The following Fedora EPEL 6 Security updates need testing: Age URL 560 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl... 372 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 72 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4.... 65 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0420/awstats-7.0-3.... 30 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0823/openstack-keys... 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5413/php-geshi-1.0.... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5445/pdns-recursor-... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5454/mediawiki119-1... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5451/bcfg2-1.3.0-1.... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5492/php-twig-Twig-... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5539/owncloud-4.5.1... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5537/clamav-0.97.8-... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5562/python-pip-1.3... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5612/phpMyAdmin-3.5... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5613/php-sabredav-S...
The following builds have been pushed to Fedora EPEL 6 updates-testing
console-bridge-0.1.4-2.el6 fedora-review-0.4.1-1.el6 keepassx-0.4.3-7.el6 munin-2.0.13-1.el6 perl-DateTime-Format-Oracle-0.06-3.el6 perl-File-Next-1.12-1.el6 php-sabredav-Sabre_DAV-1.6.5-4.el6 phpMyAdmin-3.5.8.1-1.el6 pyode-1.2.0-4.el6 python-optcomplete-1.2-0.3.20130428hg9583af7.el6 python-xlrd-0.9.2-1.el6
Details about builds:
================================================================================ console-bridge-0.1.4-2.el6 (FEDORA-EPEL-2013-5618) Lightweight set of macros used for reporting information in libraries -------------------------------------------------------------------------------- Update Information:
Initial import of the console-bridge package --------------------------------------------------------------------------------
================================================================================ fedora-review-0.4.1-1.el6 (FEDORA-EPEL-2013-5614) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information:
Package has been updated to latest version. Major changes: - Updated and improved Java checks for latest packaging guidelines * Automate buildarch check * Do CheckNoArch per subpackage instead of buildarch * Add check for new style Maven packaging * Update CheckTestSkip for mvn-build * Maven packages don't need to BR/R jpackage-utils check - Fix attachment name for 'MD5-sum check' (bz 861716) - Fix %files section handling for font-packages (#209) - Handle %20 in source URLs correctly (bz 920376) - Fix CheckLicenseField for multiple files without license (#205) - Don't write licenses in random order - Fix several bugs in koji-download-scratch script - Output ANSI color sequences only on color terminals (bz 955719) - Compress legend of report - Fix problem with subpackages being ignored/missed - Add 'Copyright' to illegal tags check
-------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 29 2013 Stanislav Ochotnicky sochotnicky@redhat.com - 0.4.1-1 - Update to latest upstream version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #908830 - check-large-docs.sh doesn't properly skip -doc subpackages https://bugzilla.redhat.com/show_bug.cgi?id=908830 [ 2 ] Bug #912182 - ERROR: chroot /var/lib/mock/fedora-rawhide-x86_64/root/ not initialized! https://bugzilla.redhat.com/show_bug.cgi?id=912182 [ 3 ] Bug #920376 - other Fatal error: Exception down the road , when url got %20 https://bugzilla.redhat.com/show_bug.cgi?id=920376 --------------------------------------------------------------------------------
================================================================================ keepassx-0.4.3-7.el6 (FEDORA-EPEL-2013-5616) Cross-platform password manager -------------------------------------------------------------------------------- Update Information:
Initial build of keepassx for EPEL 6.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #821872 - Package keepassx for epel6 https://bugzilla.redhat.com/show_bug.cgi?id=821872 --------------------------------------------------------------------------------
================================================================================ munin-2.0.13-1.el6 (FEDORA-EPEL-2013-5615) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information:
Upstream released 2.0.13, nginx subpackage, apache fcgi cleanup -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 26 2013 D. Johnson fenris02@fedoraproject.org - 2.0.13-1 - Upstream released 2.0.13 * Thu Apr 4 2013 Viljo Viitanen viljo.viitanen@iki.fi - 2.0.12-4 - BZ #905421 add nginx cgi package, removed unnecessary services from apache cgi package * Mon Apr 1 2013 D. Johnson fenris02@fedoraproject.org - 2.0.12-3 - Add fw_ default config -------------------------------------------------------------------------------- References:
[ 1 ] Bug #905421 - nfs.export-volumes tunable does not show up as "Options Reconfigured" for volume created after the tunable has been changed https://bugzilla.redhat.com/show_bug.cgi?id=905421 --------------------------------------------------------------------------------
================================================================================ perl-DateTime-Format-Oracle-0.06-3.el6 (FEDORA-EPEL-2013-5624) Parse and format Oracle dates and timestamps -------------------------------------------------------------------------------- Update Information:
This module may be used to convert Oracle date and timestamp values into DateTime objects. It also can take a DateTime object and produce a date string matching the NLS_DATE_FORMAT. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #847128 - epel6 build request https://bugzilla.redhat.com/show_bug.cgi?id=847128 --------------------------------------------------------------------------------
================================================================================ perl-File-Next-1.12-1.el6 (FEDORA-EPEL-2013-5622) An iterator-based module for finding files -------------------------------------------------------------------------------- Update Information:
New upstream release -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 29 2013 Robin Lee cheeselee@fedoraproject.org - 1.12-1 - Update to 1.12 - License corrected to 'Artistic 2.0', upstream has different licensing in Makefile.PL and the source code, we should follow the source code. - Summary revised. * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Dec 14 2012 Robin Lee cheeselee@fedoraproject.org - 1.10-1 - Update to 1.10 * Fri Jul 20 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.08-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar ppisar@redhat.com - 1.08-2 - Perl 5.16 rebuild * Tue Jun 5 2012 Robin Lee cheeselee@fedoraproject.org - 1.08-1 - Update to 1.08 * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.06-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Jun 20 2011 Marcela Mašláňová mmaslano@redhat.com - 1.06-4 - Perl mass rebuild * Thu Dec 16 2010 Marcela Maslanova mmaslano@redhat.com - 1.06-3 - 661697 rebuild for fixing problems with vendorach/lib --------------------------------------------------------------------------------
================================================================================ php-sabredav-Sabre_DAV-1.6.5-4.el6 (FEDORA-EPEL-2013-5613) Sabre_DAV is a WebDAV framework for PHP -------------------------------------------------------------------------------- Update Information:
This update patches the problem in the browser plugin for sabredav. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 28 2013 Joseph Marrero jmarrero@fedoraproject.org - 1.6.5-4 - added security patch that fixes bugs 951568 951569 951562 - added --ignore-erros flag to pear install macro to accept the patch * Sat Mar 2 2013 Joseph Marrero jmarrero@fedoraproject.org - 1.6.5-3 - Fix cleanup in rhel6 and f19 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #951562 - CVE-2013-1939 php-sabredav-Sabre_DAV: Local file exposure due improper icons / images path checking in the HTML Browser plug-in https://bugzilla.redhat.com/show_bug.cgi?id=951562 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-3.5.8.1-1.el6 (FEDORA-EPEL-2013-5612) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 3.5.8.1 (2013-04-24) ===============================
- [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) - [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 25 2013 Robert Scheck robert@fedoraproject.org 3.5.8.1-1 - Upgrade to 3.5.8.1 (#956398, #956401) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #956398 - CVE-2013-3238 phpMyAdmin: remote code execution via preg_replace() (PMASA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=956398 [ 2 ] Bug #956401 - CVE-2013-3239 phpMyAdmin: remote code execution via locally saved SQL dump file multiple extensions (PMASA-2013-3) https://bugzilla.redhat.com/show_bug.cgi?id=956401 --------------------------------------------------------------------------------
================================================================================ pyode-1.2.0-4.el6 (FEDORA-EPEL-2013-5617) Open-source Python bindings for The Open Dynamics Engine -------------------------------------------------------------------------------- Update Information:
New package: pyode
A set of open-source Python bindings for The Open Dynamics Engine, an open-source physics engine. PyODE also includes an XODE parser -------------------------------------------------------------------------------- References:
[ 1 ] Bug #927611 - Review Request: pyode - Open-source Python bindings for The Open Dynamics Engine https://bugzilla.redhat.com/show_bug.cgi?id=927611 --------------------------------------------------------------------------------
================================================================================ python-optcomplete-1.2-0.3.20130428hg9583af7.el6 (FEDORA-EPEL-2013-5619) Shell Completion Self-Generator for Python -------------------------------------------------------------------------------- Update Information:
This Python module aims at providing almost automatically shell completion for any Python program that already uses the optparse module.
--------------------------------------------------------------------------------
================================================================================ python-xlrd-0.9.2-1.el6 (FEDORA-EPEL-2013-5621) Library to extract data from Microsoft Excel (TM) spreadsheet files -------------------------------------------------------------------------------- Update Information:
Update to upstream. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 23 2013 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.9.2-1 - Update to upstream. - Updated URL and description. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #955559 - Update to 0.9.2 https://bugzilla.redhat.com/show_bug.cgi?id=955559 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org