diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-July/017280.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-July/017280.html | 167 |
1 files changed, 167 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-July/017280.html b/zarb-ml/mageia-dev/2012-July/017280.html new file mode 100644 index 000000000..3739b5196 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-July/017280.html @@ -0,0 +1,167 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Security updates - help needed (status update) + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20help%20needed%20%28status%20update%29&In-Reply-To=%3C1342027285.19577.YahooMailClassic%40web160506.mail.bf1.yahoo.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="017277.html"> + <LINK REL="Next" HREF="017282.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Security updates - help needed (status update)</H1> + <B>David Walser</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20help%20needed%20%28status%20update%29&In-Reply-To=%3C1342027285.19577.YahooMailClassic%40web160506.mail.bf1.yahoo.com%3E" + TITLE="[Mageia-dev] Security updates - help needed (status update)">luigiwalser at yahoo.com + </A><BR> + <I>Wed Jul 11 19:21:25 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="017277.html">[Mageia-dev] [soft-commits] [5083] fix Makefile +</A></li> + <LI>Next message: <A HREF="017282.html">[Mageia-dev] Upgrading KDE to 4.8.97 (4.9-RC2)? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17280">[ date ]</a> + <a href="thread.html#17280">[ thread ]</a> + <a href="subject.html#17280">[ subject ]</a> + <a href="author.html#17280">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>I figured I should give a status update on this, especially before I get too busy for the next few weeks. I'll update again in August if need be. + +Thanks to those who have helped so far. I managed to wrangle a few of them myself yesterday too. + +......... updated initial message below ........ + +There are several packages that need security updates that either have not been built yet, or there are some issues that need help and/or input from packagers. + +Please help out with these where you can. + +I'll try to organize these into categories and give a little info on them so it's easy to see if you can and want to help. + +Web apps +-------- +dokuwiki - needs updated to 2012-01-25a version, already in Cauldron. Cauldron package does have a bug that needs fixing. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6166">https://bugs.mageia.org/show_bug.cgi?id=6166</A> +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6480">https://bugs.mageia.org/show_bug.cgi?id=6480</A> + +ocsinventory - Mageia 1 package needs to be updated or patched (patches available from MDV) +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5252">https://bugs.mageia.org/show_bug.cgi?id=5252</A> +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=2129">https://bugs.mageia.org/show_bug.cgi?id=2129</A> + +mediawiki - versions we have are at or nearing EOL upstream, probably should be updated. Oliver Burger is working on this. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=3448">https://bugs.mageia.org/show_bug.cgi?id=3448</A> + +wordpress - needs updated to 3.4.1, also QA has found some bugs in the current package. Damien Lallement is working on this. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=4065">https://bugs.mageia.org/show_bug.cgi?id=4065</A> + +drupal - update built, issues found by QA need fixing. Oliver Burger is working on this. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5844">https://bugs.mageia.org/show_bug.cgi?id=5844</A> + +GNOME software +-------------- +libgdata - update needed for Mageia 1, may require patch or upgrade to libsoup +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6330">https://bugs.mageia.org/show_bug.cgi?id=6330</A> + +libvirt - patch available from RedHat +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6526">https://bugs.mageia.org/show_bug.cgi?id=6526</A> + +vte - vte3 still needs fixed in Mageia 2 +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6161">https://bugs.mageia.org/show_bug.cgi?id=6161</A> + +gjs - doesn't rebuild against xulrunner in Mageia 1, but doesn't seem to be used by anything +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6382">https://bugs.mageia.org/show_bug.cgi?id=6382</A> + +Games +----- +ioquake3, openarena, urbanterror, alienarena - affected by DoS bug in quake3 engine +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5496">https://bugs.mageia.org/show_bug.cgi?id=5496</A> + +Java-related +------------ +jruby - just reported yesterday +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6742">https://bugs.mageia.org/show_bug.cgi?id=6742</A> + +poi - In progress by D Morgan. Additional updates pending. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6011">https://bugs.mageia.org/show_bug.cgi?id=6011</A> + +apache-commons-compress - In progress by D Morgan. Mageia 1 updates pending. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6331">https://bugs.mageia.org/show_bug.cgi?id=6331</A> + +spring2 - In progress by D Morgan. Cauldron update pending. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6625">https://bugs.mageia.org/show_bug.cgi?id=6625</A> + +Ruby-related +------------ +Several security issues, one possible packaging issue +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6487">https://bugs.mageia.org/show_bug.cgi?id=6487</A> + +No response has been received from packagers yet +------------------------------------------------ +avidemux/gstreamer0.10-ffmpeg - should be able to borrow patches from mplayer for mga1 (ffmpeg git for mga2) +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6427">https://bugs.mageia.org/show_bug.cgi?id=6427</A> + +graphicsmagick - needs updated to 1.3.16 or patch backported, upstream patch linked in bug +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6561">https://bugs.mageia.org/show_bug.cgi?id=6561</A> + +dropbear - Debian and upstream patches differ, no response received from upstream either. Patch proposed. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=5611">https://bugs.mageia.org/show_bug.cgi?id=5611</A> + +abrt/libreport/btparser - should probably be upgraded to newer versions available from RedHat +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6523">https://bugs.mageia.org/show_bug.cgi?id=6523</A> + +sos - 62 patches available from Fedora +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6525">https://bugs.mageia.org/show_bug.cgi?id=6525</A> + +keepalived - possible patch from Gentoo for security issue, we have another open bug report too +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6743">https://bugs.mageia.org/show_bug.cgi?id=6743</A> + +x11-server - bug has links to upstream commits used to fix this +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6744">https://bugs.mageia.org/show_bug.cgi?id=6744</A> + +In progress (help needed to finish) +----------------------------------- +busybox - will not build in Cauldron, tmb blames uClibc, which won't build either +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6673">https://bugs.mageia.org/show_bug.cgi?id=6673</A> + +gc - links to upstream and Fedora patches available in bug, already fixed in Cauldron +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6652">https://bugs.mageia.org/show_bug.cgi?id=6652</A> + +v8/chromium - In progress by D Morgan. chromium won't build for Mageia 1. +<A HREF="https://bugs.mageia.org/show_bug.cgi?id=6679">https://bugs.mageia.org/show_bug.cgi?id=6679</A> + + +</PRE> + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="017277.html">[Mageia-dev] [soft-commits] [5083] fix Makefile +</A></li> + <LI>Next message: <A HREF="017282.html">[Mageia-dev] Upgrading KDE to 4.8.97 (4.9-RC2)? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17280">[ date ]</a> + <a href="thread.html#17280">[ thread ]</a> + <a href="subject.html#17280">[ subject ]</a> + <a href="author.html#17280">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |