The following Fedora EPEL 5 Security updates need testing:
Age URL
800
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893
libguestfs-1.20.12-1.el5
565
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
414
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849
sblim-sfcb-1.3.8-2.el5
57
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516
mcollective-2.8.4-1.el5
56
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-10d919912b
git-1.8.2.1-2.el5
29
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6
thttpd-2.25b-24.el5
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-481f9cfb21
shellinabox-2.19-1.el5
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d1309b0eb2
libsndfile-1.0.17-8.el5
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-11c5c57d59
openssl101e-1.0.1e-5.el5
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d712fb2a08
phpMyAdmin4-4.0.10.12-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
libburn-1.4.2-1.el5
libisoburn-1.4.2-1.el5
libisofs-1.4.2-1.el5
opendkim-2.10.3-3.el5
phpMyAdmin4-4.0.10.12-1.el5
Details about builds:
================================================================================
libburn-1.4.2-1.el5 (FEDORA-EPEL-2015-e641744578)
Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:
libisofs 1.4.2 ============== * Bug fix: zisofs compression caused SIGSEGV (by
reading) with files larger than 524160 KiB. * Bug fix: iso_node_get_name() of
root node returned NULL pointer rather than an empty string * Bug fix: Names
read from Joliet tree where stripped of trailing ";1" * Now sorting the data
file content extents by ECMA-119 tree, rather than by the red-black tree which
shall consolidate files with identical source object. * New API call
iso_read_opts_set_ecma119_map(). * New AAIP variable isofs.nt records name
truncation parameters. * Rectified handling of oversized filenames by new API
calls: iso_image_set_truncate_mode, iso_image_get_truncate_mode,
iso_truncate_leaf_name, iso_image_set_node_name, iso_image_tree_clone,
iso_image_add_new_dir, iso_image_add_new_file, iso_image_add_new_special,
iso_image_add_new_symlink, iso_image_dir_get_node, iso_image_path_to_node *
Result of a Coverity audit: 50+ code changes, but no easy-to-trigger bugs
libburn 1.4.2 ============= * Bug fix: burn_disc_get_media_id() returned BD
identifiers 2 chars too long * Bug fix: burn_disc_get_multi_caps() returned 2048
bytes too many in caps.start_range_high * Bug fix: Media summary session count
of blank and closed media was short by 1 * Bug fix: Endless loop if transport
error occurs while waiting for drive ready * New API calls
burn_drive_get_serial_no() and burn_drive_get_media_sno() * Result of a Coverity
audit: 40+ code changes, but no easy-to-trigger bugs libisoburn 1.4.2
================ * Bug fix: -backslash_codes "on" did not work outside quotes
and with showing "\r" * New API calls isoburn_ropt_set_truncate_mode()
isoburn_ropt_get_truncate_mode() * New options with
isoburn_ropt_set_extensions(): isoburn_ropt_map_* * New command
-modesty_on_drive, new -as cdrecord -immed, minbuf=, modesty_on_drive= * New
command -ecma119_map * New command -read_fs * New -boot_image action "replay" *
New command -file_name_limit, -as mkisofs -file_name_limit * New -find test
-name_limit_blocker. * Result of a Coverity audit: 50+ code changes, but no
easy-to-trigger bugs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287353 - libisoburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287353
[ 2 ] Bug #1287345 - libburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287345
[ 3 ] Bug #1287354 - libisofs-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287354
--------------------------------------------------------------------------------
================================================================================
libisoburn-1.4.2-1.el5 (FEDORA-EPEL-2015-e641744578)
Library to enable creation and expansion of ISO-9660 filesystems
--------------------------------------------------------------------------------
Update Information:
libisofs 1.4.2 ============== * Bug fix: zisofs compression caused SIGSEGV (by
reading) with files larger than 524160 KiB. * Bug fix: iso_node_get_name() of
root node returned NULL pointer rather than an empty string * Bug fix: Names
read from Joliet tree where stripped of trailing ";1" * Now sorting the data
file content extents by ECMA-119 tree, rather than by the red-black tree which
shall consolidate files with identical source object. * New API call
iso_read_opts_set_ecma119_map(). * New AAIP variable isofs.nt records name
truncation parameters. * Rectified handling of oversized filenames by new API
calls: iso_image_set_truncate_mode, iso_image_get_truncate_mode,
iso_truncate_leaf_name, iso_image_set_node_name, iso_image_tree_clone,
iso_image_add_new_dir, iso_image_add_new_file, iso_image_add_new_special,
iso_image_add_new_symlink, iso_image_dir_get_node, iso_image_path_to_node *
Result of a Coverity audit: 50+ code changes, but no easy-to-trigger bugs
libburn 1.4.2 ============= * Bug fix: burn_disc_get_media_id() returned BD
identifiers 2 chars too long * Bug fix: burn_disc_get_multi_caps() returned 2048
bytes too many in caps.start_range_high * Bug fix: Media summary session count
of blank and closed media was short by 1 * Bug fix: Endless loop if transport
error occurs while waiting for drive ready * New API calls
burn_drive_get_serial_no() and burn_drive_get_media_sno() * Result of a Coverity
audit: 40+ code changes, but no easy-to-trigger bugs libisoburn 1.4.2
================ * Bug fix: -backslash_codes "on" did not work outside quotes
and with showing "\r" * New API calls isoburn_ropt_set_truncate_mode()
isoburn_ropt_get_truncate_mode() * New options with
isoburn_ropt_set_extensions(): isoburn_ropt_map_* * New command
-modesty_on_drive, new -as cdrecord -immed, minbuf=, modesty_on_drive= * New
command -ecma119_map * New command -read_fs * New -boot_image action "replay" *
New command -file_name_limit, -as mkisofs -file_name_limit * New -find test
-name_limit_blocker. * Result of a Coverity audit: 50+ code changes, but no
easy-to-trigger bugs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287353 - libisoburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287353
[ 2 ] Bug #1287345 - libburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287345
[ 3 ] Bug #1287354 - libisofs-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287354
--------------------------------------------------------------------------------
================================================================================
libisofs-1.4.2-1.el5 (FEDORA-EPEL-2015-e641744578)
Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
libisofs 1.4.2 ============== * Bug fix: zisofs compression caused SIGSEGV (by
reading) with files larger than 524160 KiB. * Bug fix: iso_node_get_name() of
root node returned NULL pointer rather than an empty string * Bug fix: Names
read from Joliet tree where stripped of trailing ";1" * Now sorting the data
file content extents by ECMA-119 tree, rather than by the red-black tree which
shall consolidate files with identical source object. * New API call
iso_read_opts_set_ecma119_map(). * New AAIP variable isofs.nt records name
truncation parameters. * Rectified handling of oversized filenames by new API
calls: iso_image_set_truncate_mode, iso_image_get_truncate_mode,
iso_truncate_leaf_name, iso_image_set_node_name, iso_image_tree_clone,
iso_image_add_new_dir, iso_image_add_new_file, iso_image_add_new_special,
iso_image_add_new_symlink, iso_image_dir_get_node, iso_image_path_to_node *
Result of a Coverity audit: 50+ code changes, but no easy-to-trigger bugs
libburn 1.4.2 ============= * Bug fix: burn_disc_get_media_id() returned BD
identifiers 2 chars too long * Bug fix: burn_disc_get_multi_caps() returned 2048
bytes too many in caps.start_range_high * Bug fix: Media summary session count
of blank and closed media was short by 1 * Bug fix: Endless loop if transport
error occurs while waiting for drive ready * New API calls
burn_drive_get_serial_no() and burn_drive_get_media_sno() * Result of a Coverity
audit: 40+ code changes, but no easy-to-trigger bugs libisoburn 1.4.2
================ * Bug fix: -backslash_codes "on" did not work outside quotes
and with showing "\r" * New API calls isoburn_ropt_set_truncate_mode()
isoburn_ropt_get_truncate_mode() * New options with
isoburn_ropt_set_extensions(): isoburn_ropt_map_* * New command
-modesty_on_drive, new -as cdrecord -immed, minbuf=, modesty_on_drive= * New
command -ecma119_map * New command -read_fs * New -boot_image action "replay" *
New command -file_name_limit, -as mkisofs -file_name_limit * New -find test
-name_limit_blocker. * Result of a Coverity audit: 50+ code changes, but no
easy-to-trigger bugs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287353 - libisoburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287353
[ 2 ] Bug #1287345 - libburn-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287345
[ 3 ] Bug #1287354 - libisofs-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287354
--------------------------------------------------------------------------------
================================================================================
opendkim-2.10.3-3.el5 (FEDORA-EPEL-2015-1ae18f0313)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Added OpenLDAP support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1293279 - opendkim miss LDAP support
https://bugzilla.redhat.com/show_bug.cgi?id=1293279
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin4-4.0.10.12-1.el5 (FEDORA-EPEL-2015-d712fb2a08)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.12 (2015-12-25) ================================= -
[Security] Path disclosure, see PMASA-2015-6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294254 - PMASA-2015-6 phpMyAdmin: Path disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1294254
--------------------------------------------------------------------------------