The following Fedora EPEL 6 Security updates need testing:
Age URL
734
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
81
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6
76
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-client-7.2.33-3.git1994cc8.el6
65
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFramework-1.12.5-1.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1073/cacti-0.8.8b-5.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1102/wordpress-3.8.3-1.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1132/check-mk-1.2.4p2-1.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1122/knot-1.4.5-1.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1137/znc-1.2-3.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1144/strongswan-5.1.3-1.el6
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1160/drupal7-7.27-1.el6,drupal6-6.31-1.el6
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1169/ansible-1.5.5-1.el6
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1206/Django14-1.4.11-1.el6
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1226/ndjbdns-1.06-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1236/prosody-0.8.2-7.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
ReviewBoard-1.7.25-1.el6
dislocker-0.3.1-2.20140423git.el6
glogg-0.9.2-2.el6
llvm-3.4-10.el6
lua-expat-1.3.0-1.el6
perl-Crypt-SaltedHash-0.09-1.el6
pgpdump-0.28-1.el6
php-horde-Horde-Image-2.0.7-1.el6
php-horde-Horde-Imap-Client-2.19.4-1.el6
php-horde-Horde-Mime-2.3.2-1.el6
php-pecl-http-2.0.6-1.el6
php-theseer-autoload-1.14.2-1.el6
prosody-0.8.2-7.el6
python-moksha-common-1.2.3-1.el6
python-moksha-hub-1.3.2-1.el6
telegram-cli-0-0.5.20140321git1dad2e.el6
Details about builds:
================================================================================
ReviewBoard-1.7.25-1.el6 (FEDORA-EPEL-2014-1245)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.25/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Stephen Gallagher <sgall...@redhat.com> 1.7.25-1
- New upstream security release 1.7.25
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.25
--------------------------------------------------------------------------------
================================================================================
dislocker-0.3.1-2.20140423git.el6 (FEDORA-EPEL-2014-1232)
Utility to access BitLocker encrypted volumes
--------------------------------------------------------------------------------
Update Information:
Dislocker has been designed to read BitLocker encrypted partitions ("drives")
under a Linux system. The driver used to only read volumes encrypted under a
Microsoft Windows 7 system but is now Microsoft Windows Vista capable and has
the write functionality.
The file name where the BitLocker encrypted partition will be decrypted needs
to be given. This may take a long time, depending on the size of the encrypted
partition. But afterward, once the partition is decrypted, the access to the
NTFS partition will be faster than with FUSE. Another thing to think about is
the size of the disk (same size as the volume that is tried to be decrypted).
Nevertheless, once the partition is decrypted, the file can be mounted as any
NTFS partition.
Alternatively for FUSE a mount point needs to be given to fuse-dislocker. Once
keys are decrypted, a file named 'dislocker-file' appears into this provided
mount point. This file is a virtual NTFS partition, it can be mounted as any
NTFS partition and then reading from it or writing to it is possible.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991689 - Review Request: dislocker - Utility to access BitLocker
encrypted volumes
https://bugzilla.redhat.com/show_bug.cgi?id=991689
--------------------------------------------------------------------------------
================================================================================
glogg-0.9.2-2.el6 (FEDORA-EPEL-2014-1242)
Smart interactive log explorer
--------------------------------------------------------------------------------
Update Information:
glogg is a multi-platform GUI application to browse and search through long or
complex log files. It is designed with programmers and system administrators in
mind. glogg can be seen as a graphical, interactive combination of grep and
less.
