The following Fedora EPEL 5 Security updates need testing:
Age URL
965
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
419
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
183
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
37
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2....
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4408/libyaml-0.1...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4402/antiword-0....
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4403/pkcs11-help...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4441/icecast-2.4...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4475/pwgen-2.07-...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4527/xrdp-0.6.1-...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4520/firebird-2....
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4620/pywebdav-0....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4...
The following builds have been pushed to Fedora EPEL 5 updates-testing
globus-ftp-client-8.17-1.el5
globus-gridftp-server-7.17-1.el5
globus-scheduler-event-generator-5.9-1.el5
globus-simple-ca-4.18-1.el5
mup-6.3-1.el5
phpMyAdmin4-4.0.10.7-2.el5
xrootd-4.1.1-1.el5
xrootd-compat-3.3.6-1.el5
Details about builds:
================================================================================
globus-ftp-client-8.17-1.el5 (FEDORA-EPEL-2014-4654)
Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:
Minor updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.17-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-7.17-1.el5 (FEDORA-EPEL-2014-4654)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Minor updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 7.17-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-scheduler-event-generator-5.9-1.el5 (FEDORA-EPEL-2014-4654)
Globus Toolkit - Scheduler Event Generator
--------------------------------------------------------------------------------
Update Information:
Minor updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.9-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-simple-ca-4.18-1.el5 (FEDORA-EPEL-2014-4654)
Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:
Minor updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 12 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.18-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
mup-6.3-1.el5 (FEDORA-EPEL-2014-4637)
A music notation program that can also generate MIDI files
--------------------------------------------------------------------------------
Update Information:
Update to 6.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 11 2014 Greg Bailey <gbailey(a)lxpro.com> - 6.3-1
- Update to 6.3
- Revert "-Werror=format-security" patch (merged upstream)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
6.2-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
6.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Dec 16 2013 Greg Bailey <gbailey(a)lxpro.com> - 6.2-2
- Patch errors resulting from the use of "-Werror=format-security" (#1037208)
- See
https://fedorahosted.org/fesco/ticket/1185
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin4-4.0.10.7-2.el5 (FEDORA-EPEL-2014-4430)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.7 (2014-12-03)
================================
- [security] DOS attack with long passwords
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 11 2014 Robert Scheck <robert(a)fedoraproject.org> 4.0.10.7-2
- Use %{pkgname} rather %{name} in %post scriptlet (#1173189)
* Thu Dec 4 2014 Robert Scheck <robert(a)fedoraproject.org> 4.0.10.7-1
- Upgrade to 4.0.10.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170597 - CVE-2014-9218 phpMyAdmin: Denial of Service with long passwords
https://bugzilla.redhat.com/show_bug.cgi?id=1170597
--------------------------------------------------------------------------------
================================================================================
xrootd-4.1.1-1.el5 (FEDORA-EPEL-2014-4648)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
Update to xrootd version 4 (4.1.1)
New xrootd-compat package providing the version 3 (3.3.6) libraries and services for
backward compatibility.
https://github.com/xrootd/xrootd/blob/v4.1.1/docs/ReleaseNotes.txt
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 8 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.1.1-1
- Update to version 4.1.1
- Drop patch xrootd-signed-char.patch (accepted upstream)
* Fri Nov 28 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.1.0-1
- Update to version 4.1.0
- Install systemd unit files (F21+, EPEL7+)
* Sat Nov 1 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.0.4-1
- Update to version 4.0.4
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1:4.0.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Aug 8 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.0.3-1
- Update to version 4.0.3
* Fri Jul 11 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.0.1-1
- Update to version 4.0.1
- Split main package into server and selinux
- New main package installs server and selinux
- Drop patches accepted upstream (-32bit, -range, -narrowing)
* Sun Jun 29 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1:4.0.0-1
- Update to version 4.0.0
- Remove the perl package - no longer part of upstream sources
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1:3.3.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
xrootd-compat-3.3.6-1.el5 (FEDORA-EPEL-2014-4648)
Extended ROOT file server - compat version
--------------------------------------------------------------------------------
Update Information:
Update to xrootd version 4 (4.1.1)
New xrootd-compat package providing the version 3 (3.3.6) libraries and services for
backward compatibility.
https://github.com/xrootd/xrootd/blob/v4.1.1/docs/ReleaseNotes.txt
--------------------------------------------------------------------------------