The following Fedora EPEL 6 Security updates need testing:
Age URL
680
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
110
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12079/bip-0.8.9-...
27
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6...
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0483/boinc-clien...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0536/drupal6-cto...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0538/drupal7-cto...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0535/drupal6-ima...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0567/drupal6-fil...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0565/jansson-2.6...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolki...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0644/easy-rsa-2....
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0653/perl-CGI-Ap...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0700/v8-3.14.5.1...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0695/mod_auth_sh...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0730/php-sabre-d...
The following builds have been pushed to Fedora EPEL 6 updates-testing
cabal-rpm-0.8.10-1.el6
gdisk-0.8.9-1.el6
gfal2-python-1.4.1-1.el6
kpcli-2.4-1.el6
mediawiki119-1.19.12-2.el6
nodejs-should-3.1.3-1.el6
nodeunit-0.8.6-3.el6
php-pecl-apcu-4.0.4-1.el6
php-sabre-dav-1.8.9-1.el6
root-5.34.17-1.el6
Details about builds:
================================================================================
cabal-rpm-0.8.10-1.el6 (FEDORA-EPEL-2014-0732)
RPM packaging tool for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.10
- new diff command replaces cblrpm-diff
- new missingdeps command
- should now work better on RHEL 5 and 6
Changes from 0.8.7, 0.8.8, 0.8.9:
- "build" command renamed "rpm"
- use .spec file when no .cabal file
- support getting tarball from another remote-repo (codeblock)
- use new shorter hackage2 URL for packages
- filter @ and \ quotes in descriptions
- capitalize start of summary and description
- new prep command (like "fedpkg prep")
- new depends and requires commands list depends or buildrequires
- new builddep command (similar to yum-buildep)
- new "install" command wraps "cabal install"
- cblrpm-diff arg is now optional
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Jens Petersen <petersen(a)redhat.com> - 0.8.10-1
- new diff command replaces cblrpm-diff script
- new missingdeps command
- should now work on RHEL 5 and 6: dropped use use of rpmspec
- add a temporary cblrpm-diff compat script
- refresh description
* Mon Feb 10 2014 Jens Petersen <petersen(a)redhat.com> - 0.8.9-1
- bugfix for error handling dir with spec file
- cblrpm-diff arg is now optional
* Sun Feb 9 2014 Jens Petersen <petersen(a)redhat.com> - 0.8.8-1
- use .spec file to determine package if no .cabal file (with or without arg)
- bugfix: install command now works if some dependencies not packaged
- bugfix: do not re-copy cached tarball each time
- use new shorter hackage2 URL for packages
- filter @ and \ quotes in descriptions
- capitalize start of summary and description
- new prep command (like "rpmbuild -bp" or "fedpkg prep")
- new depends and requires commands list package depends or buildrequires
- new builddep command (like yum-buildep, but allows missing packages)
* Tue Dec 31 2013 Jens Petersen <petersen(a)redhat.com> - 0.8.7-1
- new "install" command wrapping "cabal install"
- "build" command renamed to "rpm"
- sort devel Requires
- cblrpm-diff: allow package arg
- support copying tarball fetched from another remote-repo (codeblock)
- support AGPL license in Cabal-1.18
- update package description
--------------------------------------------------------------------------------
================================================================================
gdisk-0.8.9-1.el6 (FEDORA-EPEL-2014-0729)
An fdisk-like partitioning tool for GPT disks
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.9
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Terje Rosten <terje.rosten(a)ntnu.no> - 0.8.9-1
- 0.8.9
* Wed Feb 12 2014 Nils Philippsen <nils(a)redhat.com> - 0.8.8-2
- fix bogus dates in changelog
- rebuild for new libicu
--------------------------------------------------------------------------------
================================================================================
gfal2-python-1.4.1-1.el6 (FEDORA-EPEL-2014-0731)
Python bindings for gfal 2.0
--------------------------------------------------------------------------------
Update Information:
Release 1.4.1 of gfal2 python bindings, see RELEASE-NOTES for details
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 28 2014 Adrien Devresse <adevress at cern.ch> - 1.4.1-1
- Release 1.4.1 of gfal2 python bindings, see RELEASE-NOTES for details
* Sat Nov 16 2013 Ville Skyttä <ville.skytta(a)iki.fi> - 1.3.0-2
- Install docs to %{_pkgdocdir} where available (#993774).
- Own doc dirs.
--------------------------------------------------------------------------------
================================================================================
kpcli-2.4-1.el6 (FEDORA-EPEL-2014-0734)
KeePass Command Line Interface (CLI) / interactive shell
--------------------------------------------------------------------------------
Update Information:
Updated to 2.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Matias Kreder <delete(a)fedoraproject.org> 2.4-1
- Updated to 2.4
--------------------------------------------------------------------------------
================================================================================
mediawiki119-1.19.12-2.el6 (FEDORA-EPEL-2014-0736)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
Fix permissions on cache and images directories.
Update to 1.19.12
Update to 1.19.12
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 3 2014 Patrick Uiterwijk (LOCAL) <puiterwijk(a)redhat.com> - 1.19.12-2
- Fix directory permissions
* Fri Feb 28 2014 Patrick Uiterwijk (LOCAL) <puiterwijk(a)redhat.com> - 1.19.12-1
- Update to 1.19.12
- (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces.
Also disallow iframe elements. User will get an error including the namespace name if they
use a non- whitelisted namespace.
- (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token
comparison would be vulnerable to timing attacks. This will take constant time.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062131 - Unable to open CDB file for write
https://bugzilla.redhat.com/show_bug.cgi?id=1062131
--------------------------------------------------------------------------------
================================================================================
nodejs-should-3.1.3-1.el6 (FEDORA-EPEL-2014-0724)
A test framework agnostic BDD-style assertions for Node.js
--------------------------------------------------------------------------------
Update Information:
update to upstream release 3.1.3
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 3.1.3-1
- update to upstream release 3.1.3
--------------------------------------------------------------------------------
================================================================================
nodeunit-0.8.6-3.el6 (FEDORA-EPEL-2014-0728)
Easy asynchronous unit testing framework for Node.js
--------------------------------------------------------------------------------
Update Information:
fix broken symlink
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #968607 - Review Request: nodeunit - Easy asynchronous unit testing framework
for Node.js
https://bugzilla.redhat.com/show_bug.cgi?id=968607
--------------------------------------------------------------------------------
================================================================================
php-pecl-apcu-4.0.4-1.el6 (FEDORA-EPEL-2014-0727)
APC User Cache
--------------------------------------------------------------------------------
Update Information:
Upstream Release notes:
- Fix deadlocking due to destroyed locks
- Fix various compatibility bugs
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 1 2014 Remi Collet <remi(a)fedoraproject.org> - 4.0.4-1
- Update to 4.0.4 (beta)
--------------------------------------------------------------------------------
================================================================================
php-sabre-dav-1.8.9-1.el6 (FEDORA-EPEL-2014-0730)
WebDAV Framework for PHP
--------------------------------------------------------------------------------
Update Information:
This release fixes a security issue and an issue related to large files in SabreDAV.
* XEE issue: Previous SabreDAV versions had a security issue, if running on the following
PHP versions: PHP 5.3, older than 5.3.23, PHP 5.4, older than 5.4.13, PHP 5.5 is not
affected by this.
* Large file support: It was also discovered that SabreDAV can often not serve files
larger than 2GB, due to a bug in PHP's fpassthru method. If you ran into this issue,
update sabredav. We are now no longer using fpasshtru.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 2 2014 Remi Collet <remi(a)fedoraproject.org> - 1.8.9-1
- update to 1.8.9
* Thu Feb 20 2014 Remi Collet <remi(a)fedoraproject.org> - 1.8.8-2
- drop max version for VObject
--------------------------------------------------------------------------------
================================================================================
root-5.34.17-1.el6 (FEDORA-EPEL-2014-0735)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
ROOT 5.34.17
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 26 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.34.17-1
- Update to 5.34.17
--------------------------------------------------------------------------------