The following Fedora EPEL 6 Security updates need testing:
Age URL
489
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11175/php-symfon...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11198/filezilla-...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11194/cacti-0.8....
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11183/php-symfon...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11187/libzrtpcpp...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11222/seamonkey-...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11195/chrony-1.2...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11179/libtommath...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11250/Django14-1...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11245/python-vir...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11257/drupal7-en...
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11301/drupal7-th...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11291/ansible-1....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11311/roundcubem...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11327/php-pear-A...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11330/ngircd-20....
The following builds have been pushed to Fedora EPEL 6 updates-testing
glances-1.7.1-1.el6
ngircd-20.3-1.el6
php-htmLawed-1.1.15-2.el6
php-pear-Auth-OpenID-2.2.2-7.el6
python-sparklines-0.9-2.el6
rabbitmq-server-3.1.5-1.el6
tinymce-3.5.8-1.el6
wordpress-3.6-1.el6
zabbix20-2.0.8-1.el6
Details about builds:
================================================================================
glances-1.7.1-1.el6 (FEDORA-EPEL-2013-11328)
CLI curses based monitoring tool
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.1
update to 1.7
update to 1.7
update to 1.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Edouard Bourguignon <madko(a)linuxed.net> - 1.7.1-1
- Update to 1.7.1
* Sun Aug 11 2013 Edouard Bourguignon <madko(a)linuxed.net> - 1.7-1
- Update to 1.7
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.6.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Apr 18 2013 Michel Salim <salimma(a)fedoraproject.org> - 1.6.1-1
- Update to 1.6.1
* Tue Mar 19 2013 Michel Salim <salimma(a)fedoraproject.org> - 1.6-2
- On el5, build against python26 stack
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999006 - glances-1.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=999006
[ 2 ] Bug #995805 - glances-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=995805
--------------------------------------------------------------------------------
================================================================================
ngircd-20.3-1.el6 (FEDORA-EPEL-2013-11330)
Next Generation IRC Daemon
--------------------------------------------------------------------------------
Update Information:
Fix for a denial of service/crash issue
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 24 2013 Kevin Fenzi <kevin(a)scrye.com> 20.3-1
- Update to 20.3. Fixes bug #1000690
- Fix for CVE-2013-5580
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
20.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000690 - ngircd-20.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1000690
--------------------------------------------------------------------------------
================================================================================
php-htmLawed-1.1.15-2.el6 (FEDORA-EPEL-2013-11324)
PHP code to purify and filter HTML
--------------------------------------------------------------------------------
Update Information:
Version 1.1.15 - 11 August 2013
* Improved tidying/prettifying functionality
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Remi Collet <remi(a)fedoraproject.org> - 1.1.15-2
- update to 1.1.15
--------------------------------------------------------------------------------
================================================================================
php-pear-Auth-OpenID-2.2.2-7.el6 (FEDORA-EPEL-2013-11327)
PHP OpenID
--------------------------------------------------------------------------------
Update Information:
fixes for CVE-2013-4701
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999687 - CVE-2013-4701 php-pear-Auth-OpenID: XML External Entity issue allows
for reading arbitrary files or excessive resource consumption
https://bugzilla.redhat.com/show_bug.cgi?id=999687
--------------------------------------------------------------------------------
================================================================================
python-sparklines-0.9-2.el6 (FEDORA-EPEL-2013-11322)
A unicode sparkline generation library
--------------------------------------------------------------------------------
Update Information:
Require argparses.
