The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.el6 https://admin.fedoraproject.org/updates/erlang-R14B-02.1.el6 https://admin.fedoraproject.org/updates/wordpress-3.1.2-1.el6 https://admin.fedoraproject.org/updates/libmodplug-0.8.8.3-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
libmodplug-0.8.8.3-2.el6 ntfs-3g-2011.4.12-3.el6 perl-Getopt-GUI-Long-0.91-6.el6 perl-QWizard-3.15-8.el6 syslog-ng-3.1.4-3.el6 txt2man-1.5.6-1.el6 unifdef-1.171-10.el6
Details about builds:
================================================================================ libmodplug-0.8.8.3-2.el6 (FEDORA-EPEL-2011-3271) Modplug mod music file format library -------------------------------------------------------------------------------- Update Information:
Update to upstream version 0.8.8.3 (CVE-2011-1574, CVE-2011-1761). -------------------------------------------------------------------------------- ChangeLog:
* Mon May 9 2011 Ville Skyttä ville.skytta@iki.fi - 1:0.8.8.3-2 - Don't require /etc/timidity.cfg on EL-6, there is no suitable provider package available in it at the moment. * Sun May 8 2011 Ville Skyttä ville.skytta@iki.fi - 1:0.8.8.3-1 - Update to 0.8.8.3 (security, CVE-2011-1761). - Require /etc/timidity.cfg for ABC and MIDI. * Sat Apr 2 2011 Ville Skyttä ville.skytta@iki.fi - 1:0.8.8.2-1 - Update to 0.8.8.2 (security, CVE-2011-1574). * Tue Feb 8 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:0.8.8.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #701858 - CVE-2011-1761 libmodplug: stack-based buffer overflow in load_abc.cpp https://bugzilla.redhat.com/show_bug.cgi?id=701858 [ 2 ] Bug #695420 - CVE-2011-1574 libmodplug: ReadS3M stack overflow vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=695420 --------------------------------------------------------------------------------
================================================================================ ntfs-3g-2011.4.12-3.el6 (FEDORA-EPEL-2011-3277) Linux NTFS userspace driver -------------------------------------------------------------------------------- Update Information:
Add versioned Obsoletes to ensure proper upgrade. Install "extras" binaries properly. Include testdisk update built against ntfs-3g to resolve broken deps (libguest is other broken dep, but it is already in a separate update) Update to ntfs-3g 2011.4.12. This release also merged with ntfsprogs, which is now a subpackage of ntfs-3g.
STABLE Version 2011.4.12 (April 10, 2011)
ntfs-3g: fixed possible wrong hole size when overwriting compressed data. ntfs-3g: fixed listxattr() to environments with extended attributes. ntfs-3g: fixed ENOSPC when making an index non-resident. ntfs-3g: fixed partial mapping ahead of mapped runlist. ntfs-3g: enabled forensic mounting (currently same as read-only). ntfs-3g: expand an attribute without creating a hole. ntfs-3g: improved appending data to a long hole. ntfs-3g: deny direct modifications to metadata files. ntfs-3g: option ‘acl’ to request the use of Posix ACLs. ntfsclone: fixed reading old big-endian ntfsclone images. ntfsclone: avoided writing beyond allocated variable. ntfsclone: close volume and cleanup when exiting. ntfsclone: new option not to clear the timestamps. ntfsclone: sync created image before remounting. ntfsclone: use a stream to produce aligned writes during image creation. ntfsinfo: display times in UTC. mkntfs: don’t store full bitmap and logfile in memory. mkntfs: set a volume UUID if option -U. mkntfs: fixed $MFT allocated size. mkntfs: fixed allocated size of resident unnamed data. ntfsfix: new option -n for no action. ntfsfix: try alternate boot sector if cannot start up. ntfsfix: check and fix the upcase table. ntfsfix: try to fix file systems with incorrect size. ntfsundelete: fixed a segfault. ntfsresize: new option –info-mb-only. ntfsresize: new option –check.
Update to ntfs-3g 2011.4.12. This release also merged with ntfsprogs, which is now a subpackage of ntfs-3g.
STABLE Version 2011.4.12 (April 10, 2011)
ntfs-3g: fixed possible wrong hole size when overwriting compressed data. ntfs-3g: fixed listxattr() to environments with extended attributes. ntfs-3g: fixed ENOSPC when making an index non-resident. ntfs-3g: fixed partial mapping ahead of mapped runlist. ntfs-3g: enabled forensic mounting (currently same as read-only). ntfs-3g: expand an attribute without creating a hole. ntfs-3g: improved appending data to a long hole. ntfs-3g: deny direct modifications to metadata files. ntfs-3g: option ‘acl’ to request the use of Posix ACLs. ntfsclone: fixed reading old big-endian ntfsclone images. ntfsclone: avoided writing beyond allocated variable. ntfsclone: close volume and cleanup when exiting. ntfsclone: new option not to clear the timestamps. ntfsclone: sync created image before remounting. ntfsclone: use a stream to produce aligned writes during image creation. ntfsinfo: display times in UTC. mkntfs: don’t store full bitmap and logfile in memory. mkntfs: set a volume UUID if option -U. mkntfs: fixed $MFT allocated size. mkntfs: fixed allocated size of resident unnamed data. ntfsfix: new option -n for no action. ntfsfix: try alternate boot sector if cannot start up. ntfsfix: check and fix the upcase table. ntfsfix: try to fix file systems with incorrect size. ntfsundelete: fixed a segfault. ntfsresize: new option –info-mb-only. ntfsresize: new option –check.
Install "extras" binaries properly. Include testdisk update built against ntfs-3g to resolve broken deps (libguest is other broken dep, but it is already in a separate update) Update to ntfs-3g 2011.4.12. This release also merged with ntfsprogs, which is now a subpackage of ntfs-3g.
STABLE Version 2011.4.12 (April 10, 2011)
ntfs-3g: fixed possible wrong hole size when overwriting compressed data. ntfs-3g: fixed listxattr() to environments with extended attributes. ntfs-3g: fixed ENOSPC when making an index non-resident. ntfs-3g: fixed partial mapping ahead of mapped runlist. ntfs-3g: enabled forensic mounting (currently same as read-only). ntfs-3g: expand an attribute without creating a hole. ntfs-3g: improved appending data to a long hole. ntfs-3g: deny direct modifications to metadata files. ntfs-3g: option ‘acl’ to request the use of Posix ACLs. ntfsclone: fixed reading old big-endian ntfsclone images. ntfsclone: avoided writing beyond allocated variable. ntfsclone: close volume and cleanup when exiting. ntfsclone: new option not to clear the timestamps. ntfsclone: sync created image before remounting. ntfsclone: use a stream to produce aligned writes during image creation. ntfsinfo: display times in UTC. mkntfs: don’t store full bitmap and logfile in memory. mkntfs: set a volume UUID if option -U. mkntfs: fixed $MFT allocated size. mkntfs: fixed allocated size of resident unnamed data. ntfsfix: new option -n for no action. ntfsfix: try alternate boot sector if cannot start up. ntfsfix: check and fix the upcase table. ntfsfix: try to fix file systems with incorrect size. ntfsundelete: fixed a segfault. ntfsresize: new option –info-mb-only. ntfsresize: new option –check.
Update to ntfs-3g 2011.4.12. This release also merged with ntfsprogs, which is now a subpackage of ntfs-3g.
