The following Fedora EPEL 5 Security updates need testing:
Age URL
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13519/roundcubem...
212
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
107
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13480/cgit-0.9.1...
38
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2....
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13443/roundup-1....
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13203/389-ds-bas...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13496/mod_securi...
36
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61...
35
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2....
The following builds have been pushed to Fedora EPEL 5 updates-testing
autotest-framework-0.14.4-1.el5
drupal7-7.17-2.el5
opendkim-2.7.2-1.el5
pcp-3.6.10-1.el5
perl-Authen-Credential-0.8-1.el5
roundcubemail-0.1.1-7.el5
salt-0.10.5-1.el5
stompclt-0.6-1.el5
Details about builds:
================================================================================
autotest-framework-0.14.4-1.el5 (FEDORA-EPEL-2012-13524)
Framework for fully automated testing
--------------------------------------------------------------------------------
Update Information:
Various packaging bugfixes.
--------------------------------------------------------------------------------
================================================================================
drupal7-7.17-2.el5 (FEDORA-EPEL-2012-13520)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
New upstream version,
http://drupal.org/drupal-7.17-release-notes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 8 2012 Peter Borsa <peter.borsa(a)gmail.com> - 7.17-2
- Fix README.txt location.
* Thu Nov 8 2012 Peter Borsa <peter.borsa(a)gmail.com> - 7.17-1
- New upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #874504 - drupal7-7.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=874504
--------------------------------------------------------------------------------
================================================================================
opendkim-2.7.2-1.el5 (FEDORA-EPEL-2012-13527)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 19 2012 Steve Jenkins <steve stevejenkins com> 2.7.2-1
- Updated to use newer upstream 2.7.2 source code
--------------------------------------------------------------------------------
================================================================================
pcp-3.6.10-1.el5 (FEDORA-EPEL-2012-13530)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Resolve insecure temporary file use flaw in PCP shell scripts.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 19 2012 Nathan Scott <nathans(a)redhat.com> - 3.6.10-1
- Update to latest PCP sources.
- Resolve tmpfile security flaws: CVE-2012-5530
- Introduces new "pcp" user account for all daemons to use.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #875842 - CVE-2012-5530 pcp: Insecure temporary file use flaws
https://bugzilla.redhat.com/show_bug.cgi?id=875842
--------------------------------------------------------------------------------
================================================================================
perl-Authen-Credential-0.8-1.el5 (FEDORA-EPEL-2012-13517)
Abstraction of a credential
--------------------------------------------------------------------------------
Update Information:
updating to latest upstream version 0.8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #877911 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=877911
--------------------------------------------------------------------------------
================================================================================
roundcubemail-0.1.1-7.el5 (FEDORA-EPEL-2012-13519)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
CVE-2010-0464
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 19 2012 Jon Ciesla <limburgher(a)gmail.com> = 0.1.1-7
- roundcubemail-0.3.1-CVE-2010-0464.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #876724 - Fix for CVE-2010-0464 in Roundcube 0.1.1 in EPEL5
https://bugzilla.redhat.com/show_bug.cgi?id=876724
--------------------------------------------------------------------------------
================================================================================
salt-0.10.5-1.el5 (FEDORA-EPEL-2012-13515)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
upstream release 0.10.5, pciutils as Requires
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 18 2012 Clint Savage <herlo1(a)gmail.com> - 0.10.5-1
- Moved to upstream release 0.10.5
- Added pciutils as Requires
--------------------------------------------------------------------------------
================================================================================
stompclt-0.6-1.el5 (FEDORA-EPEL-2012-13532)
Versatile STOMP client
--------------------------------------------------------------------------------
Update Information:
updating to latest upstream version 0.6
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 20 2012 Massimo Paladin <massimo.paladin(a)gmail.com> 0.6-1
- Update to 0.6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #878005 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=878005
--------------------------------------------------------------------------------