The following Fedora EPEL 5 Security updates need testing:

https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4907/bugzilla-3.2.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5165/phpMyAdmin3-3.... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3762/couchdb-1.0.2-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5197/jasper-1.900.1...

The following builds have been pushed to Fedora EPEL 5 updates-testing

augeas-0.10.0-2.el5 jasper-1.900.1-14.el5 lcgdm-1.8.2-1.el5 mcollective-1.3.1-6.el5 plowshare-0.9.4-0.22.20111206git.el5

Details about builds:

================================================================================ augeas-0.10.0-2.el5 (FEDORA-EPEL-2011-5192) A library for changing configuration files -------------------------------------------------------------------------------- Update Information:

See http://augeas.net/news.html for details See http://augeas.net/news.html for details -------------------------------------------------------------------------------- ChangeLog:

* Sat Dec 3 2011 Richard W.M. Jones rjones@redhat.com - 0.10.0-2 - Add patch to resolve missing libxml2 requirement in augeas.pc. * Fri Dec 2 2011 David Lutterkort lutter@redhat.com - 0.10.0-1 - New version --------------------------------------------------------------------------------

================================================================================ jasper-1.900.1-14.el5 (FEDORA-EPEL-2011-5197) Implementation of the JPEG-2000 standard, Part 1 -------------------------------------------------------------------------------- Update Information:

CVE-2011-4516, CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) -------------------------------------------------------------------------------- ChangeLog:

* Fri Dec 9 2011 Jiri Popelka jpopelka@redhat.com - 1.900.1-14 - CVE-2011-4516, CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) (#765662) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #747726 - CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) https://bugzilla.redhat.com/show_bug.cgi?id=747726 --------------------------------------------------------------------------------

================================================================================ lcgdm-1.8.2-1.el5 (FEDORA-EPEL-2011-5187) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information:

New upstream version. -------------------------------------------------------------------------------- ChangeLog:

* Tue Dec 6 2011 Mattias Ellert mattias.ellert@fysast.uu.se - 1.8.2-1 - Update to version 1.8.2 --------------------------------------------------------------------------------

================================================================================ mcollective-1.3.1-6.el5 (FEDORA-EPEL-2011-5183) A framework to build server orchestration or parallel job execution systems -------------------------------------------------------------------------------- Update Information:

The Marionette Collective is a framework to build server orchestration or parallel job execution systems. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #698405 - Review Request: mcollective - A framework to build server orchestration or parallel job execution systems https://bugzilla.redhat.com/show_bug.cgi?id=698405 --------------------------------------------------------------------------------

================================================================================ plowshare-0.9.4-0.22.20111206git.el5 (FEDORA-EPEL-2011-5185) Download and upload files from file-sharing websites -------------------------------------------------------------------------------- Update Information:

Update to new upstream snapshot. -------------------------------------------------------------------------------- ChangeLog:

* Tue Dec 6 2011 Elder Marco eldermarco@fedoraproject.org - 0.9.4-0.22.20111206git - New upstream snapshot * Wed Nov 23 2011 Elder Marco eldermarco@fedoraproject.org - 0.9.4-0.21.20111117git - New upstream snapshot --------------------------------------------------------------------------------