The following Fedora EPEL 5 Security updates need testing:

https://admin.fedoraproject.org/updates/rt3-3.6.10-2.el5 https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.el5 https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.el5 https://admin.fedoraproject.org/updates/tmux-1.4-3.el5.1

The following builds have been pushed to Fedora EPEL 5 updates-testing

libisofs-1.0.6-1.el5 pam_shield-0.9.5-7.el5 pdfmerge-1.0.4-1.el5 supybot-fedora-0.2.9.1-1.el5 tmux-1.4-3.el5.1

Details about builds:

================================================================================ libisofs-1.0.6-1.el5 (FEDORA-EPEL-2011-3032) Library to create ISO 9660 disk images -------------------------------------------------------------------------------- Update Information:

Changes towards previous version 1.0.4:

* Burning DVD-R DAO with 2 kB size granularity rather than 32 kB * New API call burn_allow_drive_role_4() -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 10 2011 Robert Scheck robert@fedoraproject.org 1.0.6-1 - Upgrade to 1.0.6 --------------------------------------------------------------------------------

================================================================================ pam_shield-0.9.5-7.el5 (FEDORA-EPEL-2011-3034) Pam Shield - A pam module to counter brute force attacks -------------------------------------------------------------------------------- Update Information:

packing fixes added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #694557 - pam_shield not built with $RPM_OPT_FLAGS https://bugzilla.redhat.com/show_bug.cgi?id=694557 [ 2 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force attacks https://bugzilla.redhat.com/show_bug.cgi?id=691153 --------------------------------------------------------------------------------

================================================================================ pdfmerge-1.0.4-1.el5 (FEDORA-EPEL-2011-3037) Command line utility program for merging PDF files -------------------------------------------------------------------------------- Update Information:

This update brings the new pdfmerge 1.0.4 to you which fixes some issues and improves the handling of pdfmerge. -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 10 2011 Dominic Hopf dmaphy@fedoraproject.org - 1.0.4-1 - new upstream release --------------------------------------------------------------------------------

================================================================================ supybot-fedora-0.2.9.1-1.el5 (FEDORA-EPEL-2011-3035) Plugin for Supybot to interact with Fedora services -------------------------------------------------------------------------------- Update Information:

Updates the URL to be compatible with pkgdb 0.5.x. Various other fixes Adds a new mirroradmins command to get the FAS name of mirror admins via IRC. -------------------------------------------------------------------------------- ChangeLog:

* Sat Apr 10 2010 Jon Stanley jonstanley@gmail.com - 0.2.9.1-1 - New upstream 0.2.9.1 * Fri Feb 12 2010 Jon Stanley jonstanley@gmail.com - 0.2.8-1 - New upstream 0.2.8 --------------------------------------------------------------------------------

================================================================================ tmux-1.4-3.el5.1 (FEDORA-EPEL-2011-3029) A terminal multiplexer -------------------------------------------------------------------------------- Update Information:

tmux didn't drop group privileges correctly in all cases.

This is fixed by using an updated patch originating from the debian tmux package.

Fixes RHBZ #694564, CVE-2011-1496 -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 10 2011 Sven Lankes sven@lank.es 1.4-3.1 - fix git snafu * Sun Apr 10 2011 Sven Lankes sven@lank.es 1.4-3 - Fix CVE-2011-1496 - Fixes rhbz #693824 * Wed Feb 9 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Tue Dec 28 2010 Filipe Rosset rosset.filipe@gmail.com 1.4-1 - New upstream release * Fri Aug 6 2010 Filipe Rosset filiperosset@fedoraproject.org 1.3-2 - Rebuild for F-13 * Mon Jul 19 2010 Sven Lankes sven@lank.es 1.3-1 - New upstream release * Sun Mar 28 2010 Sven Lankes sven@lank.es 1.2-1 - New upstream release - rediff writehard patch -------------------------------------------------------------------------------- References:

[ 1 ] Bug #694564 - CVE-2011-1496 tmux does not drop group tmux privileges properly [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=694564 --------------------------------------------------------------------------------