The following Fedora EPEL 6 Security updates need testing:
Age URL
919
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
138
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
34
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2811/nodejs-qs-0.6.6-3.el6
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2821/nodejs-send-0.3.0-4.el6
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3286/facter-1.6.18-5.el6
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3421/drupal7-7.32-1.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1.8.31.1-1.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3533/phpMyAdmin-4.0.10.5-1.el6
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3561/nginx-1.0.15-10.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3647/konversation-1.3.1-2.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3589/hostapd-2.0-5.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2.el6.1
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3632/seamonkey-2.28-1.ESR_31.2.0.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
Pound-2.6-2.el6.1
bash-argsparse-1.6.1-3.el6
golang-github-docker-libcontainer-1.2.0-1.gitc907e40.el6
golang-github-stretchr-testify-0-0.5.gitd6577e0.el6
hostapd-2.0-5.el6
jupp-28-1.el6
knot-1.6.0-1.el6
konversation-1.3.1-2.el6
libqxt-0.6.2-7.el6
libreswan-3.11-1.el6
munin-2.0.24-1.el6
nodejs-xtend-4.0.0-2.el6
onionshare-0.6-7.el6
perl-Class-XSAccessor-1.19-5.el6
php-horde-Horde-Alarm-2.2.2-1.el6
php-horde-Horde-Db-2.1.5-1.el6
php-horde-Horde-Pdf-2.0.3-1.el6
php-ircmaxell-random-lib-1.0.0-1.el6
php-pecl-apcu-4.0.7-1.el6
php-pecl-yac-0.9.2-1.el6
pngcrush-1.7.78-1.el6
python-cltk-0.0.0.34-1.el6
python-fedora-0.3.36-2.el6
python-freetype-0.4.2-2.el6
python-mutagen-1.20-7.el6
python-websocket-client-0.14.1-3.el6
rkhunter-1.4.2-4.el6
sdcc-3.4.0-0.el6
seamonkey-2.28-1.ESR_31.2.0.el6
ssdeep-2.12-1.el6
thunderbird-lightning-3.3-1.el6
tinyfugue-5.0-0.22.b8.el6
tlp-0.6-1.el6
x2goserver-4.0.1.18-3.el6
Details about builds:
================================================================================
Pound-2.6-2.el6.1 (FEDORA-EPEL-2014-3623)
Reverse proxy and load balancer
--------------------------------------------------------------------------------
Update Information:
Backport various security fixes.
Note they usually are extra options that need
to be enabled manually so that we won't break functionality:
- CVE-2011-3389: Make it possible to deny use of "BEAST" vulnerable ciphers
- CVE-2012-4929: Disable compression to be safe from "CRIME"
- CVE-2005-2090: Chunked encofing response splitting (no awkward name here)
- CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from "POODLE"
- A redirect XSS fix
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 24 2014 Lubomir Rintel <lkund...@v3.sk> - 2.6-2.1
- Backport various security fixes. Note they usually are extra options that need
to be enabled manually so that we won't break functionality:
- CVE-2011-3389: Make it possible to deny use of "BEAST" vulnerable ciphers
- CVE-2012-4929: Disable compression to be safe from "CRIME"
- CVE-2005-2090: Chunked encofing response splitting (no awkward name here)
- CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from "POODLE"
- A redirect XSS fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154335 - Upgrade to latest 2.6 release of Pound
https://bugzilla.redhat.com/show_bug.cgi?id=1154335
--------------------------------------------------------------------------------
================================================================================
bash-argsparse-1.6.1-3.el6 (FEDORA-EPEL-2014-3630)
An high level argument parsing library for bash
--------------------------------------------------------------------------------
Update Information:
Following package review in #1129220, and since the taskotron has problem
resolving file dependencies, I've discarded 1.6.1-2 and turned file names into
package names in the dependencies.
Following package review in #1129220, this is the first build of the
bash-argsparse package.
