The following Fedora EPEL 5 Security updates need testing:
Age URL
927
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
381
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
146
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
41
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2669/check-mk-1....
41
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2853/mediawiki11...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3549/rubygem-act...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3554/rubygem-rai...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3570/tor-0.2.4.2...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3651/phpMyAdmin4...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3675/Pound-2.6-2...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2....
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-3.1.2-1.el5
classads-1.0.10-1.el5
dar-2.4.15-2.el5
mantis-1.2.17-3.el5
Details about builds:
================================================================================
R-3.1.2-1.el5 (FEDORA-EPEL-2014-3810)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Update to R 3.1.2
Change /usr/lib[64]/R/etc/Makeconf from %config(noreplace) to %config to force it to be
updated when upgrading.
Without this change, the TCL_LIBS variable can be set incorrectly. The old Makeconf file
will be preserved as Makeconf.rpmold
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 31 2014 Tom Callaway <spot(a)fedoraproject.org> - 3.1.2-1
- update to 3.1.2
* Wed Oct 29 2014 Tom Callaway <spot(a)fedoraproject.org> - 3.1.1-8
- rebuild for new tcl/tk
- mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk
libs)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1158425 - package install fails with infinite loop
https://bugzilla.redhat.com/show_bug.cgi?id=1158425
--------------------------------------------------------------------------------
================================================================================
classads-1.0.10-1.el5 (FEDORA-EPEL-2014-3798)
Condor's classified advertisement language
--------------------------------------------------------------------------------
Update Information:
Unretire package and update to bugfix release 1.0.10.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 František Dvořák <valtri(a)civ.zcu.cz> - 1.0.10-1
- Upgraded to 1.0.10 release
- Removed static subpackage
- Spec cleanups
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.8-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.8-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.8-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Feb 10 2012 Petr Pisar <ppisar(a)redhat.com> - 1.0.8-4
- Rebuild against PCRE 8.30
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148415 - Review Request: classads - Condor's classified advertisement
language
https://bugzilla.redhat.com/show_bug.cgi?id=1148415
--------------------------------------------------------------------------------
================================================================================
dar-2.4.15-2.el5 (FEDORA-EPEL-2014-3789)
Software for making/restoring incremental CD/DVD backups
--------------------------------------------------------------------------------
Update Information:
libdar-devel: include pkg-config file
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Luis Bazan <lbazan(a)fedoraproject.org> - 2.4.15-2
- add pkgconfig
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077403 - libdar-devel: include pkg-config file
https://bugzilla.redhat.com/show_bug.cgi?id=1077403
--------------------------------------------------------------------------------
================================================================================
mantis-1.2.17-3.el5 (FEDORA-EPEL-2014-3784)
Web-based issue tracking system
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2014-6387
Please note: this update is from the 1.2 series, so existing installations (on 1.1) will
need manual upgrade steps to apply the DB schema migration.
Please check the file
/usr/share/doc/mantis/README.Fedora
for the installation/upgrade steps.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 3 2014 Gianluca Sforna <giallu(a)gmail.com> - 1.2.17-3
- fix CVE-2014-6387 (#1141310)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.17-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Mar 4 2014 Gianluca Sforna <giallu(a)gmail.com> - 1.2.17-1
- new upstream release
- fix CVE-2014-2238 (#1071460)
- remove upstreamed patch
* Mon Oct 28 2013 Gianluca Sforna <giallu(a)gmail.com> - 1.2.15-3
- fix CVE-2013-4460 (#1022246)
* Fri Jul 26 2013 Ville Skyttä <ville.skytta(a)iki.fi> - 1.2.15-2
- Honor %{_pkgdocdir} where available.
* Tue Apr 16 2013 Gianluca Sforna <giallu(a)gmail.com> - 1.2.15-1
- new upstream release
- fix CVE-2013-1930 (#948971)
- fix CVE-2013-1931 (#948975)
- drop upstreamed patch
* Fri Mar 22 2013 Gianluca Sforna <giallu(a)gmail.com> - 1.2.14-1
- New upstream release
- require php-soap extension, drop patch
- set env variable for command line scripts (#902528)
- fix CVE-2013-1883 (#924340)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.12-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Dec 2 2012 Johan Cwiklinski <johan AT x-tnd DOT be> - 1.2.12-2
- Fix apache 2.4 configuration (bz #871418)
* Thu Nov 15 2012 Gianluca Sforna <giallu(a)gmail.com> - 1.2.12-1
- New upstream release
- Rebase patches
- Fix CVE-2012-2691 (#830735)
- Fix CVE-2012-2692 (#830737)
- Fix CVE-2012-1118, CVE-2012-1119, CVE-2012-1120, CVE-2012-1121, CVE-2012-1122,
CVE-2012-1123
(#800665)
- Fix CVE-2012-5522 CVE-2012-5523 (#876371)
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Sep 7 2011 Gianluca Sforna <giallu(a)gmail.com> - 1.2.8-1
- New upstream release
- Fix several security issues CVE-2011-2938 (#731777)
- Fix CVE-2011-3356 CVE-2011-3357 CVE-2011-3358 CVE-2011-3578 (#735514)
- Rebase Patch0
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141310 - CVE-2014-6387 mantis: null byte poisoning in LDAP authentication
https://bugzilla.redhat.com/show_bug.cgi?id=1141310
--------------------------------------------------------------------------------