The following Fedora EPEL 6 Security updates need testing: Age URL 543 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 57 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61-21... 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11703/chicken-4.8.0... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11771/mod_fcgid-2.3... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11803/dropbear-2013... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11785/phpMyAdmin-3.... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11865/quassel-0.9.1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11817/ReviewBoard-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11880/GraphicsMagic...

The following builds have been pushed to Fedora EPEL 6 updates-testing

GraphicsMagick-1.3.18-2.el6 R-qtl-1.28.19-1.el6 ReviewBoard-1.7.16-2.el6.1 diskimage-builder-0.0.5-1.el6 dyninst-8.1.2-4.el6 fedfs-utils-0.9.4-1.el6 fedora-review-0.5.0-3.el6 golang-bitbucket-kardianos-osext-0-0.3.hg364fb577de68.el6 golang-bitbucket-kardianos-osext-0-0.4.hg364fb577de68.el6 golang-github-coreos-go-systemd-0-0.2.git68bc612.el6 golang-github-gorilla-context-0-0.19.git708054d.el6 golang-github-kr-pty-0-0.15.git3b1f648.el6 golang-googlecode-goprotobuf-0-0.6.hg61664b8425f3.el6 golang-googlecode-net-0-0.10.hg84a4013f96e0.el6 golang-googlecode-sqlite-0-0.8.hg74691fb6f837.el6 gsoap-2.7.16-4.el6 ipwatchd-1.2.1-3.el6 libodb-2.2.3-1.el6 nagios-plugins-1.4.16-10.el6 nrpe-2.14-5.el6 nx-libs-3.5.0.21-4.el6 pagekite-0.5.6d-1.el6 pss-1.38-1.el6 python-TornadIO2-0.0.4-4.el6 python-amqp-1.3.0-1.el6 python-djblets-0.7.21-1.el6 python-flask-mongoengine-0.7-2.el6 python-oslo-sphinx-1.0-3.el6 quassel-0.9.1-1.el6 tomcat-native-1.1.29-1.el6 voms-api-java-2.0.10-4.el6 wannier90-2.0.0-1.el6 wgrib-1.8.1.2b-1.el6 x2goclient-4.0.1.1-1.el6 x2godesktopsharing-3.1.1.0-4.el6 x2goserver-4.0.1.6-5.el6

Details about builds:

================================================================================ GraphicsMagick-1.3.18-2.el6 (FEDORA-EPEL-2013-11880) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information:

Update to the latest GraphicsMagick release, includes an important security-related fix for exporting (some) 8-bit images. -------------------------------------------------------------------------------- ChangeLog:

* Wed Jun 26 2013 Rex Dieter rdieter@fedoraproject.org 1.3.18-2 - GraphicsMagick needs to recognize aarch64 as 64bit arch (#978351) * Mon Mar 11 2013 Rex Dieter rdieter@fedoraproject.org - 1.3.18-1 - 1.3.18 (#920064) - add %rhel conditionals * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 1.3.17-3 - rebuild due to "jpeg8-ABI" feature drop * Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 1.3.17-2 - rebuild against new libjpeg -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1019085 - graphicsmagick: 8-bit RGBA images export DoS vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1019085 --------------------------------------------------------------------------------

================================================================================ R-qtl-1.28.19-1.el6 (FEDORA-EPEL-2013-11876) Tools for analyzing QTL experiments -------------------------------------------------------------------------------- Update Information:

Update to version 1.28.

See http://rqtl.org/STATUS.txt for details.

-------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 15 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 1.28.19-1 - Update to 1.28.19 * Fri Aug 2 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.27.10-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------

================================================================================ ReviewBoard-1.7.16-2.el6.1 (FEDORA-EPEL-2013-11817) Web-based code review tool -------------------------------------------------------------------------------- Update Information:

Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).

These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.

