The following Fedora EPEL 5 Security updates need testing:
Age URL
372
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
267
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
72
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.08-1.el5
30
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0819/libarchive-2.8.4-6.el5
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5410/php-geshi-1.0.8.11-3.el5
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5449/pdns-recursor-3.5-1.el5
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5517/git-1.8.2.1-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5620/phpMyAdmin3-3.5.8.1-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
munin-2.0.13-1.el5
phpMyAdmin3-3.5.8.1-1.el5
Details about builds:
================================================================================
munin-2.0.13-1.el5 (FEDORA-EPEL-2013-5623)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Upstream released 2.0.13, nginx subpackage, apache fcgi cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 26 2013 D. Johnson <[email protected]> - 2.0.13-1
- Upstream released 2.0.13
* Thu Apr 4 2013 Viljo Viitanen <[email protected]> - 2.0.12-4
- BZ #905421 add nginx cgi package, removed unnecessary services from apache
cgi package
* Mon Apr 1 2013 D. Johnson <[email protected]> - 2.0.12-3
- Add fw_ default config
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905421 - nfs.export-volumes tunable does not show up as "Options
Reconfigured" for volume created after the tunable has been changed
https://bugzilla.redhat.com/show_bug.cgi?id=905421
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin3-3.5.8.1-1.el5 (FEDORA-EPEL-2013-5620)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 3.5.8.1 (2013-04-24)
===============================
- [security] Remote code execution (preg_replace), reported by Janek Vind (see
PMASA-2013-2)
- [security] Locally Saved SQL Dump File Multiple File Extension Remote Code
Execution, reported by Janek Vind (see PMASA-2013-3)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 25 2013 Robert Scheck <[email protected]> 3.5.8.1-1
- Upgrade to 3.5.8.1 (#956398, #956401)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #956398 - CVE-2013-3238 phpMyAdmin: remote code execution via
preg_replace() (PMASA-2013-2)
https://bugzilla.redhat.com/show_bug.cgi?id=956398
[ 2 ] Bug #956401 - CVE-2013-3239 phpMyAdmin: remote code execution via
locally saved SQL dump file multiple extensions (PMASA-2013-3)
https://bugzilla.redhat.com/show_bug.cgi?id=956401
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/epel-devel-list
