The following Fedora EPEL 5 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.... 299 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 194 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2... 76 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctool... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0237/wordpress-3.5....
The following builds have been pushed to Fedora EPEL 5 updates-testing
openconnect-4.08-1.el5 sipp-3.3-2.el5
Details about builds:
================================================================================ openconnect-4.08-1.el5 (FEDORA-EPEL-2013-0366) Open client for Cisco AnyConnect VPN -------------------------------------------------------------------------------- Update Information:
This update fixes a potential buffer overflow in HTTP request generation, which could be triggered by a malicious server generating a large number of cookies or redirecting to a large path or hostname. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 13 2013 David Woodhouse David.Woodhouse@intel.com - 4.08-1 - Update to 4.08 release (#910331 CVE-2012-6128) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #910330 - CVE-2012-6128 openconnect: Stack-based buffer overflow when processing certain host names, paths, or cookie lists https://bugzilla.redhat.com/show_bug.cgi?id=910330 --------------------------------------------------------------------------------
================================================================================ sipp-3.3-2.el5 (FEDORA-EPEL-2013-0364) SIP test tool / traffic generator -------------------------------------------------------------------------------- Update Information:
- Ver. 3.3 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 15 2013 Peter Lemenkov lemenkov@gmail.com - 3.3-2 - Fix for autoreconf on EL5 * Fri Feb 15 2013 Peter Lemenkov lemenkov@gmail.com - 3.3-1 - Ver. 3.3 * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Feb 28 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-5 - Rebuilt for c++ ABI breakage * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu Nov 3 2011 Peter Lemenkov lemenkov@gmail.com - 3.2-3 - Fix authorization - Cherry-picked two patches from svn trunk * Wed Feb 9 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Thu Jan 27 2011 Peter Lemenkov lemenkov@gmail.com 3.2-1 - Ver 3.2 - Patches rebased --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org