The following Fedora EPEL 4 Security updates need testing:

https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5177/jasper-1.900.1...

The following builds have been pushed to Fedora EPEL 4 updates-testing

augeas-0.10.0-2.el4 jasper-1.900.1-14.el4 lcgdm-1.8.2-1.el4

Details about builds:

================================================================================ augeas-0.10.0-2.el4 (FEDORA-EPEL-2011-5189) A library for changing configuration files -------------------------------------------------------------------------------- Update Information:

See http://augeas.net/news.html for details See http://augeas.net/news.html for details -------------------------------------------------------------------------------- ChangeLog:

* Sat Dec 3 2011 Richard W.M. Jones rjones@redhat.com - 0.10.0-2 - Add patch to resolve missing libxml2 requirement in augeas.pc. * Fri Dec 2 2011 David Lutterkort lutter@redhat.com - 0.10.0-1 - New version --------------------------------------------------------------------------------

================================================================================ jasper-1.900.1-14.el4 (FEDORA-EPEL-2011-5177) Implementation of the JPEG-2000 standard, Part 1 -------------------------------------------------------------------------------- Update Information:

CVE-2011-4516, CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) -------------------------------------------------------------------------------- ChangeLog:

* Fri Dec 9 2011 Jiri Popelka jpopelka@redhat.com - 1.900.1-14 - CVE-2011-4516, CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) (#765661) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #747726 - CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) https://bugzilla.redhat.com/show_bug.cgi?id=747726 --------------------------------------------------------------------------------

================================================================================ lcgdm-1.8.2-1.el4 (FEDORA-EPEL-2011-5188) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information:

New upstream version. -------------------------------------------------------------------------------- ChangeLog:

* Tue Dec 6 2011 Mattias Ellert mattias.ellert@fysast.uu.se - 1.8.2-1 - Update to version 1.8.2 --------------------------------------------------------------------------------