There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs. -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 16 2013 Stephen Gallagher sgallagh@redhat.com - 1.7.16-2.1 - Remove setup.py strict requirement on pytz. RHEL provides a patched version that meets the needs. * Sun Oct 13 2013 Patrick Uiterwijk puiterwijk@gmail.com - 1.7.16-2 - Update Djblets version * Sun Oct 13 2013 Patrick Uiterwijk puiterwijk@redhat.com - 1.7.15-2 - New upstream bugfix release 1.7.16 - Fixes a breakage when accessing the Review Group Users resource - Fixes pagination in dashboard and similar pages * Thu Oct 10 2013 Stephen Gallagher sgallagh@redhat.com - 1.7.15-1 - New upstream security release 1.7.15 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/ - Resolves: CVE-2013-4410 - Fixes access-control problems with REST API - Resolves: CVE-2013-4411 - Fixes URL processing allowing unauthorized users to view review lists -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API https://bugzilla.redhat.com/show_bug.cgi?id=1016596 [ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists https://bugzilla.redhat.com/show_bug.cgi?id=1016599 [ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1016601 --------------------------------------------------------------------------------

================================================================================ diskimage-builder-0.0.5-1.el6 (FEDORA-EPEL-2013-11877) Image building tools for OpenStack -------------------------------------------------------------------------------- Update Information:

Release 0.0.5 -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 9 2013 Jeff Peeler jpeeler@redhat.com 0.0.5-1 - rebase to 0.0.5 - drop unnecessary pbr patch since 0.5.21 now in EPEL --------------------------------------------------------------------------------

================================================================================ dyninst-8.1.2-4.el6 (FEDORA-EPEL-2013-11852) An API for Run-time Code Generation -------------------------------------------------------------------------------- Update Information:

Dyninst is an Application Program Interface (API) to permit the insertion of code into a running program. The API also permits changing or removing subroutine calls from the application program. Run-time code changes are useful to support a variety of applications including debugging, performance monitoring, and to support composing applications out of existing packages. The goal of this API is to provide a machine independent interface to permit the creation of tools and applications that use run-time code patching. --------------------------------------------------------------------------------

================================================================================ fedfs-utils-0.9.4-1.el6 (FEDORA-EPEL-2013-11843) Utilities for mounting and managing FedFS -------------------------------------------------------------------------------- Update Information:

Enable more subpackages; update to upstream 0.9.4 to address bugs -------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 15 2013 Chuck Lever chuck.lever@oracle.com - 0.9.4-1 - update to upstream fedfs-utils 0.9.4 - "make install-strip" works now, so use it - add -admin subpackage so single-use administrative tools are available - add -nsdbparams subpackage because -admin requires it (and so will -server) - add -devel subpackage so el6 mountd can be built with junction support --------------------------------------------------------------------------------

================================================================================ fedora-review-0.5.0-3.el6 (FEDORA-EPEL-2013-11853) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information:

Update dependency on licensecheck script and fix phpci plugin dependency Update dependency on licensecheck script and fix phpci plugin dependency -------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 15 2013 Stanislav Ochotnicky sochotnicky@redhat.com - 0.5.0-3 - Really use phpcompatinfo instead of phpci * Mon Oct 14 2013 Stanislav Ochotnicky sochotnicky@redhat.com - 0.5.0-2 - Fix requires for licensecheck (#1016309) - Remove separate php plugin subpackage (#971875) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1016309 - Add dependency on %{_bindir}/licensecheck https://bugzilla.redhat.com/show_bug.cgi?id=1016309 [ 2 ] Bug #971875 - phpci command renamed to phpcompatinfo https://bugzilla.redhat.com/show_bug.cgi?id=971875 --------------------------------------------------------------------------------

================================================================================ golang-bitbucket-kardianos-osext-0-0.3.hg364fb577de68.el6 (FEDORA-EPEL-2013-11841) Extensions to the standard Go OS package -------------------------------------------------------------------------------- Update Information:

Initial upload. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018501 - Review Request: golang-bitbucket-kardianos-osext - Extensions to the standard Go OS package https://bugzilla.redhat.com/show_bug.cgi?id=1018501 --------------------------------------------------------------------------------

