The following Fedora EPEL 6 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5253/openstack-nova... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5300/python-virtual... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4701/supybot-gribbl... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5193/moodle-2.1.3-1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5279/unbound-1.4.14... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3863/bugzilla-3.4.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5331/phpMyAdmin-3.4... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5203/clearsilver-0.... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5220/cacti-0.8.7i-2...
The following builds have been pushed to Fedora EPEL 6 updates-testing
phpMyAdmin-3.4.9-1.el6 trac-tickettemplate-plugin-0.7-0.1.svn10977.el6
Details about builds:
================================================================================ phpMyAdmin-3.4.9-1.el6 (FEDORA-EPEL-2011-5331) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
Changes 3.4.9.0 (2011-12-21):
- [edit] Inline editing enum fields with null shows no dropdown - [interface] DB suggestion not correct for user with underscore - [core] Magic quotes removed in PHP 5.4 - [session] No feedback when result is empty (signon auth_type) - [display] Problems regarding ShowTooltipAliasTB - [edit] Can't rename a database that contains views - [edit] Unable to move tables with triggers - [navi] Fast filter broken with table tree - [GUI] Firefox favicon frameset regression - [core] Better compatibility with mysql extension - [security] Self-XSS on export options (export server/database/table), see PMASA-2011-20 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php) - [security] Self-XSS in setup (host parameter), see PMASA-2011-19 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php) -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 22 2011 Robert Scheck robert@fedoraproject.org 3.4.9-1 - Upgrade to 3.4.9 (#769818) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #769982 - CVE-2011-4782 phpMyAdmin Crafted values entered in the setup interface can produce XSS PMASA-2011-19 https://bugzilla.redhat.com/show_bug.cgi?id=769982 [ 2 ] Bug #769981 - CVE-2011-4780 phpMyAdmin XSS on the export panels in the server, database and table sections PMASA-2011-20 https://bugzilla.redhat.com/show_bug.cgi?id=769981 --------------------------------------------------------------------------------
================================================================================ trac-tickettemplate-plugin-0.7-0.1.svn10977.el6 (FEDORA-EPEL-2011-5330) Allow for ticket templating -------------------------------------------------------------------------------- Update Information:
Plugin didn't work on el6 with trac 0.12 prior. -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 22 2011 Jon Stanley jonstanley@gmail.com - 0.7-0.1.svn10977 - New upstrem snapshot for 0.12 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org