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999596 - Review Request: python-sparklines - python-sparklines is a unicode
sparkline generation library
https://bugzilla.redhat.com/show_bug.cgi?id=999596
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-3.1.5-1.el6 (FEDORA-EPEL-2013-11323)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
* New Upstream Release - 3.1.5 (bugfix release)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 24 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 3.1.5-1
- New Upstream Release - 3.1.5 (bugfix release)
* Wed Aug 7 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 3.1.4-1
- New Upstream Release - 3.1.4 (bugfix release)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.1.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jun 29 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 3.1.3-1
- New Upstream Release - 3.1.3 (fixes issue bug in the management plugin)
* Tue Jun 25 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 3.1.2-1
- New Upstream Release - 3.1.2 (works with Erlang R16B01)
* Sun Mar 17 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 3.0.4-1
- New Upstream Release - 3.0.4
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.8.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Oct 2 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 2.8.7-1
- New Upstream Release - 2.8.7
* Sat Aug 18 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 2.8.5-1
- New Upstream Release - 2.8.5
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.8.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jul 12 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 2.8.4-1
- New Upstream Release - 2.8.4
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.6.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #850289 - Introduce new systemd-rpm macros in rabbitmq-server spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850289
[ 2 ] Bug #948651 - contents of rabbitmq-server package different if built from source
vs yum -y install rabbitmq-server
https://bugzilla.redhat.com/show_bug.cgi?id=948651
[ 3 ] Bug #951518 - rabbitmq-server and ulimit nofile limit.
https://bugzilla.redhat.com/show_bug.cgi?id=951518
[ 4 ] Bug #880703 - upgrade rabbitmq-server to include important updates
https://bugzilla.redhat.com/show_bug.cgi?id=880703
--------------------------------------------------------------------------------
================================================================================
tinymce-3.5.8-1.el6 (FEDORA-EPEL-2013-11326)
Web based Javascript HTML WYSIWYG editor control
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream version of tinymce (all 3.x releases are
compatible, newer builds provide only bugfixes and new functionality) and removes a
pre-built Flash binary from the package, whose inclusion was contrary to Fedora policy:
https://fedoraproject.org/wiki/Packaging:Guidelines#No_inclusion_of_pre-b...
. The effect of this removal is that the media embedding plugin will only embed an HTML5
video player; it will not try and use a Flash plugin to provide a player widget if HTML5
video is not possible for the given browser and media type.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Adam Williamson <awilliam(a)redhat.com> - 3.5.8-1
- bump to latest upstream release
- drop pre-build Flash blobs, patch media plugin not to try and use
moxieplayer
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.4.3.2-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.4.3.2-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.4.3.2-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.4.3.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000266 - tinymce contains bundled Flash and Shockwave files
https://bugzilla.redhat.com/show_bug.cgi?id=1000266
--------------------------------------------------------------------------------
================================================================================
wordpress-3.6-1.el6 (FEDORA-EPEL-2013-11325)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream release of Wordpress, 3.6, with bug fixes and new
features. Fedora does not try to stick with old branches of Wordpress as upstream does not
support them, instead encouraging all deployments to update to the latest release.
It also removes several Flash and Silverlight binaries which the package was previously
shipping in pre-compiled form. This is not compatible with Fedora guidelines. It would not
be straightforward to compile these during the package build process, so they have had to
be removed. The impact of these changes has been documented in the README.fedora file.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 22 2013 Adam Williamson <awilliam(a)redhat.com> - 3.6.0-1
- update to 3.6.0
- drop pre-compiled Flash and Silverlight binaries - #1000267
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000267 - wordpress contains bundled Flash and Silverlight files
https://bugzilla.redhat.com/show_bug.cgi?id=1000267
--------------------------------------------------------------------------------
================================================================================
zabbix20-2.0.8-1.el6 (FEDORA-EPEL-2013-11321)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
http://www.zabbix.com/rn2.0.8.php
Notice: This release of the package moves the fping files away from /tmp to
~zabbixsrv/tmp. Please review your SELinux policy! The README file reflects this change
and now has a SELinux section.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Volker Fröhlich <volker27(a)gmx.at> - 2.0.8-1
- New upstream release
- Create and configure a spooling directory for fping files outside of /tmp
- Update README to reflect that and add a SELinux section
- Drop PrivateTmp from systemd unit files
- Drop patch for ZBX-6526 (solved upstream)
- Drop patch for CVE-2012-6086 (solved upstream)
- Correct path for the flash applet when removing
- Truncate changelog
--------------------------------------------------------------------------------