The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6298/clamav-0.97.5-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6128/viewvc-1.1.15-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6223/gajim-0.12.5-1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6229/mosh-1.2.2-1.e...
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-2.15.1-1.el5 clamav-0.97.5-1.el5 nickle-2.76-1.el5
Details about builds:
================================================================================ R-2.15.1-1.el5 (FEDORA-EPEL-2012-6306) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Update to R 2.15.1. Rebuild rpy and rkward for new R (update rpy to 2.2.6). Fix dependency issue with tex. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2012 Tom Callaway spot@fedoraproject.org - 2.15.1-1 - update to 2.15.1 * Mon Jul 2 2012 Jindrich Novy jnovy@redhat.com - 2.15.0-4 - fix LaTeX and dvips dependencies (#836817) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #836817 - R-core depends on texlive-latex https://bugzilla.redhat.com/show_bug.cgi?id=836817 --------------------------------------------------------------------------------
================================================================================ clamav-0.97.5-1.el5 (FEDORA-EPEL-2012-6298) Anti-virus software -------------------------------------------------------------------------------- Update Information:
- Upgrade to 0.97.5 - Fix CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection - Fix CVE-2012-1457 clamav: overly long length field in tar files evade detection - Fix CVE-2012-1443 clamav: specially-crafted RAR files evade detection - Fix CVE-2012-1458 clamav: specially-crafted CHM files evade detection - Fix CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection - Ship local copy of virus database; it was removed by accident from 0.97.5 tarball -------------------------------------------------------------------------------- ChangeLog:
* Sun Jul 1 2012 Robert Scheck robert@fedoraproject.org - 0.97.5-1 - Upgrade to 0.97.5 - Fix CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection - Fix CVE-2012-1457 clamav: overly long length field in tar files evade detection - Fix CVE-2012-1443 clamav: specially-crafted RAR files evade detection - Fix CVE-2012-1458 clamav: specially-crafted CHM files evade detection - Fix CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection - Ship local copy of virus database; it was removed by accident from 0.97.5 tarball -------------------------------------------------------------------------------- References:
[ 1 ] Bug #806092 - CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection https://bugzilla.redhat.com/show_bug.cgi?id=806092 [ 2 ] Bug #806094 - CVE-2012-1457 clamav: overly long length field in tar files evade detection https://bugzilla.redhat.com/show_bug.cgi?id=806094 [ 3 ] Bug #806097 - CVE-2012-1443 clamav: specially-crafted RAR files evade detection https://bugzilla.redhat.com/show_bug.cgi?id=806097 [ 4 ] Bug #806100 - CVE-2012-1458 clamav: specially-crafted CHM files evade detection https://bugzilla.redhat.com/show_bug.cgi?id=806100 [ 5 ] Bug #806101 - CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection https://bugzilla.redhat.com/show_bug.cgi?id=806101 --------------------------------------------------------------------------------
================================================================================ nickle-2.76-1.el5 (FEDORA-EPEL-2012-6303) A programming language-based prototyping environment -------------------------------------------------------------------------------- Update Information:
* Don't crash when using initializer with forward ref type * Fix crashes when MemCollect occurs during Twixt execution
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2012 Michel Salim salimma@fedoraproject.org - 2.76-1 - Update to 2.76 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #831189 - nickle-2.76 is available https://bugzilla.redhat.com/show_bug.cgi?id=831189 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org