indutny) 2013.12.13, libuv Version 0.10.20 (Stable) * linux: fix up SO_REUSEPORT back-port (Ben Noordhuis) * fs-event: fix invalid memory access (huxingyi) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 T.C. Hollingsworth <tchollingswo...@gmail.com> - 1:0.10.20-1 - new upstream release 0.10.20 https://github.com/joyent/libuv/blob/v0.10.20/ChangeLog -------------------------------------------------------------------------------- ================================================================================ mash-0.6.02-1.el6 (FEDORA-EPEL-2013-12369) Koji buildsystem to yum repository converter -------------------------------------------------------------------------------- Update Information: add --no-delta command line multilib blacklist java-1.8.0-openjdk enable vdpsu drivers as multilib enable qt5 and qml as multilib fail mash if pointed at non existant config file -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Dennis Gilmore <den...@ausil.us> - 0.6.02-1 - add --no-delta command line - multilib blacklist java-1.8.0-openjdk - enable vdpsu drivers as multilib - enable qt5 and qml as multilib - fail mash if pointed at non existant config file * Sun Oct 20 2013 Dennis Gilmore <den...@ausil.us> - 0.6.01-2 - add patch so that java-1.8.0-openjdk is not multilibbed * Wed Aug 21 2013 Dennis Gilmore <den...@ausil.us> - 0.6.01-1 - set config defaults for max_delta_rpm_size * Tue Aug 20 2013 Dennis Gilmore <den...@ausil.us> - 0.6.00-1 - make maximum deltarpm size configurable - setup branched for f20 - setup rawhide for f21 * Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.5.34-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Jul 19 2013 Dennis Gilmore <den...@ausil.us> - 0.5.34-1 - add armhfp to the primary arch arches * Wed May 29 2013 Dennis Gilmore <den...@ausil.us> - 0.5.33-1 - fix rawhide cpe - add yaboot multilib policy make defualt for ppc in rawhide * Wed Mar 13 2013 Dennis Gilmore <den...@ausil.us> - 0.5.32-1 - point rawhide configs at f20 tag * Tue Mar 12 2013 Dennis Gilmore <den...@ausil.us> - 0.5.31-1 - setup branched for f19 and rawhide for f20 - drop sparc configs - arm is hfp only * Tue Jan 29 2013 Dennis Gilmore <den...@ausil.us> - 0.5.30-2 - drop mashing arm rawhide, hfp only going forward * Thu Aug 9 2012 Dennis Gilmore <den...@ausil.us> 0.5.30-1 - setup branched for f18 and rawhide for f19 * Wed Jul 25 2012 Bill Nottingham <nott...@redhat.com> 0.5.29-2 - fix whitelist (#843092) * Tue Jul 24 2012 Bill Nottingham <nott...@redhat.com> 0.5.29-1 - ship -static packages as multilib (#837901) -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.23-1.el6 (FEDORA-EPEL-2013-12364) JavaScript runtime -------------------------------------------------------------------------------- Update Information: 2013.12.12, node.js Version 0.10.23 (Stable) * build: include postmortem symbols on linux (Timothy J Fontaine) * crypto: Make Decipher._flush() emit errors. (Kai Groner) * dgram: fix abort when getting `fd` of closed dgram (Fedor Indutny) * events: do not accept NaN in setMaxListeners (Fedor Indutny) * events: avoid calling `once` functions twice (Tim Wood) * events: fix TypeError in removeAllListeners (Jeremy Martin) * fs: report correct path when EEXIST (Fedor Indutny) * process: enforce allowed signals for kill (Sam Roberts) * tls: emit 'end' on .receivedShutdown (Fedor Indutny) * tls: fix potential data corruption (Fedor Indutny) * tls: handle `ssl.start()` errors appropriately (Fedor Indutny) * tls: reset NPN callbacks after SNI (Fedor Indutny) 2013.12.13, libuv Version 0.10.20 (Stable) * linux: fix up SO_REUSEPORT back-port (Ben Noordhuis) * fs-event: fix invalid memory access (huxingyi) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 T.C. Hollingsworth <tchollingswo...@gmail.com> - 0.10.23-1 - new upstream release 0.10.23 http://blog.nodejs.org/2013/12/11/node-v0-10-23-stable/ -------------------------------------------------------------------------------- ================================================================================ pcp-3.8.9-1.el6 (FEDORA-EPEL-2013-12358) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Bug fix release -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 Nathan Scott <nath...@redhat.com> - 3.8.9-1 - Reduce set of exported symbols from DSO PMDAs (BZ 1025694) - Symbol-versioning for PCP shared libraries (BZ 1037771) - Fix pmcd/Avahi interaction with multiple ports (BZ 1035513) - Update to latest PCP sources. * Sun Nov 3 2013 Nathan Scott <nath...@redhat.com> - 3.8.8-1 - Update to latest PCP sources (simple build fixes only). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025694 - pcp pmda shared libraries should use -fvisibility=hidden https://bugzilla.redhat.com/show_bug.cgi?id=1025694 -------------------------------------------------------------------------------- ================================================================================ pidgin-sipe-1.17.3-1.el6 (FEDORA-EPEL-2013-12368) Pidgin protocol plugin to connect to MS Office Communicator -------------------------------------------------------------------------------- Update Information: New upstream release: * added Lync 2013 support: buddy list modification, buddy photo, group chat * added support for group chat history * fixes group chat: duplicate messages & users, HTML tags in text * fixes EWS autodiscover for Office 365 * fixes typing notifications * fixes that passwords were not entity encoded * fixes crash when groupchat session expired * fixes HTTP re-authentication with NTLM * fixes UCS Persona key extraction * accept alternatives for webticket timestamp/keydata -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Stefan Becker <chemob...