Fedora EPEL 5 updates-testing report - epel-devel - Fedora mailing-lists

11 Mar 2013


      The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 323  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1...
 218  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2...
  24  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4....
  17  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0425/nginx-0.8.55-3...
   2  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0518/euca2ools-2.1....
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0609/php-Smarty-2.6...
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0598/firebird-2.1.5...
The following builds have been pushed to Fedora EPEL 5 updates-testing
dpm-xrootd-3.3.1-1.el5
    firebird-2.1.5.18496.0-4.el5
    gengetopt-2.22.5-4.el5
    nordugrid-arc-2.0.1-4.el5
    pcp-3.7.0-1.el5
    php-Smarty-2.6.27-1.el5
    php53-simplepie-1.3.1-5.el5
    root-5.28.00h-3.el5
    xrootd-3.3.1-1.el5
Details about builds:
================================================================================
 dpm-xrootd-3.3.1-1.el5 (FEDORA-EPEL-2013-0549)
 XROOT interface to the Disk Pool Manager (DPM)
--------------------------------------------------------------------------------
Update Information:
Update to xrootd 3.3.1.
http://xrootd.cern.ch/cgi-bin/cgit.cgi/xrootd/tree/docs/ReleaseNotes.txt?id=...
--------------------------------------------------------------------------------
================================================================================
 firebird-2.1.5.18496.0-4.el5 (FEDORA-EPEL-2013-0598)
 SQL relational database management system
--------------------------------------------------------------------------------
Update Information:
fix CVE-2013-2492.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 10 2013 Philippe Makowski makowski@fedoraproject.org  2.1.5.18496.0-4
- added patch from upstream to fix Firebird CORE-4058 CVE-2013-2492
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #919549 - CVE-2013-2492 Firebird: CNCT info remote stack buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=919549
--------------------------------------------------------------------------------
================================================================================
 gengetopt-2.22.5-4.el5 (FEDORA-EPEL-2013-0597)
 Tool to write command line option parsing code for C programs
--------------------------------------------------------------------------------
Update Information:
gengetopt is a new package in EPEL 5.
--------------------------------------------------------------------------------
================================================================================
 nordugrid-arc-2.0.1-4.el5 (FEDORA-EPEL-2013-0549)
 Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
Update to xrootd 3.3.1.
http://xrootd.cern.ch/cgi-bin/cgit.cgi/xrootd/tree/docs/ReleaseNotes.txt?id=...
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar  8 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.1-4
- Rebuild for xrootd 3.3
* Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 pcp-3.7.0-1.el5 (FEDORA-EPEL-2013-0610)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Upstream feature and bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 10 2013 Nathan Scott nathans@redhat.com - 3.7.0-1
- Update to latest PCP sources.
- Migrate all configuration files below the /etc/pcp hierarchy.
* Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.6.10-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #891688 - sar2pcp doesn't grok f17 /var/lib/sa files
        https://bugzilla.redhat.com/show_bug.cgi?id=891688
--------------------------------------------------------------------------------
================================================================================
 php-Smarty-2.6.27-1.el5 (FEDORA-EPEL-2013-0609)
 Template/Presentation Framework for PHP
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2012-4437, XSS due improper sanitization of messages within SmartyException.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 11 2013 Jon Ciesla limburgher@gmail.com - 2.6.27-1
- Update to 2.6.27 to fix CVE-2012-4437, BZ 920149.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #920149 - CVE-2012-4437 php-Smarty: XSS due improper sanitization of messages within SmartyException [epel-5]
        https://bugzilla.redhat.com/show_bug.cgi?id=920149
--------------------------------------------------------------------------------
================================================================================
 php53-simplepie-1.3.1-5.el5 (FEDORA-EPEL-2013-0621)
 Simple RSS Library in PHP
--------------------------------------------------------------------------------
Update Information:
SimplePie is a very fast and easy-to-use class, written in PHP, that puts the 'simple' back into 'really simple syndication'. Flexible enough to suit beginners and veterans alike, SimplePie is focused on speed, ease of use, compatibility and standards compliance.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857724 - Review Request: php53-simplepie.spec - Simple RSS Library in PHP
        https://bugzilla.redhat.com/show_bug.cgi?id=857724
--------------------------------------------------------------------------------
================================================================================
 root-5.28.00h-3.el5 (FEDORA-EPEL-2013-0549)
 Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
Update to xrootd 3.3.1.
http://xrootd.cern.ch/cgi-bin/cgit.cgi/xrootd/tree/docs/ReleaseNotes.txt?id=...
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar  2 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 5.28.00h-3
- Rebuild for xrootd 3.3
- Backport gfal fixes
--------------------------------------------------------------------------------
================================================================================
 xrootd-3.3.1-1.el5 (FEDORA-EPEL-2013-0549)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
Update to xrootd 3.3.1.
http://xrootd.cern.ch/cgi-bin/cgit.cgi/xrootd/tree/docs/ReleaseNotes.txt?id=...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar  6 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.3.1-1
- Update to version 3.3.1
- Remove the java package - no longer part of upstream sources
- Drop patches fixed upstream: xrootd-cryptoload.patch, xrootd-init.patch and
  xrootd-perl.patch
- Drop obsolete patch: xrootd-java.patch
- Add private-devel package for deprecated header files
* Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:3.2.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jan 17 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.2.7-1
- Update to version 3.2.7
- Split libs package into libs, client-libs and server-libs
- Split devel package into devel, client-devel and server-devel
* Fri Oct 12 2012 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.2.5-1
- Update to version 3.2.5
* Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:3.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jul 11 2012 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.2.2-1
- Update to version 3.2.2
* Mon Jun 11 2012 Petr Pisar ppisar@redhat.com - 1:3.2.1-2
- Perl 5.16 rebuild
* Thu May 17 2012 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.2.1-1
- Update to version 3.2.1
* Sat Mar 17 2012 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.1.1-1
- Update to version 3.1.1
* Tue Feb 28 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:3.0.5-3
- Rebuilt for c++ ABI breakage
* Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:3.0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------