The following Fedora EPEL 6 Security updates need testing: Age URL 838 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 185 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-1.el6 170 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6 75 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-3.8-1.el6 57 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6 47 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Address-1.905-1.el6 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1923/sdcc-3.2.0-1.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2084/drupal7-date-2.8-1.el6 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2088/tor-0.2.4.23-1.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2099/v8-3.14.5.10-11.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2162/wordpress-3.9.2-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2159/iodine-0.7.0-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2158/drupal7-7.31-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2123/ReviewBoard-1.7.27-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2117/ansible-1.7-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2144/mediawiki119-1.19.18-1.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2148/drupal6-6.33-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing bitlbee-3.2.2-4.el6 cmocka-0.4.1-3.el6 drupal6-6.33-1.el6 drupal7-7.31-1.el6 iodine-0.7.0-1.el6 libdwarf-20140413-1.el6 mozilla-adblockplus-2.6.4-2.el6 nss_wrapper-1.0.2-2.el6 python-pyphen-0.9.1-1.el6 socket_wrapper-1.1.0-2.el6 uid_wrapper-1.0.2-2.el6 wordpress-3.9.2-2.el6 Details about builds: ================================================================================ bitlbee-3.2.2-4.el6 (FEDORA-EPEL-2014-2163) IRC to other chat networks gateway -------------------------------------------------------------------------------- Update Information: Disable libpurple due to dbus issues also in EPEL (#1126930) -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Robert Scheck <rob...@fedoraproject.org> 3.2.2-4 - Disable libpurple due to dbus issues also in EPEL (#1126930) * Tue Jul 22 2014 Robert Scheck <rob...@fedoraproject.org> 3.2.2-3 - Really disable libpurple support for Fedora except Rawhide * Mon Jul 14 2014 Robert Scheck <rob...@fedoraproject.org> 3.2.2-2 - Enable forkdaemon due lacking SELinux policy in Rawhide only - Disable libpurple conflicting with the daemon mode (#1117553) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1126930 - bitlbee 3.2.2 dbus problem on centos 6 https://bugzilla.redhat.com/show_bug.cgi?id=1126930 -------------------------------------------------------------------------------- ================================================================================ cmocka-0.4.1-3.el6 (FEDORA-EPEL-2014-2149) Lightweight library to simplify and generalize unit tests for C -------------------------------------------------------------------------------- Update Information: Fix building on rhel6 with bad %cmake macro. -------------------------------------------------------------------------------- References: [ 1 ] Bug #895479 - Review Request: cmocka - a unit testing framwork for C https://bugzilla.redhat.com/show_bug.cgi?id=895479 -------------------------------------------------------------------------------- ================================================================================ drupal6-6.33-1.el6 (FEDORA-EPEL-2014-2148) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: - Update to Drupal 6.33. - Drupal 6.33 release notes can be found here, https://www.drupal.org/drupal-6.33-release-notes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Peter Borsa <peter.bo...@gmail.com> - 6.33-1 - 6.33, SA-CORE-2014-004 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1127538 - drupal: denial of service issue (SA-CORE-2014-004) https://bugzilla.redhat.com/show_bug.cgi?id=1127538 -------------------------------------------------------------------------------- ================================================================================ drupal7-7.31-1.el6 (FEDORA-EPEL-2014-2158) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix release. For complete details refer to: https://www.drupal.org/drupal-7.30-release-notes Fixes SA-CORE-2014-003. For details refer to: https://www.drupal.org/drupal-7.29-release-notes -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Jared Smith <jsm...@fedoraproject.org> - 7.31-1 - Update to upstream 7.31 release for SA-CORE-2014-004 * Mon Jul 28 2014 Paul W. Frields <sticks...@gmail.com> - 7.30-1 - 7.30 * Wed Jul 16 2014 Paul W. Frields <sticks...@gmail.com> - 7.29-1 - 7.29, SA-CORE-2014-003 * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 7.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1120641 - CVE-2014-5019 CVE-2014-5020 CVE-2014-5021 CVE-2014-5022 drupal7: multiple vulnerabilities (SA-CORE-2014-003) https://bugzilla.redhat.com/show_bug.cgi?id=1120641 [ 2 ] Bug #1127538 - drupal: denial of service issue (SA-CORE-2014-004) https://bugzilla.redhat.com/show_bug.cgi?id=1127538 -------------------------------------------------------------------------------- ================================================================================ iodine-0.7.0-1.el6 (FEDORA-EPEL-2014-2159) Solution to tunnel IPv4 data through a DNS server -------------------------------------------------------------------------------- Update Information: Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]). -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 22 2014 Pavel Alexeev <pa...@hubbitus.info> - 0.7.0-1 - Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]). - Drop old Patch0: iodine-0.5.2-prefix.patch - Rebase iodine-0.6.0-rc1.split-man.patch -> iodine-0.7.0.split-man.patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1110338 - CVE-2014-4168 iodine: authentication bypass vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1110338 -------------------------------------------------------------------------------- ================================================================================ libdwarf-20140413-1.el6 (FEDORA-EPEL-2014-2160) Library to access the DWARF Debugging file format -------------------------------------------------------------------------------- Update Information: Update to 20140413 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 16 2014 Tom Hughes <t...@compton.nu> - 20140413-1 - Update to 20140413 upstream release * Sun Feb 9 2014 Tom Hughes <t...@compton.nu> - 20140208-1 - Update to 20140208 upstream release -------------------------------------------------------------------------------- ================================================================================ mozilla-adblockplus-2.6.4-2.el6 (FEDORA-EPEL-2014-2151) Adblocking extension for Mozilla Firefox, Thunderbird, and SeaMonkey -------------------------------------------------------------------------------- Update Information: - Made sure that data is always written to disk immediately whenever filter hit counts are reset (issue 430). - Fixed: Moving filters with Ctrl-Up/Down doesn’t work in Firefox 30 and above (issue 716). - Fixed: Find functionality in the preferences doesn’t indicate that the search pattern wasn’t found (issue 455). - Fixed: User isn’t informed about anti-adblock warnings on websites producing them (issue 764). - Fixed: Blockable items aren’t refreshed on tab change in SeaMonkey (issue 290). - Fixed: “Disable on this page only” doesn’t work correctly if the address ends with # (issue 580). -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 4 2014 Russell Golden <niveusl...@niveusluna.org> - 2.6.4-2 - Fix it not building for Fedora for some reason. * Sun Aug 3 2014 Russell Golden <niveusl...@niveusluna.org> - 2.6.4-1 - Made sure that data is always written to disk immediately whenever filter hit counts are reset (issue 430). - Fixed: Moving filters with Ctrl-Up/Down doesn’t work in Firefox 30 and above (issue 716). - Fixed: Find functionality in the preferences doesn’t indicate that the search pattern wasn’t found (issue 455). - Fixed: User isn’t informed about anti-adblock warnings on websites producing them (issue 764). - Fixed: Blockable items aren’t refreshed on tab change in SeaMonkey (issue 290). - Fixed: “Disable on this page only” doesn’t work correctly if the address ends with # (issue 580). * Mon Jul 7 2014 Russell Golden <niveusl...@niveusluna.org> - 2.6.3-1 - Many performance improvements - Update spec file for EPEL 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1053064 - mozilla-adblockplus-2.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1053064 -------------------------------------------------------------------------------- ================================================================================ nss_wrapper-1.0.2-2.el6 (FEDORA-EPEL-2014-2161) A wrapper for the user, group and hosts NSS API -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1060906 - Review Request: nss_wrapper - A wrapper for the user, group and hosts NSS API https://bugzilla.redhat.com/show_bug.cgi?id=1060906 -------------------------------------------------------------------------------- ================================================================================ python-pyphen-0.9.1-1.el6 (FEDORA-EPEL-2014-2157) Pure Python module to hyphenate text -------------------------------------------------------------------------------- Update Information: Update to latest release, fixes bz 1127837 (for weasyprint 1127836) -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Alon Levy <a...@pobox.com> - 0.9.1-1 - Update to latest release, fixes bz 1127837 (for weasyprint 1127836) * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kalev Lember <kalevlem...@gmail.com> - 0.7-4 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1127837 - upgrade to 0.9.1 https://bugzilla.redhat.com/show_bug.cgi?id=1127837 [ 2 ] Bug #1127836 - weasyprint depends on too old python-pyphen for non en hyphenation https://bugzilla.redhat.com/show_bug.cgi?id=1127836 -------------------------------------------------------------------------------- ================================================================================ socket_wrapper-1.1.0-2.el6 (FEDORA-EPEL-2014-2156) A library passing all socket communications trough Unix sockets -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1060909 - Review Request: socket_wrapper - A library passing all socket communications trough unix sockets https://bugzilla.redhat.com/show_bug.cgi?id=1060909 -------------------------------------------------------------------------------- ================================================================================ uid_wrapper-1.0.2-2.el6 (FEDORA-EPEL-2014-2164) A wrapper for privilege separation -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1060910 - Review Request: uid_wrapper - A wrapper for privilege separation https://bugzilla.redhat.com/show_bug.cgi?id=1060910 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.9.2-2.el6 (FEDORA-EPEL-2014-2162) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Upstream annoucement: http://wordpress.org/news/2014/08/wordpress-3-9-2/ -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 7 2014 Remi Collet <r...@fedoraproject.org> - 3.9.2-1 - update to 3.9.2 Security Release #1127547 - config file only readable by apache user (httpd or php-fpm) #1124582 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1127547 - wordpress: security issues fixed in version 3.9.2 https://bugzilla.redhat.com/show_bug.cgi?id=1127547 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel