The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/bugzilla-3.2.10-1.el5
https://admin.fedoraproject.org/updates/drupal7-7.6-1.el5
https://admin.fedoraproject.org/updates/clamav-0.97.2-3.el5
https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrows...
https://admin.fedoraproject.org/updates/cgit-0.9.0.2-2.el5
https://admin.fedoraproject.org/updates/libsndfile-1.0.17-5.el5
https://admin.fedoraproject.org/updates/glpi-0.78.5-3.svn14966.el5,glpi-d...
https://admin.fedoraproject.org/updates/p7zip-9.20.1-2.el5
https://admin.fedoraproject.org/updates/rt3-3.6.11-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
389-admin-1.1.21-1.el5
389-ds-base-1.2.9.4-1.el5
pam_afs_session-2.5-1.el5
php53-extras-5.3.3-1.el5
python-confparser-1.0.1-5.el5
python-taboot-0.3.1-1.el5
Details about builds:
================================================================================
389-admin-1.1.21-1.el5 (FEDORA-EPEL-2011-4027)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
bugfix
several tls/ssl and migration bug fixes
look for separate openldap ldif library
skip rebranding current brand - add support for different skins
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 2 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.21-1
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
* Tue Jul 5 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.20-1
- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
- Bug 718285 - AdminServer should use "service" command instead of
start/stop/restart scripts
- Bug 718079 - Perl errors when running migrate-ds-admin.pl
- Bug 713000 - Migration stops if old admin server cannot be stopped
- added tests for the security cgi
- fix typo in NSS_Shutdown warning message
- better NSS error handling - reduce memory leaks
- Bug 710372 - Not able to open the Manage Certificate from DS-console
* Tue Jun 28 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.19-1
- look for separate openldap ldif library
* Tue Jun 21 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.18-1
- skip rebranding current brand
- support for skins
* Fri May 13 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.1.17-1
- 1.1.17
- support "in-place" upgrade and rebranding from Red Hat to 389
- many fixes for coverity issues
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
https://bugzilla.redhat.com/show_bug.cgi?id=476925
[ 2 ] Bug #719056 - migrate-ds-admin.pl needs to update SELinux policy
https://bugzilla.redhat.com/show_bug.cgi?id=719056
[ 3 ] Bug #718285 - AdminServer should use "service" command instead of
start/stop/restart scripts
https://bugzilla.redhat.com/show_bug.cgi?id=718285
[ 4 ] Bug #718079 - Perl errors when running migrate-ds-admin.pl
https://bugzilla.redhat.com/show_bug.cgi?id=718079
[ 5 ] Bug #713000 - Migration stops if old admin server cannot be stopped
https://bugzilla.redhat.com/show_bug.cgi?id=713000
[ 6 ] Bug #710372 - Not able to open the Manage Certificate from DS-console
https://bugzilla.redhat.com/show_bug.cgi?id=710372
--------------------------------------------------------------------------------
================================================================================
389-ds-base-1.2.9.4-1.el5 (FEDORA-EPEL-2011-4019)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Fix coverity NULL deref defect in 1.2.9.3
A few bug fixes
The 1.2.9.0 release - several bug fixes found during alpha testing
389-ds-base-1.2.9.a2 - several bug fixes - automember improvements
look for separate openldap ldif library
Split automember regex rules into separate entries
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
add support for ldif files with changetype: add
Auto Membership
More Coverity fixes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 4 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.4-1
- Bug 727511 - ldclt SSL search requests are failing with "illegal error number
-1" error
- Fix coverity NULL deref in previous patch
* Wed Aug 3 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.3-1
- Bug 727511 - ldclt SSL search requests are failing with "illegal error number
-1" error
- previous patch broke build on el5
* Wed Aug 3 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.2-1
- Bug 727511 - ldclt SSL search requests are failing with "illegal error number
-1" error
* Tue Aug 2 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.1-2
- Bug 723937 - Slapi_Counter API broken on 32-bit F15
- fixed to use configure test for GCC provided 64-bit atomic functions
* Wed Jul 27 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.1-1
- Bug 663752 - Cert renewal for attrcrypt and encchangelog
- this was "re-fixed" due to a deadlock condition with cl2ldif task cancel
- Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains
a comma
- Bug 725743 - Make memberOf use PRMonitor for it's operation lock
- Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
- Bug 723937 - Slapi_Counter API broken on 32-bit F15
* Fri Jul 15 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9.0-1
- Bug 720059 - RDN with % can cause crashes or missing entries
- Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS
8.2.
