The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/clamav-0.97-12.el6
https://admin.fedoraproject.org/updates/loggerhead-1.18.1-1.el6
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6
https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.10-1.el6
https://admin.fedoraproject.org/updates/wordpress-3.1-1.el6
https://admin.fedoraproject.org/updates/asterisk-1.8.3.2-1.el6
https://admin.fedoraproject.org/updates/php-doctrine-Doctrine-1.2.4-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
clamav-0.97-12.el6
dvtm-0.5.2-1.el6
flim-1.14.9-1.el6
globus-gsi-sysconfig-3.1-3.el6
grib_api-1.9.8-3.el6
pam_shield-0.9.5-2.el6
yumex-3.0.2-1.el6
Details about builds:
================================================================================
clamav-0.97-12.el6 (FEDORA-EPEL-2011-2950)
Anti-virus software
--------------------------------------------------------------------------------
Update Information:
Trivial change to freshclam configuration and cronjob to not override the defaults the
upstream clamav sets for NotifyClamd.
* Wed Mar 30 2011 Jan-Frode Myklebust <janfrode(a)tanso.net> - 0.97-12 - Move deletion
of /var/lib/clamav/mirrors.dat to db package. - Don't enable NotifyClamd in freshclam
config and cronjob, as not everybody is running clamd. Running clamd's will anyway
notice when db is updated.
https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html
https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html
https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 30 2011 Jan-Frode Myklebust <janfrode(a)tanso.net> - 0.97-12
- Move deletion of /var/lib/clamav/mirrors.dat to db package.
- Don't enable NotifyClamd in freshclam config and cronjob, as not
everybody is running clamd. Running clamd's will anyway notice
when db is updated.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #692016 - NotifyClamd: Can't find or parse configuration file
/etc/clamd.conf
https://bugzilla.redhat.com/show_bug.cgi?id=692016
[ 2 ] Bug #579370 - Update to newest version 0.96
https://bugzilla.redhat.com/show_bug.cgi?id=579370
[ 3 ] Bug #667203 - CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing
malicious PDF file(s) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=667203
[ 4 ] Bug #655636 - clamav-scanner, clamav-scanner-sysvinit in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=655636
[ 5 ] Bug #580676 - CVE-2010-0098 CVE-2010-1311 Multiple clamav vulnerabilities [Fedora
all]
https://bugzilla.redhat.com/show_bug.cgi?id=580676
[ 6 ] Bug #679793 - CVE-2011-1003 clamav: Double free error by reading VBA project
strings [epel-4]
https://bugzilla.redhat.com/show_bug.cgi?id=679793
[ 7 ] Bug #538425 - Wrong milter.conf file template in clamav-milter
https://bugzilla.redhat.com/show_bug.cgi?id=538425
[ 8 ] Bug #495502 - 0.95.1 is busted
https://bugzilla.redhat.com/show_bug.cgi?id=495502
[ 9 ] Bug #679794 - CVE-2011-1003 clamav: Double free error by reading VBA project
strings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=679794
--------------------------------------------------------------------------------
================================================================================
dvtm-0.5.2-1.el6 (FEDORA-EPEL-2011-2932)
Tiling window management for the console
--------------------------------------------------------------------------------
================================================================================
flim-1.14.9-1.el6 (FEDORA-EPEL-2011-2945)
Basic library for handling email messages for Emacs
--------------------------------------------------------------------------------
Update Information:
FLIM for Fedora, now built for RHEL 6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #657746 - Please branch for el6
https://bugzilla.redhat.com/show_bug.cgi?id=657746
--------------------------------------------------------------------------------
================================================================================
globus-gsi-sysconfig-3.1-3.el6 (FEDORA-EPEL-2011-2942)
Globus Toolkit - Globus GSI System Config Library
--------------------------------------------------------------------------------
Update Information:
Fixes a bug that caused globus not to identify directories correctly on filesystems were
the directory inode size is reported as 0, e.g. CIFS.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 29 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 3.1-3
- Allow zero-size dirs
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
grib_api-1.9.8-3.el6 (FEDORA-EPEL-2011-2934)
WMO FM-92 GRIB (v1,v2) interface accessible from C and FORTRAN programs
--------------------------------------------------------------------------------
Update Information:
- Add Requires jasper-devel to devel sub-package
--------------------------------------------------------------------------------
================================================================================
pam_shield-0.9.5-2.el6 (FEDORA-EPEL-2011-2937)
Pam Shield - A pam module to counter brute force attacks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force
attacks
https://bugzilla.redhat.com/show_bug.cgi?id=691153
--------------------------------------------------------------------------------
================================================================================
yumex-3.0.2-1.el6 (FEDORA-EPEL-2011-2936)
Yum Extender graphical package management tool
--------------------------------------------------------------------------------
Update Information:
New upstream release 3.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 30 2011 Tim Lauridsen <timlau(a)fedoraproject.org> 3.0.2-1
- bumped version to 3.0.2-1
* Thu Jan 6 2011 Tim Lauridsen <timlau(a)fedoraproject.org> 3.0.1-1
- removed gnome-python2-gconf requirement, not need anymore
* Sun Jan 2 2011 Tim Lauridsen <timlau(a)fedoraproject.org> 3.0.1-1
- Added urlgrabber requirement
--------------------------------------------------------------------------------