Hi folks,
Joshua Trimm (FAS: enslaver) has joined the K12Linux project, and is
currently working on formal integration of LTSP for EL-6. It is our intent
for EPEL-6 to eventually contain all components of LTSP. After EPEL-6 is
complete, Fedora may be considered. I have largely moved on from this
project, but I am helping the transition to new developers. Joshua is
doing at least EPEL-6 since his employer relies upon it. In the long-term
K12Linux needs more knowledgeable Fedora developers in order to be
sustainable.
*Packages*
Certain: ltsp, ltspfs, ldm, mkdst, nbd, ltsp-client-kernel
Possibly: unionfs-fuse
*NBD needs to be upgraded in EPEL-6*
https://bugzilla.redhat.com/show_bug.cgi?id=695066#c3
Prior versions of NBD lacked initscripts and standard port assignments, but
this has changed with recent versions of NBD upstream.
https://bugzilla.redhat.com/show_bug.cgi?id=877518
A systemd unit file was proposed here. We would need an equivalent
sysvinit script for EPEL-6.
*NBD Upgrade Risk Analysis*
- EL-6 lacks nbd.ko, so the userspace nbd-client in EPEL-6 could not be
used. Thus it is possible nobody was using the userspace-only nbd-server
daemon on EL-6?
- *Scenarios:* Does 3.2 remain compatible with old nbd client/server and
invocation scripts? If command line parameters and the wire protocol
remains compatible, then risk to users is negligible. (Joshua is
researching this.)
- *Yes, safe to upgrade:* The old way of using nbd by manually
specifying port numbers is deprecated but supported in nbd-3.2, so users
will not notice any difference.
- *No, safe to upgrade: *Even though it is not compatible, nobody was
actually using nbd-server on EL-6, so we can safely upgrade it.
- *No, not safe to upgrade:* Not compatible, and we don't want to
risk breaking users who might have relied on the old nbd-server on EL-6.
Use a parallel nbd3 package.
- Alternative nbd3 package would obviate the risk of upgrading, but it
would create an added maintenance burden. nbd has had several CVE
advisories in the past, and we really would be better off avoiding the need
to maintain redundant daemons. By upgrading nbd in EPEL-6, it will make it
easier to maintain in the future as security fixes will not need to be
backported.
I believe we have a strong case for upgrading under any of the above
scenarios. Joshua will research the compatibility issue to better inform
us of the actual extent of upgrade risk.
*
*
*unionfs-fuse and dracut module*
Currently LTSP clients netboot a dracut-network generated initrd which
mounts a read-only NFS or NBD root filesystem and relies upon /etc/rwtab*.
In theory rwtab bind mounts copies of files and directories to the
read-only filesystem to allow a stateless client to boot. In practice
rwtab has significant problems and was never well supported as most
developers never test in readonly root stateless mode. As an alternative,
Joshua intends to try the fuse-based unionfs overlay to mimic the
kernel-based unionfs overlay used by Debian LTSP.
http://podgorny.cz/moin/UnionFsFusehttp://pkgs.repoforge.org/fuse-unionfs/
Someone made packages, although it hasn't been tried yet. It would
theoretically require a dracut module to move /sysroot to another name,
then mount the fuse overlay as /sysroot prior to mounting of any auxiliary
filesystems (/proc?) and switch_root. The "other name" may need to be
protected from the deletion that occurs prior to switch_root. Hopefully
fuse will work as expected even after a switch_root.
*LTSP Client Kernel*
https://www.redhat.com/archives/epel-devel-list/2011-May/msg00059.html
LTSP for EPEL-6 will require a LTSP-only embedded kernel as proposed back
in May 2011. Please see this previous thread about why it would be safe
for EPEL-6.
