The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/bugzilla-3.2.10-1.el5https://admin.fedoraproject.org/updates/puppet-2.6.6-2.el5https://admin.fedoraproject.org/updates/rt3-3.6.11-2.el5https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrowse-…https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-…https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el5https://admin.fedoraproject.org/updates/phpMyAdmin3-3.4.5-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
389-ds-base-1.2.10-0.1.a1.el5
RBTools-0.3.4-1.el5
logcheck-1.3.13-6.el5
puppet-2.6.6-2.el5
shorewall-4.4.23.3-1.el5.1
Details about builds:
================================================================================
389-ds-base-1.2.10-0.1.a1.el5 (FEDORA-EPEL-2011-4548)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
slapi_rwlock - transactions - account usability - bug fixes
Fix for managed entry
Fixed source tarball
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.10.a1-0.1
- Bug 739172 - Allow separate fractional attrs for incremental and total protocols
- 6120b3d Make all backend operations transaction aware
- 056cc35 Add support for pre/post db transaction plugins
- Bug 736712 - Modifying ruv entry deadlocks server
- Bug 590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
- Bug 730387 - Add slapi_rwlock API and use POSIX rwlocks
- Bug 611438 - Add Account Usability Control support
* Tue Sep 13 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.10-3
- added back fedora-ds-base stuff so as not to break dependencies
* Wed Sep 7 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.10-2
- corrected source
* Wed Sep 7 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.10-1
- Bug 735114 - renaming a managed entry does not update mepmanagedby
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #739172 - Allow separate fractional attrs to be defined for incremental and total protocols
https://bugzilla.redhat.com/show_bug.cgi?id=739172
[ 2 ] Bug #736712 - Modifying ruv entry deadlocks server
https://bugzilla.redhat.com/show_bug.cgi?id=736712
[ 3 ] Bug #590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
https://bugzilla.redhat.com/show_bug.cgi?id=590826
[ 4 ] Bug #730387 - Use POSIX RW locks instead of NSPR implementation
https://bugzilla.redhat.com/show_bug.cgi?id=730387
[ 5 ] Bug #611438 - [RFE] [CRM#2027194] adding Account Usable Request Control '1.3.6.1.4.1.42.2.27.9.5.8' in RHDS
https://bugzilla.redhat.com/show_bug.cgi?id=611438
[ 6 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
RBTools-0.3.4-1.el5 (FEDORA-EPEL-2011-4547)
Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:
* Tue Sep 27 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
- post-review:
- Added a --change-description option for setting the Change Description
text on drafts
- Bugfixes:
- post-review:
- Newlines in summaries on Git are now converted to spaces, preventing
errors when using --guess-summary
- Fixed authentication failures when accessing a protected /api/info/
URL. This was problematic particularly on RBCommons
- Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
- post-review:
- Added a --change-description option for setting the Change Description
text on drafts
- Bugfixes:
- post-review:
- Newlines in summaries on Git are now converted to spaces, preventing
errors when using --guess-summary
- Fixed authentication failures when accessing a protected /api/info/
URL. This was problematic particularly on RBCommons
- Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------
================================================================================
logcheck-1.3.13-6.el5 (FEDORA-EPEL-2011-4549)
Analyzes log files and sends noticeable events as email
--------------------------------------------------------------------------------
Update Information:
fix the bug #706155 logcheck-test uses mktemp --tempdir. This exists only on el5
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 28 2011 Matthias Runge <mrunge(a)matthias-runge.de> 1.3.13-6
- revise comment about run-parts
- substitute mktemp --tempdir in src/logcheck-test by mktemp -t
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #706155 - logcheck-test uses mktemp --tempdir
https://bugzilla.redhat.com/show_bug.cgi?id=706155
--------------------------------------------------------------------------------
================================================================================
puppet-2.6.6-2.el5 (FEDORA-EPEL-2011-4554)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
A vulnerability was discovered in puppet that would allow an attacker to install a valid X509 Certificate Signing Request at any location on disk, with the privileges of the Puppet Master application. For Fedora and EPEL, this is the puppet user.
Further details can be found in the upstream announcement:
http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740f…
Unless you enable puppet's listen mode on clients, only the puppet master is vulnerable to this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Todd Zullinger <tmz(a)pobox.com> - 2.6.6-2
- Apply upstream patch for CVE-2011-3848
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.23.3-1.el5.1 (FEDORA-EPEL-2011-4559)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.23.3. Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.23/releasenotes.t…
Fix executable permissions for helper programs.
Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.2/releasenotes.txt
Update to 4.4.17.
See the release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.17/releasenotes.t…
And also the notes on migrating from 4.0 to 4.4:
http://www.shorewall.net/LennyToSqueeze.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 22 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.23.3-1.1
- Re-add BuildRoot so package can actually build
* Mon Aug 22 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.23.3-1
- Update to 4.4.23.3
- Use upstreamed SysV init files
- Add cosmetic patches for init files
* Mon Aug 22 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.22.3-2.1
- Fix up error in files list
* Mon Aug 22 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.22.3-2
- Change file list defattr to (-,root,root,-)
- Fix up file lists and permissions
- Fix up a missing virtual Provides
- Rename _baseurl macro to baseurl
* Sat Aug 20 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.22.3-1
- Update to 4.4.22.3
- Remove patches already upstream
* Wed Aug 3 2011 Orion Poplawski <orion(a)cora.nwra.com> - 4.4.22-2
- Add upstream ALL patch to fix handling zones that begin with 'all'
- Add patch to close stdin to prevent some SELinux denial messages (bug 727648)
- Make libexec files executable
* Tue Aug 2 2011 Orion Poplawski <orion(a)cora.nwra.com> - 4.4.22-1
- Update to 4.4.22
* Sat Jul 23 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.21.1-3.1
- Make files in libexec directory executable
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.21-3
- Properly use PERLLIB environment variable for installation of the perl libraries
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.21-2
- Fix Source URL versioning in spec file
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.21-1
- Update to 4.4.21.1
- Fix BZ 720713 (incorrect init file LSB headers)
* Wed May 25 2011 Orion Poplawski <orion(a)cora.nwra.com> - 4.4.19.4-1
- Update to 4.4.19.4
* Sat Mar 5 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.17-2
- Add executable permission to getparams
* Mon Feb 14 2011 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.17-1
- Update to 4.4.17
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 4.4.11.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sat Aug 7 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.11.1-1
- Update to version 4.4.11.1
* Fri Jul 2 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.10-4
- Fix spec file typo
* Wed Jun 16 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.10-3
- Remove separate macros for each tarball version - upstream now releases all
tarballs with the same version number
- Add virtual Provides for shorewall(firewall) to shorewall, shorewall-lite
and shorewall6-lite, and a Requires shorewall(firewall) to shorewall-init.
Note that shorewall6 Requires shorewall, so virtual provides not needed there
* Sun Jun 13 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.10-2
- Add doc files to shorewall-lite subpackage
* Sun Jun 13 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.10-1
- Update to version 4.4.10
- Add new shorewall-init subpackage
- Rename init.sh to shorewall-foo-init.sh
- Add shorewall-init.sh for init subpackage
* Thu Apr 1 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.8-1
- Update to version 4.4.8
- Remove %buildroot setting
- Remove cleaning of buildroot during %install
- Fix %files
* Tue Feb 9 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.6-2
- Fix missing man pages in file lists
* Mon Feb 8 2010 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.6-1
- Update to version 4.4.6
* Thu Dec 10 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.4.2-3
- Fix typo in logrotate script name for shorewall6-lite
* Thu Dec 10 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.4.2-2
- Add logrotate files to packages
* Thu Dec 10 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.4.2-1
- Update to 4.4.4.2
* Fri Nov 6 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.3-1
- Update to 4.4.3
* Thu Sep 3 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.1-1
- Update to 4.4.1
* Tue Aug 18 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.0-2
- Spec file cleanups with respect to package versioning
* Tue Aug 18 2009 Orion Poplawski <orion(a)cora.nwra.com> - 4.4.0-1
- Update to 4.4.0 final
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 4.4.0-0.2.Beta3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jul 7 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.4.0-0.1.Beta3
- Update to 4.4.0-Beta3
* Sat Jun 13 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.3.12-3
- Fix filelist for shorewall6 to include macro.Trcrt
* Sat Jun 13 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.3.12-2
- Remove rfc1918 entries from filelists as no longer included
* Fri Jun 12 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.3.12-1
- Update to version 4.3.12
- Change init files to start as number 28 (previously 25) to ensure starting
after NetworkManager (BZ 505444)
* Wed May 27 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.3.10-2
- Fix up /var/lib directories (BZ 502929)
* Fri May 8 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.3.10-1
- Update to development branch, rearrange sub-packages accordingly
- Remove shorewall-shell, shorewall-perl, shorewall-common subpackages
* Fri May 8 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.8-1
- Update to version 4.2.8
- Update shorewall-perl to 4.2.8.2
- Use global instead of define in macros to comply with packaging guidelines
* Mon Apr 13 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.7-5
- Update shorewall-perl to version 4.2.7.3
* Fri Apr 3 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.7-4
- Update shorewall-perl to version 4.2.7.1 (BZ 493984)
* Thu Mar 26 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.7-3
- Really make the perl compiler default
* Tue Mar 24 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.7-2
- Make the perl compiler the default. Drop shorewall-shell requirement from
shorewall package
* Tue Mar 24 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.7-1
- Update to version 4.2.7
* Fri Mar 6 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.6-2
- Update shorewall-perl to version 4.6.2.2
* Thu Feb 26 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.6-1
- Update to version 4.2.6
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 4.2.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sun Feb 1 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.5-2
- Update shorewal-perl to version 4.2.5.1
* Sat Jan 24 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.5-1
- Update to version 4.2.5
* Thu Jan 15 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.4-4
- Really update shorewall-perl to 4.2.4.6
* Thu Jan 15 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.4-3
- Update shorewall-perl to 4.2.4.6
* Thu Jan 15 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.4-2
- Fix up dependencies between sub-packages
- No longer attempt to own all files in /var/lib/shorewall* but rather clean
them up on package removal
* Sun Jan 11 2009 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.4-1
- Update to version 4.2.4 which adds IPV6 support and two new sub-packages
(shorewall6 and shorewall6-lite)
- Add proper versioning to sub-packages
- Remove patch patch-perl-4.2.3.1
* Tue Dec 30 2008 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 4.2.3-2
- Add upstream patch patch-perl-4.2.3.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720713 - Copy-and-paste error in /etc/rc.d/init.d/shorewall6
https://bugzilla.redhat.com/show_bug.cgi?id=720713
[ 2 ] Bug #654787 - shorewall-4.4.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=654787
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/rt3-3.8.10-2.el6.1https://admin.fedoraproject.org/updates/bugzilla-3.4.11-1.el6https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-…https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el6https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.5-1.el6https://admin.fedoraproject.org/updates/perl-FCGI-0.71-4.el6https://admin.fedoraproject.org/updates/puppet-2.6.6-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
RBTools-0.3.4-1.el6
askbot-0.7.23-1.el6
django-authenticator-0.1.4-1.el6
mongodb-1.8.2-2.el6
moodle-2.1.1-2.el6
proftpd-1.3.3f-1.el6
puppet-2.6.6-2.el6
shorewall-4.4.23.3-1.el6
Details about builds:
================================================================================
RBTools-0.3.4-1.el6 (FEDORA-EPEL-2011-4555)
Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:
* Tue Sep 27 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
- post-review:
- Added a --change-description option for setting the Change Description
text on drafts
- Bugfixes:
- post-review:
- Newlines in summaries on Git are now converted to spaces, preventing
errors when using --guess-summary
- Fixed authentication failures when accessing a protected /api/info/
URL. This was problematic particularly on RBCommons
- Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 0.3.4-1
- New upstream 0.3.4 release
- http://www.reviewboard.org/docs/releasenotes/dev/rbtools/0.3.4/
- New Features:
- post-review:
- Added a --change-description option for setting the Change Description
text on drafts
- Bugfixes:
- post-review:
- Newlines in summaries on Git are now converted to spaces, preventing
errors when using --guess-summary
- Fixed authentication failures when accessing a protected /api/info/
URL. This was problematic particularly on RBCommons
- Fixed diff upload problems on Python 2.7
--------------------------------------------------------------------------------
================================================================================
askbot-0.7.23-1.el6 (FEDORA-EPEL-2011-4550)
Question and Answer forum
--------------------------------------------------------------------------------
Update Information:
upfiles alias for httpd configuration. several minor enhancements and bug fixes
* if RHEL, then depend on python-dateutil15 instead of python-dateutil
* add README.fedora and configuration files for multi-site deployment
* update wsgi, apache httpd configuration and settings.py setup template
* thanks to Toshio Kuriotami for suggesting and reviewing the changes
--------------------------------------------------------------------------------
================================================================================
django-authenticator-0.1.4-1.el6 (FEDORA-EPEL-2011-4557)
Authentication client for django
--------------------------------------------------------------------------------
Update Information:
django-authenticator isn a forked version of django-authopenid module. It is developed for the Askbot project.
--------------------------------------------------------------------------------
================================================================================
mongodb-1.8.2-2.el6 (FEDORA-EPEL-2011-4552)
High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:
Update EPEL 6 to mongodb 1.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 13 2011 Chris Lalancette <clalance(a)redhat.com> - 1.8.2-2
- Make mongodb-devel require boost-devel (BZ 703184)
* Fri Jul 1 2011 Chris Lalancette <clalance(a)redhat.com> - 1.8.2-1
- Update to upstream 1.8.2
- Add patch to ignore TERM
* Fri Jul 1 2011 Chris Lalancette <clalance(a)redhat.com> - 1.8.0-3
- Bump release to build against new boost package
* Sat Mar 19 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.8.0-2
- Make mongod bind only to 127.0.0.1 by default
* Sat Mar 19 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.8.0-1
- Update to 1.8.0
- Remove upstreamed nonce patch
* Wed Feb 16 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.7.5-5
- Add nonce patch
* Sun Feb 13 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.7.5-4
- Manually define to use boost-fs v2
* Sat Feb 12 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.7.5-3
- Disable extra warnings
* Fri Feb 11 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.7.5-2
- Disable compilation errors on warnings
* Fri Feb 11 2011 Nathaniel McCallum <nathaniel(a)natemccallum.com> - 1.7.5-1
- Update to 1.7.5
- Remove CPPFLAGS override
- Added libmongodb package
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
moodle-2.1.1-2.el6 (FEDORA-EPEL-2011-4551)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Minor change to cron setup.
Update to 2.1.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Jon Ciesla <limb(a)jcomserv.net> - 2.1.1-2
- Switched to cli cron script, BZ 733957.
* Tue Aug 16 2011 Jon Ciesla <limb(a)jcomserv.net> - 2.1.1-1
- New upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #733957 - cron path change in moodle-2.1.1-1.el6.noarch
https://bugzilla.redhat.com/show_bug.cgi?id=733957
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3f-1.el6 (FEDORA-EPEL-2011-4556)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes a number of bugs as described in the changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Paul Howarth <paul(a)city-fan.org> 1.3.3f-1
- Update to 1.3.3f, fixing a large number of bugs reported upstream:
- Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639)
- Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used
(bug 3642)
- Disable signal handling for exiting session processes (bug 3644)
- TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652)
- TLSVerifyOrder directive is broken (bug 3658)
- Segmentation fault if there is regex <IfUser> section in a <VirtualHost>
section; this is a regression caused by a bad backport of the fix for
Bug#3625 to the 1.3.3 branch (bug 3659)
- Filenames with embedded IAC do not get processed correctly (bug 3697)
- Drop upstreamed nostrip patch
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
--------------------------------------------------------------------------------
================================================================================
puppet-2.6.6-2.el6 (FEDORA-EPEL-2011-4553)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
A vulnerability was discovered in puppet that would allow an attacker to install a valid X509 Certificate Signing Request at any location on disk, with the privileges of the Puppet Master application. For Fedora and EPEL, this is the puppet user.
Further details can be found in the upstream announcement:
http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740f…
Unless you enable puppet's listen mode on clients, only the puppet master is vulnerable to this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Todd Zullinger <tmz(a)pobox.com> - 2.6.6-2
- Apply upstream patch for CVE-2011-3848
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.23.3-1.el6 (FEDORA-EPEL-2011-4558)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.23.3
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.23/releasenotes.t…
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
Trying to update proftpd in EPEL-6, failed with this in root.log:
DEBUG util.py:247:
http://kojipkgs.fedoraproject.org/repo/rhel/rhel-ppc64-server-6/getPackage/…:
[Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404"
DEBUG util.py:247: Trying other mirror.
DEBUG util.py:247: Error Downloading Packages:
DEBUG util.py:247: openldap-devel-2.4.23-15.el6_1.1.ppc64: failed to
retrieve openldap-devel-2.4.23-15.el6_1.1.ppc64.rpm from build
DEBUG util.py:247: error was [Errno 14] PYCURL ERROR 22 - "The
requested URL returned error: 404"
DEBUG util.py:320: Child returncode was: 1
Same thing for all arches:
http://koji.fedoraproject.org/koji/taskinfo?taskID=3381153
What's going on there?
Paul.
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/rt3-3.8.10-2.el6.1https://admin.fedoraproject.org/updates/Django-1.2.6-2.el6https://admin.fedoraproject.org/updates/cherokee-1.2.99-1.el6https://admin.fedoraproject.org/updates/bugzilla-3.4.11-1.el6https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-…https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el6https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.5-1.el6https://admin.fedoraproject.org/updates/perl-FCGI-0.71-4.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
BackupPC-3.2.1-6.el6
drupal7-views-3.0-0.1.rc1.el6
fio-1.57-1.el6
kile-2.1-1.el6
xfwm4-theme-nodoka-0.2-2.el6
Details about builds:
================================================================================
BackupPC-3.2.1-6.el6 (FEDORA-EPEL-2011-4539)
High-performance backup system
--------------------------------------------------------------------------------
Update Information:
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 21 2011 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.1-6
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
* Fri Aug 12 2011 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.1-4
- change macro conditionals to include tmpfiles.d support starting at
Fedora 15 (bz #730053)
- change install lines to preserve timestamps
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736946 - %post scriptlet broken
https://bugzilla.redhat.com/show_bug.cgi?id=736946
[ 2 ] Bug #730704 - BackupPC SELinux Denial of access to log from cgi interface
https://bugzilla.redhat.com/show_bug.cgi?id=730704
--------------------------------------------------------------------------------
================================================================================
drupal7-views-3.0-0.1.rc1.el6 (FEDORA-EPEL-2011-4543)
Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:
Initial import of drupal7-views package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #737379 - Review Request: drupal7-views - Provides a method for Drupal designers to control content presentation
https://bugzilla.redhat.com/show_bug.cgi?id=737379
--------------------------------------------------------------------------------
================================================================================
fio-1.57-1.el6 (FEDORA-EPEL-2011-4542)
Multithreaded IO generation tool
--------------------------------------------------------------------------------
Update Information:
New fio package for epel, please test :)
--------------------------------------------------------------------------------
================================================================================
kile-2.1-1.el6 (FEDORA-EPEL-2011-4537)
(La)TeX source editor and TeX shell
--------------------------------------------------------------------------------
Update Information:
Sync with master branch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720997 - Build for EPEL 6?
https://bugzilla.redhat.com/show_bug.cgi?id=720997
--------------------------------------------------------------------------------
================================================================================
xfwm4-theme-nodoka-0.2-2.el6 (FEDORA-EPEL-2011-4541)
Nodoka theme for xfwm4
--------------------------------------------------------------------------------
Update Information:
The Nodoka theme for xfwm4. A clean theme featuring soft gradients and Echoey look and feel.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #732832 - xfwm4-theme-nodoka package marked as "default" in comps but not available
https://bugzilla.redhat.com/show_bug.cgi?id=732832
--------------------------------------------------------------------------------
The following Fedora EPEL 4 Security updates need testing:
https://admin.fedoraproject.org/updates/cherokee-1.2.99-2.el4
The following builds have been pushed to Fedora EPEL 4 updates-testing
proftpd-1.3.3f-1.el4
Details about builds:
================================================================================
proftpd-1.3.3f-1.el4 (FEDORA-EPEL-2011-4544)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes a number of bugs as described in the changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Paul Howarth <paul(a)city-fan.org> 1.3.3f-1
- Update to 1.3.3f, fixing a large number of bugs reported upstream:
- Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639)
- Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used
(bug 3642)
- Disable signal handling for exiting session processes (bug 3644)
- TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652)
- TLSVerifyOrder directive is broken (bug 3658)
- Segmentation fault if there is regex <IfUser> section in a <VirtualHost>
section; this is a regression caused by a bad backport of the fix for
Bug#3625 to the 1.3.3 branch (bug 3659)
- Filenames with embedded IAC do not get processed correctly (bug 3697)
- Drop upstreamed nostrip patch
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
--------------------------------------------------------------------------------
