The following Fedora EPEL 5 Security updates need testing: Age URL 1117 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 572 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.... 336 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-... 186 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6090/drupal7-views-... 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6130/t1utils-1.39-1... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5953/wordpress-4.2.... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6127/openslp-1.2.1-... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6286/phpMyAdmin4-4....
The following builds have been pushed to Fedora EPEL 5 updates-testing
phpMyAdmin4-4.0.10.10-1.el5
Details about builds:
================================================================================ phpMyAdmin4-4.0.10.10-1.el5 (FEDORA-EPEL-2015-6286) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 4.0.10.10 (2015-05-13) =================================
- [security] CSRF vulnerability in setup - [security] Vulnerability allowing Man-in-the-middle attack -------------------------------------------------------------------------------- ChangeLog:
* Thu May 14 2015 Robert Scheck robert@fedoraproject.org 4.0.10.10-1 - Upgrade to 4.0.10.10 (#1221588, #1221580, #1221581) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1221580 - CVE-2015-3902 phpMyAdmin: XSRF/CSRF vulnerability in phpMyAdmin setup https://bugzilla.redhat.com/show_bug.cgi?id=1221580 [ 2 ] Bug #1221581 - CVE-2015-3903 phpMyAdmin: Vulnerability allowing man-in-the-middle attack on API call to GitHub https://bugzilla.redhat.com/show_bug.cgi?id=1221581 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org