The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/rt3-3.6.11-1.el5 https://admin.fedoraproject.org/updates/jabberd-2.2.11-3.el5 https://admin.fedoraproject.org/updates/drupal7-7.2-1.el5 https://admin.fedoraproject.org/updates/drupal6-6.22-1.el5 https://admin.fedoraproject.org/updates/unbound-1.4.4-3.el5 https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.el5 https://admin.fedoraproject.org/updates/cacti-0.8.7g-1.el5.1
The following builds have been pushed to Fedora EPEL 5 updates-testing
bcfg2-1.1.2-1.el5 collectl-3.5.1-1.el5 etckeeper-0.54-1.el5 jabberd-2.2.11-3.el5 lbzip2-0.23-2.el5 lbzip2-0.23-3.el5 opensips-1.6.4-6.el5 perl-Chart-2.4.2-1.el5 roundup-1.4.18-1.el5 wordpress-3.1.3-3.el5 x509watch-0.4.0-1.el5
Details about builds:
================================================================================ bcfg2-1.1.2-1.el5 (FEDORA-EPEL-2011-3484) Configuration management system -------------------------------------------------------------------------------- Update Information:
* Thu Jun 02 2011 Fabian Affolter fabian@bernewireless.net - 1.1.2-1 - Updated to new upstream version 1.1.2 - Fixed #683239 * Mon Sep 27 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.1.0-2 - Update to final version -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Fabian Affolter fabian@bernewireless.net - 1.1.2-1 - Updated to new upstream version 1.1.2 - Fixed #683239 * Mon Sep 27 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.1.0-2 - Update to final version * Wed Sep 15 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.1.0-1.3.rc5 - Update to 1.1.0rc5: - - Packages: - - Assign the deps variable before resolution. - - Allow xinclude and add XML error handling - - Remove log line from black/whitelist test - - Allow for whitelisting - Patch from IRConan to allow for whitelisted packages in - sources. - - Treat blacklisted packages as if they don't exist - Currently a blacklisted package stops further source processing. - This prevents any other sources from defining a good package. - - Document new knobs and added schema validator - - Move knobs to config.xml - - Resolver/Metadata options - Patch from Jack Neely to add enable/disable options to the resolver - and metadata pareser. - - Allow soft relaods and use a checksum for cache file. - Use checksum for cache file. - Allow reloads of config.xml and sources without downloading everything. - Merged config.xml and source processing into a single function. - - Expose repo data as a Connector - - fix type conflict - - invalidate virt_pkgs cache when source data is reloaded - - dep resolver rewrite - Fix dep resolver to take all providers of a dependency into consideration. - Rewrite resolver to be simpler at the same time. - - Added support for "apt" and "yum" as non-distro specific magic groups - - YUMng: - - Better error handling for installs - - Deal with any possible Yum verify exceptions - - patch from Tim Laszlo to handle verifying broken symlinks - - fix bug #931 - getinstalledgpg() is an RPMng method and is no longer needed in YUMng. - - Fix Path type='ignore' traceback (Reported by Thomas Ackermann) - - speed improvements, multilib verify bug fixes, configuration knobs - The pkg_checks, pkg_verify, installed_action, version_fail_action, and - verify_fail_action configuration knobs are all wired back up. Caching - implemented to help speed up the package verify routine. - Work arounds for Yum bug: http://yum.baseurl.org/ticket/573 - - Speed improvements, Enable reinstalls - We no longer use RPMng in YUMng. This improves speed by not calling - prelink as yum takes care of that for us. - Yum can do reinstalls on package verify fail so lets wire that up. - - All gpg-pubkey must be in the proper work queue to be installed. - gpg-pubkeys are not packages, yet we treat them as so. They require - special handling for all install/upgrades/etc. This corrects a - condition where gpg-pubkeys were "upgraded" rather than "installed." - - YUMng display classes, always compare string versions of packages. - The package object here can be either a yum PO or a string. Comparing - strings to POs tracebacks. - Display classes for the YUMng driver - - YUMng re-implementation of VerifyPackage using the Yum API. - - doc: - - Some clarifications on Decisions plugin. - - Minor fixes to SSHbase documentation - - Style fixes - - Fix hyperlinks - - Add the rest of the altsrc documentation for Ticket #923 - - schema: - - Schema updates for Path type="ignore" - - repo-validate: Validate two levels of Group nesting (Fixes - Ticket #805) - - Misc: - - bcfg2-repo-validate: Patch from Joe Digilio to fix tb in Ticket #939 - - Metadata: Add error message when file monitor fails - - bcfg2.spec.in: Fix lxml requirement for bcfg2 client (Reported by tac on IRC) - - Tools/__init__.py: Autoload client tools present in the Tools directory - - bcfg2-info: Add IPython support (Patch from Jeff Strunk) for Ticket #921 - - BB: Deprecate BB plugin (Resolves Ticket #923) - - bcfg2: Add back the new SSL key options (Fixes Ticket #916) - The man page no longer contains the -K option mentioned in Ticket #908. - This has been removed since [6013]. We still need the key option available - in the