The following Fedora EPEL 5 Security updates need testing:
Age URL
997
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
451
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
215
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
69
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17-3.el5
65
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
31
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4-4.0.10.7-2.el5
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4917/dokuwiki-0-0.23.20140929b.el5
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0074/nail-12.4-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0261/libsndfile-1.0.17-6.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
libasr-1.0.0-1.el5
libsndfile-1.0.17-6.el5
planet-2.0-20.el5
ssmtp-2.61-22.el5
Details about builds:
================================================================================
libasr-1.0.0-1.el5 (FEDORA-EPEL-2015-0269)
Free, simple and portable asynchronous resolver library
--------------------------------------------------------------------------------
Update Information:
libasr: initial Fedora RPM release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176455 - Review Request: libasr - Free, simple and portable
asynchronous resolver library
https://bugzilla.redhat.com/show_bug.cgi?id=1176455
--------------------------------------------------------------------------------
================================================================================
libsndfile-1.0.17-6.el5 (FEDORA-EPEL-2015-0261)
Library for reading and writing sound files
--------------------------------------------------------------------------------
Update Information:
fixing above security issues
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 13 2015 Michal Hlavinka <mhlav...@redhat.com> - 1.0.17-6
- fix CVE-2014-9496: 2 buffer overruns in sd2_parse_rsrc_fork (#1178840)
- division by zero leading to denial of service in psf_fwrite (#1177254)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177254 - libsndfile: division by zero leading to denial of
service in psf_fwrite()
https://bugzilla.redhat.com/show_bug.cgi?id=1177254
--------------------------------------------------------------------------------
================================================================================
planet-2.0-20.el5 (FEDORA-EPEL-2015-0258)
Flexible RDF/RSS/Atom feed aggregator
--------------------------------------------------------------------------------
Update Information:
Fix HTTPS feed URLs, initial epel7 build.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 23 2015 Jon Ciesla <limburg...@gmail.com> - 2.0-20
- Drop timeoutsocket.py to fix BZ 498456.
* Mon Jun 30 2014 Toshio Kuratomi <tos...@fedoraproject.org> - 2.0-19
- Replace python-setuptools-devel BR with python-setuptools
* Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Aug 30 2013 Jon Ciesla <limburg...@gmail.com> - 2.0-17
- Fix dates, escape macro in changelog.
* Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Feb 9 2011 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 2.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jul 21 2010 David Malcolm <dmalc...@redhat.com> - 2.0-11
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #498456 - HTTPS feed URLs broken in planet-2.0-3.el5
https://bugzilla.redhat.com/show_bug.cgi?id=498456
[ 2 ] Bug #1181144 - Please build to EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1181144
--------------------------------------------------------------------------------
================================================================================
ssmtp-2.61-22.el5 (FEDORA-EPEL-2015-0259)
Extremely simple MTA to get mail off the system to a Mailhub
--------------------------------------------------------------------------------
Update Information:
Sets proper permissions on the configuration file. No functional changes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 13 2014 Manuel "lonely wolf" Wolfshant <wo...@fedoraproject.org> -
2.61-22
- Fix spurious permissions for config file ( #1060515)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1060515 - Spurious executable+setgid bits on /etc/ssmtp/ssmtp.conf
https://bugzilla.redhat.com/show_bug.cgi?id=1060515
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