Following package review in #1129220, this is the first build of the
bash-argsparse package.
Following package review in #1129220, this is the first build of the
bash-argsparse package.
Following package review in #1129220, this is the first build of the
bash-argsparse package.
--------------------------------------------------------------------------------
================================================================================
golang-github-docker-libcontainer-1.2.0-1.gitc907e40.el6
(FEDORA-EPEL-2014-3608)
Configuration options for containers
--------------------------------------------------------------------------------
Update Information:
bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 24 2014 Lokesh Mandvekar <l...@fedoraproject.org> - 1.2.0-1.gitc907e40
- bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13
--------------------------------------------------------------------------------
================================================================================
golang-github-stretchr-testify-0-0.5.gitd6577e0.el6 (FEDORA-EPEL-2014-3666)
Tools for testifying that your code will behave as you intend
--------------------------------------------------------------------------------
Update Information:
Bump to upstream d6577e08ec30538639ac0ea38b562b6f250e9055
new golang package
New golang package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141872 - Review Request: golang-github-stretchr-testify - Tools
for testifying that your code will behave as you intend
https://bugzilla.redhat.com/show_bug.cgi?id=1141872
--------------------------------------------------------------------------------
================================================================================
hostapd-2.0-5.el6 (FEDORA-EPEL-2014-3589)
IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
--------------------------------------------------------------------------------
Update Information:
Apply fixes for CVE-2014-3686
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 John W. Linville <linvi...@redhat.com> - 2.0-5
- Apply fixes for CVE-2014-3686
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151259 - CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and
hostapd_cli remote command execution issue
https://bugzilla.redhat.com/show_bug.cgi?id=1151259
--------------------------------------------------------------------------------
================================================================================
jupp-28-1.el6 (FEDORA-EPEL-2014-3598)
Compact and feature-rich WordStar-compatible editor
--------------------------------------------------------------------------------
Update Information:
Changes for jupp 28
===================
* Mention in comments that when enabling the -backpath option, its argument
must not be quoted, nor followed by a comment; issue found by R. Hubbell
* Some mostly harmless code cleanup; fix speeds[] array access/sizing;
reported by dcb (LP#1348559, LP#1348614)
* Fix size_t mixup
* Introduce ^KF (jupprc): compile and download NXC program to NXT brick, for
Freedroidz, a project of Teckids e.V. sponsored by tarent solutions GmbH
* Better const-cleanliness of code
* Quell New File message for scratch buffers
* Fix URI in ChangeLog file
* Actually build with LFS on GNU/Linux
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Robert Scheck <rob...@fedoraproject.org> 28-1
- Upgrade to 28
* Sat Aug 16 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 27-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
knot-1.6.0-1.el6 (FEDORA-EPEL-2014-3631)
An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:
new upstream release:
- support for persistent zone timers (expire, refresh, and flush)
- DNSSEC: RFC-compliant processing of letter case in RDATA domain names
- EDNS: return minimal response for queries with unsupported version
- EDNS: fix interpretation of Extended RCODE
- transfers: fix forced zone retransfer
- timers: properly expire zone when transfer is being refused by master
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Jan Vcelak <jvce...@fedoraproject.org> 1.6.0-1
- new upstream release:
+ support for persistent zone timers (expire, refresh, and flush)
+ DNSSEC: RFC-compliant processing of letter case in RDATA domain names
+ EDNS: return minimal response for queries with unsupported version
+ EDNS: fix interpretation of Extended RCODE
+ transfers: fix forced zone retransfer
+ timers: properly expire zone when transfer is being refused by master
--------------------------------------------------------------------------------
================================================================================
konversation-1.3.1-2.el6 (FEDORA-EPEL-2014-3647)
A user friendly IRC client
--------------------------------------------------------------------------------
Update Information:
out-of-bounds read flaw (#1157343,1156418)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 27 2014 Rex Dieter <rdie...@fedoraproject.org> 1.3.1-2
- out-of-bounds read flaw (#1157343,1156418)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1156418 - CVE-2014-8483 quassel, konversation: out-of-bounds read
on a heap-allocated array
https://bugzilla.redhat.com/show_bug.cgi?id=1156418
--------------------------------------------------------------------------------
================================================================================
libqxt-0.6.2-7.el6 (FEDORA-EPEL-2014-3629)
Qt extension library
--------------------------------------------------------------------------------
Update Information:
Bring libqxt to EPEL6 and EPEL7
--------------------------------------------------------------------------------
================================================================================
libreswan-3.11-1.el6 (FEDORA-EPEL-2014-3641)
IPsec implementation with IKEv1 and IKEv2 keying protocols
--------------------------------------------------------------------------------
Update Information:
Updated to 3.11, startup fixes, don't use modp2048 for ikev1 aggr mode per
default, read secrets with obsoleted password entries
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Paul Wouters <pwout...@redhat.com> - 3.11-1
- Updated to 3.11 (many fixes, including startup fixes)
- Resolves: rhbz#1144941 libreswan 3.10 upgrade breaks old ipsec.secrets configs
- Resolves: rhbz#1147072 ikev1 aggr mode connection fails after libreswan
upgrade
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1144941 - libreswan 3.10 upgrade breaks old ipsec.secrets configs
https://bugzilla.redhat.com/show_bug.cgi?id=1144941
[ 2 ] Bug #1147072 - ikev1 aggr mode connection fails after libreswan upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1147072
--------------------------------------------------------------------------------
================================================================================
munin-2.0.24-1.el6 (FEDORA-EPEL-2014-3669)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Upstream released 2.0.24
Upstream released 2.0.23
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.24-1
- Upstream released 2.0.24
* Sat Oct 18 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.23-1
- Upstream released 2.0.23
* Fri Oct 17 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.22-1
- Upstream released 2.0.22
* Tue Oct 7 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-8
- BZ# 1149948 - munin-async pid file in /var/run rather than /var/run/munin
* Mon Sep 15 2014 Petr Pisar <ppi...@redhat.com> - 2.0.21-6
- Build against perl 5.20
* Sun Sep 14 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-6
- Add amavis plugin config defaults
* Sun Sep 7 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-5
- BZ# 1114857 - munin-2.0.21-2.fc21 FTBFS: No Package found for java-1.7.0-devel
- re-merge earlier commit for epel7
* Fri Aug 29 2014 Jitka Plesnikova <jples...@redhat.com> - 2.0.21-4
- Perl 5.20 rebuild
* Fri Aug 1 2014 "D. Johnson" <fenri...@fedoraproject.org> - 2.0.21-3
- Default to a localhost name to prevent munin-node from complaining
* Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Apr 28 2014 Lubomir Rintel <lkund...@v3.sk> - 2.0.21-1.1
- mx4j is not a build time dependency
- RHEL 7 Actually uses systemd too
- No Net::CIDR in el7
- No Cache::Memcached in el7
- Carp::Always is not actually required
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1114857 - munin-2.0.21-2.fc21 FTBFS: No Package found for
java-1.7.0-devel
https://bugzilla.redhat.com/show_bug.cgi?id=1114857
[ 2 ] Bug #1149948 - munin-async pid file in /var/run rather than
/var/run/munin
https://bugzilla.redhat.com/show_bug.cgi?id=1149948
--------------------------------------------------------------------------------
================================================================================
nodejs-xtend-4.0.0-2.el6 (FEDORA-EPEL-2014-3626)
Extend like a boss
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1144665 - Review Request: nodejs-xtend - Extend like a boss
https://bugzilla.redhat.com/show_bug.cgi?id=1144665
--------------------------------------------------------------------------------
================================================================================
onionshare-0.6-7.el6 (FEDORA-EPEL-2014-3609)
Securely and anonymously share files of any size
--------------------------------------------------------------------------------
Update Information:
Securely and anonymously share files of any size
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1155083 - onionshare has wrong dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1155083
--------------------------------------------------------------------------------
================================================================================
perl-Class-XSAccessor-1.19-5.el6 (FEDORA-EPEL-2014-3667)
Generate fast XS accessors without run-time compilation
--------------------------------------------------------------------------------
Update Information:
Don't depend on Class::XSAccessor::Heavy.
