The following Fedora EPEL 5 Security updates need testing:
Age URL
734
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
188
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
68
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2....
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1074/cacti-0.8.8...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1096/wordpress-3...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1126/check-mk-1....
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1119/znc-1.2-3.el5
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1156/drupal7-7.2...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1229/ndjbdns-1.0...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1237/prosody-0.8...
The following builds have been pushed to Fedora EPEL 5 updates-testing
bogofilter-1.2.4-1.el5
dislocker-0.3.1-2.20140423git.el5
lua-expat-1.3.0-1.el5
prosody-0.8.2-10.el5
Details about builds:
================================================================================
bogofilter-1.2.4-1.el5 (FEDORA-EPEL-2014-1244)
Fast anti-spam filtering by Bayesian statistical analysis
--------------------------------------------------------------------------------
Update Information:
updated to 1.2.4 (fixes #1084359)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Adrian Reber <adrian(a)lisas.de> - 1.2.4-1
- updated to 1.2.4 (fixes #1084359)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1.2.3-4
- Perl 5.18 rebuild
* Fri Feb 22 2013 Adrian Reber <adrian(a)lisas.de> - 1.2.3-2
- removed three files with an unfree license from Source (fixes #912694)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084359 - bogofilter was updateed
https://bugzilla.redhat.com/show_bug.cgi?id=1084359
--------------------------------------------------------------------------------
================================================================================
dislocker-0.3.1-2.20140423git.el5 (FEDORA-EPEL-2014-1243)
Utility to access BitLocker encrypted volumes
--------------------------------------------------------------------------------
Update Information:
Dislocker has been designed to read BitLocker encrypted partitions ("drives")
under a Linux system. The driver used to only read volumes encrypted under a Microsoft
Windows 7 system but is now Microsoft Windows Vista capable and has the write
functionality.
The file name where the BitLocker encrypted partition will be decrypted needs to be given.
This may take a long time, depending on the size of the encrypted partition. But
afterward, once the partition is decrypted, the access to the NTFS partition will be
faster than with FUSE. Another thing to think about is the size of the disk (same size as
the volume that is tried to be decrypted). Nevertheless, once the partition is decrypted,
the file can be mounted as any NTFS partition.
Alternatively for FUSE a mount point needs to be given to fuse-dislocker. Once keys are
decrypted, a file named 'dislocker-file' appears into this provided mount point.
This file is a virtual NTFS partition, it can be mounted as any NTFS partition and then
reading from it or writing to it is possible.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991689 - Review Request: dislocker - Utility to access BitLocker encrypted
volumes
https://bugzilla.redhat.com/show_bug.cgi?id=991689
--------------------------------------------------------------------------------
================================================================================
lua-expat-1.3.0-1.el5 (FEDORA-EPEL-2014-1239)
SAX XML parser based on the Expat library
--------------------------------------------------------------------------------
Update Information:
LuaExpat 1.3.0 [02/Apr/2014]
============================
- Lua 5.2 support (thanks Tomás Guisasola Gorham)
- support for the XmlDecl handler
- add parser:getcurrentbytecount() (XML_GetCurrentByteCount)
- ability to disable CharacterData merging
- Makefile improvements (thanks Vadim Misbakh-Soloviov)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <robert(a)fedoraproject.org> - 1.3.0-1
- New upstream release
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri May 10 2013 Tom Callaway <spot(a)fedoraproject.org> - 1.2.0-5
- fix for lua 5.2
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
prosody-0.8.2-10.el5 (FEDORA-EPEL-2014-1237)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Added upstream patches to avoid resource consumption denial of service when using XMPP
application-layer compression (#1085692)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <robert(a)fedoraproject.org> - 0.8.2-10
- Added upstream patches to avoid resource consumption denial of
service when using XMPP application-layer compression (#1085692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1085692 - CVE-2014-2745 CVE-2014-2744 prosody: resource consumption denial of
service when using XMPP application-layer compression
https://bugzilla.redhat.com/show_bug.cgi?id=1085692
--------------------------------------------------------------------------------