The following Fedora EPEL 5 Security updates need testing: Age URL 753 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893 libguestfs-1.20.12-1.el5 517 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5 367 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1cb7f30ae9 perl-HTML-Scrubber-0.15-1.el5.1 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-10d919912b git-1.8.2.1-2.el5 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-4a0a62b289 drupal7-jquery_update-2.7-1.el5 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-38c5cc1eab libsndfile-1.0.17-7.el5 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-9e8d76ee45 putty-0.63-5.el5 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-49d2e8a4cb php53-mapi-7.1.14-1.el5 zarafa-7.1.14-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
clustershell-1.7-1.el5 perl-Time-ParseDate-2015.103-1.el5 php53-mapi-7.1.14-1.el5 stompclt-1.3-3.el5 zarafa-7.1.14-1.el5
Details about builds:
================================================================================ clustershell-1.7-1.el5 (FEDORA-EPEL-2015-4df8e4095b) Python framework for efficient cluster administration -------------------------------------------------------------------------------- Update Information:
clustershell-1.7-1.el5 - update to 1.7 --------------------------------------------------------------------------------
================================================================================ perl-Time-ParseDate-2015.103-1.el5 (FEDORA-EPEL-2015-72443054b3) Perl modules for parsing dates and times -------------------------------------------------------------------------------- Update Information:
2015.1030 2015-10-30 * Not requirement for Time::Piece for tests. 2015.0925 2015-09-25 * https://rt.cpan.org/Ticket/Display.html?id=96453 * fix epoch second 0 with timezone. 2015.0925 2015-09-25 * apply patch from bug https://rt.cpan.org/Ticket/Display.html?id=90367 * use Time::Piece in place of POSIX tzset for better compatibility with Windows. 2015.0925 2015-09-25 * apply patch from bug https://rt.cpan.org/Ticket/Display.html?id=96031 * manpage typo patch -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1279907 - perl-Time-ParseDate-2015.103 is available https://bugzilla.redhat.com/show_bug.cgi?id=1279907 --------------------------------------------------------------------------------
================================================================================ php53-mapi-7.1.14-1.el5 (FEDORA-EPEL-2015-49d2e8a4cb) The PHP MAPI extension by Zarafa -------------------------------------------------------------------------------- Update Information:
Zarafa Collaboration Platform 7.1.14 final [51822] ================================================== - ZCP-13581: update fck- editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572: CVE-2015-6566 - zarafa-autorespond suffers from a potential local privilege escalation - ZCP-13087: Meeting requests are not being sent with Thunderbird Lightning due to new functionality - ZCP-13608: Attachments are missing in the Sent items folder when using a cache profile - ZCP-13243: ser_safe_mode falsely reports that it would delete users -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1263006 - CVE-2015-6566 zarafa: Potential local privilege escalation in zarafa-autorespond https://bugzilla.redhat.com/show_bug.cgi?id=1263006 --------------------------------------------------------------------------------
================================================================================ stompclt-1.3-3.el5 (FEDORA-EPEL-2015-1fdc06f78d) Versatile STOMP client -------------------------------------------------------------------------------- Update Information:
stompclt-1.3-3.el5 - Added missing package: EPEL5 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1209748 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1209748 --------------------------------------------------------------------------------
================================================================================ zarafa-7.1.14-1.el5 (FEDORA-EPEL-2015-49d2e8a4cb) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information:
Zarafa Collaboration Platform 7.1.14 final [51822] ================================================== - ZCP-13581: update fck- editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572: CVE-2015-6566 - zarafa-autorespond suffers from a potential local privilege escalation - ZCP-13087: Meeting requests are not being sent with Thunderbird Lightning due to new functionality - ZCP-13608: Attachments are missing in the Sent items folder when using a cache profile - ZCP-13243: ser_safe_mode falsely reports that it would delete users -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1263006 - CVE-2015-6566 zarafa: Potential local privilege escalation in zarafa-autorespond https://bugzilla.redhat.com/show_bug.cgi?id=1263006 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org