diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-July/017123.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-July/017123.html | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-July/017123.html b/zarb-ml/mageia-dev/2012-July/017123.html new file mode 100644 index 000000000..12c1fa905 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-July/017123.html @@ -0,0 +1,182 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Security updates - Help needed! + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%21&In-Reply-To=%3C1341355059.53539.YahooMailClassic%40web160506.mail.bf1.yahoo.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="017133.html"> + <LINK REL="Next" HREF="017145.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Security updates - Help needed!</H1> + <B>David Walser</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%21&In-Reply-To=%3C1341355059.53539.YahooMailClassic%40web160506.mail.bf1.yahoo.com%3E" + TITLE="[Mageia-dev] Security updates - Help needed!">luigiwalser at yahoo.com + </A><BR> + <I>Wed Jul 4 00:37:39 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="017133.html">[Mageia-dev] Mageia 3 feature proposals review +</A></li> + <LI>Next message: <A HREF="017145.html">[Mageia-dev] Security updates - Help needed! +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17123">[ date ]</a> + <a href="thread.html#17123">[ thread ]</a> + <a href="subject.html#17123">[ subject ]</a> + <a href="author.html#17123">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>There are several packages that need security updates that either have not been built yet, or there are some issues that need help and/or input from packagers. + +Please help out with these where you can. + +I'll try to organize these into categories and give a little info on them so it's easy to see if you can and want to help. + +Web apps +-------- +mediawiki - versions we have are at or nearing EOL upstream, probably should be updated. Several security issues are present. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=3448">https://bugs.mageia.org/show_bug.cgi?id=3448</A> + +dokuwiki - needs updated to 2012-01-25a version, already in Cauldron. Cauldron package does have a bug that needs fixing. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6166">https://bugs.mageia.org/show_bug.cgi?id=6166</A> +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6480">https://bugs.mageia.org/show_bug.cgi?id=6480</A> + +wordpress - needs updated to 3.4.1, also QA has found some bugs in the current package. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=4065">https://bugs.mageia.org/show_bug.cgi?id=4065</A> + +viewvc - needs updated to 1.1.15 +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6551">https://bugs.mageia.org/show_bug.cgi?id=6551</A> + +ocsinventory - Mageia 1 package needs to be updated or patched (patches available from MDV) +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5252">https://bugs.mageia.org/show_bug.cgi?id=5252</A> +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=2129">https://bugs.mageia.org/show_bug.cgi?id=2129</A> + +drupal - update built, issues found by QA need fixing +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5844">https://bugs.mageia.org/show_bug.cgi?id=5844</A> + + +GNOME software +-------------- +libgdata - update needed for Mageia 1, may require patch or upgrade to libsoup +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6330">https://bugs.mageia.org/show_bug.cgi?id=6330</A> + +libvirt - patch available from RedHat +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6526">https://bugs.mageia.org/show_bug.cgi?id=6526</A> + +vte - patch available from Fedora +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6161">https://bugs.mageia.org/show_bug.cgi?id=6161</A> + +gjs - doesn't rebuild against xulrunner in Mageia 1, but doesn't seem to be used by anything +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6382">https://bugs.mageia.org/show_bug.cgi?id=6382</A> + + +Games +----- +ioquake3, openarena, urbanterror, alienarena - affected by DoS bug in quake3 engine +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5496">https://bugs.mageia.org/show_bug.cgi?id=5496</A> + + +Java-related +------------ +poi - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=6011">https://bugs.mageia.org/show_bug.cgi?id=6011</A> +apache-commons-compress - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=6331">https://bugs.mageia.org/show_bug.cgi?id=6331</A> +spring2 - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=6625">https://bugs.mageia.org/show_bug.cgi?id=6625</A> +eclipse - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=6611">https://bugs.mageia.org/show_bug.cgi?id=6611</A> +avalon-framework - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=4524">https://bugs.mageia.org/show_bug.cgi?id=4524</A> +jsr-305 - <A HREF="https://bugs.mageia.org/show_bug.cgi?id=4525">https://bugs.mageia.org/show_bug.cgi?id=4525</A> + + +Ruby-related +------------ +Several security issues, at least one packaging issue, and an rpm issue +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6487">https://bugs.mageia.org/show_bug.cgi?id=6487</A> +<A HREF="http://article.gmane.org/gmane.linux.mageia.devel/16419/match=ruby">http://article.gmane.org/gmane.linux.mageia.devel/16419/match=ruby</A> + + +No response has been received from packagers yet +------------------------------------------------ +graphicsmagick - needs updated to 1.3.16 or patch backported, upstream patch linked in bug +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6561">https://bugs.mageia.org/show_bug.cgi?id=6561</A> + +python-httplib2 - possible basis for patch (based on patch from SuSE) available in bug +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6568">https://bugs.mageia.org/show_bug.cgi?id=6568</A> + +openconnect - needs updated to at least 3.18 or patched (upstream patch linked in bug), possible bug also found by user +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6504">https://bugs.mageia.org/show_bug.cgi?id=6504</A> +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6627">https://bugs.mageia.org/show_bug.cgi?id=6627</A> + +dropbear - Debian and upstream patches differ, no response received from upstream either. Patch proposed. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5611">https://bugs.mageia.org/show_bug.cgi?id=5611</A> + +busybox - link to upstream patch available in bug +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6673">https://bugs.mageia.org/show_bug.cgi?id=6673</A> + +gc - links to upstream and Fedora patches available in bug +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6652">https://bugs.mageia.org/show_bug.cgi?id=6652</A> + +abrt/libreport/btparser - should probably be upgraded to newer versions available from RedHat +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6523">https://bugs.mageia.org/show_bug.cgi?id=6523</A> + +sos - 62 patches available from Fedora +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6525">https://bugs.mageia.org/show_bug.cgi?id=6525</A> + +v8 - might need to be updated to newer version +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6679">https://bugs.mageia.org/show_bug.cgi?id=6679</A> + +php-ZendFramework - patches available from Debian +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6666">https://bugs.mageia.org/show_bug.cgi?id=6666</A> + + +In progress (help needed to finish) +----------------------------------- +sympa - update needs to be built for Mageia 2, issues have been found by QA that need fixed +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5939">https://bugs.mageia.org/show_bug.cgi?id=5939</A> + +groff - several scripts apparently need moved from main package to groff-perl (whose description needs rewritten or rethought), security issue already patched +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6379">https://bugs.mageia.org/show_bug.cgi?id=6379</A> + +python - update for Mageia 2 built, update for Mageia 1 still needed (patches possibly available from MDV) +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5843">https://bugs.mageia.org/show_bug.cgi?id=5843</A> + +cifs-utils/samba - cifs-utils is actually already done, patch needs applied to Samba as well +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5714">https://bugs.mageia.org/show_bug.cgi?id=5714</A> + +gajim - there is a requires or suggests missing +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5432">https://bugs.mageia.org/show_bug.cgi?id=5432</A> +</PRE> + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="017133.html">[Mageia-dev] Mageia 3 feature proposals review +</A></li> + <LI>Next message: <A HREF="017145.html">[Mageia-dev] Security updates - Help needed! +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17123">[ date ]</a> + <a href="thread.html#17123">[ thread ]</a> + <a href="subject.html#17123">[ subject ]</a> + <a href="author.html#17123">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |