The following Fedora EPEL 5 Security updates need testing: Age URL 843 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 297 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.... 62 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-... 52 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-Add... 46 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki119-1... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1996/fail2ban-0.8.1... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2087/drupal7-date-2... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2165/iodine-0.7.0-1... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2155/wordpress-3.9.... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2153/drupal6-6.33-1... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2150/drupal7-7.31-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2184/389-ds-base-1....
The following builds have been pushed to Fedora EPEL 5 updates-testing
389-ds-base-1.2.11.30-1.el5 cobbler-2.4.7-1.el5 gfal2-2.6.8-3.el5 python-urllib3-1.5-8.el5 salt-2014.1.10-4.el5
Details about builds:
================================================================================ 389-ds-base-1.2.11.30-1.el5 (FEDORA-EPEL-2014-2184) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information:
389-ds-base-1.2.11.30 release - several bug fixes including a security bug -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 7 2014 Noriko Hosoi nhosoi@redhat.com - 1.2.11.30-1 - bump version to 1.2.11.30 - Resolves: #1123477 Ticket 47869 - unauthenticated information disclosure (Bug 1123477) - Ticket 616 - High contention on computed attribute lock - Ticket 47862 - repl-monitor fails to convert "*" to default values - Ticket 47824 - paged results control is not working in some cases when we have a subsuffix. - Ticket 47862 - Repl-monitor.pl ignores the provided connection parameters - Ticket 346 - Fixing memory leaks - Ticket 443 - Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error - Ticket 47863 - New defects found in 389-ds-base-1.2.11 - Ticket 47861 - Certain schema files are not replaced during upgrade - Ticket 47858 - Internal searches using OP_FLAG_REVERSE_CANDIDATE_ORDER can crash the server - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47781 - Server deadlock if online import started while server is under load - Ticket 47821 - deref plugin cannot handle complex acis - Ticket 47831 - server restart wipes out index config if there is a default index - Ticket 47820 - 1.2.11 branch: coverity errors - Ticket 47817 - The error result text message should be obtained just prior to sending result - Ticket 47331 - Self entry access ACI not working properly - Ticket 47426 - Coverity issue with last commit(move compute_idletimeout out of handle_pr_read_ready) - Ticket 47426 - move compute_idletimeout out of handle_pr_read_ready - Ticket 47809 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." - Ticket 47813 - remove "goto bail" from previous commit - Ticket 47813 - managed entry plugin fails to update member pointer on modrdn operation - Ticket 47770 - #481 breaks possibility to reassemble memberuid list - Ticket 47446 - logconv.pl memory continually grows - Ticket 47713 - Logconv.pl with an empty access log gives lots of errors - Ticket 47670 - Aci warnings in error log - Ticket 47804 - db2bak.pl error with changelogdb - Ticket 47780 - Some VLV search request causes memory leaks - Ticket 47787 - A replicated MOD fails (Unwilling to perform) if it targets a tombstone - Ticket 47764 - Problem with deletion while replicated - Ticket 47750 - Creating a glue fails if one above level is a conflict or missing - Ticket 47649 - Server hangs in cos_cache when adding a user entry - Ticket 47772 - fix coverity issue - Ticket 47793 - Server crashes if uniqueMember is invalid syntax and memberOf plugin is enabled. - Ticket 47707 - 389 DS Server crashes and dies while handles paged searches from clients - Ticket 47771 - Move parentsdn initialization to avoid crash - Ticket 47771 - Cherry pick issue parentsdn freed twice - Ticket 47771 - Performing deletes during tombstone purging results in operation errors - Ticket 346 - Slow ldapmodify operation time for large quantities of multi-valued attribute values - Ticket 47782 - Parent numbordinate count can be incorrectly updated if an error occurs - Ticket 47772 - empty modify returns LDAP_INVALID_DN_SYNTAX - Ticket 47736 - Import incorrectly updates numsubordinates for tombstone entries - Ticket 47774 - mem leak in do_search - rawbase not freed upon certain errors - Ticket 47773 - mem leak in do_bind when there is an error - Ticket 47767 - Nested tombstones become orphaned after purge * Wed May 7 2014 Rich Megginson rmeggins@redhat.com - 1.2.11.29-2 - Ticket 47798: 389-ds-base not marked as an upgrade for fedora-ds-base using epel5 - add back fedora-ds provides and obsoletes * Fri Apr 4 2014 Noriko Hosoi nhosoi@redhat.com - 1.2.11.29-1 - bump version to 1.2.11.29 - Ticket 47766 - Tombstone purging can crash the server if the backend is stopped/disabled - Ticket 47492 - PassSync removes User must change password flag on the Windows side - Ticket 47448 - Segfault in 389-ds-base-1.3.1.4-1.fc19 when setting up FreeIPA replication - Ticket 47740 - Fix coverity issues(part 7) - Ticket 47748 - Simultaneous adding a user and binding as the user could fail in the password policy check - Ticket 47743 - Memory leak with proxy auth control - Ticket 47740 - Crash caused by changes to certmap.c - Ticket 47740 - Fix coverity issues: null deferences - Part 6 - Ticket 47735 - e_uniqueid fails to set if an entry is a conflict entry - Ticket 47740 - Coverity issue in 1.3.3 - Ticket 47740 - Fix coverity issues - Part 5 - Ticket 47740 - Fix coverity erorrs - Part 4 - Ticket 47640 - Fix coverity issues - part 3 - Ticket 47538 - RFE: repl-monitor.pl plain text output, cmdline config options - Ticket 47740 - Coverity Fixes (Mark - part 1) - Ticket 47734 - Change made in resolving ticket #346 fails on Debian SPARC64 - Ticket 47722 - Fixed filter not correctly identified - Ticket 47722 - rsearch filter error on any search filter - Ticket 47704 - invalid sizelimits in aci group evaluation - Ticket 47737 - Under heavy stress, failure of turning a tombstone into glue makes the server hung - Ticket 47735 - e_uniqueid fails to set if an entry is a conflict entry - Ticket 47731 - A tombstone entry is deleted by ldapdelete - Ticket 47729 - Directory Server crashes if shutdown during a replication initialization - Ticket 47637 - rsa_null_sha should not be enabled by default - Ticket 417, 458, 47522 - Password Administrator Backport - Ticket 47455 - valgrind - value mem leaks, uninit mem usage - fix coverity 11915 - dead code - introduced with fix for ticket 346 - Ticket 47369 - version2 - provide default syntax plugin - Ticket 346 - version 4 Slow ldapmodify operation time for large quantities of multi-valued attribute values - Ticket 415 - winsync doesn't sync DN valued attributes if DS DN value doesn't exist - Ticket 47642 - Windows Sync group issues - Ticket 47692 - single valued attribute replicated ADD does not work - Ticket 47677 - Size returned by slapi_entry_size is not accurate - Ticket 47693 - Environment variables are not passed when DS is started via service - Ticket 47693 - Environment variables are not passed when DS is started via service - Ticket 471 - logconv.pl tool removes the access logs contents if "-M" is not correctly used - Ticket 47463 - IDL-style can become mismatched during partial restoration - Ticket 47638 - Overflow in nsslapd-disk-monitoring-threshold on 32bit platform - Ticket 47641 - 7-bit check plugin not checking MODRDN operation - Ticket 47678 - modify-delete userpassword - Ticket 47516 - replication stops with excessive clock skew - Ticket 47627 - Fix replication logging - Ticket 47627 - changelog iteration should ignore cleaned rids when getting the minCSN - Ticket 47623 - fix memleak caused by 47347 - Ticket 47587 - hard coded limit of 64 masters in agreement and changelog code - Ticket 47591 - entries with empty objectclass attribute value can be hidden - Ticket 47596 - attrcrypt fails to find unlocked key -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1123477 - CVE-2014-3562 389-ds: unauthenticated information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1123477 --------------------------------------------------------------------------------
================================================================================ cobbler-2.4.7-1.el5 (FEDORA-EPEL-2014-2196) Boot server configurator -------------------------------------------------------------------------------- Update Information:
Feature improvements
* Make kickstart selectable from a pulldown list in cobbler-web (#991) * Minor adjustment to the error_page template (cobbler-web)
Bugfixes
* Exit with an error if cobblerd executable cant be found (#1108 #1135) * Fix cobbler sync bug through xmlrpc api (NoneType object has no attribute info) * Add strict kickstart check in the API (again for #939) * Do not allow kickstarts in /etc/cobbler * Fix broken gitdate, gitstamp values in version file (cobbler version) * Prevent disappearing profiles after cobblerd restart (#1030)
Upgrade notes
This release makes the use of --parent and --distro mutually exclusive. The consequence is that subprofiles always have the same distro as the parent profile. This has been the intended behaviour ever since subprofiles got introduced.
Please check if you have subprofiles with different distros than the parent profile and reconsider and adjust your configuration. -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 11 2014 Orion Poplawski orion@cora.nwra.com - 2.4.7-1 - Update to 2.4.7 --------------------------------------------------------------------------------
================================================================================ gfal2-2.6.8-3.el5 (FEDORA-EPEL-2014-2066) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information:
Update to gfal2 2.6.8
-------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 11 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-3 - Disable GridFTP session reuse by default (see LCGUTIL-448) * Fri Aug 8 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-2 - Patch for symbol that dissapeared in Davix * Mon Jul 28 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-1 - Release 2.6.8 of GFAL2 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.5.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-urllib3-1.5-8.el5 (FEDORA-EPEL-2014-2182) Python HTTP library with thread-safe connection pooling and file post -------------------------------------------------------------------------------- Update Information:
Initial EL5 build --------------------------------------------------------------------------------
================================================================================ salt-2014.1.10-4.el5 (FEDORA-EPEL-2014-2179) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Fix incorrect conditional -------------------------------------------------------------------------------- ChangeLog:
* Sun Aug 10 2014 Erik Johnson erik@saltstack.com - 2014.1.10-4 - Fix incorrect conditional * Tue Aug 5 2014 Erik Johnson erik@saltstack.com - 2014.1.10-2 - Deploy cachedir with package * Mon Aug 4 2014 Erik Johnson erik@saltstack.com - 2014.1.10-1 - Update to bugfix release 2014.1.10 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org