Class::XSAccessor implements fast read, write and read/write accessors in XS.
Additionally, it can provide predicates such as has_foo() for testing whether
the attribute foo is defined in the object. It only works with objects that are
implemented as ordinary hashes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1155085 - requirement filtering fails on epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1155085
[ 2 ] Bug #474818 - Review Request: perl-Class-XSAccessor - Generate fast XS
accessors without runtime compilation
https://bugzilla.redhat.com/show_bug.cgi?id=474818
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Alarm-2.2.2-1.el6 (FEDORA-EPEL-2014-3590)
Horde Alarm Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Db 2.1.5
* [jan] Fix migrating NULL values to BLOB on Oracle.
Horde_Alarm 2.2.2
* refresh locales
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 25 2014 Remi Collet <r...@fedoraproject.org> - 2.2.2-1
- Update to 2.2.2 (locale update only)
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.1.5-1.el6 (FEDORA-EPEL-2014-3590)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Db 2.1.5
* [jan] Fix migrating NULL values to BLOB on Oracle.
Horde_Alarm 2.2.2
* refresh locales
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 25 2014 Remi Collet <r...@fedoraproject.org> - 2.1.5-1
- Update to 2.1.5
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Pdf-2.0.3-1.el6 (FEDORA-EPEL-2014-3622)
Horde PDF library
--------------------------------------------------------------------------------
Update Information:
PDF generation using only PHP, without requiring any external libraries.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141526 - Review Request: php-horde-Horde-Pdf - Horde PDF library
https://bugzilla.redhat.com/show_bug.cgi?id=1141526
--------------------------------------------------------------------------------
================================================================================
php-ircmaxell-random-lib-1.0.0-1.el6 (FEDORA-EPEL-2014-3574)
A Library For Generating Secure Random Numbers
--------------------------------------------------------------------------------
Update Information:
A library for generating random numbers and strings of various strengths.
This library is useful in security contexts.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1129714 - Review Request: php-ircmaxell-random-lib - A Library For
Generating Secure Random Numbers
https://bugzilla.redhat.com/show_bug.cgi?id=1129714
--------------------------------------------------------------------------------
================================================================================
php-pecl-apcu-4.0.7-1.el6 (FEDORA-EPEL-2014-3636)
APC User Cache
--------------------------------------------------------------------------------
Update Information:
* fix inconsistent member names for entries in userland
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 27 2014 Remi Collet <r...@fedoraproject.org> - 4.0.7-1
- Update to 4.0.7
--------------------------------------------------------------------------------
================================================================================
php-pecl-yac-0.9.2-1.el6 (FEDORA-EPEL-2014-3646)
Lockless user data cache
--------------------------------------------------------------------------------
Update Information:
Yac (Yet Another Cache) is a shared memory user data cache for PHP.
It can be used to replace APC or local memcached.
