The following Fedora EPEL 6 Security updates need testing: Age URL 919 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 138 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6 34 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6 33 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2811/nodejs-qs-0.6.6-3.el6 33 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2821/nodejs-send-0.3.0-4.el6 16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3286/facter-1.6.18-5.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3421/drupal7-7.32-1.el6 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1.8.31.1-1.el6 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3533/phpMyAdmin-4.0.10.5-1.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3561/nginx-1.0.15-10.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3647/konversation-1.3.1-2.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3589/hostapd-2.0-5.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2.el6.1 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3632/seamonkey-2.28-1.ESR_31.2.0.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing Pound-2.6-2.el6.1 bash-argsparse-1.6.1-3.el6 golang-github-docker-libcontainer-1.2.0-1.gitc907e40.el6 golang-github-stretchr-testify-0-0.5.gitd6577e0.el6 hostapd-2.0-5.el6 jupp-28-1.el6 knot-1.6.0-1.el6 konversation-1.3.1-2.el6 libqxt-0.6.2-7.el6 libreswan-3.11-1.el6 munin-2.0.24-1.el6 nodejs-xtend-4.0.0-2.el6 onionshare-0.6-7.el6 perl-Class-XSAccessor-1.19-5.el6 php-horde-Horde-Alarm-2.2.2-1.el6 php-horde-Horde-Db-2.1.5-1.el6 php-horde-Horde-Pdf-2.0.3-1.el6 php-ircmaxell-random-lib-1.0.0-1.el6 php-pecl-apcu-4.0.7-1.el6 php-pecl-yac-0.9.2-1.el6 pngcrush-1.7.78-1.el6 python-cltk-0.0.0.34-1.el6 python-fedora-0.3.36-2.el6 python-freetype-0.4.2-2.el6 python-mutagen-1.20-7.el6 python-websocket-client-0.14.1-3.el6 rkhunter-1.4.2-4.el6 sdcc-3.4.0-0.el6 seamonkey-2.28-1.ESR_31.2.0.el6 ssdeep-2.12-1.el6 thunderbird-lightning-3.3-1.el6 tinyfugue-5.0-0.22.b8.el6 tlp-0.6-1.el6 x2goserver-4.0.1.18-3.el6 Details about builds: ================================================================================ Pound-2.6-2.el6.1 (FEDORA-EPEL-2014-3623) Reverse proxy and load balancer -------------------------------------------------------------------------------- Update Information: Backport various security fixes. Note they usually are extra options that need to be enabled manually so that we won't break functionality: - CVE-2011-3389: Make it possible to deny use of "BEAST" vulnerable ciphers - CVE-2012-4929: Disable compression to be safe from "CRIME" - CVE-2005-2090: Chunked encofing response splitting (no awkward name here) - CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from "POODLE" - A redirect XSS fix -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2014 Lubomir Rintel <lkund...@v3.sk> - 2.6-2.1 - Backport various security fixes. Note they usually are extra options that need to be enabled manually so that we won't break functionality: - CVE-2011-3389: Make it possible to deny use of "BEAST" vulnerable ciphers - CVE-2012-4929: Disable compression to be safe from "CRIME" - CVE-2005-2090: Chunked encofing response splitting (no awkward name here) - CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from "POODLE" - A redirect XSS fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154335 - Upgrade to latest 2.6 release of Pound https://bugzilla.redhat.com/show_bug.cgi?id=1154335 -------------------------------------------------------------------------------- ================================================================================ bash-argsparse-1.6.1-3.el6 (FEDORA-EPEL-2014-3630) An high level argument parsing library for bash -------------------------------------------------------------------------------- Update Information: Following package review in #1129220, and since the taskotron has problem resolving file dependencies, I've discarded 1.6.1-2 and turned file names into package names in the dependencies. Following package review in #1129220, this is the first build of the bash-argsparse package. Following package review in #1129220, this is the first build of the bash-argsparse package. Following package review in #1129220, this is the first build of the bash-argsparse package. Following package review in #1129220, this is the first build of the bash-argsparse package. -------------------------------------------------------------------------------- ================================================================================ golang-github-docker-libcontainer-1.2.0-1.gitc907e40.el6 (FEDORA-EPEL-2014-3608) Configuration options for containers -------------------------------------------------------------------------------- Update Information: bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2014 Lokesh Mandvekar <l...@fedoraproject.org> - 1.2.0-1.gitc907e40 - bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13 -------------------------------------------------------------------------------- ================================================================================ golang-github-stretchr-testify-0-0.5.gitd6577e0.el6 (FEDORA-EPEL-2014-3666) Tools for testifying that your code will behave as you intend -------------------------------------------------------------------------------- Update Information: Bump to upstream d6577e08ec30538639ac0ea38b562b6f250e9055 new golang package New golang package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools for testifying that your code will behave as you intend https://bugzilla.redhat.com/show_bug.cgi?id=1141872 -------------------------------------------------------------------------------- ================================================================================ hostapd-2.0-5.el6 (FEDORA-EPEL-2014-3589) IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator -------------------------------------------------------------------------------- Update Information: Apply fixes for CVE-2014-3686 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 John W. Linville <linvi...