================================================================================ golang-bitbucket-kardianos-osext-0-0.4.hg364fb577de68.el6 (FEDORA-EPEL-2013-11866) Extensions to the standard Go OS package -------------------------------------------------------------------------------- Update Information:

removed double quotes from Provides. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1020121 - remove double quotes from provides https://bugzilla.redhat.com/show_bug.cgi?id=1020121 --------------------------------------------------------------------------------

================================================================================ golang-github-coreos-go-systemd-0-0.2.git68bc612.el6 (FEDORA-EPEL-2013-11858) Go bindings to systemd socket activation, journal and D-BUS APIs -------------------------------------------------------------------------------- Update Information:

Initial upload. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018533 - Review Request: golang-github-coreos-go-systemd - Go bindings to systemd socket activation, journal and D-BUS APIs https://bugzilla.redhat.com/show_bug.cgi?id=1018533 --------------------------------------------------------------------------------

================================================================================ golang-github-gorilla-context-0-0.19.git708054d.el6 (FEDORA-EPEL-2013-11872) A golang registry for global request variables -------------------------------------------------------------------------------- Update Information:

removed double quotes from Provides. noarch for f19+ and rhel7+, exclusivearch otherwise. no longer noarch, cause no golang for ppc64. pkg archives no longer installed,dep for gorilla/mux. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1020109 - remove double quotes from provides https://bugzilla.redhat.com/show_bug.cgi?id=1020109 [ 2 ] Bug #1001300 - Review Request: golang-github-gorilla-context - A golang registry for global request variables https://bugzilla.redhat.com/show_bug.cgi?id=1001300 --------------------------------------------------------------------------------

================================================================================ golang-github-kr-pty-0-0.15.git3b1f648.el6 (FEDORA-EPEL-2013-11860) PTY interface for Go -------------------------------------------------------------------------------- Update Information:

removed double quotes from Provides. noarch for f19+ and rhel7+, exclusivearch otherwise. no longer noarch, cause no golang for ppc64. Fixes docker first run error. pkg archives no longer installed,dep for docker. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1020118 - remove double quotes from provides https://bugzilla.redhat.com/show_bug.cgi?id=1020118 [ 2 ] Bug #1001396 - Review Request: golang-github-kr-pty - PTY interface for Go https://bugzilla.redhat.com/show_bug.cgi?id=1001396 [ 3 ] Bug #1012701 - update for O_NOCTTY fix https://bugzilla.redhat.com/show_bug.cgi?id=1012701 --------------------------------------------------------------------------------

================================================================================ golang-googlecode-goprotobuf-0-0.6.hg61664b8425f3.el6 (FEDORA-EPEL-2013-11842) Go support for Google protocol buffers -------------------------------------------------------------------------------- Update Information:

* Initial build -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018057 - Review Request: golang-googlecode-goprotobuf - Go support for Google protocol buffers https://bugzilla.redhat.com/show_bug.cgi?id=1018057 --------------------------------------------------------------------------------

================================================================================ golang-googlecode-net-0-0.10.hg84a4013f96e0.el6 (FEDORA-EPEL-2013-11854) Supplementary Go networking libraries -------------------------------------------------------------------------------- Update Information:

removed double quotes from Provides. noarch for f19+ and rhel7+, exclusivearch otherwise. no longer noarch, cause no golang for ppc64. pkg archives no longer installed,dep for docker. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1020119 - remove double quotes from provides https://bugzilla.redhat.com/show_bug.cgi?id=1020119 [ 2 ] Bug #1009967 - Review Request: golang-googlecode-net - Supplementary Go networking libraries https://bugzilla.redhat.com/show_bug.cgi?id=1009967 --------------------------------------------------------------------------------