client to prevent Ticket #916. - - Added prefix option to [server] section - - fixes for #910 - - '-K' is replaced by '--ssl-key' - - SSLServer: handle socket errors on shutdown gracefully (Resolves #907 and #909) - - bcfg2: fix option parsing for ssl key (Resolves Ticket #908) - - Init: Fix traceback from ticket #906 - - Harmonised log messages - - debian: Merge in changes from Arto Jantunen - - bcfg2.init: Remove agent mode (no longer exists) - - POSIX.py: Fix hardcoded errno value - - Don't assume python2.5 is being used on successful hashlib import - - Probes: Fix name collapse in case of group specific probes (arch.G20_foo -> arch) (Resolves Ticket #904) - - TGenshi/TCheetah: Add base64 encoding support for files handled by non-Cfg plugins - - bcfg2-server: logger.error doesn't work when bcfg2.conf doesn't exist - - IPS fixups (from RickB) - - DBStats: Fix random mysql errors - - SSLServer: Retry failed writes - - Commit whitelist/blacksupport for glob style entries - - Cfg: Allow pull operations to update info.xml files * Tue Aug 31 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.1.0-1.2.rc4 - Add new YUMng driver * Wed Jul 21 2010 David Malcolm dmalcolm@redhat.com - 1.1.0-1.1.rc4.1 - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild * Tue Jul 20 2010 Fabian Affolter fabian@bernewireless.net - 1.1.0-1.1.rc4 - Added patch to fix indention * Tue Jul 20 2010 Fabian Affolter fabian@bernewireless.net - 1.1.0-0.1.rc4 - Updated to new upstream release candidate RC4 * Sat Jun 19 2010 Fabian Affolter fabian@bernewireless.net - 1.1.0-0.1.rc3 - Updated to new upstream release candidate RC3 * Sun May 2 2010 Fabian Affolter fabian@bernewireless.net - 1.1.0-0.2.rc1 - Changed define to global - Added graphviz for the server package * Wed Apr 28 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.1.0-0.1.rc1 - Update to 1.1.0rc1 - - * Deprecate old-style server POSIX types - - You will now need to specify Path entries in the bcfg2 server - configuration instead of the old ConfigFile, Directory, SymLink - entries. A tool for helping you transition existing configurations - can be found at: - - https://trac.mcs.anl.gov/projects/bcfg2/browser/tags/bcfg2_1_1_0rc1/tools/po... - - Compatibility with older clients is maintained through the use of - the new POSIXCompat plugin which transforms the new Path entries to - their older equivalents. - - * New Sphinx documentation - - We have migrated user documentation to Sphinx. Information about - building the documentation from the Bcfg2 source can be found at: - - https://trac.mcs.anl.gov/projects/bcfg2/wiki/Manual - - * Migrate git plugin to Dulwich - * New detailed client view and other improvements in Django reports - * Encap removed - * New OS X packaging - * New Upstart client tool - * Migrate Hostbase to Django 1.1 * Tue Apr 13 2010 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.1-1 - Update to final version * Fri Nov 6 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.0-2 - Fixup the bcfg2-server init script * Fri Nov 6 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.0-1 - Update to 1.0.0 final * Wed Nov 4 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.0-0.5.rc2 - Only require python-ssl on EPEL * Sat Oct 31 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.0-0.4.rc2 - Update to 1.0.0rc2 * Mon Oct 26 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0.0-0.3.rc1 - Update to 1.0rc1 * Fri Oct 16 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0-0.2.pre5 - Add python-ssl requirement * Tue Aug 11 2009 Jeffrey C. Ollie jeff@ocjtech.us - 1.0-0.1.pre5 - Update to 1.0pre5 * Fri Jul 24 2009 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Mon Feb 23 2009 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Nov 29 2008 Ignacio Vazquez-Abrams ivazqueznet+rpm@gmail.com - 0.9.6-2 - Rebuild for Python 2.6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #683239 - Missing require for python-ssl in bcfg2-server https://bugzilla.redhat.com/show_bug.cgi?id=683239 --------------------------------------------------------------------------------
================================================================================ collectl-3.5.1-1.el5 (FEDORA-EPEL-2011-3472) A utility to collect various Linux performance data -------------------------------------------------------------------------------- Update Information:
update to upstream version 3.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Dan Horák <dan[at]danny.cz> 3.5.1-1 - upgrade to upstream version 3.5.1 --------------------------------------------------------------------------------
================================================================================ etckeeper-0.54-1.el5 (FEDORA-EPEL-2011-3489) Store /etc in a SCM system (git, mercurial, bzr or darcs) -------------------------------------------------------------------------------- Update Information:
Update to 0.54, a bugfix version. From the upstream changelog:
* Ignore inssev's FHS violating /etc/init.d/.depend.* files. * Use hg pre-commit hook, rather than its precommit hook, as the latter is run after the files staged for commit are determined and so .etckeeper cannot be staged as part of the current commit.
Furthermore, we include a patch to fix error propagation to yum, which makes AVOID_COMMIT_BEFORE_INSTALL work (bz 709487). -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 1 2011 Thomas Moschny thomas.moschny@gmx.de - 0.54-1 - Update to 0.54. - Add patch for bz 709487. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #709487 - yum fails to honor AVOID_COMMIT_BEFORE_INSTALL https://bugzilla.redhat.com/show_bug.cgi?id=709487 --------------------------------------------------------------------------------
================================================================================ jabberd-2.2.11-3.el5 (FEDORA-EPEL-2011-3479) OpenSource server implementation of the Jabber protocols -------------------------------------------------------------------------------- Update Information:
This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Dominic Hopf dmaphy@fedoraproject.org - 2.2.11-3 - backported patch to fix the billion laughs issue from 2.2.14 (#700390, CVE-2011-1755) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #700390 - CVE-2011-1755 jabberd: DoS via the XML "billion laughs attack" https://bugzilla.redhat.com/show_bug.cgi?id=700390 --------------------------------------------------------------------------------
================================================================================ lbzip2-0.23-2.el5 (FEDORA-EPEL-2011-3475) Fast, multi-threaded bzip2 utility -------------------------------------------------------------------------------- Update Information:
Multi-threaded implementation of bzip2, suited for serial and parallel processing. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #657405 - Review Request: lbzip2 - fast, multi-threaded bzip2 utility https://bugzilla.redhat.com/show_bug.cgi?id=657405 --------------------------------------------------------------------------------
================================================================================ lbzip2-0.23-3.el5 (FEDORA-EPEL-2011-3474) Fast, multi-threaded bzip2 utility -------------------------------------------------------------------------------- Update Information:
Multi-threaded implementation of bzip2, suited for serial and parallel processing. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #657405 - Review Request: lbzip2 - fast, multi-threaded bzip2 utility https://bugzilla.redhat.com/show_bug.cgi?id=657405 --------------------------------------------------------------------------------
================================================================================ opensips-1.6.4-6.el5 (FEDORA-EPEL-2011-3492) Open Source SIP Server -------------------------------------------------------------------------------- Update Information:
Update to 1.6.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 23 2011 Dan Horák dan@danny.cz - 1.6.4-6 - rebuilt for mysql 5.5.10 (soname bump in libmysqlclient) * Tue Feb 8 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ perl-Chart-2.4.2-1.el5 (FEDORA-EPEL-2011-3470) Series of charting modules -------------------------------------------------------------------------------- Update Information:
This is the first EPEL release of perl-Chart. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #613872 - Request for support in EPEL https://bugzilla.redhat.com/show_bug.cgi?id=613872 --------------------------------------------------------------------------------
================================================================================ roundup-1.4.18-1.el5 (FEDORA-EPEL-2011-3476) Simple and flexible issue-tracking system -------------------------------------------------------------------------------- Update Information:
Update to 1.4.18 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 1 2011 John Khvatov ivaxer@fedoraproject.org - 1.4.18-1 - updated to 1.4.18 - added roundup-doc subpackage for documentation * Wed Feb 9 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ wordpress-3.1.3-3.el5 (FEDORA-EPEL-2011-3495) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information:
Fix old FSF address and Summary to make rpmlint happy. Make wp-content directory owned by apache:apache. Correctly Provides/Obsoletes (with versions). Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772). Move wp-content directory to /var/www/wordpress/ (BZ 522897). Simplify overly detailed files list. Actually, we just don't need gettext.php at all, it is provided by hp itself. Just remove the file, don't make a symlink. Revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-3 - Actually, we just don't need gettext.php at all, it is provided by php itself. Just remove the file, don't make a symlink. - revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. * Wed Jun 1 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-2 - Fix old FSF address and Summary to make rpmlint happy. - Make wp-content directory owned by apache:apache - Correctly Provides/Obsoletes (with versions) * Wed May 25 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-1 - Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772) - Move wp-content directory to /var/www/wordpress/ (BZ 522897) - Simplify overly detailed %files -------------------------------------------------------------------------------- References:
[ 1 ] Bug #707772 - New upstream version 3.1.3 has been released https://bugzilla.redhat.com/show_bug.cgi?id=707772 [ 2 ] Bug #522897 - Unable To Upload Images To /usr/share/wordpress/wp-content/uploads/ https://bugzilla.redhat.com/show_bug.cgi?id=522897 --------------------------------------------------------------------------------
================================================================================ x509watch-0.4.0-1.el5 (FEDORA-EPEL-2011-3471) Simple tool to list expiring or expired X.509 certificates -------------------------------------------------------------------------------- Update Information:
Upstream changes for 0.4.0:
- Mail from cronjob with x509watch output has now logwatch style -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Robert Scheck robert@fedoraproject.org 0.4.0-1 - Upgrade to 0.4.0 * Mon Feb 7 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org