@redhat.com> - 2.0-5 - Apply fixes for CVE-2014-3686 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151259 - CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and hostapd_cli remote command execution issue https://bugzilla.redhat.com/show_bug.cgi?id=1151259 -------------------------------------------------------------------------------- ================================================================================ jupp-28-1.el6 (FEDORA-EPEL-2014-3598) Compact and feature-rich WordStar-compatible editor -------------------------------------------------------------------------------- Update Information: Changes for jupp 28 =================== * Mention in comments that when enabling the -backpath option, its argument must not be quoted, nor followed by a comment; issue found by R. Hubbell * Some mostly harmless code cleanup; fix speeds[] array access/sizing; reported by dcb (LP#1348559, LP#1348614) * Fix size_t mixup * Introduce ^KF (jupprc): compile and download NXC program to NXT brick, for Freedroidz, a project of Teckids e.V. sponsored by tarent solutions GmbH * Better const-cleanliness of code * Quell New File message for scratch buffers * Fix URI in ChangeLog file * Actually build with LFS on GNU/Linux -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 Robert Scheck <rob...@fedoraproject.org> 28-1 - Upgrade to 28 * Sat Aug 16 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ knot-1.6.0-1.el6 (FEDORA-EPEL-2014-3631) An authoritative DNS daemon -------------------------------------------------------------------------------- Update Information: new upstream release: - support for persistent zone timers (expire, refresh, and flush) - DNSSEC: RFC-compliant processing of letter case in RDATA domain names - EDNS: return minimal response for queries with unsupported version - EDNS: fix interpretation of Extended RCODE - transfers: fix forced zone retransfer - timers: properly expire zone when transfer is being refused by master -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 Jan Vcelak <jvce...@fedoraproject.org> 1.6.0-1 - new upstream release: + support for persistent zone timers (expire, refresh, and flush) + DNSSEC: RFC-compliant processing of letter case in RDATA domain names + EDNS: return minimal response for queries with unsupported version + EDNS: fix interpretation of Extended RCODE + transfers: fix forced zone retransfer + timers: properly expire zone when transfer is being refused by master -------------------------------------------------------------------------------- ================================================================================ konversation-1.3.1-2.el6 (FEDORA-EPEL-2014-3647) A user friendly IRC client -------------------------------------------------------------------------------- Update Information: out-of-bounds read flaw (#1157343,1156418) -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Rex Dieter <rdie...@fedoraproject.org> 1.3.1-2 - out-of-bounds read flaw (#1157343,1156418) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1156418 - CVE-2014-8483 quassel, konversation: out-of-bounds read on a heap-allocated array https://bugzilla.redhat.com/show_bug.cgi?id=1156418 -------------------------------------------------------------------------------- ================================================================================ libqxt-0.6.2-7.el6 (FEDORA-EPEL-2014-3629) Qt extension library -------------------------------------------------------------------------------- Update Information: Bring libqxt to EPEL6 and EPEL7 -------------------------------------------------------------------------------- ================================================================================ libreswan-3.11-1.el6 (FEDORA-EPEL-2014-3641) IPsec implementation with IKEv1 and IKEv2 keying protocols -------------------------------------------------------------------------------- Update Information: Updated to 3.11, startup fixes, don't use modp2048 for ikev1 aggr mode per default, read secrets with obsoleted password entries -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 22 2014 Paul Wouters <pwout...@redhat.com> - 3.11-1 - Updated to 3.11 (many fixes, including startup fixes) - Resolves: rhbz#1144941 libreswan 3.10 upgrade breaks old ipsec.secrets configs - Resolves: rhbz#1147072 ikev1 aggr mode connection fails after libreswan upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144941 - libreswan 3.10 upgrade breaks old ipsec.secrets configs https://bugzilla.redhat.com/show_bug.cgi?id=1144941 [ 2 ] Bug #1147072 - ikev1 aggr mode connection fails after libreswan upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1147072 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.24-1.el6 (FEDORA-EPEL-2014-3669) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Upstream released 2.0.24 Upstream released 2.0.23 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.24-1 - Upstream released 2.0.24 * Sat Oct 18 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.23-1 - Upstream released 2.0.23 * Fri Oct 17 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.22-1 - Upstream released 2.0.22 * Tue Oct 7 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-8 - BZ# 1149948 - munin-async pid file in /var/run rather than /var/run/munin * Mon Sep 15 2014 Petr Pisar <ppi...