Warren Togami
The following Fedora EPEL 5 Security updates need testing:
Age URL
344 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.…
238 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-…
44 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4…
37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0425/nginx-0.8.55-…
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0683/mimetex-1.74-…
12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0711/git-1.8.1.4-2…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0728/puppet-2.6.18…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0734/drupal7-views…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0754/boost141-1.41…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0819/libarchive-2.…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0837/drupal7-rules…
The following builds have been pushed to Fedora EPEL 5 updates-testing
opendkim-2.8.2-1.el5
vanessa_logger-0.0.10-2.el5
weechat-0.4.0-3.el5
Details about builds:
================================================================================
opendkim-2.8.2-1.el5 (FEDORA-EPEL-2013-0848)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Update to 2.8.2.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2013 Steve Jenkins <steve stevejenkins com> 2.8.2-1
- Updated to use newer upstream 2.8.2 source code
* Tue Mar 19 2013 Steve Jenkins <steve stevejenkins com> 2.8.1-1
- Updated to use newer upstream 2.8.1 source code
- Removed patches for bugs fixed in upstream source
* Wed Feb 27 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-4
- Added patch from upstream to fix libdb compatibility issues
* Tue Feb 26 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-3
- Split into two spec files: systemd (F17+) and SysV (EL5-6)
- systemd-only: Removed leading / from unitdir variables
- Removed commented source lines
- Created comment sections for easy switching between systemd and SysV
* Mon Feb 25 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-2
- Added / in front of unitdir variables
* Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1
- Happy Birthday to me! :)
- Updated to use newer upstream 2.8.0 source code
- Migration from SysV initscript to systemd unit file
- Added systemd build requirement
- Edited comments in default configuration files
- Changed default Canonicalization to relaxed/relaxed in config file
- Changed default values in EnvironmentFile
- Moved program startup options into EnvironmentFile
- Moved default key check and generation on startup to external script
- Removed AutoRestart directives from default config (systemd will handle)
- Incorporated additional variable names throughout spec file
- Added support for new opendkim-sysvinit package for legacy SysV systems
--------------------------------------------------------------------------------
================================================================================
vanessa_logger-0.0.10-2.el5 (FEDORA-EPEL-2013-0850)
Generic logging layer
--------------------------------------------------------------------------------
Update Information:
Update to 0.0.10 version as perdition requirement
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Aug 6 2012 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.0.10-1
- Update to 0.0.10
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon May 7 2012 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.0.8-8
- Remove static libraries mention from description and summary (bz#817949).
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
weechat-0.4.0-3.el5 (FEDORA-EPEL-2013-0846)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
Enable _hardened_build as weechat matches the "long running" criterion
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 30 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.4.0-3
- enable _hardened_build as weechat matches the "long running" criteria
- remove redundant PIE patch
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
532 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribb…
344 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
266 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1…
44 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4…
37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0420/awstats-7.0-3…
37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0423/nginx-1.0.15-…
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0686/mimetex-1.74-…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0707/darkserver-0.…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0698/darkserver-0.…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0741/drupal7-views…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0720/puppet-2.6.18…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0692/v8-3.14.5.8-1…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0800/moodle-2.2.9-…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0809/py-bcrypt-0.3…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0822/roundcubemail…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0836/drupal7-rules…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0823/openstack-key…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0830/ngircd-20.2-1…
The following builds have been pushed to Fedora EPEL 6 updates-testing
metis-5.0.3-10.el6
mock-1.1.30-1.el6
opendkim-2.8.2-1.el6
python-django-tastypie-0.9.14-1.el6
vanessa_logger-0.0.10-2.el6
weechat-0.4.0-6.el6
Details about builds:
================================================================================
metis-5.0.3-10.el6 (FEDORA-EPEL-2013-0843)
Serial Graph Partitioning and Fill-reducing Matrix Ordering
--------------------------------------------------------------------------------
Update Information:
- Removed BR 'perl-Carp' (Bug 926996)
- Added LD_PRELOAD before help2man tasks to fix manpage shared_lib_error
This is first Update for metis packages.
This is first Update for metis packages.
This is first Update for metis packages.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #920518 - Review Request: metis - Serial Graph Partitioning and Fill-reducing Matrix Ordering
https://bugzilla.redhat.com/show_bug.cgi?id=920518
--------------------------------------------------------------------------------
================================================================================
mock-1.1.30-1.el6 (FEDORA-EPEL-2013-0847)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Added some logic to kill RPM DB lock files before and after chroot operations that might run rpm
main fix is to remove CLONE_NEWPID until we figure out correct usage for mock. This fixes memory hog issues on rawhide kernel
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Clark Williams <williams(a)redhat.com> - 1.1.30-1
- beef up the logic to remove RPM lock files inside the chroot
- add backup-before-clean configuration options [BZ# 799639]
- added fedora-19 config files [BZ# 922268]
- package_state plugin: don't run repoquery when offline [BZ# 927496]
* Fri Feb 22 2013 Clark Williams <williams(a)redhat.com> - 1.1.29-1
- move CLONE_NEWUTS to extended unshare options [BZ# 890695]
- make epel-5-* config files safe to eval [BZ# 903686]
- remove CLONE_NEWPID (for now) from unshare(2) call [BZ# 894623]
- initialize package_state_opts so that package_state plugin will work
- change default tests environment to be -i386
- From Tim Woods <timw.fedora(a)gmail.com>
- Fix mockchain repo id calculation [BZ# 880849]
- From Tzafrir Cohen <tzafrir.cohen(a)xorcom.com>
- Fix most bashism in test scripts
- From Seth Vidal <skvidal(a)fedoraproject.org>:
- mockchain: allow for a non-username tmpdir prefix
- mockchain: comma is a protected character make it _ instead
--------------------------------------------------------------------------------
================================================================================
opendkim-2.8.2-1.el6 (FEDORA-EPEL-2013-0842)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Update to 2.8.2.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton.
Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton.
Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales.
BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Applied patch from upstream to fix libdb compatibility issues.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
Update to newer 2.8.0 upstream source.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2013 Steve Jenkins <steve stevejenkins com> 2.8.2-1
- Updated to use newer upstream 2.8.2 source code
* Tue Mar 19 2013 Steve Jenkins <steve stevejenkins com> 2.8.1-1
- Updated to use newer upstream 2.8.1 source code
- Removed patches for bugs fixed in upstream source
* Wed Feb 27 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-4
- Added patch from upstream to fix libdb compatibility issues
* Tue Feb 26 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-3
- Split into two spec files: systemd (F17+) and SysV (EL5-6)
- systemd-only: Removed leading / from unitdir variables
- Removed commented source lines
- Created comment sections for easy switching between systemd and SysV
* Mon Feb 25 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-2
- Added / in front of unitdir variables
* Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1
- Happy Birthday to me! :)
- Updated to use newer upstream 2.8.0 source code
- Migration from SysV initscript to systemd unit file
- Added systemd build requirement
- Edited comments in default configuration files
- Changed default Canonicalization to relaxed/relaxed in config file
- Changed default values in EnvironmentFile
- Moved program startup options into EnvironmentFile
- Moved default key check and generation on startup to external script
- Removed AutoRestart directives from default config (systemd will handle)
- Incorporated additional variable names throughout spec file
- Added support for new opendkim-sysvinit package for legacy SysV systems
--------------------------------------------------------------------------------
================================================================================
python-django-tastypie-0.9.14-1.el6 (FEDORA-EPEL-2013-0844)
A flexible and capable API layer for Django
--------------------------------------------------------------------------------
Update Information:
New upstream release
Update to upstream 0.9.12
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2013 Miro Hrončok <mhroncok(a)redhat.com> - 0.9.14-1
- New version
- Using new GitHub rule to get archive with tests
- Run tests manually
- Added BR python-defusedxml
- Dropped dance around release and development versioning
- Added patch for Django 1.5
* Mon Mar 25 2013 Cédric OLIVIER <cedric.olivier(a)free.fr> 0.9.12-1
- Updated to upstream 0.9.12
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.9.12-0.2.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #915294 - Update tastypie to latest upstream version v0.9.12
https://bugzilla.redhat.com/show_bug.cgi?id=915294
--------------------------------------------------------------------------------
================================================================================
vanessa_logger-0.0.10-2.el6 (FEDORA-EPEL-2013-0845)
Generic logging layer
--------------------------------------------------------------------------------
Update Information:
Update to 0.0.10 version as perdition requirement
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Aug 6 2012 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.0.10-1
- Update to 0.0.10
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon May 7 2012 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.0.8-8
- Remove static libraries mention from description and summary (bz#817949).