- Bug 691313 - Need TLS/SSL error messages in repl status and errors log
- Bug 712855 - Directory Server 8.2 logs "Netscape Portable Runtime error -5961 (TCP
connection reset by peer.)" to error log whereas Directory Server 8.1 did not
- Bug 713209 - Update sudo schema
- Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9
- Bug 718303 - Intensive updates on masters could break the consumer's cache
- Bug 711679 - unresponsive LDAP service when deleting vlv on replica
* Mon Jun 27 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9-0.2.a2
- 389-ds-base-1.2.9.a2
- look for separate openldap ldif library
- Split automember regex rules into separate entries
- writing Inf file shows SchemaFile = ARRAY(0xhexnum)
- add support for ldif files with changetype: add
- Bug 716980 - winsync uses old AD entry if new one not found
- Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator
action", with extop_result: 9
- bump console version to 1.2.6
- Bug 711679 - unresponsive LDAP service when deleting vlv on replica
- Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
- Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
- Bug 663752 - Cert renewal for attrcrypt and encchangelog
- Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute
- Bug 711906 - ns-slapd segfaults using suffix referrals
- Bug 707384 - only allow FIPS approved cipher suites in FIPS mode
- Bug 710377 - Import with chain-on-update crashes ns-slapd
- Bug 709826 - Memory leak: when extra referrals configured
* Thu May 26 2011 Rich Megginson <rmeggins(a)redhat.com> - 1.2.9-0.1.a1
- 389-ds-base-1.2.9.a1
- Auto Membership
- More Coverity fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727511 - ldclt SSL search requests are failing with "illegal error
number -1" error
https://bugzilla.redhat.com/show_bug.cgi?id=727511
[ 2 ] Bug #723937 - replication failing on RUV errors
https://bugzilla.redhat.com/show_bug.cgi?id=723937
[ 3 ] Bug #725542 - Instance upgrade fails when upgrading 389-ds-base package
https://bugzilla.redhat.com/show_bug.cgi?id=725542
[ 4 ] Bug #725743 - Directory server hangs during unit tests
https://bugzilla.redhat.com/show_bug.cgi?id=725743
[ 5 ] Bug #725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry
contains a comma
https://bugzilla.redhat.com/show_bug.cgi?id=725953
[ 6 ] Bug #663752 - Cert renewal for attrcrypt and encchangelog
https://bugzilla.redhat.com/show_bug.cgi?id=663752
[ 7 ] Bug #720059 - RDN with % can cause crashes or missing entries
https://bugzilla.redhat.com/show_bug.cgi?id=720059
--------------------------------------------------------------------------------
================================================================================
pam_afs_session-2.5-1.el5 (FEDORA-EPEL-2011-4032)
AFS PAG and AFS tokens on login
--------------------------------------------------------------------------------
Update Information:
New upstream release. From upstream changelog:
Reset the SIGCHLD handler while spawning an external aklog program so that the application
SIGCHLD handler isn't invoked when aklog exits. This unfortunately still means that
there's a race condition that can cause children to be incorrectly handled if they
exit while aklog is running, if the application's SIGCHLD handler is required. There
is unfortunately no good general solution to this other than building against Heimdal and
using the libkafs interface to obtain tokens instead of an external program.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 2 2011 Ken Dreyer <ktdreyer(a)ktdreyer.com> - 2.5-1
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
php53-extras-5.3.3-1.el5 (FEDORA-EPEL-2011-4026)
Additional PHP modules from the standard PHP distribution
--------------------------------------------------------------------------------
Update Information:
PHP is an HTML-embedded scripting language.