@redhat.com> - 2.0.21-6 - Build against perl 5.20 * Sun Sep 14 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-6 - Add amavis plugin config defaults * Sun Sep 7 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-5 - BZ# 1114857 - munin-2.0.21-2.fc21 FTBFS: No Package found for java-1.7.0-devel - re-merge earlier commit for epel7 * Fri Aug 29 2014 Jitka Plesnikova <jples...@redhat.com> - 2.0.21-4 - Perl 5.20 rebuild * Fri Aug 1 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-3 - Default to a localhost name to prevent munin-node from complaining * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.0.21-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Apr 28 2014 Lubomir Rintel <lkund...@v3.sk> - 2.0.21-1.1 - mx4j is not a build time dependency - RHEL 7 Actually uses systemd too - No Net::CIDR in el7 - No Cache::Memcached in el7 - Carp::Always is not actually required -------------------------------------------------------------------------------- References: [ 1 ] Bug #1114857 - munin-2.0.21-2.fc21 FTBFS: No Package found for java-1.7.0-devel https://bugzilla.redhat.com/show_bug.cgi?id=1114857 [ 2 ] Bug #1149948 - munin-async pid file in /var/run rather than /var/run/munin https://bugzilla.redhat.com/show_bug.cgi?id=1149948 -------------------------------------------------------------------------------- ================================================================================ nodejs-xtend-4.0.0-2.el6 (FEDORA-EPEL-2014-3626) Extend like a boss -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144665 - Review Request: nodejs-xtend - Extend like a boss https://bugzilla.redhat.com/show_bug.cgi?id=1144665 -------------------------------------------------------------------------------- ================================================================================ onionshare-0.6-7.el6 (FEDORA-EPEL-2014-3609) Securely and anonymously share files of any size -------------------------------------------------------------------------------- Update Information: Securely and anonymously share files of any size -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155083 - onionshare has wrong dependency https://bugzilla.redhat.com/show_bug.cgi?id=1155083 -------------------------------------------------------------------------------- ================================================================================ perl-Class-XSAccessor-1.19-5.el6 (FEDORA-EPEL-2014-3667) Generate fast XS accessors without run-time compilation -------------------------------------------------------------------------------- Update Information: Don't depend on Class::XSAccessor::Heavy. Class::XSAccessor implements fast read, write and read/write accessors in XS. Additionally, it can provide predicates such as has_foo() for testing whether the attribute foo is defined in the object. It only works with objects that are implemented as ordinary hashes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155085 - requirement filtering fails on epel6 https://bugzilla.redhat.com/show_bug.cgi?id=1155085 [ 2 ] Bug #474818 - Review Request: perl-Class-XSAccessor - Generate fast XS accessors without runtime compilation https://bugzilla.redhat.com/show_bug.cgi?id=474818 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Alarm-2.2.2-1.el6 (FEDORA-EPEL-2014-3590) Horde Alarm Libraries -------------------------------------------------------------------------------- Update Information: Horde_Db 2.1.5 * [jan] Fix migrating NULL values to BLOB on Oracle. Horde_Alarm 2.2.2 * refresh locales -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 25 2014 Remi Collet <r...@fedoraproject.org> - 2.2.2-1 - Update to 2.2.2 (locale update only) -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Db-2.1.5-1.el6 (FEDORA-EPEL-2014-3590) Horde Database Libraries -------------------------------------------------------------------------------- Update Information: Horde_Db 2.1.5 * [jan] Fix migrating NULL values to BLOB on Oracle. Horde_Alarm 2.2.2 * refresh locales -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 25 2014 Remi Collet <r...@fedoraproject.org> - 2.1.5-1 - Update to 2.1.5 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Pdf-2.0.3-1.el6 (FEDORA-EPEL-2014-3622) Horde PDF library -------------------------------------------------------------------------------- Update Information: PDF generation using only PHP, without requiring any external libraries. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141526 - Review Request: php-horde-Horde-Pdf - Horde PDF library https://bugzilla.redhat.com/show_bug.cgi?id=1141526 -------------------------------------------------------------------------------- ================================================================================ php-ircmaxell-random-lib-1.0.0-1.el6 (FEDORA-EPEL-2014-3574) A Library For Generating Secure Random Numbers -------------------------------------------------------------------------------- Update Information: A library for generating random numbers and strings of various strengths. This library is useful in security contexts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129714 - Review Request: php-ircmaxell-random-lib - A Library For Generating Secure Random Numbers https://bugzilla.redhat.com/show_bug.cgi?id=1129714 -------------------------------------------------------------------------------- ================================================================================ php-pecl-apcu-4.0.7-1.el6 (FEDORA-EPEL-2014-3636) APC User Cache -------------------------------------------------------------------------------- Update Information: * fix inconsistent member names for entries in userland -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Remi Collet <r...