The following Fedora EPEL 5 Security updates need testing: Age URL 192 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13195/drupal7-7.16-... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-base-1... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13249/viewvc-1.1.17... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13283/pcp-3.6.9-1.e... 86 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13244/dokuwiki-0-0.... 18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0... 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13348/mcrypt-2.6.8-...
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-2.15.2-1.el5 dmlite-plugins-profiler-0.4.0-2.el5 ldns-1.6.15-2.el5 mcrypt-2.6.8-10.el5 mozilla-https-everywhere-3.0.3-1.el5 rubberband-1.8.1-1.el5 snmptt-1.4-0.6.beta2.el5
Details about builds:
================================================================================ R-2.15.2-1.el5 (FEDORA-EPEL-2012-13346) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Update to R 2.15.2 (and rebuild rpy and rkward).
For a list of bugfixes and changes in 2.15.2, see:
http://cran.r-project.org/src/base/NEWS.html -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 29 2012 Tom Callaway spot@fedoraproject.org - 2.15.2-1 - update to 2.15.2 --------------------------------------------------------------------------------
================================================================================ dmlite-plugins-profiler-0.4.0-2.el5 (FEDORA-EPEL-2012-13343) Profiler plugin for dmlite -------------------------------------------------------------------------------- Update Information:
This package provides the profiler plug-in for dmlite. This plug-in is a simple wrapper around a real plug-in implementation, and is used to do multiple measurements regarding the performance of each call to dmlite -------------------------------------------------------------------------------- References:
[ 1 ] Bug #860283 - Review Request: dmlite-plugins-profiler - Profiler plugin for dmlite https://bugzilla.redhat.com/show_bug.cgi?id=860283 --------------------------------------------------------------------------------
================================================================================ ldns-1.6.15-2.el5 (FEDORA-EPEL-2012-13357) Lowlevel DNS(SEC) library with API -------------------------------------------------------------------------------- Update Information:
A lot of code audit fixes, ldns-dane support. fixup dependency for certs Updates from source code audit, ldns-dane support Updates from source code audit, ldns-dane support -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 30 2012 Paul Wouters pwouters@redhat.com - 1.6.15-2 - EL5 has no ca-certificates, it needs to depend on openssl * Fri Oct 26 2012 Paul Wouters pwouters@redhat.com - 1.6.15-1 - Updated to 1.6.15, as 1.6.14 accidentally broke ABI (We never released 1.6.14) * Tue Oct 23 2012 Paul Wouters pwouters@redhat.com - 1.6.14-1 - [pulled before release] - Updated to 1.6.14 - Removed merged in patch - Added new dependancy on ca-certificates for ldns-dane PKIX validation --------------------------------------------------------------------------------
================================================================================ mcrypt-2.6.8-10.el5 (FEDORA-EPEL-2012-13348) Replacement for crypt() -------------------------------------------------------------------------------- Update Information:
Apply workaround for CVE-2012-4527. -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 30 2012 Tom Callaway spot@fedoraproject.org - 2.6.8-10 - apply workaround patch for CVE-2012-4527 Thanks to Attila Bogar and Nobuhiro Iwamatsu -------------------------------------------------------------------------------- References:
[ 1 ] Bug #867790 - CVE-2012-4527 mcrypt: stack-based buffer overflow by encryption / decryption of overly long file names https://bugzilla.redhat.com/show_bug.cgi?id=867790 --------------------------------------------------------------------------------
================================================================================ mozilla-https-everywhere-3.0.3-1.el5 (FEDORA-EPEL-2012-13341) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information:
- Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users
* Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. * Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox * New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations. -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 30 2012 Russell Golden niveusluna@niveusluna.org - 3.0.3-1 - Work around a nasty bug that was affecting some high-volume Live Youtube streams -- (but not other live YouTube streams) -- https://trac.torproject.org/projects/tor/ticket/7127 - Other Fixes: -- AdaCore, Akamai/MTV3 Katsomo, Akamai/HP, Atlassian, Bahn.de, DemocracyNow, MySQL, NuGet, -- PBS, Phronoix Media/Openbenchmarking, SSRN, Spoki -- https://trac.torproject.org/projects/tor/ticket/7219 -- https://trac.torproject.org/projects/tor/ticket/7180 -- https://trac.torproject.org/projects/tor/ticket/7135 -- https://trac.torproject.org/projects/tor/ticket/7206 -- https://trac.torproject.org/projects/tor/ticket/7198 - Disable broken/buggy: -- CBS/Last.fm, Citibank Australia, Bytename, HP, NIFTY, Microchip, MyOpenID, NttDocomo -- https://trac.torproject.org/projects/tor/ticket/6587 -- https://trac.torproject.org/projects/tor/ticket/7226 -- https://trac.torproject.org/projects/tor/ticket/7111 -- https://trac.torproject.org/projects/tor/ticket/7161 -- https://trac.torproject.org/projects/tor/ticket/7114 -- https://trac.torproject.org/projects/tor/ticket/7138 -- https://trac.torproject.org/projects/tor/ticket/7107 - Updated translations: -- Greek, Russian, Latvian - New translation: -- Turkish - Offer the SSL Observatory popup to a larger cohort of users * Sun Oct 21 2012 Russell Golden niveusluna@niveusluna.org - 3.0.2-1 - Some fixes that should have shipped in 3.0.1, but actually didn't: European Southern Observatory, Indeed, LibriVox - New fixes: Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer (fix / reenable), Optical Society, IMDB, Facebook, EzineArticles, Broadband Reports, Apache, Akamai (exclude Zynga content to prevent breakage of some Zynga games), Costco * Mon Oct 15 2012 Russell Golden niveusluna@niveusluna.org - 3.0.1-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden niveusluna@niveusluna.org - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden niveusluna@niveusluna.org - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage --------------------------------------------------------------------------------
================================================================================ rubberband-1.8.1-1.el5 (FEDORA-EPEL-2012-13350) Audio time-stretching and pitch-shifting library -------------------------------------------------------------------------------- Update Information:
Changes in Rubber Band v1.8.1
* Fix a crash in formant-preserving pitch shift for some build targets
The API is unchanged and the library is binary compatible with version 1.7.
Changes in Rubber Band v1.8
* Add build support for Win32/MSVC, Android, and various libraries * Add Java JNI interface
The API is unchanged and the library is binary compatible with version 1.7.
-------------------------------------------------------------------------------- ChangeLog:
* Sun Oct 28 2012 Michel Salim salimma@fedoraproject.org - 1.8.1-1 - Update to 1.8.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #866397 - rubberband-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=866397 --------------------------------------------------------------------------------
================================================================================ snmptt-1.4-0.6.beta2.el5 (FEDORA-EPEL-2012-13354) An SNMP trap handler written in Perl -------------------------------------------------------------------------------- Update Information:
Initial packaging -------------------------------------------------------------------------------- References:
[ 1 ] Bug #870615 - Review Request: snmptt - An SNMP trap handler written in Perl https://bugzilla.redhat.com/show_bug.cgi?id=870615 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org