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.8-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
weechat-0.4.0-6.el6 (FEDORA-EPEL-2013-0849)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
Enable _hardened_build as weechat matches the "long running" criterion
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 30 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.4.0-6
- enable _hardened_build as weechat matches the "long running" criteria
- remove redundant PIE patch
* Fri Mar 29 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.4.0-5
- fix crash with Ruby 2.0
* Wed Mar 13 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.4.0-4
- rebuild with Ruby 2.0.0
- add patch to properly obtain the version of ruby
- fix bogus dates in older changelog entries
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.4.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
The following Fedora EPEL 5 Security updates need testing:
Age URL
342 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.…
236 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-…
42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4…
35 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0425/nginx-0.8.55-…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0683/mimetex-1.74-…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0711/git-1.8.1.4-2…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0728/puppet-2.6.18…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0734/drupal7-views…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0754/boost141-1.41…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0819/libarchive-2.…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0837/drupal7-rules…
The following builds have been pushed to Fedora EPEL 5 updates-testing
drupal7-mediawiki_api-1.0-0.7.beta2.el5
drupal7-rules-2.3-1.el5
drupal7-theme-adaptivetheme-3.1-1.el5
libarchive-2.8.4-6.el5
tudu-0.8.2-1.el5
Details about builds:
================================================================================
drupal7-mediawiki_api-1.0-0.7.beta2.el5 (FEDORA-EPEL-2013-0826)
Provides a MediaWiki syntax to html conversion input filter
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1954400.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 1.0-0.7.beta2
- New upstream version.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0-0.6.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0-0.5.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928693 - drupal7-mediawiki_api-1.0-beta2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=928693
--------------------------------------------------------------------------------
================================================================================
drupal7-rules-2.3-1.el5 (FEDORA-EPEL-2013-0837)
It allows site administrators to define conditionally executed actions
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1954508 and http://drupal.org/node/1954592.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 2.3-1
- New upstream version
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928694 - drupal7-rules-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=928694
--------------------------------------------------------------------------------
================================================================================
drupal7-theme-adaptivetheme-3.1-1.el5 (FEDORA-EPEL-2013-0834)
Adaptivetheme is a powerful theme framework
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1761946.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 3.1-1
- Updated to 3.1
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928430 - please update package
https://bugzilla.redhat.com/show_bug.cgi?id=928430
--------------------------------------------------------------------------------
================================================================================
libarchive-2.8.4-6.el5 (FEDORA-EPEL-2013-0819)
A library for handling streaming archive formats
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Tomas Bzatek <tbzatek(a)redhat.com> - 2.8.4-6
- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #902998 - CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
https://bugzilla.redhat.com/show_bug.cgi?id=902998
--------------------------------------------------------------------------------
================================================================================
tudu-0.8.2-1.el5 (FEDORA-EPEL-2013-0821)
A simple, command line interface to do list application
--------------------------------------------------------------------------------
Update Information:
* Updated to version 0.8.2
* Adds a configuration variable 'tudu_file' to set the path to the XML file.
* Improves the category editor.
* Doesn't check configuration files when invoked with '-h' and '-v'.
* Fixes a segfault on the scroll help page when the resolution is high.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Eric "Sparks" Christensen <sparks(a)fedoraproject.org> - 0.8.2-1
- Updated to version 0.8.2
- Adds a configuration variable 'tudu_file' to set the path to the XML file.
- Improves the category editor.
- Doesn't check configuration files when invoked with '-h' and '-v'.
