The following Fedora EPEL 6 Security updates need testing: Age URL 830 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 177 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6.4-... 162 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2... 71 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8.0.... 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-views-... 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-... 39 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Add... 34 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1745/mediawiki119-1... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1961/cobbler-2.6.3-... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1923/sdcc-3.2.0-1.e... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1947/drupal6-6.32-1... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1980/moodle-2.4.11-... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1940/phpMyAdmin-4.0... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1999/exim-4.72-6.el... 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2045/ansible-1.6.10... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2050/drupal7-7.30-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2084/drupal7-date-2... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2088/tor-0.2.4.23-1...
The following builds have been pushed to Fedora EPEL 6 updates-testing
Xnee-3.19-1.el6 drupal7-date-2.8-1.el6 drupal7-features-2.1-1.el6 golang-github-codegangsta-cli-1.1.0-1.el6 golang-github-tchap-go-patricia-1.0.1-4.el6 opendkim-2.9.2-1.el6 packagedb-cli-2.5-1.el6 python-flask-admin-1.0.8-2.el6 python-six-1.7.3-1.el6 retrace-server-1.12-2.el6 tor-0.2.4.23-1.el6
Details about builds:
================================================================================ Xnee-3.19-1.el6 (FEDORA-EPEL-2014-2091) X11 environment recorder -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Matthieu Saulnier fantom@fedoraproject.org - 3.19-1 - Update to 3.19 - Fix spelling-error in summary and description - Fix bogus date in %changelog section in spec file -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1095296 - Xnee-3.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1095296 --------------------------------------------------------------------------------
================================================================================ drupal7-date-2.8-1.el6 (FEDORA-EPEL-2014-2084) This package contains both the Date module and a Date API module -------------------------------------------------------------------------------- Update Information:
Update to upstream 2.8 release due to security fix for CVE-2014-5169 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Jared Smith jsmith@fedoraproject.org 2.8-1 - Update to upstream 2.8 release - This release fixes an XSS issue, CVE-2014-5169 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1125283 - CVE-2014-5169 drupal7-date: Cross Site Scripting (XSS) https://bugzilla.redhat.com/show_bug.cgi?id=1125283 --------------------------------------------------------------------------------
================================================================================ drupal7-features-2.1-1.el6 (FEDORA-EPEL-2014-2090) Provides feature management for Drupal -------------------------------------------------------------------------------- Update Information:
Update to upstream 2.1 release for bug fixes. For more details, refer to: https://www.drupal.org/node/2311903 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Paul W. Frields stickster@gmail.com - 2.1-1 - Update to upstream 2.1 release for bug fixes * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124742 - drupal7-features-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124742 --------------------------------------------------------------------------------
================================================================================ golang-github-codegangsta-cli-1.1.0-1.el6 (FEDORA-EPEL-2014-2083) Package for building command line apps in Go -------------------------------------------------------------------------------- Update Information:
27ecc97192df1bf053a22b04463f2b51b8b8373e tagged 1.1.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114175 - Review Request: golang-github-codegangsta-cli - Package for building command line apps in Go https://bugzilla.redhat.com/show_bug.cgi?id=1114175 --------------------------------------------------------------------------------
================================================================================ golang-github-tchap-go-patricia-1.0.1-4.el6 (FEDORA-EPEL-2014-2086) A generic patricia trie implemented in Go -------------------------------------------------------------------------------- Update Information:
Resolves: rhbz#1117562 - package review request -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1117562 - Review Request: golang-github-tchap-go-patricia - A generic patricia trie implemented in Go https://bugzilla.redhat.com/show_bug.cgi?id=1117562 --------------------------------------------------------------------------------
================================================================================ opendkim-2.9.2-1.el6 (FEDORA-EPEL-2014-2078) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information:
Updating to newer upstream source: 2.9.2 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Steve Jenkins steve@stevejenkins.com - 2.9.2-1 - Updated to use newer upstream 2.9.2 source code - Fixed invalid date in changelog * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.9.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #973541 - opendkim-2.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=973541 --------------------------------------------------------------------------------
================================================================================ packagedb-cli-2.5-1.el6 (FEDORA-EPEL-2014-2085) A CLI for pkgdb -------------------------------------------------------------------------------- Update Information:
Packagedb-cli Release 2.5
* Fix logging (cf rhbz#1123524) * Add the update_critpath -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Pierre-Yves Chibon pingou@pingoured.fr - 2.5-1 - Update to 2.5 - Fixes https://bugzilla.redhat.com/1123524 (Don't add stream handler to root logger in library) - Add the update_critpath method to pkgdb2client -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1123524 - Don't add stream handler to root logger in library https://bugzilla.redhat.com/show_bug.cgi?id=1123524 --------------------------------------------------------------------------------
================================================================================ python-flask-admin-1.0.8-2.el6 (FEDORA-EPEL-2014-2082) Simple and extensible admin interface framework for Flask -------------------------------------------------------------------------------- Update Information:
Update to 1.0.8 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Apr 29 2014 Matej Stuchlik mstuchli@redhat.com - 1.0.8-1 - Updated to 1.0.8 - Removed unnecessary requires * Wed Jan 8 2014 Matej Stuchlik mstuchli@redhat.com - 1.0.7-1 - Updated to 1.0.7 * Tue Aug 13 2013 Matej Stuchlik mstuchli@redhat.com - 1.0.6-1 - Updated to 1.0.6 * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1122044 - Update version? https://bugzilla.redhat.com/show_bug.cgi?id=1122044 --------------------------------------------------------------------------------
================================================================================ python-six-1.7.3-1.el6 (FEDORA-EPEL-2014-2079) Python 2 and 3 compatibility utilities -------------------------------------------------------------------------------- Update Information:
- Latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Pádraig Brady pbrady@redhat.com - 1.7.3-1 - Latest upstream * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 8 2014 Orion Poplawski orion@cora.nwra.com - 1.6.1-2 - Rebuild for Python 3.4 --------------------------------------------------------------------------------
================================================================================ retrace-server-1.12-2.el6 (FEDORA-EPEL-2014-2089) Application for remote coredump analysis -------------------------------------------------------------------------------- Update Information:
update to 1.12 update to 1.11 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Michal Toman mtoman@redhat.com 1.12-1 - do not run kmem on vmcores by default - fix group readability of vmcores - add support for lzop compression - add DeleteFailedTaskAfter config option - add arch-based remote execution - add set-success and set-fail actions to retrace-server-interact - add config sanity checks to retrace-server-cleanup * Thu Feb 27 2014 Michal Toman mtoman@redhat.com 1.11-1 - do not die trying to chmod a hardling - do not hardlink unpacked vmcores - print command line formatted correctly - allow submitting vmcores with spaces in file name - do not run makedumpfile when not necessary - allow to specify kernel VRA with custom cores - do not require the trailing slash in task manager URL - do not kill retrace-server-cleanup when retrace_log does not exist - cache kernel version into task directory - add support for ppc64, s390x - include floating point registers in userspace backtraces - execute ABRT's exploitability plugin if available -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1095349 - Lessen risk of premature vmcore removal by clarifing comments in retrace-server.conf and possibly add checks to avoid misconfiguration of cleanup job https://bugzilla.redhat.com/show_bug.cgi?id=1095349 [ 2 ] Bug #1124477 - permanent non-final task state possible, forcing fail value into 'status' file crashes web UI https://bugzilla.redhat.com/show_bug.cgi?id=1124477 [ 3 ] Bug #1099144 - Some vmcores kernel version (RHEL5 at least) not automatically detected but require using "Kernel VRA" to setup debuginfo symbols https://bugzilla.redhat.com/show_bug.cgi?id=1099144 [ 4 ] Bug #1080199 - abrt retrace-server needs to support lzo un-compression https://bugzilla.redhat.com/show_bug.cgi?id=1080199 [ 5 ] Bug #1086321 - RFE: Add more aggressive removal option for retrace-server tasks with 'status == STATUS_FAIL' after X days https://bugzilla.redhat.com/show_bug.cgi?id=1086321 [ 6 ] Bug #1074596 - don't run 'kmem -f by default https://bugzilla.redhat.com/show_bug.cgi?id=1074596 [ 7 ] Bug #999643 - Allow case number to be added on the screen where you submit a vmcore https://bugzilla.redhat.com/show_bug.cgi?id=999643 [ 8 ] Bug #1015177 - Handle vmcores uploaded with spaces in the name https://bugzilla.redhat.com/show_bug.cgi?id=1015177 [ 9 ] Bug #1033668 - manual crash command to run 32-bit vmcores has a minor problem - should be enclosed in double quotes https://bugzilla.redhat.com/show_bug.cgi?id=1033668 [ 10 ] Bug #1038731 - Queuing a gzipped file via "Custom Core Location" hangs indefinitely - manually gunzip and resubmit works https://bugzilla.redhat.com/show_bug.cgi?id=1038731 [ 11 ] Bug #1051091 - retrace-server-cleanup job crashes if retrace_log does not exist https://bugzilla.redhat.com/show_bug.cgi?id=1051091 [ 12 ] Bug #1053186 - "retrace-server-interact <taskid> crash" should not try to detect the kernel version but should obtain it from a saved location https://bugzilla.redhat.com/show_bug.cgi?id=1053186 [ 13 ] Bug #1054509 - If the user specifies a "Custom core location", Retrace skips the "Start Task" confirmation page https://bugzilla.redhat.com/show_bug.cgi?id=1054509 [ 14 ] Bug #1059376 - Submitting a local file vmcore with 'custom core location' may stay at "Post-processing downloaded file" https://bugzilla.redhat.com/show_bug.cgi?id=1059376 [ 15 ] Bug #1067188 - retrace-server should only run makedumpfile with dump_level which is different from the server generating the vmcore https://bugzilla.redhat.com/show_bug.cgi?id=1067188 --------------------------------------------------------------------------------
================================================================================ tor-0.2.4.23-1.el6 (FEDORA-EPEL-2014-2088) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2014-5117 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.2.4.23-1 - update to upstream release 0.2.4.23 - CVE-2014-5117: potential for traffic-confirmation attacks -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124964 - CVE-2014-5117 tor: potential for traffic-confirmation attacks https://bugzilla.redhat.com/show_bug.cgi?id=1124964 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org