--------------------------------------------------------------------------------
================================================================================
llvm-3.4-10.el6 (FEDORA-EPEL-2014-1246)
The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:
Allows use of llvm/clang on Amazon Linux.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Dave Johansen <davejohan...@gmail.com> 3.4-10
- Adding support for Amazon Linux
--------------------------------------------------------------------------------
================================================================================
lua-expat-1.3.0-1.el6 (FEDORA-EPEL-2014-1240)
SAX XML parser based on the Expat library
--------------------------------------------------------------------------------
Update Information:
LuaExpat 1.3.0 [02/Apr/2014]
============================
- Lua 5.2 support (thanks Tomás Guisasola Gorham)
- support for the XmlDecl handler
- add parser:getcurrentbytecount() (XML_GetCurrentByteCount)
- ability to disable CharacterData merging
- Makefile improvements (thanks Vadim Misbakh-Soloviov)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <rob...@fedoraproject.org> - 1.3.0-1
- New upstream release
* Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri May 10 2013 Tom Callaway <s...@fedoraproject.org> - 1.2.0-5
- fix for lua 5.2
* Thu Feb 14 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-SaltedHash-0.09-1.el6 (FEDORA-EPEL-2014-1235)
Perl interface to functions that assist in working with salted hashes
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089634 - Review Request: perl-Crypt-SaltedHash - Perl interface
to functions that assist in working with salted hashes
https://bugzilla.redhat.com/show_bug.cgi?id=1089634
--------------------------------------------------------------------------------
================================================================================
pgpdump-0.28-1.el6 (FEDORA-EPEL-2014-1238)
PGP packet visualizer
--------------------------------------------------------------------------------
Update Information:
PGP packet visualizer with a long history
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Image-2.0.7-1.el6 (FEDORA-EPEL-2014-1225)
Horde Image API
--------------------------------------------------------------------------------
Update Information:
Horde_Image 2.0.7:
* [mjr] Update maximum allowed version for the PECL Imagick extension.
* [jan] Fix converting to grayscale with imagick driver.
* [jan] Add optional dependency on imagick PECL extension.
Horde_Imap_Client 2.19.4:
* [mms] Handle IN-USE, LOGIN-DELAY, and SYS/TEMP error codes when
authenticating to POP3 servers.
* [mms] Fix TLS negotiation with POP3 servers.
* [mms] Fix throwing authentication exception when using Digest-MD5.
Horde_Imap_Client 2.19.3:
* [mms] Fix parsing a reply/forward subject with no blob content.
* [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are
truly integers.
Horde_MIME 2.3.2:
* [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage()
and the 'no_body' option.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Remi Collet <r...@fedoraproject.org> - 2.0.7-1
- Update to 2.0.7
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.19.4-1.el6 (FEDORA-EPEL-2014-1225)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
Horde_Image 2.0.7:
* [mjr] Update maximum allowed version for the PECL Imagick extension.
* [jan] Fix converting to grayscale with imagick driver.
* [jan] Add optional dependency on imagick PECL extension.
Horde_Imap_Client 2.19.4:
* [mms] Handle IN-USE, LOGIN-DELAY, and SYS/TEMP error codes when
authenticating to POP3 servers.
* [mms] Fix TLS negotiation with POP3 servers.
* [mms] Fix throwing authentication exception when using Digest-MD5.
Horde_Imap_Client 2.19.3:
* [mms] Fix parsing a reply/forward subject with no blob content.
* [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are
truly integers.
Horde_MIME 2.3.2:
* [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage()
and the 'no_body' option.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Remi Collet <r...@fedoraproject.org> - 2.19.4-1
- Update to 2.19.4
* Wed Apr 23 2014 Remi Collet <r...@fedoraproject.org> - 2.19.3-1
- Update to 2.19.3
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-2.3.2-1.el6 (FEDORA-EPEL-2014-1225)
Horde MIME Library
--------------------------------------------------------------------------------
Update Information:
Horde_Image 2.0.7:
* [mjr] Update maximum allowed version for the PECL Imagick extension.
* [jan] Fix converting to grayscale with imagick driver.
* [jan] Add optional dependency on imagick PECL extension.
Horde_Imap_Client 2.19.4:
* [mms] Handle IN-USE, LOGIN-DELAY, and SYS/TEMP error codes when
authenticating to POP3 servers.
* [mms] Fix TLS negotiation with POP3 servers.
* [mms] Fix throwing authentication exception when using Digest-MD5.
Horde_Imap_Client 2.19.3:
* [mms] Fix parsing a reply/forward subject with no blob content.