================================================================================ golang-googlecode-sqlite-0-0.8.hg74691fb6f837.el6 (FEDORA-EPEL-2013-11862) Trivial sqlite3 binding for Go -------------------------------------------------------------------------------- Update Information:

removed double quotes from Provides. Initial package upload. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1020126 - remove double quotes from provides https://bugzilla.redhat.com/show_bug.cgi?id=1020126 [ 2 ] Bug #1015857 - Review Request: golang-googlecode-sqlite - Trivial sqlite3 binding for Go https://bugzilla.redhat.com/show_bug.cgi?id=1015857 --------------------------------------------------------------------------------

================================================================================ gsoap-2.7.16-4.el6 (FEDORA-EPEL-2013-11867) Generator Tools for Coding SOAP/XML Web Services in C and C++ -------------------------------------------------------------------------------- Update Information:

Pad non-ipv6 struct gsoap to match ipv6 version. -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 16 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 2.7.16-4 - Pad non-ipv6 struct gsoap to match ipv6 version -------------------------------------------------------------------------------- References:

[ 1 ] Bug #978872 - stdsoap2.h: struct soap should match exactly with what libgsoap uses https://bugzilla.redhat.com/show_bug.cgi?id=978872 --------------------------------------------------------------------------------

================================================================================ ipwatchd-1.2.1-3.el6 (FEDORA-EPEL-2013-11844) IP conflict detection tool -------------------------------------------------------------------------------- Update Information:

IPwatchD is a simple daemon that analyses all incoming ARP packets in order to detect IP conflicts on Linux. It can be configured to listen on one or more interfaces (alias interfaces are also supported) in active or passive mode. In active mode IPwatchD protects your host before IP takeover by answering Gratuitous ARP requests received from conflicting system. In passive mode it just records information about conflict through standard syslog interface. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #726989 - Review Request: ipwatchd - IP conflict detection tool https://bugzilla.redhat.com/show_bug.cgi?id=726989 --------------------------------------------------------------------------------

================================================================================ libodb-2.2.3-1.el6 (FEDORA-EPEL-2013-11864) Common ODB runtime library from Code Synthesis -------------------------------------------------------------------------------- Update Information:

- Initial build -------------------------------------------------------------------------------- References:

[ 1 ] Bug #975312 - Review Request: libodb - Common ODB runtime library https://bugzilla.redhat.com/show_bug.cgi?id=975312 --------------------------------------------------------------------------------

================================================================================ nagios-plugins-1.4.16-10.el6 (FEDORA-EPEL-2013-11845) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information:

- Remove EL4 and EL5 support - Backport patches to fix check_linux_raid in case of resyncing (rhbz #504721) - Fix smart attribute comparison (rhbz #913085) -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 16 2013 Peter Lemenkov lemenkov@gmail.com - 1.4.16-10 - Remove EL4 and EL5 support - Backport patches to fix check_linux_raid in case of resyncing (rhbz #504721) - Fix smart attribute comparison (rhbz #913085) * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.16-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sun Jul 21 2013 Petr Pisar ppisar@redhat.com - 1.4.16-8 - Perl 5.18 rebuild * Wed May 22 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.16-7 - Build package with PIE flags (#965536) * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.16-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #504721 - Check Linux raid Nagios plugin fails to report recovery status of software RAID controller https://bugzilla.redhat.com/show_bug.cgi?id=504721 [ 2 ] Bug #913085 - check_ide_smart issues errors when value equals threshold https://bugzilla.redhat.com/show_bug.cgi?id=913085 --------------------------------------------------------------------------------

================================================================================ nrpe-2.14-5.el6 (FEDORA-EPEL-2013-11848) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information:

- Allow building for aarch64 (rhbz #926244) - Allow user to redefine default commands (rhbz #963703) -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 16 2013 Peter Lemenkov lemenkov@gmail.com - 2.14-5 - Allow building for aarch64 (rhbz #926244) - Allow user to redefine default commands (rhbz #963703) * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.14-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #926244 - nrpe: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=926244 [ 2 ] Bug #963703 - nrpe.cfg set config values after including user configuration(s) https://bugzilla.redhat.com/show_bug.cgi?id=963703 --------------------------------------------------------------------------------

================================================================================ nx-libs-3.5.0.21-4.el6 (FEDORA-EPEL-2013-11818) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information:

