From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2012-November/019745.html | 176 +++++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 zarb-ml/mageia-dev/2012-November/019745.html (limited to 'zarb-ml/mageia-dev/2012-November/019745.html') diff --git a/zarb-ml/mageia-dev/2012-November/019745.html b/zarb-ml/mageia-dev/2012-November/019745.html new file mode 100644 index 000000000..13945104a --- /dev/null +++ b/zarb-ml/mageia-dev/2012-November/019745.html @@ -0,0 +1,176 @@ + + + + [Mageia-dev] Security updates - help needed (status update) + + + + + + + + + +

[Mageia-dev] Security updates - help needed (status update)

+ David Walser + luigiwalser at yahoo.com +
+ Fri Nov 2 19:19:59 CET 2012 +

+
+ +
Here's the current list.  I fixed the ones I could from the old list, some still remain, some new ones are here.  Help is needed for all of them.
+
+If anyone can help with LibreOffice or Java stuff that'd be great, since our maintainer has been off IRC and bugzilla for a few weeks now.
+
+I've tagged each of these with the versions affected, so hopefully that's helpful.
+
+Since the council is in such a hurry to retire Mageia 1, this is the last chance to get any of these fixed there.
+
+Also, Manuel pointed out a bugzilla search that will typically contain most of these.
+https://bugs.mageia.org/buglist.cgi?quicksearch=comp:secu+-@qa-b
+
+......... updated initial message below ........
+
+There are several packages that need security updates that either have not been built yet, or there are some issues that need help and/or input from packagers.
+
+Please help out with these where you can.
+
+I'll try to organize these into categories and give a little info on them so it's easy to see if you can and want to help.
+
+Web apps
+--------
+mediawiki [mga1+mga2] - versions we have are at or nearing EOL upstream, probably should be updated.  Oliver Burger is working on this.
+https://bugs.mageia.org/show_bug.cgi?id=3448
+
+drupal [mga1] - update built, issues found by QA need fixing on Mageia 1.
+https://bugs.mageia.org/show_bug.cgi?id=5844
+
+webmin [mga1+mga2+cauldron] - security issue fixed upstream in 1.600, package has other bugs too
+https://bugs.mageia.org/show_bug.cgi?id=7803
+
+zabbix [mga2+cauldron] - issues fixed in 1.8.15 upstream, two possible patches linked in bug
+https://bugs.mageia.org/show_bug.cgi?id=7277
+
+otrs [mga2] - issue fixed in 3.1.10
+https://bugs.mageia.org/show_bug.cgi?id=7527
+
+glpi [mga1+mga2] - issue fixed in 0.83.3, no backported patch is available that I'm aware of
+https://bugs.mageia.org/show_bug.cgi?id=6762
+
+GNOME software
+--------------
+empathy [mga1] - XSS issues fixed upstream in 3.2.1 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7008
+
+libvirt [mga1+mga2+cauldron] - patches available from RedHat
+https://bugs.mageia.org/show_bug.cgi?id=6526
+
+libgnomesu [mga1+mga2+cauldron] - re-diffing the patch might be non-trivial since OpenSuSE has many other patches too
+https://bugs.mageia.org/show_bug.cgi?id=7068
+
+gjs [mga1] - doesn't rebuild against xulrunner in Mageia 1, but doesn't seem to be used by anything
+https://bugs.mageia.org/show_bug.cgi?id=6382
+
+Games
+-----
+openarena, alienarena [mga1+mga2] - affected by DoS bug in quake3 engine.
+https://bugs.mageia.org/show_bug.cgi?id=5496
+
+ioquake3 [mga1] - update candidate for Mageia 1 has issues that still need to be fixed
+https://bugs.mageia.org/show_bug.cgi?id=6997
+
+Java-related
+------------
+tomcat5 [mga1] - minor packaging issue found by QA needs fixed on Mageia 1
+https://bugs.mageia.org/show_bug.cgi?id=3099
+
+jruby [mga2+cauldron] - fixed upstream in 1.6.5.1
+https://bugs.mageia.org/show_bug.cgi?id=6742
+
+poi [mga1+mga2+cauldron] - Some updates for this have been built, others are still needed
+https://bugs.mageia.org/show_bug.cgi?id=6011
+
+apache-commons-compress [mga1+mga2] - Mageia 2 update done, needs Mageia 1 update
+https://bugs.mageia.org/show_bug.cgi?id=6331
+
+apache-commons-daemon [mga1] - fixed upstream in 1.0.7 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7004
+
+Ruby-related
+------------
+Several security issues, one possible packaging issue [mga1+mga2+cauldron]
+https://bugs.mageia.org/show_bug.cgi?id=6487
+
+No response has been received from packagers yet
+------------------------------------------------
+libreoffice [mga1+mga2+cauldron] - possibly a patch available from Debian
+https://bugs.mageia.org/show_bug.cgi?id=7949
+
+erlang [mga1] - issue fixed in R14B03 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7062
+
+fuse [mga1] - patches available from RedHat (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7063
+
+libvoikko [mga1] - issue fixed in 3.2.1 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7067
+
+abrt/libreport/btparser [mga1+mga2+cauldron] - should probably be upgraded to newer versions available from RedHat
+https://bugs.mageia.org/show_bug.cgi?id=6523
+
+In progress (help needed to finish)
+-----------------------------------
+xen [mga1+mga2+cauldron] - more patches need applied in Mageia 1 and Mageia 2 branches
+https://bugs.mageia.org/show_bug.cgi?id=6931
+
+transmission [mga1] - patch is non-trivial to rediff on Mageia 1, backport doesn't quite build
+https://bugs.mageia.org/show_bug.cgi?id=7590
+
+openafs [mga1+mga2] - pam_afs is missing from the current build in updates_testing
+https://bugs.mageia.org/show_bug.cgi?id=7085
+
+munin [mga1+mga2] - issue fixed upstream in 2.0.6
+https://bugs.mageia.org/show_bug.cgi?id=7591
+
+
+ + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1