The following Fedora EPEL 5 Security updates need testing:
Age URL
466
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
361
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1....
56
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6089/ssmtp-2.61-...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-10985/perl-Proc-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11075/zabbix20-2...
The following builds have been pushed to Fedora EPEL 5 updates-testing
epic5-1.1.6-1.el5
etckeeper-1.6-1.el5
holland-1.0.10-1.el5
imapsync-1.555-1.el5
kobo-0.4.0-2.el5
libcutl-1.7.1-1.el5
openvpn-2.3.2-1.el5
pcp-3.8.2-1.el5
zabbix20-2.0.6-3.el5
Details about builds:
================================================================================
epic5-1.1.6-1.el5 (FEDORA-EPEL-2013-11051)
Enhanced Programmable ircII Client
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
etckeeper-1.6-1.el5 (FEDORA-EPEL-2013-11074)
Store /etc in a SCM system (git, mercurial, bzr or darcs)
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable version.
See
http://git.kitenet.net/?p=etckeeper.git;a=blob;f=debian/changelog for the complete
upstream changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.6-1
- Update to 1.6.
* Sat Jul 27 2013 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.5-1
- Update to 1.5.
* Sat Jul 27 2013 Jóhann B. Guðmundsson <johannbg(a)fedoraproject.org> - 1.4-2
- Add a missing requirement on crontabs to spec file
--------------------------------------------------------------------------------
================================================================================
holland-1.0.10-1.el5 (FEDORA-EPEL-2013-11056)
Pluggable Backup Framework
--------------------------------------------------------------------------------
Update Information:
Latest 1.0 source for holland backup.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Jeffrey Ness <jeffrey.ness(a)rackspace.com> - 1.0.10-1
- Latest 1.0 sources from upstream.
- LP#706997 has been addressed upstream
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.6-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Oct 18 2012 BJ Dierkes <wdierkes(a)rackspace.com> - 1.0.6-7
- Fixed -pgdump summary per BZ#847855.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.6-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.6-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.6-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
imapsync-1.555-1.el5 (FEDORA-EPEL-2013-11067)
Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
Upgrade imapsync to 1.555
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 28 2013 Nick Bebout <nb(a)fedoraproject.org> - 1.555-1
- Upgrade to 1.555
--------------------------------------------------------------------------------
================================================================================
kobo-0.4.0-2.el5 (FEDORA-EPEL-2013-11064)
Python modules for tools development
--------------------------------------------------------------------------------
Update Information:
Completely remove Django support on el5 and el6.
New upstream release
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 29 2013 Daniel Mach <dmach(a)redhat.com> - 0.4.0-2
- Drop admin subpackage on rhel <= 5
- Drop admin, django and hub subpackages on epel 6
* Thu Jul 25 2013 Daniel Mach <dmach(a)redhat.com> - 0.4.0-1
- Drop django and hub subpackages on rhel <= 5
- Set filename to be real name of a downloaded file. (Tomas Tomecek)
- Fix logwatcher to scroll to latest logs. (Tomas Tomecek)
- Remove obsolete function kobo.django.views.generic._object_list(). (Tomas Kopecek)
- Updated README for 0.4.0 release (Tomas Kopecek)
- Revamp setup.py and related files. (Daniel Mach)
- LongnameUser table has auth_user db table name for easier upgrade. (Tomas Kopecek)
- Add checksum_type to SimpleRpmWrapper. (Tomas Kopecek)
- Add kobo.threads.run_in_threads() helper. (Tomas Kopecek)
- Django 1.5 rebase. (Tomas Kopecek)
- Remove unnecessary slots from pkgset.FileCache. (Daniel Mach)
--------------------------------------------------------------------------------
================================================================================
libcutl-1.7.1-1.el5 (FEDORA-EPEL-2013-11050)
C++ utility library from Code Synthesis
--------------------------------------------------------------------------------
Update Information:
Initial release of libcutl for Fedora and EPEL.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #975309 - Review Request: libcutl - C++ utility library from Code Synthesis
https://bugzilla.redhat.com/show_bug.cgi?id=975309
--------------------------------------------------------------------------------
================================================================================
openvpn-2.3.2-1.el5 (FEDORA-EPEL-2013-11043)
A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:
Correct init script flag order.
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 31 2013 Jon Ciesla <limburgher(a)gmail.com> 2.3.2-1
- Latest upstream.
* Wed Jul 31 2013 Jon Ciesla <limburgher(a)gmail.com> 2.3.1-4
- init script fix, BZ 988755.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #988755 - Wrong order for --config and --cd in Init script
https://bugzilla.redhat.com/show_bug.cgi?id=988755
--------------------------------------------------------------------------------
================================================================================
pcp-3.8.2-1.el5 (FEDORA-EPEL-2013-11044)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 31 2013 Nathan Scott <nathans(a)redhat.com> - 3.8.2-1
- Update to latest PCP sources.
- Integrate gluster related stats with PCP (BZ 969348)
- Fix for iostat2pcp not parsing iostat output (BZ 981545)
- Start pmlogger with usable config by default (BZ 953759)
- Fix pmatop failing to start, gives stacktrace (BZ 963085)
* Wed Jun 19 2013 Nathan Scott <nathans(a)redhat.com> - 3.8.1-1
- Update to latest PCP sources.
- Fix log import silently dropping >1024 metrics (BZ 968210)
- Move some commonly used tools on the usual PATH (BZ 967709)
- Improve pmatop handling of missing proc metrics (BZ 963085)
- Stop out-of-order records corrupting import logs (BZ 958745)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #969348 - Integrate gluster related stats with PCP
https://bugzilla.redhat.com/show_bug.cgi?id=969348
[ 2 ] Bug #981545 - iostat2pcp cannot parse iostat output
https://bugzilla.redhat.com/show_bug.cgi?id=981545
[ 3 ] Bug #953759 - pmlogconf spring cleaning
https://bugzilla.redhat.com/show_bug.cgi?id=953759
[ 4 ] Bug #963085 - pmatop fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=963085
--------------------------------------------------------------------------------
================================================================================
zabbix20-2.0.6-3.el5 (FEDORA-EPEL-2013-11075)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
This update solves a security issue involving the use of libcurl in the code used to
access the eztexting service. It potentially allows for man-in-the-middle attacks. The
issue was described as CVE-2012-6086.
Please refer to
https://support.zabbix.com/browse/ZBX-5924 for details!
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Volker Fröhlich <volker27(a)gmx.at> - 2.0.6-3
- Backport fix for CVE-2012-6086
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #893414 - CVE-2012-6086 zabbix20: Improper use of cURL API might lead to
improper SSL certificate verification (MiTM) [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=893414
--------------------------------------------------------------------------------