This package contains various additional modules for PHP which have not been included in
the basic PHP package for Red Hat Enterprise Linux 5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #725906 - Review Request: php53-extras - Additional PHP modules from the
standard PHP distribution
https://bugzilla.redhat.com/show_bug.cgi?id=725906
--------------------------------------------------------------------------------
================================================================================
python-confparser-1.0.1-5.el5 (FEDORA-EPEL-2011-4033)
A KISS python module to parse *nix config files
--------------------------------------------------------------------------------
Update Information:
new version of python-confparser available 1.0.1
new package
--------------------------------------------------------------------------------
================================================================================
python-taboot-0.3.1-1.el5 (FEDORA-EPEL-2011-4028)
Client utility for scripted multi-system administration over Func
--------------------------------------------------------------------------------
Update Information:
- Spelling & grammar fixes all around (Fixes #23) (tbielawa(a)redhat.com)
- Added -E flag to edit script before running (Fixes #18) (jason.detiberus(a)redhat.com)
- Added -p flag (acts like -n in that it checks syntax, but also prints resulting yaml to
be run onscreen) (Fixes #18) (jason.detiberus(a)redhat.com)
- Cleanup unnecessary documentation (tbielawa(a)redhat.com)
- Those are just bad ideas for a project with concurrency as a selling point (Remove user
input modules) (tbielawa(a)redhat.com)
- Simplify a little example in the docs (tbielawa(a)redhat.com)
- Added -C flag for Concurrency, Fixed an error when -L wasn't specified and added
CLIOutput when -L is specified and logging wasn't already set (Fixes #18)
(jason.detiberus(a)redhat.com)
- Added command line flag to add logging (Fixes #18) (jason.detiberus(a)redhat.com)
- Add python utility to generate a graphviz dot file of the class inheritance graph of the
python source codes. (tbielawa(a)redhat.com)
- Add conditional Requires on python-argparse. Update README and release notes.
(tbielawa(a)redhat.com)
- Exit/continue the main load-loop sooner so we can validate YAML scripts and not blow up
when not ran on a minion/overlord (like during testing...) (tbielawa(a)redhat.com)
- Switched argument parsing to use argparse (jason.detiberus(a)redhat.com)
- Fix nagios scheduling causing log-to-file to fail. (Fixes #24) (tbielawa(a)redhat.com)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 4 2011 Tim Bielawa <tbielawa(a)redhat.com> 0.3.1-1
- Spelling & grammar fixes all around (Fixes #23) (tbielawa(a)redhat.com)
- Added -E flag to edit script before running (Fixes #18)
(jason.detiberus(a)redhat.com)
- Added -p flag (acts like -n in that it checks syntax, but also prints
resulting yaml to be run onscreen) (Fixes #18) (jason.detiberus(a)redhat.com)
- Cleanup unnecessary documentation (tbielawa(a)redhat.com)
- Those are just bad ideas for a project with concurrency as a selling point
(Remove user input modules) (tbielawa(a)redhat.com)
- Simplify a little example in the docs (tbielawa(a)redhat.com)
- Added -C flag for Concurrency, Fixed an error when -L wasn't specified and
added CLIOutput when -L is specified and logging wasn't already set
(Fixes #18) (jason.detiberus(a)redhat.com)
- Added command line flag to add logging (Fixes #18) (jason.detiberus(a)redhat.com)
- Add python utility to generate a graphviz dot file of the class inheritance
graph of the python source codes. (tbielawa(a)redhat.com)
- Add conditional Requires on python-argparse. Update README and release notes.
(tbielawa(a)redhat.com)
- Exit/continue the main load-loop sooner so we can validate YAML scripts and
not blow up when not ran on a minion/overlord (like during testing...)
(tbielawa(a)redhat.com)
- Switched argument parsing to use argparse (jason.detiberus(a)redhat.com)
- Fix nagios scheduling causing log-to-file to fail. (Fixes #24)
(tbielawa(a)redhat.com)
--------------------------------------------------------------------------------