- Fixes a segfault on the scroll help page when the resolution is high.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-2
- Rebuilt for c++ ABI breakage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #828280 - tudu-0.8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=828280
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
530 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribb…
342 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
264 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1…
42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4…
35 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0420/awstats-7.0-3…
35 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0423/nginx-1.0.15-…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0686/mimetex-1.74-…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0707/darkserver-0.…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0698/darkserver-0.…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0741/drupal7-views…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0720/puppet-2.6.18…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0692/v8-3.14.5.8-1…
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0800/moodle-2.2.9-…
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0809/py-bcrypt-0.3…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0822/roundcubemail…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0836/drupal7-rules…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0823/openstack-key…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0830/ngircd-20.2-1…
The following builds have been pushed to Fedora EPEL 6 updates-testing
drupal7-mediawiki_api-1.0-0.7.beta2.el6
drupal7-rules-2.3-1.el6
drupal7-theme-adaptivetheme-3.1-1.el6
gitolite3-3.5.1-1.el6
ngircd-20.2-1.el6
openstack-keystone-2012.2.3-5.el6
php-horde-Horde-Crypt-2.1.3-1.el6
privoxy-3.0.21-2.el6
python-django-flash-1.8-4.el6
python-django-tastypie-0.9.12-1.el6
python-glanceclient-0.8.0-2.el6
python-moksha-hub-1.2.0-1.el6
qpdfview-0.4.1-1.el6
roundcubemail-0.8.6-1.el6
tudu-0.8.2-1.el6
Details about builds:
================================================================================
drupal7-mediawiki_api-1.0-0.7.beta2.el6 (FEDORA-EPEL-2013-0833)
Provides a MediaWiki syntax to html conversion input filter
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1954400.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 1.0-0.7.beta2
- New upstream version.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0-0.6.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0-0.5.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928693 - drupal7-mediawiki_api-1.0-beta2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=928693
--------------------------------------------------------------------------------
================================================================================
drupal7-rules-2.3-1.el6 (FEDORA-EPEL-2013-0836)
It allows site administrators to define conditionally executed actions
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1954508 and http://drupal.org/node/1954592.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 2.3-1
- New upstream version
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928694 - drupal7-rules-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=928694
--------------------------------------------------------------------------------
================================================================================
drupal7-theme-adaptivetheme-3.1-1.el6 (FEDORA-EPEL-2013-0820)
Adaptivetheme is a powerful theme framework
--------------------------------------------------------------------------------
Update Information:
New upstream version, http://drupal.org/node/1761946.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Peter Borsa <peter.borsa(a)gmail.com> - 3.1-1
- Updated to 3.1
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928430 - please update package
https://bugzilla.redhat.com/show_bug.cgi?id=928430
--------------------------------------------------------------------------------
================================================================================
gitolite3-3.5.1-1.el6 (FEDORA-EPEL-2013-0841)
Highly flexible server for git directory version tracker
--------------------------------------------------------------------------------
Update Information:
Minor for for gitweb.
Latest upstream.
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Jon Ciesla <limburgher(a)gmail.com> - 1:3.5.1-1
- Latest upstream.
\* Mon Mar 25 2013 Jon Ciesla <limburgher(a)gmail.com> - 1:3.5-1
- Latest upstream.
--------------------------------------------------------------------------------
================================================================================
ngircd-20.2-1.el6 (FEDORA-EPEL-2013-0830)
Next Generation IRC Daemon
--------------------------------------------------------------------------------
Update Information:
New upstream 20.2 release that fixes a crasher bug.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2013 Kevin Fenzi <kevin(a)scrye.com> 20.2-1
- Update to 20.2.
- Fix for CVE-2013-1747
* Thu Mar 7 2013 Tomáš Mráz <tmraz(a)redhat.com> 20.1-2
- Rebuilt with new GnuTLS
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #929168 - CVE-2013-1747 ngircd: DoS (assertion failure, crash) via a KICK command for a user who is not on the associated channel
https://bugzilla.redhat.com/show_bug.cgi?id=929168
--------------------------------------------------------------------------------
================================================================================
openstack-keystone-2012.2.3-5.el6 (FEDORA-EPEL-2013-0823)
OpenStack Identity Service
--------------------------------------------------------------------------------
Update Information:
Fix online revocation check for PKI tokens CVE-2013-1865
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2013 Alan Pevec <apevec(a)redhat.com> 2012.2.3-5
- Fix online revocation check for PKI tokens CVE-2013-1865
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #922230 - CVE-2013-1865 OpenStack keystone: online validation of Keystone PKI tokens bypasses revocation check
https://bugzilla.redhat.com/show_bug.cgi?id=922230
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.1.3-1.el6 (FEDORA-EPEL-2013-0825)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
The Horde_Crypt package class provides an API for various cryptographic systems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #909907 - Review Request: php-horde-Horde-Crypt - Horde Cryptography API
https://bugzilla.redhat.com/show_bug.cgi?id=909907
--------------------------------------------------------------------------------
================================================================================
privoxy-3.0.21-2.el6 (FEDORA-EPEL-2013-0832)
Privacy enhancing proxy
--------------------------------------------------------------------------------
Update Information:
Ad user.filter only if missing.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 27 2013 Jon Ciesla <limburgher(a)gmail.com> - 3.0.21-2
- Create user.filter if it doesn't exist, BZ 926019.
- Add user.filter, BZ 896753.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #926019 - fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=926019
--------------------------------------------------------------------------------
================================================================================
python-django-flash-1.8-4.el6 (FEDORA-EPEL-2013-0838)
A Django extension to provide support for Rails-like flash
--------------------------------------------------------------------------------
Update Information:
A Django extension to provide support for Rails-like flash
--------------------------------------------------------------------------------
================================================================================
python-django-tastypie-0.9.12-1.el6 (FEDORA-EPEL-2013-0824)
A flexible and capable API layer for Django
--------------------------------------------------------------------------------
Update Information:
Update to upstream 0.9.12
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 25 2013 Cédric OLIVIER <cedric.olivier(a)free.fr> 0.9.12-1
- Updated to upstream 0.9.12
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.9.12-0.2.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-glanceclient-0.8.0-2.el6 (FEDORA-EPEL-2013-0828)
Python API and CLI for OpenStack Glance
--------------------------------------------------------------------------------
Update Information:
- Add a dependency on pyOpenSSL
Update to 0.8.0 and use pypi sources.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 27 2013 Pádraig Brady <P(a)draigBrady.com> - 1:0.8.0-2
- Add a dependency on pyOpenSSL
* Mon Mar 11 2013 Jakub Ruzicka <jruzicka(a)redhat.com> - 1:0.8.0-1
- Update to 0.8.0.
- Switch from tarballs.openstack.org to pypi sources.
--------------------------------------------------------------------------------
================================================================================
python-moksha-hub-1.2.0-1.el6 (FEDORA-EPEL-2013-0839)
Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:
Latest upstream with cleaning and reorganization.
Update to latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2013 Ralph Bean <rbean(a)redhat.com> - 1.2.0-1
- Latest upstream.
- Removed websocket tests until this review is complete:
https://bugzilla.redhat.com/show_bug.cgi?id=909644
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qpdfview-0.4.1-1.el6 (FEDORA-EPEL-2013-0840)
Tabbed PDF Viewer
--------------------------------------------------------------------------------
Update Information:
Qt-based PDF viewer.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #926062 - Review Request: qpdfview - Qt-based PDF viewer
https://bugzilla.redhat.com/show_bug.cgi?id=926062
--------------------------------------------------------------------------------
================================================================================
roundcubemail-0.8.6-1.el6 (FEDORA-EPEL-2013-0822)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
Fix for local file inclusion via web UI modification of certain config options.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Jon Ciesla <limburgher(a)gmail.com> - 0.8.6-1
- Latest upstream, fixes local file inclusion via web UI
- modification of certain config options.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928836 - CVE-2013-1904 roundcubemail: Local file inclusion via web UI modification of certain config options [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=928836
[ 2 ] Bug #928837 - CVE-2013-1904 roundcubemail: Local file inclusion via web UI modification of certain config options [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=928837
--------------------------------------------------------------------------------
================================================================================
tudu-0.8.2-1.el6 (FEDORA-EPEL-2013-0835)
A simple, command line interface to do list application
--------------------------------------------------------------------------------
Update Information:
* Updated to version 0.8.2
* Adds a configuration variable 'tudu_file' to set the path to the XML file.