X2Go is a server based computing environment with - session resuming - low bandwidth support - LDAP support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018556 - x2goagent has unsatisfied dependencies: x2goserver https://bugzilla.redhat.com/show_bug.cgi?id=1018556 --------------------------------------------------------------------------------

================================================================================ pagekite-0.5.6d-1.el6 (FEDORA-EPEL-2013-11873) Makes localhost servers visible to the world -------------------------------------------------------------------------------- Update Information:

The fast, reliable localhost tunneling solution --------------------------------------------------------------------------------

================================================================================ pss-1.38-1.el6 (FEDORA-EPEL-2013-11870) A power-tool for searching inside source code files -------------------------------------------------------------------------------- Update Information:

New update of pss tool. --------------------------------------------------------------------------------

================================================================================ python-TornadIO2-0.0.4-4.el6 (FEDORA-EPEL-2013-11874) Socket.io server on top of Tornado framework -------------------------------------------------------------------------------- Update Information:

New package. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #980168 - Review Request: python-TornadIO2 - Socket.io server on top of Tornado framework https://bugzilla.redhat.com/show_bug.cgi?id=980168 --------------------------------------------------------------------------------

================================================================================ python-amqp-1.3.0-1.el6 (FEDORA-EPEL-2013-11857) Low-level AMQP client for Python (fork of amqplib) -------------------------------------------------------------------------------- Update Information:

Introduce python-amqp-1.3.0 --------------------------------------------------------------------------------

================================================================================ python-djblets-0.7.21-1.el6 (FEDORA-EPEL-2013-11817) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information:

Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).

These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.

There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs. -------------------------------------------------------------------------------- ChangeLog:

* Sun Oct 13 2013 Patrick Uiterwijk puiterwijk@gmail.com - 0.7.21-1 - New upstream bugfix release 0.7.21 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS - Added a has_list_access_permissions function, which is used to determine access to a list resource. * Fri Oct 11 2013 Stephen Gallagher sgallagh@redhat.com - 0.7.20-1 - New upstream bugfix release 0.7.20 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.20.NEWS - Fixed regression with pagination on the datagrid * Thu Oct 10 2013 Stephen Gallagher sgallagh@redhat.com - 0.7.19-1 - New upstream security release 0.7.19 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.19.NEWS - Resolves: CVE-2013-4409 - Resolves unsanitized eval() vulnerability -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API https://bugzilla.redhat.com/show_bug.cgi?id=1016596 [ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists https://bugzilla.redhat.com/show_bug.cgi?id=1016599 [ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1016601 --------------------------------------------------------------------------------

================================================================================ python-flask-mongoengine-0.7-2.el6 (FEDORA-EPEL-2013-11875) Flask extension that provides integration with MongoEngine -------------------------------------------------------------------------------- Update Information:

Flask support for MongoDB --------------------------------------------------------------------------------

================================================================================ python-oslo-sphinx-1.0-3.el6 (FEDORA-EPEL-2013-11861) OpenStack Sphinx Extensions -------------------------------------------------------------------------------- Update Information:

- New savanna build dependency --------------------------------------------------------------------------------

================================================================================ quassel-0.9.1-1.el6 (FEDORA-EPEL-2013-11865) A modern distributed IRC system -------------------------------------------------------------------------------- Update Information:

Fix CVE-2013-4422 - Postgresql, possible SQL injection vulnerability New package for EPEL - quassel IRC -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1017437 - CVE-2013-4422 quassel: potential SQL injection flaw https://bugzilla.redhat.com/show_bug.cgi?id=1017437 --------------------------------------------------------------------------------

================================================================================ tomcat-native-1.1.29-1.el6 (FEDORA-EPEL-2013-11851) Tomcat native library -------------------------------------------------------------------------------- Update Information:

Update to version 1.1.29.

http://tomcat.apache.org/native-doc/miscellaneous/changelog.html -------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 15 2013 Ville Skyttä ville.skytta@iki.fi - 1.1.29-1 - Update to 1.1.29. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1019169 - tomcat-native-1.1.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1019169 --------------------------------------------------------------------------------