@fedoraproject.org> - 4.0.7-1 - Update to 4.0.7 -------------------------------------------------------------------------------- ================================================================================ php-pecl-yac-0.9.2-1.el6 (FEDORA-EPEL-2014-3646) Lockless user data cache -------------------------------------------------------------------------------- Update Information: Yac (Yet Another Cache) is a shared memory user data cache for PHP. It can be used to replace APC or local memcached. Yac is lockless, that means, it is very fast, but there could be a chance you will get a wrong data(depends on how many key slots are allocated and how many keys are stored), so you'd better make sure that your product is not very sensitive to that. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1138901 - Review Request: php-pecl-yac - Lockless user data cache https://bugzilla.redhat.com/show_bug.cgi?id=1138901 -------------------------------------------------------------------------------- ================================================================================ pngcrush-1.7.78-1.el6 (FEDORA-EPEL-2014-3655) Optimizer for PNG (Portable Network Graphics) files -------------------------------------------------------------------------------- Update Information: New upstream release + add man page from Debian sid -------------------------------------------------------------------------------- ================================================================================ python-cltk-0.0.0.34-1.el6 (FEDORA-EPEL-2014-3643) NLP support for Ancient Greek and Latin -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146926 - Review Request: python-cltk - NLP support for Ancient Greek and Latin https://bugzilla.redhat.com/show_bug.cgi?id=1146926 -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.3.36-2.el6 (FEDORA-EPEL-2014-3628) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: Backport the fix to flask-fas-openid merged upstream at https://github.com/fedora-infra/python-fedora/pull/108 New upstream release fixing logging in openidbaseclient * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS New upstream release fixing logging in openidbaseclient * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS * Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 Pierre-Yves Chibon <pin...@pingoured.fr> - 0.3.36-2 - Backport the flask-fas-openid fix merged upstream at: https://github.com/fedora-infra/python-fedora/pull/108 * Thu Aug 7 2014 Toshio Kuratomi <tos...@fedoraproject.org> - 0.3.36-1 - New upstream release fixing logging in openidbaseclient * Wed Aug 6 2014 Toshio Kuratomi <tos...@fedoraproject.org> - 0.3.35-1 - Upstream 0.3.35 release that adds openidbaseclient * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.3.34-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name 'NullHandler' is not defined" https://bugzilla.redhat.com/show_bug.cgi?id=1150301 -------------------------------------------------------------------------------- ================================================================================ python-freetype-0.4.2-2.el6 (FEDORA-EPEL-2014-3663) Freetype python bindings -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146931 - Review Request: python-freetype - Freetype python bindings https://bugzilla.redhat.com/show_bug.cgi?id=1146931 -------------------------------------------------------------------------------- ================================================================================ python-mutagen-1.20-7.el6 (FEDORA-EPEL-2014-3581) Mutagen is a Python module to handle audio metadata -------------------------------------------------------------------------------- Update Information: python-mutagen for EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1152383 - Please package python-mutagen for EL6 and EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1152383 -------------------------------------------------------------------------------- ================================================================================ python-websocket-client-0.14.1-3.el6 (FEDORA-EPEL-2014-3597) WebSocket client for python -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.14.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kalev Lember <kalevlem...@gmail.com> - 0.14.1-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 * Thu May 22 2014 Ralph Bean <rb...@redhat.com> - 0.14.1-1 - Latest upstream with python3 support. * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.10.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rkhunter-1.4.2-4.el6 (FEDORA-EPEL-2014-3580) A host-based tool to scan for rootkits, backdoors and local exploits -------------------------------------------------------------------------------- Update Information: Set /var/lib/rkhunter to be mode 700. fixes bug #1154428 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Kevin Fenzi <ke...@scrye.com> 1.4.2-5 - Set /var/lib/rkhunter to be mode 700. fixes bug #1154428 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154428 - rkhunter potentially exposes securtiy critical files in insecure tmpdir https://bugzilla.redhat.com/show_bug.cgi?id=1154428 -------------------------------------------------------------------------------- ================================================================================ sdcc-3.4.0-0.el6 (FEDORA-EPEL-2014-3602) Small Device C Compiler -------------------------------------------------------------------------------- Update Information: Update to current upstream version and remove non-free files from package -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 25 2014 Roy Rankin <rran...@ihug.com.au> - 3.4.0-0 - Upstream update 3.4.0 - remove non-free directories from package -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.28-1.ESR_31.2.0.el6 (FEDORA-EPEL-2014-3632) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to the codebase of Extended Support Release (ESR) 31.2.0 Fixes various security issues, see https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html and https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html for more info -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Dmitry Butskoy <dmi...@butskoy.name> 2.28-1.ESR_31.2.0 - update to Extended Support Release version 31.2.0, derived from the correspond thunderbird source tree. - build with system libvpx now -------------------------------------------------------------------------------- ================================================================================ ssdeep-2.12-1.el6 (FEDORA-EPEL-2014-3638) Compute context triggered piecewise hashes -------------------------------------------------------------------------------- Update Information: * Fixed issue when comparing identical hashes but with different block sizes. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Remi Collet <r...@fedoraproject.org> - 2.12-1 - update to 2.12 - fix license handling -------------------------------------------------------------------------------- ================================================================================ thunderbird-lightning-3.3-1.el6 (FEDORA-EPEL-2014-3624) The calendar extension to Thunderbird -------------------------------------------------------------------------------- Update Information: Update to 3.3 for TB 31. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 21 2014 Orion Poplawski <or...@cora.nwra.com> - 3.3-1 - Update to 3.3 (gdata 0.32) - Sync system library build options with thunderbird -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154973 - thunderbird-lightning blocking upgrade to RHEL6.6, needs update https://bugzilla.redhat.com/show_bug.cgi?id=1154973 -------------------------------------------------------------------------------- ================================================================================ tinyfugue-5.0-0.22.b8.el6 (FEDORA-EPEL-2014-3579) A MU* client -------------------------------------------------------------------------------- Update Information: TinyFugue is the ubiquitous MUD/MOO/MUSH/MUCK/etc client for UNIX. This client allows you to interact with multiple worlds simultaneously, create command macros, and create hooks and triggers for automated responses to game messages. This release is fully compatible with system PCRE. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 18 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.22.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.21.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.20.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Feb 15 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.19.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.18.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Feb 10 2012 Petr Ĺ abata <con...@redhat.com> - 5.0-0.17.b8 - Unbundle pcre-2.08 (duh) and patch for 8.30 * Sat Jan 14 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.16.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Oct 12 2011 Petr Sabata <con...@redhat.com> - 5.0-0.15.b8 - Don't crash on /ps @ x86_64 (#743468) * Wed Feb 9 2011 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 5.0-0.14.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ tlp-0.6-1.el6 (FEDORA-EPEL-2014-3607) Advanced power management tool for Linux -------------------------------------------------------------------------------- Update Information: New Upstream Version -------------------------------------------------------------------------------- ================================================================================ x2goserver-4.0.1.18-3.el6 (FEDORA-EPEL-2014-3586) X2Go Server -------------------------------------------------------------------------------- Update Information: Update to 4.0.1.16: o Complete rewrite of the NX session state control / monitoring o Enhance support for other desktop session types (OpenBox, IceWM) o Attempt at supporting GNOMEv3 Flashback session in X2Go o Support for Cinnamon 1.4 X2Go Sessions o Support configuration of clipboard behaviour (server-side _and_ client-side) o Fix issues with non-resumable sessions after connection disrupture. o Support desktop sharing if sharable sessions is on a kernel namespace socket only. o Move all NX session files to /tmp. Don't store session information in $HOME anymore. Only place symlinks in $HOME pointing to /tmp. Fixes performance and stability of X2Go with homes on network file systems. o Fix privilege upgrades for applications launched via pkexec. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-3 - Do not require x2goserver-xession, do not ship feature file in main package * Fri Oct 24 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-2 - Require x2goserver-xession * Mon Oct 6 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-1 - Update to 4.0.1.18 * Fri Oct 3 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.17-1 - Update to 4.0.1.17 * Thu Oct 2 2014 Rex Dieter <rdie...@fedoraproject.org> 4.0.1.16-2 - -fmbindings: update mime scriptlets * Thu Sep 25 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.16-1 - Update to 4.0.1.16 * Tue Sep 9 2014 Jitka Plesnikova <jples...@redhat.com> - 4.0.1.15-7 - Perl 5.20 mass * Wed Aug 27 2014 Jitka Plesnikova <jples...@redhat.com> - 4.0.1.15-6 - Perl 5.20 rebuild * Tue Aug 26 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.15-5 - Fix scriptlet requires * Mon Aug 18 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 4.0.1.15-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 4.0.1.15-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel