The following Fedora EPEL 5 Security updates need testing: Age URL 409 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 303 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2... 109 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.... 42 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5517/git-1.8.2.1-1.... 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5968/transifex-clie... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5990/mod_security-2... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5991/cgit-0.9.2-1.e... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5996/socat-1.7.2.2-... 3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6047/nrpe-2.14-3.el... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-6086/libguestfs-1.2...
The following builds have been pushed to Fedora EPEL 5 updates-testing
ccache-2.4-21.el5 gridsite-1.7.25-2.el5 libguestfs-1.20.8-1.el5 libyubikey-1.10-1.el5
Details about builds:
================================================================================ ccache-2.4-21.el5 (FEDORA-EPEL-2013-6075) C/C++ compiler cache -------------------------------------------------------------------------------- Update Information:
Additional auto-symlink support for gcc44 and mingw32 compilers. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 4 2013 Ville Skyttä ville.skytta@iki.fi - 2.4-21 - Auto-symlink gcc44(-c++) (#970228) and mingw32-gcc(-c++) compilers. - Fix bogus dates in %changelog. - Run test suite during build. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #970228 - Missing support for gcc44 https://bugzilla.redhat.com/show_bug.cgi?id=970228 --------------------------------------------------------------------------------
================================================================================ gridsite-1.7.25-2.el5 (FEDORA-EPEL-2013-6083) Grid Security for the Web, Web platforms for Grids -------------------------------------------------------------------------------- Update Information:
Update to Upstream version 1.7.25, Fix a potential segfault bug on httpd >=24 servers. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 4 2013 Adrien Devresse <adevress at cern.ch> - 1.7.25-2 - Upstream to 1.7.25 - Fix httpd 24 patch, remove a risk of segfault on >=EL6 * Sat Jan 26 2013 Kevin Fenzi kevin@scrye.com 1.7.21-4 - Rebuild for new gsoap --------------------------------------------------------------------------------
================================================================================ libguestfs-1.20.8-1.el5 (FEDORA-EPEL-2013-6086) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information:
Upstream stable branch version 1.20.8. This contains a complete fix for CVE-2013-2124. Rebase to libguestfs 1.20.7. Includes a fix for CVE-2013-2124. For more information see: https://www.redhat.com/archives/libguestfs/2013-May/msg00079.html -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 3 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.8-1 - Rebase to upstream stable branch version 1.20.8. This contains a complete fix for CVE-2013-2124. * Wed May 29 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.7-3 - Rebase to upstream stable branch version 1.20.7. - Includes fix for inspection vulnerability (RHBZ#968315). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #968315 - CVE-2013-2124 libguestfs: DoS (abort) due to a double free flaw when inspecting certain guest files / images [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=968315 --------------------------------------------------------------------------------
================================================================================ libyubikey-1.10-1.el5 (FEDORA-EPEL-2013-6080) C library for decrypting and parsing Yubikey One-time passwords -------------------------------------------------------------------------------- Update Information:
New upstream release 1.10; enables build warnings -------------------------------------------------------------------------------- ChangeLog:
* Mon May 13 2013 - Maxim Burgerhout wzzrd@fedoraproject.org - 1.10-1 - New upstream release 1.10; enables build warnings --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org