@gmail.com> - 1.17.3-1 - update to 1.17.3: - fixes crash when groupchat session expired (again) - fixes HTTP re-authentication with NTLM - fixes UCS Persona key extraction * Sat Nov 30 2013 Stefan Becker <chemob...@gmail.com> - 1.17.2-1 - update to 1.17.2: - fixes problems with typing notifications fix (bz #1031554) - fixes crash when groupchat session expired * Sat Nov 16 2013 Stefan Becker <chemob...@gmail.com> - 1.17.1-1 - update to 1.17.1: - fixes typing notifications - fixes that passwords were not entity encoded - accept alternatives for webticket timestamp/keydata * Sat Sep 21 2013 Stefan Becker <chemob...@gmail.com> - 1.17.0-1 - update to 1.17.0: - added Lync 2013 support: buddy list modification, buddy photo, group chat - added support for group chat history - fixes group chat: duplicate messages & users, HTML tags in text - fixes EWS autodiscover for Office 365 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031554 - Undelivered messages https://bugzilla.redhat.com/show_bug.cgi?id=1031554 -------------------------------------------------------------------------------- ================================================================================ python-djblets-0.7.27-1.el6 (FEDORA-EPEL-2013-12365) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information: * Thu Dec 12 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.20-1 - New upstream bugfix release 1.7.20 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.20/ - Web API Changes: * When posting a review request and using submit-as, the given username will now be looked up in the auth backend (LDAP, Active Directory, etc.), instead of just the local database. - Bug Fixes: * Accessing file attachments without review UIs through the API no longer causes an HTTP 500 error. * Fields in the administration UI containing JSON will no longer cause errors during save. Furthermore, the JSON is now valid and properly editable. * Usernames with plus signs are now allowed. - Internal Changes * Rewrote the Mercurial support to use the command line tool. * Wed Nov 27 2013 Stephen Gallagher <sgall...@redhat.com> - 1.7.19-1 - New upstream bugfix release 1.7.19 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.19/ - New Features: * Added support for two-factor authentication for GitHub. - Performance Improvements: * Re-introduced browser caching on the review request page. - Web API Changes: * Added the mirror_path field to Repository Resource. - Bug Fixes: * Fixed the default focus on the Review dialog. The top-most field now always has default focus. * Fixed displaying review requests for groups on a Local Site. * Prevented rare crashes with Local Sites using the new permissions support without any granted permissions. * Fixed HTTP basic authentication with the web API when using fastcgi. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 12 2013 Stephen Gallagher <sgall...@redhat.com> - 0.7.27-1 - New upstream release 0.7.27 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.25.NEWS * djblets.auth: * Added some human-readable labels for RegistrationForm. * RegistrationForm subclasses that make use of fields that normalize to non-strings no longer fail to save. * djblets.webapi: * Usernames with plus signs in them are now matched in the API. - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.26.NEWS * djblets.util.fields: * Fixed JSONField in the administration UI. * djblets.webapi: * Added support for web API authentication backends. - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.27.NEWS * Fixed a regression with the new webapi auth backend support * Wed Nov 27 2013 Stephen Gallagher <sgall...@redhat.com> - 0.7.24-1 - New upstream release 0.7.24 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.24.NEWS * djblets.util.http: * Fixed ETag matching -------------------------------------------------------------------------------- ================================================================================ satyr-0.12-1.el6 (FEDORA-EPEL-2013-12363) Tools to create anonymous, machine-friendly problem reports -------------------------------------------------------------------------------- Update Information: New upstream version: - JVM frames normalization - Add C++ symbol demangling - Unsigned overflow bugfixes - Fix malformed uReports for Java -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 Martin Milata <mmil...@redhat.com> 0.12-1 - New upstream version - JVM frames normalization - Add C++ symbol demangling - Unsigned overflow bugfixes - Fix malformed uReports for Java * Sat Oct 26 2013 Jakub Filak <jfi...@redhat.com> 0.11-1 - New upstream version - Make all python objects hashable - Improve memory management in rpm module - Extend the list of normalized functions - Add command for debugging duphashes to satyr utility -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel