The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0728/libpng10-1....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0349/bugzilla-3....
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0763/php-pear-CA...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0795/nginx-1.0.1...
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gri...
The following builds have been pushed to Fedora EPEL 6 updates-testing
lcgdm-dav-0.7.0-1.el6
nagios-plugins-lcgdm-0.7.0-1.el6
nginx-1.0.14-1.el6
Details about builds:
================================================================================
lcgdm-dav-0.7.0-1.el6 (FEDORA-EPEL-2012-0794)
HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:
This update follows a new upstream release - 0.7.0 - and fixes bug #803063 (dependency on
httpd-mmn for lcgdm-dav-server).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 16 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.7.0-1
- Update for new upstream release
- Added dependency on httpd-mmn for lcgdm-dav-server (bug #803063)
* Fri Feb 10 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.5.4-3
- Rebuilt for updated gsoap dependencies
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.5.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #803063 - Missing Requires: httpd-mmn
https://bugzilla.redhat.com/show_bug.cgi?id=803063
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-lcgdm-0.7.0-1.el6 (FEDORA-EPEL-2012-0796)
Nagios probes to be run remotely against DPM / LFC nodes
--------------------------------------------------------------------------------
Update Information:
This update follows a new upstream release, and stops production of debuginfo packages
(fix for bug #756827).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 16 2012 Ricardo Rocha <ricardo.rocha(a)cern.ch> - 0.7.0-1
- Update for new upstream release
- Do not generate a debuginfo package (bug #756827)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #756827 - nagios-plugins-lcgdm-debuginfo is empty
https://bugzilla.redhat.com/show_bug.cgi?id=756827
--------------------------------------------------------------------------------
================================================================================
nginx-1.0.14-1.el6 (FEDORA-EPEL-2012-0795)
A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 1.0.14 to fix: malformed HTTP response headers leads to
information leak.
Update to upstream release 1.0.13
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 15 2012 Jamie Nguyen <jamie(a)tomoyolinux.co.uk> - 1.0.14-1
- update to upstream release 1.0.14
- CVE-2012-1180 (#803856)
* Sun Mar 4 2012 Jamie Nguyen <jamie(a)tomoyolinux.co.uk> - 1.0.13-2
- remove incorrect BR
* Sat Mar 3 2012 Jamie Nguyen <jamie(a)tomoyolinux.co.uk> - 1.0.13-1
- update to upstream release 1.0.13
- general spec file cleanup to match rawhide (for easier diff), including:
- replace %define with %global
- amend nginx.init and nginx.conf
- amend %pre scriptlet to match with guidelines
- remove obsolete BuildRoot tag, %clean section and %defattr
- remove various unnecessary commands
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #803856 - CVE-2012-1180 nginx: malformed HTTP response headers leads to
information leak
https://bugzilla.redhat.com/show_bug.cgi?id=803856
--------------------------------------------------------------------------------