The following Fedora EPEL 5 Security updates need testing: Age URL 508 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 22 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61-21... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11396/cacti-0.8.8b-... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11418/graphite-web-... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11448/perl-Crypt-DS... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11460/python-pyrad-... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11542/glpi-0.83.9.1...
The following builds have been pushed to Fedora EPEL 5 updates-testing
glpi-0.83.9.1-4.el5 ldapvi-1.7-17.el5 openvpn-2.3.2-2.el5 php-htmLawed-1.1.16-1.el5
Details about builds:
================================================================================ glpi-0.83.9.1-4.el5 (FEDORA-EPEL-2013-11542) Free IT asset management software -------------------------------------------------------------------------------- Update Information:
Security improvement: restrict access to installation wizard from local server only.
Remote access need to be explicitly allowed in configuration (/etc/httpd/conf.d/glpi.conf). -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 12 2013 Remi Collet remi@fedoraproject.org - 0.83.9.1-4 - restrict access for install to local for security - drop bundled Flash files files, #1000251 - Add a missing requirement on crontabs to spec file --------------------------------------------------------------------------------
================================================================================ ldapvi-1.7-17.el5 (FEDORA-EPEL-2013-11548) An interactive LDAP client -------------------------------------------------------------------------------- Update Information:
Add fix of double free() crash (#949157), also fix old FSF address -------------------------------------------------------------------------------- ChangeLog:
* Wed Sep 11 2013 Matěj Cepl mcepl@redhat.com - 1.7-17 - Add fix of double free() crash (#949157) - Fix old FSF address * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Thu Jul 19 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #949157 - [PATCH] fix use-after-free in sasl code https://bugzilla.redhat.com/show_bug.cgi?id=949157 --------------------------------------------------------------------------------
================================================================================ openvpn-2.3.2-2.el5 (FEDORA-EPEL-2013-11545) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information:
Enable --enable-x509-alt-username. -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 12 2013 Jon Ciesla limburgher@gmail.com 2.3.2-2 - Enable --enable-x509-alt-username, BZ 1007184. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1007184 - Request to enable the "--enable-x509-alt-username" compile-time option https://bugzilla.redhat.com/show_bug.cgi?id=1007184 --------------------------------------------------------------------------------
================================================================================ php-htmLawed-1.1.16-1.el5 (FEDORA-EPEL-2013-11555) PHP code to purify and filter HTML -------------------------------------------------------------------------------- Update Information:
htmLawed 1.1.16, 29 August 2013: - fix for a potential security vulnerability arising from specialy encoded space characters in URL schemes/protocols -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 12 2013 Remi Collet remi@fedoraproject.org - 1.1.16-1 - update to 1.1.16, fix for a potential security vulnerability arising from specialy encoded space characters in URL schemes/protocols --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org