* [mms] Ensure integer value returns from Horde_Imap_Client_Base#status() are
truly integers.
Horde_MIME 2.3.2:
* [mms] Correctly set size of part when using Horde_Mime_Part::parseMessage()
and the 'no_body' option.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Remi Collet <r...@fedoraproject.org> - 2.3.2-1
- Update to 2.3.2
--------------------------------------------------------------------------------
================================================================================
php-pecl-http-2.0.6-1.el6 (FEDORA-EPEL-2014-1233)
Extended HTTP support
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
* Added "uploaded" progress state
* Fixed bug #67089 (Segmentaion fault with ZTS)
* Fixed compatibility with PHP-5.6+
* Fixed re-use of request messages which content length remained untouched when
the body was reset
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Remi Collet <r...@fedoraproject.org> - 2.0.6-1
- Update to 2.0.6
--------------------------------------------------------------------------------
================================================================================
php-theseer-autoload-1.14.2-1.el6 (FEDORA-EPEL-2014-1205)
A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:
The PHP AutoloadBuilder CLI tool phpab is a command line application to
automate the process of generating an autoload require file with the option of
creating static require lists as well as phar archives.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084777 - Review Request: php-theseer-autoload - A tool and
library to generate autoload code
https://bugzilla.redhat.com/show_bug.cgi?id=1084777
--------------------------------------------------------------------------------
================================================================================
prosody-0.8.2-7.el6 (FEDORA-EPEL-2014-1236)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Added upstream patches to avoid resource consumption denial of service when
using XMPP application-layer compression (#1085692)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <rob...@fedoraproject.org> - 0.8.2-7
- Added upstream patches to avoid resource consumption denial of
service when using XMPP application-layer compression (#1085692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1085692 - CVE-2014-2745 CVE-2014-2744 prosody: resource
consumption denial of service when using XMPP application-layer compression
https://bugzilla.redhat.com/show_bug.cgi?id=1085692
--------------------------------------------------------------------------------
================================================================================
python-moksha-common-1.2.3-1.el6 (FEDORA-EPEL-2014-1234)
Common components for Moksha
--------------------------------------------------------------------------------
Update Information:
Support older python-six.
Python3 fixups.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Ralph Bean <rb...@redhat.com> - 1.2.3-1
- Support older versions of python-six.
* Thu Apr 24 2014 Ralph Bean <rb...@redhat.com> - 1.2.2-1
- Fixed up some python3 support.
- Added dep on python-six.
* Mon Oct 14 2013 Ralph Bean <rb...@redhat.com> - 1.2.1-1
- Latest upstream; simply includes a forgotten test config.
* Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-moksha-hub-1.3.2-1.el6 (FEDORA-EPEL-2014-1241)
Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:
Fixes to the monitoring socket.
More stats on the monitoring socket.
Threaded consumers.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Ralph Bean <rb...@redhat.com> - 1.3.2-1
- Bugfixes to the monitoring socket.
* Thu Apr 24 2014 Ralph Bean <rb...@redhat.com> - 1.3.1-2
- Add dep on python-six.
* Thu Apr 24 2014 Ralph Bean <rb...@redhat.com> - 1.3.1-1
- More stats written to the monitoring socket.
* Sun Apr 13 2014 Ralph Bean <rb...@redhat.com> - 1.3.0-1
- Introduce a new monitoring socket.
- Moksha consumers are now given their own thread and incoming queue.
* Tue Jan 14 2014 Ralph Bean <rb...@redhat.com> - 1.2.2-2
- Enable websocket portion of the test suite again.
- Remove hard dep on python-qpid.
--------------------------------------------------------------------------------
================================================================================
telegram-cli-0-0.5.20140321git1dad2e.el6 (FEDORA-EPEL-2014-1231)
Linux Command-line interface for Telegram
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1074046 - Review Request: telegram-cli - Linux Command-line
interface for Telegram
https://bugzilla.redhat.com/show_bug.cgi?id=1074046
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