The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/bugzilla-3.2.10-1.el5https://admin.fedoraproject.org/updates/rt3-3.6.11-2.el5https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrowse-…https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-…https://admin.fedoraproject.org/updates/cherokee-1.2.99-1.el5https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el5https://admin.fedoraproject.org/updates/phpMyAdmin3-3.4.5-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
BackupPC-3.2.1-6.el5
drupal7-views-3.0-0.1.rc1.el5
fio-1.57-1.el5
proftpd-1.3.3f-1.el5
Details about builds:
================================================================================
BackupPC-3.2.1-6.el5 (FEDORA-EPEL-2011-4540)
High-performance backup system
--------------------------------------------------------------------------------
Update Information:
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 21 2011 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.1-6
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
* Fri Aug 12 2011 Bernard Johnson <bjohnson(a)symetrix.com> - 3.2.1-4
- change macro conditionals to include tmpfiles.d support starting at
Fedora 15 (bz #730053)
- change install lines to preserve timestamps
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736946 - %post scriptlet broken
https://bugzilla.redhat.com/show_bug.cgi?id=736946
[ 2 ] Bug #730704 - BackupPC SELinux Denial of access to log from cgi interface
https://bugzilla.redhat.com/show_bug.cgi?id=730704
--------------------------------------------------------------------------------
================================================================================
drupal7-views-3.0-0.1.rc1.el5 (FEDORA-EPEL-2011-4545)
Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:
Initial import of drupal7-views package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #737379 - Review Request: drupal7-views - Provides a method for Drupal designers to control content presentation
https://bugzilla.redhat.com/show_bug.cgi?id=737379
--------------------------------------------------------------------------------
================================================================================
fio-1.57-1.el5 (FEDORA-EPEL-2011-4546)
Multithreaded IO generation tool
--------------------------------------------------------------------------------
Update Information:
New fio package for epel, please test.
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3f-1.el5 (FEDORA-EPEL-2011-4538)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes a number of bugs as described in the changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Paul Howarth <paul(a)city-fan.org> 1.3.3f-1
- Update to 1.3.3f, fixing a large number of bugs reported upstream:
- Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639)
- Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used
(bug 3642)
- Disable signal handling for exiting session processes (bug 3644)
- TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652)
- TLSVerifyOrder directive is broken (bug 3658)
- Segmentation fault if there is regex <IfUser> section in a <VirtualHost>
section; this is a regression caused by a bad backport of the fix for
Bug#3625 to the 1.3.3 branch (bug 3659)
- Filenames with embedded IAC do not get processed correctly (bug 3697)
- Drop upstreamed nostrip patch
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
--------------------------------------------------------------------------------
Hi,
After a longer than expected period in testing, puppet-2.6.6 is
heading to the stable repos for Fedora and EPEL >= 5). The 0.25.x
branch is not actively maintained. The license has changed from
GPLv2+ to GPLv2 (this was part of an eventual move to ASL 2.0 in
puppet 2.7).
As is typical with puppet version bumps, it is recommended to update
the puppetmaster before updating the clients.
Over the past several months of 2.6.x releases, a good number of
regressions and incompatibilities have been found and fixed. I've had
a testing repo on fedorapeople.org for that time where early adopters
could run the latest code. The feedback I've gathered there has been
positive, with no ugly reports that existing configurations stopped
working after the update (those will all come in after the update goes
to stable, I presume ;).
For details on what's changed, refer to the upstream release notes:
http://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes
I've applied several of the noted fixes from 2.6.7rc1 to the
packages. I plan to get 2.6.9 into testing as soon as 2.6.6 is in
stable, as it contains a number of further improvements for the 2.6.x
series.
Things to watch for:
If you run EL-6 and use SELinux in Enforcing mode, there are policy
changes which will not be pushed into EL until 6.2. Until then, you
can use packages from Dan Walsh's people.redhat.com repo, create your
own local policy module, or use permissive mode. This applies only to
running puppet master, AFAIK. The bug report for this is:
https://bugzilla.redhat.com/show_bug.cgi?id=718390
Dan Walsh's selinux-policy repo is at:
http://people.redhat.com/dwalsh/SELinux/RHEL6/
If you use passenger, the change from puppetmasterd -> puppet master
needs to be handled in your config.ru script. There is an example
script in /usr/share/puppet/ext/rack/files/config.ru. The changes are
pretty trivial, but are unfortunately not something we can properly
automate. Note that passenger is not provided nor supported by EPEL.
Many folks are using it though and we don't want to burden them
without warning.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Life is like an onion: you peel off layer after layer and then you
find there is nothing in it.
-- James Gibbons Huneker
The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/rt3-3.8.10-2.el6.1https://admin.fedoraproject.org/updates/Django-1.2.6-2.el6https://admin.fedoraproject.org/updates/cherokee-1.2.99-1.el6https://admin.fedoraproject.org/updates/bugzilla-3.4.11-1.el6https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-…https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.el6https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.5-1.el6https://admin.fedoraproject.org/updates/perl-FCGI-0.71-4.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
drupal6-video-4.2-1.el6
php-Kohana-2.4-1.rc2.el6
php-php-gettext-1.0.11-3.el6
tpm-quote-tools-1.0.1-1.el6
znc-0.202-1.el6
Details about builds:
================================================================================
drupal6-video-4.2-1.el6 (FEDORA-EPEL-2011-4531)
Allows creation of CCK video fields
--------------------------------------------------------------------------------
Update Information:
Fixes package version problem.
--------------------------------------------------------------------------------
================================================================================
php-Kohana-2.4-1.rc2.el6 (FEDORA-EPEL-2011-4533)
The Swift PHP Framework
--------------------------------------------------------------------------------
Update Information:
New package, required for upcoming gallery3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #693761 - Review Request: php-Kohana - The Swift PHP Framework
https://bugzilla.redhat.com/show_bug.cgi?id=693761
--------------------------------------------------------------------------------
================================================================================
php-php-gettext-1.0.11-3.el6 (FEDORA-EPEL-2011-4535)
Gettext emulation in PHP
--------------------------------------------------------------------------------
Update Information:
This library provides PHP functions to read MO files even when gettext is not compiled in or when appropriate locale is not present on the system.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727000 - Package php-common provides php-gettext, but there is a real php-gettext package
https://bugzilla.redhat.com/show_bug.cgi?id=727000
[ 2 ] Bug #739416 - Review Request: php-php-gettext - Gettext emulation in PHP
https://bugzilla.redhat.com/show_bug.cgi?id=739416
--------------------------------------------------------------------------------
================================================================================
tpm-quote-tools-1.0.1-1.el6 (FEDORA-EPEL-2011-4534)
TPM-based attestation using the TPM quote operation (tools)
--------------------------------------------------------------------------------
Update Information:
This package has never been tested on PowerPC.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #683127 - Review Request: tpm-quote-tools - TPM-based attestation using the TPM quote operation (tools)
https://bugzilla.redhat.com/show_bug.cgi?id=683127
--------------------------------------------------------------------------------
================================================================================
znc-0.202-1.el6 (FEDORA-EPEL-2011-4532)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Upgrade to 0.202
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 25 2011 Nick Bebout <nb(a)fedoraproject.org> - 0.202-1
- Update to 0.202
--------------------------------------------------------------------------------
The following Fedora EPEL 4 Security updates need testing:
https://admin.fedoraproject.org/updates/cherokee-1.2.99-2.el4
The following builds have been pushed to Fedora EPEL 4 updates-testing
php-php-gettext-1.0.11-3.el4
znc-0.202-1.el4
Details about builds:
================================================================================
php-php-gettext-1.0.11-3.el4 (FEDORA-EPEL-2011-4528)
Gettext emulation in PHP
--------------------------------------------------------------------------------
Update Information:
This library provides PHP functions to read MO files even when gettext is not compiled in or when appropriate locale is not present on the system.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727000 - Package php-common provides php-gettext, but there is a real php-gettext package
https://bugzilla.redhat.com/show_bug.cgi?id=727000
[ 2 ] Bug #739416 - Review Request: php-php-gettext - Gettext emulation in PHP
https://bugzilla.redhat.com/show_bug.cgi?id=739416
--------------------------------------------------------------------------------
================================================================================
znc-0.202-1.el4 (FEDORA-EPEL-2011-4529)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Upgrade to 0.202
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 25 2011 Nick Bebout <nb(a)fedoraproject.org> - 0.202-1
- Update to 0.202
--------------------------------------------------------------------------------