The following Fedora EPEL 6 Security updates need testing:
Age URL
460
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
56
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6034/heat-jeos-9...
50
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6090/ssmtp-2.61-...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10839/moodle-2.3...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10644/nodejs-cal...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10868/owncloud-4...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10877/python-pip...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10898/rubygem-pa...
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10901/xlockmore-...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10916/ghc-xmonad...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10980/perl-Proc-...
The following builds have been pushed to Fedora EPEL 6 updates-testing
adcli-0.7.2-1.el6
guacamole-server-0.8.2-1.el6
kobo-0.4.0-1.el6
libssh-0.5.4-5.el6
libssh-0.5.5-1.el6
libuv-0.10.13-1.el6
mod_qos-10.16-1.el6
nodejs-0.10.14-1.el6
perl-Proc-ProcessTable-0.48-1.el6
php-pecl-mongo-1.4.2-1.el6
php-swift-Swift-5.0.1-1.el6
python-cffi-0.6-4.el6
python-pyphen-0.7-3.el6
satyr-0.5-2.el6
sphinx-2.0.8-1.el6
Details about builds:
================================================================================
adcli-0.7.2-1.el6 (FEDORA-EPEL-2013-10984)
Active Directory enrollment
--------------------------------------------------------------------------------
Update Information:
Update to upstream bugfix point release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 22 2013 Stef Walter <stefw(a)redhat.com> - 0.7.2-1
- Update to upstream point release 0.7.2
- Part of fix for bug [#961244]
* Mon Jul 15 2013 Stef Walter <stefw(a)redhat.com> - 0.7.1-4
- Build with verbose output logging
--------------------------------------------------------------------------------
================================================================================
guacamole-server-0.8.2-1.el6 (FEDORA-EPEL-2013-10973)
Server-side native components that form the Guacamole proxy
--------------------------------------------------------------------------------
Update Information:
Updated Guacamole with printing support on RDP plugin and .
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that
form the Guacamole application
https://bugzilla.redhat.com/show_bug.cgi?id=985814
[ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components
that form the Guacamole proxy
https://bugzilla.redhat.com/show_bug.cgi?id=985818
--------------------------------------------------------------------------------
================================================================================
kobo-0.4.0-1.el6 (FEDORA-EPEL-2013-10988)
Python modules for tools development
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 Daniel Mach <dmach(a)redhat.com> - 0.4.0-1
- Drop django and hub subpackages on rhel <= 5
- Set filename to be real name of a downloaded file. (Tomas Tomecek)
- Fix logwatcher to scroll to latest logs. (Tomas Tomecek)
- Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek)
- Updated README for 0.4.0 release (Tomas Kopecek)
- Revamp setup.py and related files. (Daniel Mach)
- LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek)
- Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek)
- Add kobo.threads.run_in_threads() helper. (Tomas Kopecek)
- Django 1.5 rebase. (Tomas Kopecek)
- Remove unnecessary slots from pkgset.FileCache. (Daniel Mach)
--------------------------------------------------------------------------------
================================================================================
libssh-0.5.4-5.el6 (FEDORA-EPEL-2013-10977)
A library implementing the SSH2 protocol (0xbadc0de version)
--------------------------------------------------------------------------------
Update Information:
Add EPEL 5 support and enable Doxygen documentation.
Upstream patch backported to libssh 0.5.4 to fix a Remmina crash.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 18 2013 Simone Caronni <negativo17(a)gmail.com> - 0.5.4-5
- Add EPEL 5 support.
- Add Debian patches to enable Doxygen documentation.
* Tue Jul 16 2013 Simone Caronni <negativo17(a)gmail.com> - 0.5.4-4
- Add patch for #982685.
--------------------------------------------------------------------------------
================================================================================
libssh-0.5.5-1.el6 (FEDORA-EPEL-2013-10987)
A library implementing the SSH2 protocol (0xbadc0de version)
--------------------------------------------------------------------------------
Update Information:
Update to libssh 0.5.5 Add EPEL 5 support and enable Doxygen documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 26 2013 - Andreas Schneider <asn(a)redhat.com> - 0.5.5-1
- Update to 0.5.5.
- Clenup the spec file.
* Thu Jul 18 2013 Simone Caronni <negativo17(a)gmail.com> - 0.5.4-5
- Add EPEL 5 support.
- Add Debian patches to enable Doxygen documentation.
* Tue Jul 16 2013 Simone Caronni <negativo17(a)gmail.com> - 0.5.4-4
- Add patch for #982685.
--------------------------------------------------------------------------------
================================================================================
libuv-0.10.13-1.el6 (FEDORA-EPEL-2013-10982)
Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:
2013.07.25, Version 0.10.14 (Stable)
* os: Don't report negative times in cpu info (Ben Noordhuis)
* fs: Handle large UID and GID (Ben Noordhuis)
* url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
* doc: Streams API Doc Rewrite (isaacs)
* node: call MakeDomainCallback in all domain cases (Trevor Norris)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
* libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.13-1
- new upstream release 0.10.13
https://github.com/joyent/libuv/blob/v0.10.13/ChangeLog
--------------------------------------------------------------------------------
================================================================================
mod_qos-10.16-1.el6 (FEDORA-EPEL-2013-10975)
Quality of service module for Apache
--------------------------------------------------------------------------------
Update Information:
upstream 10.16
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 Christof Damian <christof(a)damian.net> - 10.16-1
- upstream 10.16
* Sat Apr 27 2013 Christof Damian <christof(a)damian.net> - 10.15-1
- upstream 10.15
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #981389 - mod_qos-10.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=981389
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.14-1.el6 (FEDORA-EPEL-2013-10982)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
2013.07.25, Version 0.10.14 (Stable)
* os: Don't report negative times in cpu info (Ben Noordhuis)
* fs: Handle large UID and GID (Ben Noordhuis)
* url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
* doc: Streams API Doc Rewrite (isaacs)
* node: call MakeDomainCallback in all domain cases (Trevor Norris)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
* libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.14-1
- new upstream release 0.10.14
http://blog.nodejs.org/2013/07/25/node-v0-10-14-stable/
--------------------------------------------------------------------------------
================================================================================
perl-Proc-ProcessTable-0.48-1.el6 (FEDORA-EPEL-2013-10980)
Perl extension to access the Unix process table
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes numerous bugs (as
mentioned in the package changelog), including unsafe usage of /tmp when caching is
enabled (CVE-2011-4363), which could allow an attacker to overwrite arbitrary files due to
a race condition.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 24 2013 Paul Howarth <paul(a)city-fan.org> - 0.48-1
- Update to 0.48
- Make module thread-safe on linux (CPAN RT#38709)
- New constructor flag enable_ttys, which when set to 0 disables traversing
the device tree
- New maintainer JSWARTZ
- Fix reading process command lines (CPAN RT#51470)
- Fixes for non-threaded perls (CPAN RT#41397, CPAN RT#46861, CPAN RT#58236)
- Fix file descriptor leak (CPAN RT#69397)
- Fix unsafe use of /tmp (CPAN RT#72862, CVE-2011-4363)
- Various fixes for non-linux operating systems
- Fix byte order tag in cache file (CPAN RT#72862)
- Fixes to stay accurate on machines with many CPUs (CPAN RT#82175), to
include system time into calculations (CPAN RT#80391) and others
(CPAN RT#81312, CPAN RT#82175 and CPAN RT#80391)
- Fix unknown process states for debian kernels (CPAN RT#71976)
- Added tests
- Drop ARG_MAX patch, no longer needed
- Don't use macros for commands
- Don't need to remove empty directories from the buildroot
- Don't ship empty TODO file
- Drop %defattr, redundant since rpm 4.4
- Specify all dependencies
- Add %{?perl_default_filter}
* Thu Jul 18 2013 Petr Pisar <ppisar(a)redhat.com> - 0.44-14
- Perl 5.18 rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 11 2012 Petr Pisar <ppisar(a)redhat.com> - 0.44-11
- Perl 5.16 rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri Jun 17 2011 Marcela Mašláňová <mmaslano(a)redhat.com> - 0.44-9
- Perl mass rebuild
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Dec 21 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 0.44-7
- Rebuild to fix problems with vendorarch/lib (#661697)
* Thu May 6 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 0.44-6
- Mass rebuild with perl-5.12.0
* Mon Dec 7 2009 Stepan Kasal <skasal(a)redhat.com> - 0.44-5
- rebuild against perl 5.10.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #758866 - CVE-2011-4363 perl-Proc-ProcessTable: unsafe temporary file usage
https://bugzilla.redhat.com/show_bug.cgi?id=758866
--------------------------------------------------------------------------------
================================================================================
php-pecl-mongo-1.4.2-1.el6 (FEDORA-EPEL-2013-10972)
PHP MongoDB database driver
--------------------------------------------------------------------------------
Update Information:
upstream 1.4.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 Christof Damian <christof(a)damian.net> - 1.4.2-1
- upstream 1.4.2
--------------------------------------------------------------------------------
================================================================================
php-swift-Swift-5.0.1-1.el6 (FEDORA-EPEL-2013-10978)
Free Feature-rich PHP Mailer
--------------------------------------------------------------------------------
Update Information:
upstream 5.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2013 Christof Damian <christof(a)damian.net> - 5.0.1-1
- upstream 5.0.1
* Sat May 25 2013 Christof Damian <christof(a)damian.net> - 5.0.0-1
- upstream 5.0.0
--------------------------------------------------------------------------------
================================================================================
python-cffi-0.6-4.el6 (FEDORA-EPEL-2013-10971)
Foreign Function Interface for Python to call C code
--------------------------------------------------------------------------------
Update Information:
Foreign Function Interface for Python to call C code
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986712 - Review Request: python-cffi - Foreign Function Interface for Python
to call C code
https://bugzilla.redhat.com/show_bug.cgi?id=986712
--------------------------------------------------------------------------------
================================================================================
python-pyphen-0.7-3.el6 (FEDORA-EPEL-2013-10986)
Pure Python module to hyphenate text
--------------------------------------------------------------------------------
Update Information:
Pure Python module to hyphenate text
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986634 - Review Request: python-pyphen - Pure Python module to hyphenate
text
https://bugzilla.redhat.com/show_bug.cgi?id=986634
--------------------------------------------------------------------------------
================================================================================
satyr-0.5-2.el6 (FEDORA-EPEL-2013-10974)
Tools to create anonymous, machine-friendly problem reports
--------------------------------------------------------------------------------
Update Information:
This update adds the ability to generate core stacktraces from GDB output.
This update adds the ability to generate core stacktraces from GDB output.
--------------------------------------------------------------------------------
================================================================================
sphinx-2.0.8-1.el6 (FEDORA-EPEL-2013-10981)
Free open-source SQL full-text search engine
--------------------------------------------------------------------------------
Update Information:
upstream 2.0.8 and enabed id64
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 26 2013 Christof Damian <christof(a)damian.net> - 2.0.8-1
- upstream 2.0.8
- --enable-id64 flag for 64-bit builds ( bug 978577 )
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #978577 - ./configure needs to be run with the --enable-id64 flag for 64-bit
builds
https://bugzilla.redhat.com/show_bug.cgi?id=978577
--------------------------------------------------------------------------------