================================================================================ voms-api-java-2.0.10-4.el6 (FEDORA-EPEL-2013-11869) Virtual Organization Membership Service Java API -------------------------------------------------------------------------------- Update Information:

Disable tests that fail due to expired CRL in sources. -------------------------------------------------------------------------------- ChangeLog:

* Mon Oct 14 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.10-4 - Disable CRL tests (the CRL in the sources has expired) * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.10-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------

================================================================================ wannier90-2.0.0-1.el6 (FEDORA-EPEL-2013-11868) Maximally-localised Wannier functions -------------------------------------------------------------------------------- Update Information:

Update to version 2.0.0. See changelog at http://www.wannier.org/doc/CHANGE.log -------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 15 2013 Susi Lehtola jussilehtola@fedoraproject.org - 2.0.0-1 - Update to 2.0.0. * Mon Sep 23 2013 Susi Lehtola jussilehtola@fedoraproject.org - 1.2-9 - Rebuild against new ATLAS. * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Mar 6 2013 Susi Lehtola jussilehtola@fedoraproject.org - 1.2-7 - Fix FTBFS in rawhide. * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Feb 7 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1019173 - wannier90-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1019173 --------------------------------------------------------------------------------

================================================================================ wgrib-1.8.1.2b-1.el6 (FEDORA-EPEL-2013-11863) Manipulate, inventory and decode GRIB files -------------------------------------------------------------------------------- Update Information:

- added JMA table 200 for JRA-55 - added fflush(dump_file) and fflush(stdout), enhancement for potential apps - changes from Jeffery S Smith for Albers equal area projection - seekgrib: scan entire file for grib data because ECMWF files have grib1+grib2 data - Paul Schou: fixed #define GDS_Lambert_LonSP(gds) INT3(gds[37],gds[38],gds[39]) - update ncep table 129, 130, 133 -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 16 2013 - Orion Poplawski orion@cora.nwra.com - 1.8.1.2b-1 - Update to 1.8.1.2b * Fri Jul 29 2011 - Orion Poplawski orion@cora.nwra.com - 1.8.1.2a-1 - Update to 1.8.1.2a * Thu May 26 2011 - Orion Poplawski orion@cora.nwra.com - 1.8.1.0h-1 - Update to 1.8.1.0h * Mon Feb 7 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.8.1.0d-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sat Oct 2 2010 - Orion Poplawski orion@cora.nwra.com - 1.8.1.0d-1 - Update to 1.8.1.0d --------------------------------------------------------------------------------

================================================================================ x2goclient-4.0.1.1-1.el6 (FEDORA-EPEL-2013-11818) Graphical client for use with the X2Go network based computing environment -------------------------------------------------------------------------------- Update Information:

X2Go is a server based computing environment with - session resuming - low bandwidth support - LDAP support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018556 - x2goagent has unsatisfied dependencies: x2goserver https://bugzilla.redhat.com/show_bug.cgi?id=1018556 --------------------------------------------------------------------------------

================================================================================ x2godesktopsharing-3.1.1.0-4.el6 (FEDORA-EPEL-2013-11818) Share X2Go desktops with other users -------------------------------------------------------------------------------- Update Information:

X2Go is a server based computing environment with - session resuming - low bandwidth support - LDAP support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018556 - x2goagent has unsatisfied dependencies: x2goserver https://bugzilla.redhat.com/show_bug.cgi?id=1018556 --------------------------------------------------------------------------------

================================================================================ x2goserver-4.0.1.6-5.el6 (FEDORA-EPEL-2013-11818) X2Go server daemon scripts -------------------------------------------------------------------------------- Update Information:

X2Go is a server based computing environment with - session resuming - low bandwidth support - LDAP support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #1018556 - x2goagent has unsatisfied dependencies: x2goserver https://bugzilla.redhat.com/show_bug.cgi?id=1018556 --------------------------------------------------------------------------------