The following Fedora EPEL 5 Security updates need testing: Age URL 1155 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 609 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.... 373 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-... 223 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6573/mbedtls-1.3.11... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6775/rubygem-extlib... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6836/php-htmLawed-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6773/drupal6-6.36-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6811/drupal7-7.38-1...
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-3.2.1-1.el5 drupal6-6.36-1.el5 drupal7-7.38-1.el5 globus-common-15.30-1.el5 globus-gram-job-manager-14.26-1.el5 globus-gridftp-server-7.26-1.el5 globus-gssapi-gsi-11.19-1.el5 globus-net-manager-0.9-1.el5 lz4-r130-1.el5 myproxy-6.1.14-1.el5 php-htmLawed-1.1.20-1.el5 rubygem-extlib-0.9.16-1.el5
Details about builds:
================================================================================ R-3.2.1-1.el5 (FEDORA-EPEL-2015-6754) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Update R to 3.2.1 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 Tom Callaway spot@fedoraproject.org - 3.2.1-1 - update to 3.2.1 * Tue Jun 16 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Mon May 4 2015 Jakub Čajka jcajka@redhat.com - 3.2.0-2 - valgrind is available only on selected arches, fixes build on s390 --------------------------------------------------------------------------------
================================================================================ drupal6-6.36-1.el5 (FEDORA-EPEL-2015-6773) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
- Release 6.36 is a security fix release - Upstream release notes: https://www.drupal.org/drupal-6.36-release-notes -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 Peter Borsa peter.borsa@gmail.com - 6.36-1 - 6.36, SA-CORE-2015-002 * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 6.35-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1232971 - drupal6-6.36 is available https://bugzilla.redhat.com/show_bug.cgi?id=1232971 --------------------------------------------------------------------------------
================================================================================ drupal7-7.38-1.el5 (FEDORA-EPEL-2015-6811) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
- Release 7.38 is a security fix release - Upstream release notes: https://www.drupal.org/drupal-7.38-release-notes -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 Peter Borsa peter.borsa@gmail.com - 7.38-1 - 7.38, DRUPAL-SA-CORE-2015-002. * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 7.37-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1232972 - drupal7-7.38 is available https://bugzilla.redhat.com/show_bug.cgi?id=1232972 --------------------------------------------------------------------------------
================================================================================ globus-common-15.30-1.el5 (FEDORA-EPEL-2015-6817) Globus Toolkit - Common Library -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 15.30-1 - GT6 update (make globus-version executable during build time) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 15.29-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Wed Jun 3 2015 Jitka Plesnikova jplesnik@redhat.com - 15.29-2 - Perl 5.22 rebuild --------------------------------------------------------------------------------
================================================================================ globus-gram-job-manager-14.26-1.el5 (FEDORA-EPEL-2015-6817) Globus Toolkit - GRAM Jobmanager -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 14.26-1 - GT6 update (fix state info for running jobs, man pages updates) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 14.25-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ globus-gridftp-server-7.26-1.el5 (FEDORA-EPEL-2015-6817) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 7.26-1 - GT6 update (man pages updates) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 7.25-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ globus-gssapi-gsi-11.19-1.el5 (FEDORA-EPEL-2015-6817) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 11.19-1 - GT6 update (export config file values into environment if not set already) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 11.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Fri Jun 5 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 11.18-1 - GT6 update (Change the name compatibility mode in gsi.conf to HYBRID to match the behavior in 11.14 and earlier. Also some test fixes.) * Fri May 29 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 11.16-1 - GT6-update (SSL cipher configuration) --------------------------------------------------------------------------------
================================================================================ globus-net-manager-0.9-1.el5 (FEDORA-EPEL-2015-6817) Globus Toolkit - Network Manager -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 0.9-1 - GT6 update (cleanups) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ lz4-r130-1.el5 (FEDORA-EPEL-2015-6784) Extremely fast compression algorithm -------------------------------------------------------------------------------- Update Information:
- New release r130 - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 pjp pjp@fedoraproject.org - r130-1 - Fixed: incompatibility sparse mode vs console. - Fixed: LZ4IO exits too early when frame crc not present. - Fixed: incompatibility sparse mode vs append mode. - Performance fix: big compression speed boost for clang(+30%). * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - r129-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1226494 - lz4-r130 is available https://bugzilla.redhat.com/show_bug.cgi?id=1226494 [ 2 ] Bug #1233076 - lz4: sparse file support in lz4cat breaks pipes https://bugzilla.redhat.com/show_bug.cgi?id=1233076 --------------------------------------------------------------------------------
================================================================================ myproxy-6.1.14-1.el5 (FEDORA-EPEL-2015-6817) Manage X.509 Public Key Infrastructure (PKI) security credentials -------------------------------------------------------------------------------- Update Information:
Globus toolkit updates. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 20 2015 Mattias Ellert mattias.ellert@fysast.uu.se - 6.1.14-1 - Update to 6.1.14 (RFC2818 name handling) * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 6.1.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ php-htmLawed-1.1.20-1.el5 (FEDORA-EPEL-2015-6836) PHP code to purify and filter HTML -------------------------------------------------------------------------------- Update Information:
**1.1.20** - 9 June 2015. Fix for a potential security vulnerability arising from unescaped double-quote character in single-quoted attribute value of some deprecated elements when tag transformation is enabled; recognition for non-(HTML4) standard 'allowfullscreen' attribute of 'iframe.'
-------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 Remi Collet remi@fedoraproject.org - 1.1.20-1 - update to 1.1.20 --------------------------------------------------------------------------------
================================================================================ rubygem-extlib-0.9.16-1.el5 (FEDORA-EPEL-2015-6775) Support library for DataMapper and Merb -------------------------------------------------------------------------------- Update Information:
Update to 0.9.16 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 18 2015 Mo Morsi mmorsi@redhat.com - 0.9.16-1 - Update to 0.9.16 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #917234 - CVE-2013-1802 Ruby Gem extlib: YAML parameter parsing vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=917234 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org