Yac is lockless, that means, it is very fast, but there could be a chance you
will get a wrong data(depends on how many key slots are allocated and how many
keys are stored), so you'd better make sure that your product is not very
sensitive to that.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138901 - Review Request: php-pecl-yac - Lockless user data cache
https://bugzilla.redhat.com/show_bug.cgi?id=1138901
--------------------------------------------------------------------------------
================================================================================
pngcrush-1.7.78-1.el6 (FEDORA-EPEL-2014-3655)
Optimizer for PNG (Portable Network Graphics) files
--------------------------------------------------------------------------------
Update Information:
New upstream release + add man page from Debian sid
--------------------------------------------------------------------------------
================================================================================
python-cltk-0.0.0.34-1.el6 (FEDORA-EPEL-2014-3643)
NLP support for Ancient Greek and Latin
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146926 - Review Request: python-cltk - NLP support for Ancient
Greek and Latin
https://bugzilla.redhat.com/show_bug.cgi?id=1146926
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.36-2.el6 (FEDORA-EPEL-2014-3628)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
Backport the fix to flask-fas-openid merged upstream at
https://github.com/fedora-infra/python-fedora/pull/108
New upstream release fixing logging in openidbaseclient
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
New upstream release fixing logging in openidbaseclient
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream:
https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Pierre-Yves Chibon <pin...@pingoured.fr> - 0.3.36-2
- Backport the flask-fas-openid fix merged upstream at:
https://github.com/fedora-infra/python-fedora/pull/108
* Thu Aug 7 2014 Toshio Kuratomi <tos...@fedoraproject.org> - 0.3.36-1
- New upstream release fixing logging in openidbaseclient
* Wed Aug 6 2014 Toshio Kuratomi <tos...@fedoraproject.org> - 0.3.35-1
- Upstream 0.3.35 release that adds openidbaseclient
* Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 0.3.34-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name
'NullHandler' is not defined"
https://bugzilla.redhat.com/show_bug.cgi?id=1150301
--------------------------------------------------------------------------------
================================================================================
python-freetype-0.4.2-2.el6 (FEDORA-EPEL-2014-3663)
Freetype python bindings
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146931 - Review Request: python-freetype - Freetype python
bindings
https://bugzilla.redhat.com/show_bug.cgi?id=1146931
--------------------------------------------------------------------------------
================================================================================
python-mutagen-1.20-7.el6 (FEDORA-EPEL-2014-3581)
Mutagen is a Python module to handle audio metadata
--------------------------------------------------------------------------------
Update Information:
python-mutagen for EL6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152383 - Please package python-mutagen for EL6 and EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1152383
--------------------------------------------------------------------------------
================================================================================
python-websocket-client-0.14.1-3.el6 (FEDORA-EPEL-2014-3597)
WebSocket client for python
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 0.14.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 28 2014 Kalev Lember <kalevlem...@gmail.com> - 0.14.1-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Thu May 22 2014 Ralph Bean <rb...@redhat.com> - 0.14.1-1
- Latest upstream with python3 support.
* Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 0.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rkhunter-1.4.2-4.el6 (FEDORA-EPEL-2014-3580)
A host-based tool to scan for rootkits, backdoors and local exploits
--------------------------------------------------------------------------------
Update Information:
Set /var/lib/rkhunter to be mode 700. fixes bug #1154428
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 27 2014 Kevin Fenzi <ke...@scrye.com> 1.4.2-5
- Set /var/lib/rkhunter to be mode 700. fixes bug #1154428
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154428 - rkhunter potentially exposes securtiy critical files in
insecure tmpdir
https://bugzilla.redhat.com/show_bug.cgi?id=1154428
--------------------------------------------------------------------------------
================================================================================
sdcc-3.4.0-0.el6 (FEDORA-EPEL-2014-3602)
Small Device C Compiler
--------------------------------------------------------------------------------
Update Information:
Update to current upstream version and remove non-free files from package
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 25 2014 Roy Rankin <rran...@ihug.com.au> - 3.4.0-0
- Upstream update 3.4.0
- remove non-free directories from package
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.28-1.ESR_31.2.0.el6 (FEDORA-EPEL-2014-3632)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to the codebase of Extended Support Release (ESR) 31.2.0
Fixes various security issues, see
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html and
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html for
more info
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2014 Dmitry Butskoy <dmi...@butskoy.name> 2.28-1.ESR_31.2.0
- update to Extended Support Release version 31.2.0, derived
from the correspond thunderbird source tree.