STABLE Version 2011.4.12 (April 10, 2011)
ntfs-3g: fixed possible wrong hole size when overwriting compressed data. ntfs-3g: fixed listxattr() to environments with extended attributes. ntfs-3g: fixed ENOSPC when making an index non-resident. ntfs-3g: fixed partial mapping ahead of mapped runlist. ntfs-3g: enabled forensic mounting (currently same as read-only). ntfs-3g: expand an attribute without creating a hole. ntfs-3g: improved appending data to a long hole. ntfs-3g: deny direct modifications to metadata files. ntfs-3g: option ‘acl’ to request the use of Posix ACLs. ntfsclone: fixed reading old big-endian ntfsclone images. ntfsclone: avoided writing beyond allocated variable. ntfsclone: close volume and cleanup when exiting. ntfsclone: new option not to clear the timestamps. ntfsclone: sync created image before remounting. ntfsclone: use a stream to produce aligned writes during image creation. ntfsinfo: display times in UTC. mkntfs: don’t store full bitmap and logfile in memory. mkntfs: set a volume UUID if option -U. mkntfs: fixed $MFT allocated size. mkntfs: fixed allocated size of resident unnamed data. ntfsfix: new option -n for no action. ntfsfix: try alternate boot sector if cannot start up. ntfsfix: check and fix the upcase table. ntfsfix: try to fix file systems with incorrect size. ntfsundelete: fixed a segfault. ntfsresize: new option –info-mb-only. ntfsresize: new option –check.
-------------------------------------------------------------------------------- ChangeLog:
* Mon May 9 2011 Tom Callaway spot@fedoraproject.org - 2:2011.4.12-3 - add Obsoletes to resolve multi-lib upgrade issue (bz702671) * Mon Apr 25 2011 Tom Callaway spot@fedoraproject.org - 2:2011.4.12-2 - add --enable-extras flag (and use it) to ensure proper binary installation * Thu Apr 14 2011 Tom Callaway spot@fedoraproject.org - 2:2011.4.12-1 - update to 2011.4.12 - pickup ntfsprogs and obsolete the old separate packages * Tue Feb 8 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2:2011.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #702671 - ntfs-3g fails to update in EL-5 when libguestfs is present https://bugzilla.redhat.com/show_bug.cgi?id=702671 [ 2 ] Bug #699357 - ntfsfsck crahses on startup https://bugzilla.redhat.com/show_bug.cgi?id=699357 [ 3 ] Bug #696577 - ntfs-3g-2011.4.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=696577 [ 4 ] Bug #695531 - ntfsprogs is deprecated https://bugzilla.redhat.com/show_bug.cgi?id=695531 --------------------------------------------------------------------------------
================================================================================ perl-Getopt-GUI-Long-0.91-6.el6 (FEDORA-EPEL-2011-3273) A wrapper around Getopt::Long to provide a GUI to applications -------------------------------------------------------------------------------- Update Information:
Publishing in EL6 as it wasn't auto-pulled from the EL6 line for some reason --------------------------------------------------------------------------------
================================================================================ perl-QWizard-3.15-8.el6 (FEDORA-EPEL-2011-3270) A very portable graphical question and answer wizard system -------------------------------------------------------------------------------- Update Information:
Publishing in EL6 as it wasn't auto-pulled from the EL6 line for some reason --------------------------------------------------------------------------------
================================================================================ syslog-ng-3.1.4-3.el6 (FEDORA-EPEL-2011-3278) Next-generation syslog server -------------------------------------------------------------------------------- Update Information:
Improve update-patterndb script support First syslog-ng build for EPEL6. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #699541 - syslog-ng not available for EPEL6 https://bugzilla.redhat.com/show_bug.cgi?id=699541 --------------------------------------------------------------------------------
================================================================================ txt2man-1.5.6-1.el6 (FEDORA-EPEL-2011-3272) Convert flat ASCII text to man page format --------------------------------------------------------------------------------
================================================================================ unifdef-1.171-10.el6 (FEDORA-EPEL-2011-3275) Unifdef tool for removing ifdef'd lines -------------------------------------------------------------------------------- Update Information:
Unifdef is useful for removing ifdefed lines from a file while otherwise leaving the file alone. Unifdef acts on #ifdef, #ifndef, #else, and #endif lines, and it knows only enough about C and C++ to know when one of these is inactive because it is inside a comment, or a single or double quote. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #190362 - Review Request: unifdef https://bugzilla.redhat.com/show_bug.cgi?id=190362 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org