The following Fedora EPEL 6 Security updates need testing: Age URL 299 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0376/openconnect-4.... 76 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13610/drupal6-ctool... 222 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6348/bcfg2-1.2.3-1.... 487 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0267/mediawiki119-1... 24 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0123/python-tw2-jqu... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0298/roundcubemail-... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0233/wordpress-3.5....
The following builds have been pushed to Fedora EPEL 6 updates-testing
datanommer-commands-0.4.2-1.el6 fail2ban-0.8.8-3.el6 openconnect-4.08-1.el6 openstack-packstack-2012.2.2-0.8.dev406.el6 php-jsonlint-1.1.1-1.el6 php-twig-Twig-1.12.2-1.el6 python-datanommer-models-0.4.2-1.el6 sipp-3.3-1.el6 sx-2.14-1.el6 tomcat-native-1.1.27-1.el6 yourls-1.5.1-3.el6
Details about builds:
================================================================================ datanommer-commands-0.4.2-1.el6 (FEDORA-EPEL-2013-0370) Console commands for datanommer -------------------------------------------------------------------------------- Update Information:
Latest upstream with a fix to datanommer-latest. Latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 14 2013 Ralph Bean rbean@redhat.com - 0.4.2-1 - Latest upstream with a bugfix to datanommer-latest. * Thu Feb 7 2013 Ralph Bean rbean@redhat.com - 0.4.1-1 - Latest upstream from Jessica Anderson. - Various enhancements and bugfixes. - New datanommer-latest command. - Tests now require python-mock. - New dep on fedmsg.meta Fedora Infrastructure plugin. --------------------------------------------------------------------------------
================================================================================ fail2ban-0.8.8-3.el6 (FEDORA-EPEL-2013-0375) Ban IPs that make too many password failures -------------------------------------------------------------------------------- Update Information:
- Add patch from upstream to fix module imports (Bug #892365) - Add patch from upstream to UTF-8 characters in syslog (Bug #905097) -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 14 2013 Orion Poplawski orion@cora.nwra.com - 0.8.8-3 - Add patch from upstream to fix module imports (Bug #892365) - Add patch from upstream to UTF-8 characters in syslog (Bug #905097) --------------------------------------------------------------------------------
================================================================================ openconnect-4.08-1.el6 (FEDORA-EPEL-2013-0376) Open client for Cisco AnyConnect VPN -------------------------------------------------------------------------------- Update Information:
This update fixes a potential buffer overflow in HTTP request generation, which could be triggered by a malicious server generating a large number of cookies or redirecting to a large path or hostname. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 13 2013 David Woodhouse David.Woodhouse@intel.com - 4.08-1 - Update to 4.08 release (#910331 CVE-2012-6128) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #910330 - CVE-2012-6128 openconnect: Stack-based buffer overflow when processing certain host names, paths, or cookie lists https://bugzilla.redhat.com/show_bug.cgi?id=910330 --------------------------------------------------------------------------------
================================================================================ openstack-packstack-2012.2.2-0.8.dev406.el6 (FEDORA-EPEL-2013-0367) Openstack Install Utility -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. Here is where you give an explanation of your update. Here is where you give an explanation of your update. Here is where you give an explanation of your update. Here is where you give an explanation of your update. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #905083 - Endless loop if scp is missing on nodes https://bugzilla.redhat.com/show_bug.cgi?id=905083 [ 2 ] Bug #906254 - packstack will fail if ntpd is running while ntpdate is executed https://bugzilla.redhat.com/show_bug.cgi?id=906254 [ 3 ] Bug #906269 - Please support Scientific Linux https://bugzilla.redhat.com/show_bug.cgi?id=906269 [ 4 ] Bug #909111 - python-keystone dependency is missing https://bugzilla.redhat.com/show_bug.cgi?id=909111 --------------------------------------------------------------------------------
================================================================================ php-jsonlint-1.1.1-1.el6 (FEDORA-EPEL-2013-0365) JSON Lint for PHP -------------------------------------------------------------------------------- Update Information:
1.1.1 (2013-02-12) * Fixed handling of empty keys in objects in certain cases
Full change log: https://github.com/Seldaek/jsonlint/blob/1.1.1/CHANGELOG.mdown
-------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #910280 - php-jsonlint-1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=910280 --------------------------------------------------------------------------------
================================================================================ php-twig-Twig-1.12.2-1.el6 (FEDORA-EPEL-2013-0372) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information:
1.12.2 (2013-02-09)
* fixed the timezone used by the date filter and function when the given date contains a timezone (like 2010-01-28T15:00:00+02:00) * fixed globals when getGlobals is called early on * added the first and last filter
Full change log: https://github.com/fabpot/Twig/blob/v1.12.2/CHANGELOG -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 12 2013 Shawn Iwinski shawn.iwinski@gmail.com 1.12.2-1 - Updated to upstream version 1.12.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #909916 - php-twig-Twig-1.12.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=909916 --------------------------------------------------------------------------------
================================================================================ python-datanommer-models-0.4.2-1.el6 (FEDORA-EPEL-2013-0368) SQLAlchemy models for datanommer -------------------------------------------------------------------------------- Update Information:
Latest upstream with enhanced alembic migration. Alembic upgrade scripts -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 14 2013 Ralph Bean rbean@redhat.com - 0.4.2-1 - Latest upstream with improved alembic migration. * Thu Feb 7 2013 Ralph Bean rbean@redhat.com - 0.4.1-1 - Latest upstream contributed by Jessica Anderson. - Included alembic upgrade scripts in /usr/share/datanommer.models/ --------------------------------------------------------------------------------
================================================================================ sipp-3.3-1.el6 (FEDORA-EPEL-2013-0371) SIP test tool / traffic generator -------------------------------------------------------------------------------- Update Information:
* Ver. 3.3 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 15 2013 Peter Lemenkov lemenkov@gmail.com - 3.3-1 - Ver. 3.3 * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Feb 28 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-5 - Rebuilt for c++ ABI breakage * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ sx-2.14-1.el6 (FEDORA-EPEL-2013-0374) Tool to extract reports and run plug-ins against those extracted reports -------------------------------------------------------------------------------- Update Information:
New upstream release to resolve bugs and add new features enhancements. No backward compatibility issues known. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 15 2013 Niels de Vos devos@fedoraproject.org - 2.14-1 - Update to sx-2.14 (RHBZ#911620) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #911620 - Update to sx-2.14 https://bugzilla.redhat.com/show_bug.cgi?id=911620 --------------------------------------------------------------------------------
================================================================================ tomcat-native-1.1.27-1.el6 (FEDORA-EPEL-2013-0369) Tomcat native library -------------------------------------------------------------------------------- Update Information:
Update to version 1.1.27.
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 13 2013 Ville Skyttä ville.skytta@iki.fi - 1.1.27-1 - Update to 1.1.27. - Clean up specfile constructs no longer needed in Fedora or EL6+. * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.24-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #910694 - tomcat-native-1.1.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=910694 --------------------------------------------------------------------------------
================================================================================ yourls-1.5.1-3.el6 (FEDORA-EPEL-2013-0373) Your Own URL Shortener -------------------------------------------------------------------------------- Update Information:
Add README.fedora -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 15 2013 Martin Krizek mkrizek@redhat.com - 1.5.1-3 - Add README.fedora * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org