From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2012-September/018933.html | 204 ++++++++++++++++++++++++++ 1 file changed, 204 insertions(+) create mode 100644 zarb-ml/mageia-dev/2012-September/018933.html (limited to 'zarb-ml/mageia-dev/2012-September/018933.html') diff --git a/zarb-ml/mageia-dev/2012-September/018933.html b/zarb-ml/mageia-dev/2012-September/018933.html new file mode 100644 index 000000000..4752b8402 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-September/018933.html @@ -0,0 +1,204 @@ + + + + [Mageia-dev] Security updates - help needed! + + + + + + + + + +

[Mageia-dev] Security updates - help needed!

+ David Walser + luigiwalser at yahoo.com +
+ Tue Sep 25 22:34:46 CEST 2012 +

+
+ +
I was asked in the packagers meeting to update this list.
+
+I've been really busy at work, and don't have much time to work on these, so help is needed.  Thanks to all that have helped so far.
+
+Also, Manuel pointed out a bugzilla search that will typically contain most of these.
+https://bugs.mageia.org/buglist.cgi?quicksearch=comp:secu+-@qa-b
+
+......... updated initial message below ........
+
+There are several packages that need security updates that either have not been built yet, or there are some issues that need help and/or input from packagers.
+
+Please help out with these where you can.
+
+I'll try to organize these into categories and give a little info on them so it's easy to see if you can and want to help.
+
+Web apps
+--------
+mediawiki - versions we have are at or nearing EOL upstream, probably should be updated.  Oliver Burger is working on this.
+https://bugs.mageia.org/show_bug.cgi?id=3448
+
+drupal - update built, issues found by QA need fixing.  Oliver Burger is working on this.
+https://bugs.mageia.org/show_bug.cgi?id=5844
+
+roundcubemail - issues fixed upstream in 0.8.1, or 0.7.3 + patch from Fedora
+https://bugs.mageia.org/show_bug.cgi?id=7246
+
+zabbix - issues fixed in 1.8.15 upstream, two possible patches linked in bug
+https://bugs.mageia.org/show_bug.cgi?id=7277
+
+otrs - issue fixed in 3.1.10
+https://bugs.mageia.org/show_bug.cgi?id=7527
+
+GNOME software
+--------------
+spice-gtk/glib2.0 - patches available from RedHat
+https://bugs.mageia.org/show_bug.cgi?id=7536
+
+empathy - XSS issues fixed upstream in 3.2.1 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7008
+
+libvirt - patches available from RedHat
+https://bugs.mageia.org/show_bug.cgi?id=6526
+
+libgnomesu - re-diffing the patch might be non-trivial since OpenSuSE has many other patches too
+https://bugs.mageia.org/show_bug.cgi?id=7068
+
+gjs - doesn't rebuild against xulrunner in Mageia 1, but doesn't seem to be used by anything
+https://bugs.mageia.org/show_bug.cgi?id=6382
+
+Games
+-----
+openarena, alienarena - affected by DoS bug in quake3 engine.  Juan Luis Baptiste is working on this.
+https://bugs.mageia.org/show_bug.cgi?id=5496
+
+Java-related
+------------
+jruby - fixed upstream in 1.6.5.1
+https://bugs.mageia.org/show_bug.cgi?id=6742
+
+poi - In progress by D Morgan.  Additional updates pending.
+https://bugs.mageia.org/show_bug.cgi?id=6011
+
+apache-commons-compress - In progress by D Morgan.  Mageia 1 updates pending.
+https://bugs.mageia.org/show_bug.cgi?id=6331
+
+apache-commons-daemon - fixed upstream in 1.0.7 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7004
+
+Ruby-related
+------------
+Several security issues, one possible packaging issue
+https://bugs.mageia.org/show_bug.cgi?id=6487
+
+No response has been received from packagers yet
+------------------------------------------------
+openafs - patches available from Debian, plus a newer version is in Mageia 1 than Mageia 2
+https://bugs.mageia.org/show_bug.cgi?id=7085
+
+openswan - patches are available from RedHat, one needs re-diffing
+https://bugs.mageia.org/show_bug.cgi?id=7095
+
+freeradius - patch should be available from Debian
+https://bugs.mageia.org/show_bug.cgi?id=7447
+
+blender - patches available from Fedora
+https://bugs.mageia.org/show_bug.cgi?id=7065
+https://bugs.mageia.org/show_bug.cgi?id=7518
+
+rpmdevtools - issue fixed in 8.3
+https://bugs.mageia.org/show_bug.cgi?id=7465
+
+erlang - issue fixed in R14B03 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7062
+
+fuse - patches available from RedHat (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7063
+
+libvoikko - issue fixed in 3.2.1 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7067
+
+php-ZendFramework - issues fixed upstream in 1.11.6 (only Mageia 1 is affected)
+https://bugs.mageia.org/show_bug.cgi?id=7083
+
+abrt/libreport/btparser - should probably be upgraded to newer versions available from RedHat
+https://bugs.mageia.org/show_bug.cgi?id=6523
+
+sos - 62 patches available from Fedora
+https://bugs.mageia.org/show_bug.cgi?id=6525
+
+x11-server - upstream diffs linked by RedHat, maybe patches available from Ubuntu or Gentoo, plus other security issues fixed by RH/OpenSuSE/Ubuntu
+https://bugs.mageia.org/show_bug.cgi?id=6744
+
+In progress (help needed to finish)
+-----------------------------------
+xen - more patches need applied in Mageia 1 and Mageia 2 branches
+https://bugs.mageia.org/show_bug.cgi?id=6931
+
+argyllcms/icclib - file conflicts between these two packages need to be resolved
+https://bugs.mageia.org/show_bug.cgi?id=7464
+
+ganglia - some issues found by QA need to be addressed
+https://bugs.mageia.org/show_bug.cgi?id=6874
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1