The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6477/dropbear-0.55-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6419/nsd-3.2.12-1.e... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6441/puppet-2.6.17-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6383/raptor-1.4.16-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6464/bacula-2.4.4-6... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6514/moodle-1.9.19-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6519/bacula-2.4.4-7...
The following builds have been pushed to Fedora EPEL 5 updates-testing
BitchX-1.2-16.el5 bacula-2.4.4-7.el5 ginfo-0.2.1-2.el5 mod_auth_xradius-0.4.6-16.el5 rsnapshot-1.3.1-7.el5
Details about builds:
================================================================================ BitchX-1.2-16.el5 (FEDORA-EPEL-2012-6523) IrcII chat client -------------------------------------------------------------------------------- Update Information:
Latest source, add to EPEL6 and EPEL5 --------------------------------------------------------------------------------
================================================================================ bacula-2.4.4-7.el5 (FEDORA-EPEL-2012-6519) Cross platform network backup for Linux, Unix, Mac and Windows -------------------------------------------------------------------------------- Update Information:
- SPEC file changes and cleanup - Removed useless manual and examples - Split off docs subpackage making it noarch - SysV init scripts cleanup - build requirements fixed - Re-added shared logwatch script applybaculadate -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 26 2012 Robert Scheck robert@fedoraproject.org 2.4.4-7 - Really re-added shared script applybaculadate for logwatch * Thu Jul 19 2012 Simone Caronni negativo17@gmail.com 2.4.4-6 - Drop examples (rhbz#475469). * Thu Jul 19 2012 Simone Caronni negativo17@gmail.com 2.4.4-5 - Spool directory owned only by common subpackage (rhbz#718299). - Backport patch from Bacula 3.0.2 to fix logwatch (rhbz#643932). * Wed Jul 18 2012 Simone Caronni negativo17@gmail.com 2.4.4-4 - Remove fedora-usermgmt entirely, see thread at: http://lists.fedoraproject.org/pipermail/packaging/2011-December/008034.html - Add devel subpackage. - Remove docs subpackage. - Rename patches and delete unused ones from git. - Remove conditionals for sqlite versions as this package will die with RHEL 5. * Wed Jul 18 2012 Simone Caronni negativo17@gmail.com 2.4.4-3 - Removed commented stuff that will never come back. - Cleaned up init files. - Get rid of useless defines. - Spec file formatting. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #475469 - CVE-2008-5373 bacula-common: Insecure temporary file use in autochangers (symlink attack) https://bugzilla.redhat.com/show_bug.cgi?id=475469 --------------------------------------------------------------------------------
================================================================================ ginfo-0.2.1-2.el5 (FEDORA-EPEL-2012-6527) A versatile tool for discovering Grid services -------------------------------------------------------------------------------- Update Information:
A versatile tool for discovering Grid services -------------------------------------------------------------------------------- References:
[ 1 ] Bug #833395 - Review Request: ginfo - Service Discovery Client https://bugzilla.redhat.com/show_bug.cgi?id=833395 --------------------------------------------------------------------------------
================================================================================ mod_auth_xradius-0.4.6-16.el5 (FEDORA-EPEL-2012-6529) Apache module that provides authentication against RADIUS Servers -------------------------------------------------------------------------------- Update Information:
New Apache Radius authentication module -------------------------------------------------------------------------------- References:
[ 1 ] Bug #820488 - Review Request: mod_auth_xradius - Apache module that provides authentication against RADIUS Servers https://bugzilla.redhat.com/show_bug.cgi?id=820488 --------------------------------------------------------------------------------
================================================================================ rsnapshot-1.3.1-7.el5 (FEDORA-EPEL-2012-6522) Local and remote filesystem snapshot utility -------------------------------------------------------------------------------- Update Information:
Upstream changes for version 1.3.1 (Aug 31 2008) ================================================
- Fix help message mixup in lines between -c and -t. - Add more specific error messages for not currently implemented potential per backup point options, like cmd_preexec. - Allow named pipe as logfile - suggested by Patrice Levesque. - Include rsnapshot-copy script written by Matt McCutchen. - Allow `backticks` in include_conf. - Apply fix-sync_first-rollback.diff patch from Matt McCutchen (02 Apr 2008). - hopefully fix bug with link_dest not being used on second and later backups when you have link_dest 1 and sync_first 1. (Ignore $sync_dir_was_present) - Patch from Adam Greenbaum to allow passing of ssh arguments correctly. - David Grant added rsync_numtries to rsnapshot.conf. - Applied Ben Low's Linux LVM patch. - Added stop_on_stale_lockfile, thanks to Henning Moll. - Michael Ashley's fix for filter/space problems on the rsync command line. - Remove trailing whitespace from command names in rsnapshot.conf. - Warn about extra spaces between tab and argument. - Added multi-line config options, thanks to Dieter Bloms. - The 'interval' config option is now called 'retain'. - chdir to avoid an obscure bug in some versions of GNU rm. - Changed use_lazy_deletes option to use _delete.$$ directories. - Added note about -H and hard links to docs for rsync_short_args. - Include rsnapshot-diff.1 in rpm. - Fix bug with rsnapshot sync the first time (when .sync does not exist) trying to copy hourly.0 to .sync, even if hourly.0 doesn't exist. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413439 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org