The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6383/raptor-1.4.16-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1...
The following builds have been pushed to Fedora EPEL 5 updates-testing
dcap-2.47.6-2.el5 fuse-encfs-1.7.4-7.el5 lcgdm-1.8.3.1-2.el5 lcm-0.9.0-5.el5 monit-4.10.1-9.el5 nagios-plugins-lcgdm-0.9.1-1.el5 raptor-1.4.16-3.el5
Details about builds:
================================================================================ dcap-2.47.6-2.el5 (FEDORA-EPEL-2012-6371) Client Tools for dCache -------------------------------------------------------------------------------- Update Information:
Fix character encoding issue in sources -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 12 2012 Mattias Ellert mattias.ellert@fysast.uu.se - 2.47.6-2 - Remove encoding fixes --------------------------------------------------------------------------------
================================================================================ fuse-encfs-1.7.4-7.el5 (FEDORA-EPEL-2012-6382) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information:
This update introduces a new major version of fuse-encfs since the previous version was not able to create a new encfs filesystem (see the referenced bug 601989). -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 11 2012 Till Maas opensource@till.name - 1.7.4-7 - Add el5 conditionals for obsoleted macros - Use less globbing in %files - Use boost141 in el5 * Tue Feb 28 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7.4-6 - Rebuilt for c++ ABI breakage * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sun Nov 20 2011 Thomas thomas.spura@googlemail.com - 1.7.4-4 - rebuild for https://fedoraproject.org/wiki/Features/F17Boost148 * Fri Sep 9 2011 Adam Jackson ajax@redhat.com 1.7.4-3 - Rebuild for boost 1.47 * Thu Aug 25 2011 Peter Lemenkov lemenkov@gmail.com - 1.7.4-2 - Rebuilt for new boost * Mon Apr 11 2011 Peter Lemenkov lemenkov@gmail.com - 1.7.4-1 - Ver. 1.7.4 * Tue Feb 8 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Feb 6 2011 Thomas Spura tomspur@fedoraproject.org - 1.7.2-2 - rebuild for new boost * Tue Sep 7 2010 Peter Lemenkov lemenkov@gmail.com - 1.7.2-1 - Ver. 1.7.2 * Sun Sep 5 2010 Peter Lemenkov lemenkov@gmail.com - 1.7.1-1 - Fixed three security flaws (see rhbz #630460) - Cleaned up spec-file a little * Sun Aug 1 2010 Josh Kayse jokajak@fedoraproject.org - 1.6.1-1 - update to 1.6-1 - remove patch because it's been incorporated * Thu Jul 29 2010 Bill Nottingham notting@redhat.com - 1.5-13 - Rebuild for boost-1.44 * Tue Jul 27 2010 Bill Nottingham notting@redhat.com - 1.5-12 - Rebuild for boost-1.44 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #601989 - Creating new fuse-encfs filesystem fails with 'boost::filesystem::filesystem_error' https://bugzilla.redhat.com/show_bug.cgi?id=601989 --------------------------------------------------------------------------------
================================================================================ lcgdm-1.8.3.1-2.el5 (FEDORA-EPEL-2012-6379) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information:
Update for new upstream release - 1.8.3.1. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 5 2012 Ricardo Rocha ricardo.rocha@cern.ch - 1.8.3.1-2 - Cleanup sysv scripts from upstream when using systemd * Mon Jun 4 2012 Ricardo Rocha ricardo.rocha@cern.ch - 1.8.3.1-1 - Update for new upstream release - Dropped postgresql packages (unsupported by upstream) - Removed configuration bits from the spec file (incomplete) - Renamed dpm-srm* to srm*, dpm-rfiod to rfiod (using alternatives) --------------------------------------------------------------------------------
================================================================================ lcm-0.9.0-5.el5 (FEDORA-EPEL-2012-6376) Utilities for lightweight communications and marshaling -------------------------------------------------------------------------------- Update Information:
This update excludes the following arches: ppc and ppc64 which were preventing builds on el5 and el6. Also bumped release which wasn't synched with the changelog. --------------------------------------------------------------------------------
================================================================================ monit-4.10.1-9.el5 (FEDORA-EPEL-2012-6384) Manages and monitors processes, files, directories and devices -------------------------------------------------------------------------------- Update Information:
Fix initscript to use the pidfile to kill the daemon, not the name -------------------------------------------------------------------------------- References:
[ 1 ] Bug #676178 - monit pid vs process name https://bugzilla.redhat.com/show_bug.cgi?id=676178 --------------------------------------------------------------------------------
================================================================================ nagios-plugins-lcgdm-0.9.1-1.el5 (FEDORA-EPEL-2012-6378) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information:
Update for new upstream release 0.9.1 release, with some new probes and fixes for old ones.
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 11 2012 Ricardo Rocha ricardo.rocha@cern.ch - 0.9.1-1 - Update for new upstream release * Fri May 25 2012 Alexandre Beche alexandre.beche@cern.ch - 0.9.0-1 - Update for new upstream release --------------------------------------------------------------------------------
================================================================================ raptor-1.4.16-3.el5 (FEDORA-EPEL-2012-6383) Raptor RDF Parser Toolkit for Redland -------------------------------------------------------------------------------- Update Information:
This is new version of package that fixes CVE-2012-0037. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #805938 - CVE-2012-0037 raptor: XML External Entity (XXE) attack by processing certain RDF files [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=805938 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org