The following Fedora EPEL 6 Security updates need testing:

https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6468/dropbear-0.55-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6531/nsd-3.2.13-1.e... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6374/rt3-3.8.13-1.e... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6432/puppet-2.6.17-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6547/openstack-nova... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6408/ganglia-3.1.7-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6422/mediawiki119-1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6504/moodle-2.1.7-1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl...

The following builds have been pushed to Fedora EPEL 6 updates-testing

openstack-nova-2012.1.1-11.el6 python-basemap-0.99.4-11.el6 python-httplib2-0.7.4-6.el6

Details about builds:

================================================================================ openstack-nova-2012.1.1-11.el6 (FEDORA-EPEL-2012-6547) OpenStack Compute (nova) -------------------------------------------------------------------------------- Update Information:

- Split out into more sub packages

- Update from stable upstream including... - Fix metadata file injection with xen - Fix affinity filters when hints is None - Fix marker behavior for flavors - Handle local remote exceptions consistently - Fix qcow2 size on libvirt live block migration - Fix for API listing of os hosts - Avoid lazy loading errors on instance_type - Avoid casts in network manager to prevent races - Conditionally allow queries for deleted flavours - Fix wrong regex in cleanup_file_locks - Add net rules to VMs on compute service start - Tolerate parsing null connection info in BDM - Support EC2 CreateImage API for boot from volume - EC2 DescribeImages reports correct rootDeviceType - Reject EC2 CreateImage for instance store - Fix EC2 CreateImage no_reboot logic - Convert remaining network API casts to calls - Move where the fixed ip deallocation happens - Fix the qpid_heartbeat option so that it's effective - Update to latest essex stable branch

- Enable auto cleanup of old cached instance images - Fix ram_allocation_ratio based over subscription - Expose over quota exceptions via native API - Return 413 status on over quota in the native API - Fix call to network_get_all_by_uuids - Fix libvirt get_memory_mb_total with xen - Use compute_api.get_all in affinity filters (CVE-2012-3371) - Use default qemu img cluster size in libvirt connect - Ensure libguestfs has completed before proceeding

- Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361) - Support injecting new .ssh/authorized_keys files to SELinux enabled guests - Improve performance and stability of file injection - add upstart jobs, alternative to sysv initscripts - fix an exception caused by the fix for CVE-2012-2654 - fix the encoding of the dns_domains table (requires a db sync) - fix a crash due to a nova services startup race (#825051) - Fix for protocol case handling (CVE-2012-2654) -------------------------------------------------------------------------------- ChangeLog:

* Mon Jul 30 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-11 - Update from stable upstream including... - Fix metadata file injection with xen - Fix affinity filters when hints is None - Fix marker behavior for flavors - Handle local remote exceptions consistently - Fix qcow2 size on libvirt live block migration - Fix for API listing of os hosts - Avoid lazy loading errors on instance_type - Avoid casts in network manager to prevent races - Conditionally allow queries for deleted flavours - Fix wrong regex in cleanup_file_locks - Add net rules to VMs on compute service start - Tolerate parsing null connection info in BDM - Support EC2 CreateImage API for boot from volume - EC2 DescribeImages reports correct rootDeviceType - Reject EC2 CreateImage for instance store - Fix EC2 CreateImage no_reboot logic - Convert remaining network API casts to calls - Move where the fixed ip deallocation happens - Fix the qpid_heartbeat option so that it's effective * Fri Jul 27 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-10 - Split out into more sub packages * Fri Jul 20 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-4 - Enable auto cleanup of old cached instance images - Fix ram_allocation_ratio based over subscription - Expose over quota exceptions via native API - Return 413 status on over quota in the native API - Fix call to network_get_all_by_uuids - Fix libvirt get_memory_mb_total with xen - Use compute_api.get_all in affinity filters (CVE-2012-3371) - Use default qemu img cluster size in libvirt connect - Ensure libguestfs has completed before proceeding * Thu Jul 5 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-3 - Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361) * Wed Jun 27 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-2 - Update to latest essex stable branch - Support injecting new .ssh/authorized_keys files to SELinux enabled guests * Fri Jun 22 2012 Pádraig Brady P@draigBrady.com - 2012.1.1-1 - Update to essex stable release 2012.1.1 - Improve performance and stability of file injection - add upstart jobs, alternative to sysv initscripts * Fri Jun 15 2012 Pádraig Brady P@draigBrady.com - 2012.1-12 - update performance and stability fixes from essex stable * Mon Jun 11 2012 Pádraig Brady P@draigBrady.com - 2012.1-11 - fix an exception caused by the fix for CVE-2012-2654 - fix the encoding of the dns_domains table (requires a db sync) - fix a crash due to a nova services startup race (#825051) * Fri Jun 8 2012 Pádraig Brady P@draigBrady.com - 2012.1-10 - Enable libguestfs image inspection * Wed Jun 6 2012 Pádraig Brady P@draigBrady.com - 2012.1-9 - Sync up with Essex stable branch, including... - Fix for protocol case handling (#829441, CVE-2012-2654) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #839407 - CVE-2012-3371 OpenStack-Nova: Scheduler denial of service through scheduler_hints [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=839407 [ 2 ] Bug #825052 - Restarting nova-network removes ip packet filters https://bugzilla.redhat.com/show_bug.cgi?id=825052 [ 3 ] Bug #825051 - qpid timeout causing compute service to crash https://bugzilla.redhat.com/show_bug.cgi?id=825051 [ 4 ] Bug #829441 - CVE-2012-2654 OpenStack Nova security groups fail to be set correctly [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=829441 --------------------------------------------------------------------------------

================================================================================ python-basemap-0.99.4-11.el6 (FEDORA-EPEL-2012-6551) Plots data on map projections (with continental and political boundaries) -------------------------------------------------------------------------------- Update Information:

Rebuilt for numpy upgrade. -------------------------------------------------------------------------------- ChangeLog:

* Mon Jul 30 2012 Devrim Gunduz devrim@gunduz.org - 0.99.4-11 - Rebuild for numpy upgrade. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #842870 - python-basemap cannot be imported in epel6 https://bugzilla.redhat.com/show_bug.cgi?id=842870 --------------------------------------------------------------------------------

================================================================================ python-httplib2-0.7.4-6.el6 (FEDORA-EPEL-2012-6549) A comprehensive HTTP client library -------------------------------------------------------------------------------- Update Information:

Bug 840968 - SSL errors when the site certificate contains subjectAltName but DNS is not in it -------------------------------------------------------------------------------- ChangeLog:

* Fri Jul 27 2012 Ding-Yi Chen <dchen at redhat.com> - 0.7.4-6 - Fixed Bug 840968 - SSL errors when the site certificate contains subjectAltName but DNS is not in it * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.7.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #840968 - SSL errors when the site certificate contains subjectAltName but DNS is not in it https://bugzilla.redhat.com/show_bug.cgi?id=840968 [ 2 ] Bug #787542 - python-httplib2 is more than two years old https://bugzilla.redhat.com/show_bug.cgi?id=787542 [ 3 ] Bug #566721 - httplib2 version 0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=566721 --------------------------------------------------------------------------------