The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/atop-1.26-1.el5.1 https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrowse-2... https://admin.fedoraproject.org/updates/ocsinventory-1.3.3-5.el5 https://admin.fedoraproject.org/updates/bugzilla-3.2.10-2.el5 https://admin.fedoraproject.org/updates/phpldapadmin-1.0.2-1.el5 https://admin.fedoraproject.org/updates/awstats-6.95-3.el5 https://admin.fedoraproject.org/updates/clamav-0.97.3-1.el5 https://admin.fedoraproject.org/updates/cacti-0.8.7h-1.el5 https://admin.fedoraproject.org/updates/puppet-2.6.12-1.el5 https://admin.fedoraproject.org/updates/net6-1.3.14-1.el5 https://admin.fedoraproject.org/updates/cherokee-1.2.101-1.el5 https://admin.fedoraproject.org/updates/drupal6-views-2.13-1.el5 https://admin.fedoraproject.org/updates/phpMyAdmin3-3.4.7-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
bugzilla-3.2.10-2.el5 stdair-0.44.1-1.el5 xrootd-3.0.5-1.el5
Details about builds:
================================================================================ bugzilla-3.2.10-2.el5 (FEDORA-EPEL-2011-4907) Bug tracking system -------------------------------------------------------------------------------- Update Information:
- Bugzilla 3.4.12 for security updates : CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048, CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976 (RHBZ#729158). - Various small improvements (RHBZ#736579, RHBZ #736584, RHBZ#736581, RHBZ#736583).
Security update for CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 15 2011 Xavier Bachelot xavier@bachelot.org - 3.2.10-2 - Add patches for CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976. - Fix httpd conf (RHBZ#736579, RHBZ #736584). - Fix typo in doc (RHBZ#736581). - Fix files ownership (RHBZ#736583). * Tue May 3 2011 Xavier Bachelot xavier@bachelot.org - 3.2.10-1 - Update to 3.2.10 for CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048) * Tue Feb 2 2010 Emmanuel Seyman emmanuel.seyman@club-internet.fr - 3.2.6-2 - Use Linux requirements, not Windows' * Mon Feb 1 2010 Emmanuel Seyman emmanuel.seyman@club-internet.fr - 3.2.6-1 - Update to 3.2.6 (CVE-2009-3989, CVE-2009-3387) - Specify Perl module versions in the Requires (fixes #524309) - Add an alias to make $webdotdir a working path (fixes #458848) * Fri Sep 11 2009 Emmanuel Seyman emmanuel.seyman@club-internet.fr - 3.2.5-1 - Update to 3.2.5 (CVE-2009-3125, CVE-2009-3165 and CVE-2009-3166) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #672856 - bugzilla: multiple security issues [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=672856 [ 2 ] Bug #729158 - CVE-2011-2976 CVE-2011-2379 CVE-2011-2380 CVE-2011-2979 CVE-2011-2381 CVE-2011-2978 CVE-2011-2977 bugzilla: multiple security flaws fixed in 3.4.12, 3.6.6, 4.0.2, and 4.1.3 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=729158 [ 3 ] Bug #736579 - show the doc files correctly https://bugzilla.redhat.com/show_bug.cgi?id=736579 [ 4 ] Bug #736584 - apache configuration improvement https://bugzilla.redhat.com/show_bug.cgi?id=736584 [ 5 ] Bug #736581 - mini typo in docs https://bugzilla.redhat.com/show_bug.cgi?id=736581 [ 6 ] Bug #736583 - file ownership https://bugzilla.redhat.com/show_bug.cgi?id=736583 --------------------------------------------------------------------------------
================================================================================ stdair-0.44.1-1.el5 (FEDORA-EPEL-2011-4908) C++ Standard Airline IT Object Library -------------------------------------------------------------------------------- Update Information:
New package for EPEL 5 (though it has been delivered for the other distributions a long time ago) --------------------------------------------------------------------------------
================================================================================ xrootd-3.0.5-1.el5 (FEDORA-EPEL-2011-4909) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
Update to version 3.0.5. Upstream changelog:
* Major bug fixes
** Avoid stage failures when target file exists in purgeable or writeable space.
** Make sure all the threads are joined when closing a physical connection.
** Fix free/delete mismatch in XrdSecProtocolgsi et al.
* Minor bug fixes
** Remove old async shutdown workaround patch introduced in Linux 2.3. The problem has been since fixed and the solution now causes problems.
** Install the netchk tool
-------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 5 2011 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.0.5-1 - Update to version 3.0.5 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org