The following Fedora EPEL 5 Security updates need testing:
Age URL
878
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893
libguestfs-1.20.12-1.el5
643
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
492
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849
sblim-sfcb-1.3.8-2.el5
135
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516
mcollective-2.8.4-1.el5
107
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6
thttpd-2.25b-24.el5
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-085f094286
php-htmLawed-1.1.21-1.el5
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-66faa4ea19
openssl101e-1.0.1e-7.el5
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-9c7ed6c982
websvn-2.3.3-12.el5
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-de8749748f
phpMyAdmin4-4.0.10.15-1.el5
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-99a440d127
drupal6-emfield-2.7-1.el5
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-71908aa997
putty-0.63-6.el5
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bafacd5846
proftpd-1.3.3g-5.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
globus-common-16.2-1.el5
globus-proxy-utils-6.15-1.el5
myproxy-6.1.17-1.el5
perl-Canary-Stability-2011-1.el5
proftpd-1.3.3g-5.el5
Details about builds:
================================================================================
globus-common-16.2-1.el5 (FEDORA-EPEL-2016-1ff7518539)
Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
globus-proxy-utils-6.15-1.el5 (FEDORA-EPEL-2016-1ff7518539)
Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.17-1.el5 (FEDORA-EPEL-2016-1ff7518539)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
perl-Canary-Stability-2011-1.el5 (FEDORA-EPEL-2016-65d74e6015)
Canary to check perl compatibility for Schmorp's modules
--------------------------------------------------------------------------------
Update Information:
This release fixes color printing. It also improves the message text.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317254 - perl-Canary-Stability-2011 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317254
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3g-5.el5 (FEDORA-EPEL-2016-bafacd5846)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update fixes issues with selection of inappropriate DH parameters, which
could lead to encrypted traffic being more easily decrypted than it should be.
*
http://bugs.proftpd.org/show_bug.cgi?id=3868 *
http://bugs.proftpd.org/show_bug.cgi?id=4230 (CVE-2016-3125) The update also
adds support for specifying TLSv1.1 and TLSv1.2, and fixes an SUID/SGID
directory permission setting regression introduced with an earlier update
addressing CVE-2012-6095.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317420 - CVE-2016-3125 proftpd: usage of 1024 bit DH key even with manual
parameters set
https://bugzilla.redhat.com/show_bug.cgi?id=1317420
--------------------------------------------------------------------------------