* Improves the category editor.
* Doesn't check configuration files when invoked with '-h' and '-v'.
* Fixes a segfault on the scroll help page when the resolution is high.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 28 2013 Eric "Sparks" Christensen <sparks(a)fedoraproject.org> - 0.8.2-1
- Updated to version 0.8.2
- Adds a configuration variable 'tudu_file' to set the path to the XML file.
- Improves the category editor.
- Doesn't check configuration files when invoked with '-h' and '-v'.
- Fixes a segfault on the scroll help page when the resolution is high.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.1-2
- Rebuilt for c++ ABI breakage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #828280 - tudu-0.8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=828280
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
528 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribb…
340 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
263 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1…
41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4…
33 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0420/awstats-7.0-3…
33 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0423/nginx-1.0.15-…
12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0686/mimetex-1.74-…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0707/darkserver-0.…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0698/darkserver-0.…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0741/drupal7-views…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0720/puppet-2.6.18…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0692/v8-3.14.5.8-1…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0800/moodle-2.2.9-…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0809/py-bcrypt-0.3…
The following builds have been pushed to Fedora EPEL 6 updates-testing
jglobus-2.0.5-1.el6
mosh-1.2.4-1.el6
python-defusedxml-0.4-1.el6
python-moksha-common-1.2.0-1.el6
python-moksha-wsgi-1.2.0-1.el6
python-swiftclient-1.3.0-1.el6
Details about builds:
================================================================================
jglobus-2.0.5-1.el6 (FEDORA-EPEL-2013-0814)
Globus Java client libraries
--------------------------------------------------------------------------------
Update Information:
JGlobus 2.0.5 Release Notes
- This release addresses compatibility and performance issues with the IGTF CA bundle.
- Several forward-ports of bugs reported by dCache.org. In particular, a larger set of RDN are supported.
- CRLs are properly cached and reloaded, essential for running JGlobus as a trustmanager of a Java container.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.5-1
- 2.0.5 final release
--------------------------------------------------------------------------------
================================================================================
mosh-1.2.4-1.el6 (FEDORA-EPEL-2013-0818)
Mobile shell that supports roaming and intelligent local echo
--------------------------------------------------------------------------------
Update Information:
Update to mosh 1.2.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 27 2013 Alexander Chernyakhovsky <achernya(a)mit.edu> - 1.2.4-1
- Update to mosh 1.2.4
* Sun Mar 10 2013 Alexander Chernyakhovsky <achernya(a)mit.edu> - 1.2.3-3
- Rebuilt for Protobuf API change from 2.4.1 to 2.5.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-defusedxml-0.4-1.el6 (FEDORA-EPEL-2013-0817)
XML bomb protection for Python stdlib modules
--------------------------------------------------------------------------------
Update Information:
XML bomb protection for Python stdlib modules
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #927883 - Review Request: python-defusedxml - XML bomb protection for Python stdlib modules
https://bugzilla.redhat.com/show_bug.cgi?id=927883
--------------------------------------------------------------------------------
================================================================================
python-moksha-common-1.2.0-1.el6 (FEDORA-EPEL-2013-0812)
Common components for Moksha
--------------------------------------------------------------------------------
Update Information:
Latest upstream with cleaning, py3 support, tests re-enabled.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2013 Ralph Bean <rbean(a)redhat.com> - 1.2.0-1
- Bumped to latest upstream.
- Included python3 subpackage but left it disabled by macro.
- Reenabled the test suite.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-moksha-wsgi-1.2.0-1.el6 (FEDORA-EPEL-2013-0810)
WSGI components for Moksha
--------------------------------------------------------------------------------
Update Information:
Latest upstream with cleaning and reorganization.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2013 Ralph Bean <rbean(a)redhat.com> - 1.2.0-1
- Latest upstream with some cleaning and reorganization.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-swiftclient-1.3.0-1.el6 (FEDORA-EPEL-2013-0811)
Client Library for OpenStack Object Storage API
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.0 release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 9 2013 Alan Pevec <apevec(a)redhat.com> 1.3.0-1
- Update to 1.3.0 release.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------