The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/couchdb-1.0.2-4.el6 https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6 https://admin.fedoraproject.org/updates/syslog-ng-3.2.4-1.el6 https://admin.fedoraproject.org/updates/unbound-1.4.4-3.el6 https://admin.fedoraproject.org/updates/drupal6-6.22-1.el6 https://admin.fedoraproject.org/updates/drupal7-7.2-1.el6 https://admin.fedoraproject.org/updates/libmodplug-0.8.8.3-2.el6 https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.1-1.el6 https://admin.fedoraproject.org/updates/exim-4.72-2.el6 https://admin.fedoraproject.org/updates/jabberd-2.2.14-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
bcfg2-1.1.2-1.el6 collectl-3.5.1-1.el6 etckeeper-0.54-1.el6 jabberd-2.2.14-1.el6 lbzip2-0.23-2.el6 livecd-tools-13.3-1.el6 perl-Chart-2.4.2-3.el6 perl-Test-Fatal-0.006-1.el6 pwgen-2.06-5.el6 vnstat-1.11-1.el6 wordpress-3.1.3-3.el6 x509watch-0.4.0-1.el6 zabbix-1.8.5-2.el6
Details about builds:
================================================================================ bcfg2-1.1.2-1.el6 (FEDORA-EPEL-2011-3478) Configuration management system -------------------------------------------------------------------------------- Update Information:
* Thu Jun 02 2011 Fabian Affolter fabian@bernewireless.net - 1.1.2-1 - Updated to new upstream version 1.1.2 - Pooled file section entries to reduce future maintenance - Fixed #683239
-------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Fabian Affolter fabian@bernewireless.net - 1.1.2-1 - Updated to new upstream version 1.1.2 - Pooled file section entries to reduce future maintainance - Fixed #683239 --------------------------------------------------------------------------------
================================================================================ collectl-3.5.1-1.el6 (FEDORA-EPEL-2011-3490) A utility to collect various Linux performance data -------------------------------------------------------------------------------- Update Information:
update to upstream version 3.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Dan Horák <dan[at]danny.cz> 3.5.1-1 - upgrade to upstream version 3.5.1 --------------------------------------------------------------------------------
================================================================================ etckeeper-0.54-1.el6 (FEDORA-EPEL-2011-3480) Store /etc in a SCM system (git, mercurial, bzr or darcs) -------------------------------------------------------------------------------- Update Information:
Update to 0.54, a bugfix version. From the upstream changelog:
* Ignore inssev's FHS violating /etc/init.d/.depend.* files. * Use hg pre-commit hook, rather than its precommit hook, as the latter is run after the files staged for commit are determined and so .etckeeper cannot be staged as part of the current commit.
Furthermore, we include a patch to fix error propagation to yum, which makes AVOID_COMMIT_BEFORE_INSTALL work (bz 709487). -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 1 2011 Thomas Moschny thomas.moschny@gmx.de - 0.54-1 - Update to 0.54. - Add patch for bz 709487. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #709487 - yum fails to honor AVOID_COMMIT_BEFORE_INSTALL https://bugzilla.redhat.com/show_bug.cgi?id=709487 --------------------------------------------------------------------------------
================================================================================ jabberd-2.2.14-1.el6 (FEDORA-EPEL-2011-3483) OpenSource server implementation of the Jabber protocols -------------------------------------------------------------------------------- Update Information:
This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 1 2011 Dominic Hopf dmaphy@fedoraproject.org - 2.2.14-1 - update to 2.2.14 (#700390, CVE-2011-1755) - remove unneeded upstart configuration files * Thu Apr 14 2011 Dominic Hopf dmaphy@fedoraproject.org - 2.2.13-1 - updated to 2.2.13 * Wed Jan 5 2011 Adrian Reber adrian@lisas.de - 2.2.11-7 - ported spec changes from f14 branch to devel branch - fix "jabberd spec file puts server.pem in /etc instead of /etc/jabberd" (#667504) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #700390 - CVE-2011-1755 jabberd: DoS via the XML "billion laughs attack" https://bugzilla.redhat.com/show_bug.cgi?id=700390 --------------------------------------------------------------------------------
================================================================================ lbzip2-0.23-2.el6 (FEDORA-EPEL-2011-3486) Fast, multi-threaded bzip2 utility -------------------------------------------------------------------------------- Update Information:
Multi-threaded implementation of bzip2, suited for serial and parallel processing. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #657405 - Review Request: lbzip2 - fast, multi-threaded bzip2 utility https://bugzilla.redhat.com/show_bug.cgi?id=657405 --------------------------------------------------------------------------------
================================================================================ livecd-tools-13.3-1.el6 (FEDORA-EPEL-2011-3477) Tools for building live CDs -------------------------------------------------------------------------------- Update Information:
- extlinux doesn't support ext4 or btrfs on F13 (#709778) (bcl) Sync'd up el6 release with f13. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #709778 - livecd-iso-to-disk will not created bootable F15 install usb key. https://bugzilla.redhat.com/show_bug.cgi?id=709778 --------------------------------------------------------------------------------
================================================================================ perl-Chart-2.4.2-3.el6 (FEDORA-EPEL-2011-3485) Series of charting modules -------------------------------------------------------------------------------- Update Information:
This is the first EPEL release of perl-Chart. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #613872 - Request for support in EPEL https://bugzilla.redhat.com/show_bug.cgi?id=613872 --------------------------------------------------------------------------------
================================================================================ perl-Test-Fatal-0.006-1.el6 (FEDORA-EPEL-2011-3493) Incredibly simple helpers for testing code with exceptions -------------------------------------------------------------------------------- Update Information:
This update adds emulation of Test::Exception's lives_ok() and dies_ok(), making migration from Test::Exception to Test::Fatal easier. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Paul Howarth paul@city-fan.org 0.006-1 - Update to 0.006 - Crank back the Test::More and Exporter requirements (CPAN RT#62699) - Add lives_ok and dies_ok emulation (CPAN RT#67598) - Versions patch replaced by workaround for old ExtUtils::MakeMaker - BR: perl(Test::Builder::Tester) --------------------------------------------------------------------------------
================================================================================ pwgen-2.06-5.el6 (FEDORA-EPEL-2011-3482) Automatic password generation --------------------------------------------------------------------------------
================================================================================ vnstat-1.11-1.el6 (FEDORA-EPEL-2011-3473) Console-based network traffic monitor -------------------------------------------------------------------------------- Update Information:
Upstream changes for 1.11 / 1-Jun-11:
- Fix: Memory allocation was miscalculated when creating interface list from /sys/class/net when /proc/net/dev wasn't available which in turn could crash the daemon - Fix: Daemon database cache could remain empty after a -HUP signal - Fix: Don't make temp directory in vnstat.cgi writable for everyone - Import GNU/kFreeBSD support from Debian (#608963, patch by Mats Erik Andersson) - Remove usage of GNU only '-D' option for install for BSD in Makefile - The daemon now automatically creates databases for available interfaces if no databases are found during startup -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Robert Scheck robert@fedoraproject.org - 1.11-1 - Upgrade to 1.11 --------------------------------------------------------------------------------
================================================================================ wordpress-3.1.3-3.el6 (FEDORA-EPEL-2011-3487) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information:
Fix old FSF address and Summary to make rpmlint happy. Make wp-content directory owned by apache:apache. Correctly Provides/Obsoletes (with versions). Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772). Move wp-content directory to /var/www/wordpress/ (BZ 522897). Simplify overly detailed files list. Actually, we just don't need gettext.php at all, it is provided by php itself. Just remove the file, don't make a symlink. Revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-3 - Actually, we just don't need gettext.php at all, it is provided by php itself. Just remove the file, don't make a symlink. - revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. * Wed Jun 1 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-2 - Fix old FSF address and Summary to make rpmlint happy. - Make wp-content directory owned by apache:apache - Correctly Provides/Obsoletes (with versions) * Wed May 25 2011 Matěj Cepl mcepl@redhat.com - 3.1.3-1 - Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772) - Move wp-content directory to /var/www/wordpress/ (BZ 522897) - Simplify overly detailed %files -------------------------------------------------------------------------------- References:
[ 1 ] Bug #707772 - New upstream version 3.1.3 has been released https://bugzilla.redhat.com/show_bug.cgi?id=707772 [ 2 ] Bug #522897 - Unable To Upload Images To /usr/share/wordpress/wp-content/uploads/ https://bugzilla.redhat.com/show_bug.cgi?id=522897 --------------------------------------------------------------------------------
================================================================================ x509watch-0.4.0-1.el6 (FEDORA-EPEL-2011-3481) Simple tool to list expiring or expired X.509 certificates -------------------------------------------------------------------------------- Update Information:
Upstream changes for 0.4.0:
- Mail from cronjob with x509watch output has now logwatch style -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 2 2011 Robert Scheck robert@fedoraproject.org 0.4.0-1 - Upgrade to 0.4.0 * Mon Feb 7 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ zabbix-1.8.5-2.el6 (FEDORA-EPEL-2011-3488) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- ChangeLog:
* Mon May 23 2011 Dan Horák <dan[at]danny.cz> - 1.8.5-2 - include /var/lib/zabbix and /etc/zabbix/externalscripts dirs in package (#704181) - add snmp trap receiver script in package (#705331) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #704181 - AlertScriptPath points to a directory that doesn't exist https://bugzilla.redhat.com/show_bug.cgi?id=704181 [ 2 ] Bug #705331 - SNMP trap shell script https://bugzilla.redhat.com/show_bug.cgi?id=705331 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org