- build with system libvpx now
--------------------------------------------------------------------------------
================================================================================
ssdeep-2.12-1.el6 (FEDORA-EPEL-2014-3638)
Compute context triggered piecewise hashes
--------------------------------------------------------------------------------
Update Information:
* Fixed issue when comparing identical hashes but with different block sizes.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2014 Remi Collet <r...@fedoraproject.org> - 2.12-1
- update to 2.12
- fix license handling
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-3.3-1.el6 (FEDORA-EPEL-2014-3624)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
Update to 3.3 for TB 31.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 21 2014 Orion Poplawski <or...@cora.nwra.com> - 3.3-1
- Update to 3.3 (gdata 0.32)
- Sync system library build options with thunderbird
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154973 - thunderbird-lightning blocking upgrade to RHEL6.6, needs
update
https://bugzilla.redhat.com/show_bug.cgi?id=1154973
--------------------------------------------------------------------------------
================================================================================
tinyfugue-5.0-0.22.b8.el6 (FEDORA-EPEL-2014-3579)
A MU* client
--------------------------------------------------------------------------------
Update Information:
TinyFugue is the ubiquitous MUD/MOO/MUSH/MUCK/etc client for UNIX. This client
allows you to interact with multiple worlds simultaneously, create command
macros, and create hooks and triggers for automated responses to game messages.
This release is fully compatible with system PCRE.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 18 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.22.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.21.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.20.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.19.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.18.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Feb 10 2012 Petr Ĺ abata <con...@redhat.com> - 5.0-0.17.b8
- Unbundle pcre-2.08 (duh) and patch for 8.30
* Sat Jan 14 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.16.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Oct 12 2011 Petr Sabata <con...@redhat.com> - 5.0-0.15.b8
- Don't crash on /ps @ x86_64 (#743468)
* Wed Feb 9 2011 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 5.0-0.14.b8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
tlp-0.6-1.el6 (FEDORA-EPEL-2014-3607)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
New Upstream Version
--------------------------------------------------------------------------------
================================================================================
x2goserver-4.0.1.18-3.el6 (FEDORA-EPEL-2014-3586)
X2Go Server
--------------------------------------------------------------------------------
Update Information:
Update to 4.0.1.16:
o Complete rewrite of the NX session state control / monitoring
o Enhance support for other desktop session types (OpenBox, IceWM)
o Attempt at supporting GNOMEv3 Flashback session in X2Go
o Support for Cinnamon 1.4 X2Go Sessions
o Support configuration of clipboard behaviour (server-side _and_ client-side)
o Fix issues with non-resumable sessions after connection disrupture.
o Support desktop sharing if sharable sessions is on a kernel namespace
socket only.
o Move all NX session files to /tmp. Don't store session information in $HOME
anymore. Only place symlinks in $HOME pointing to /tmp. Fixes performance and
stability of X2Go with homes on network file systems.
o Fix privilege upgrades for applications launched via pkexec.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 24 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-3
- Do not require x2goserver-xession, do not ship feature file in main package
* Fri Oct 24 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-2
- Require x2goserver-xession
* Mon Oct 6 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.18-1
- Update to 4.0.1.18
* Fri Oct 3 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.17-1
- Update to 4.0.1.17
* Thu Oct 2 2014 Rex Dieter <rdie...@fedoraproject.org> 4.0.1.16-2
- -fmbindings: update mime scriptlets
* Thu Sep 25 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.16-1
- Update to 4.0.1.16
* Tue Sep 9 2014 Jitka Plesnikova <jples...@redhat.com> - 4.0.1.15-7
- Perl 5.20 mass
* Wed Aug 27 2014 Jitka Plesnikova <jples...@redhat.com> - 4.0.1.15-6
- Perl 5.20 rebuild
* Tue Aug 26 2014 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.15-5
- Fix scriptlet requires
* Mon Aug 18 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 4.0.1.15-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 4.0.1.15-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
