The following Fedora EPEL 5 Security updates need testing: Age URL 1013 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5 467 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5 232 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5 86 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17-3.el5 82 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5 48 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4-4.0.10.7-2.el5 34 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4917/dokuwiki-0-0.23.20140929b.el5 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0369/polarssl-1.3.2-4.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0549/websvn-2.3.3-8.el5 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0559/clamav-0.98.6-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing clamav-0.98.6-1.el5 websvn-2.3.3-8.el5 Details about builds: ================================================================================ clamav-0.98.6-1.el5 (FEDORA-EPEL-2015-0559) Anti-virus software -------------------------------------------------------------------------------- Update Information: ClamAV 0.98.6 ============= ClamAV 0.98.6 is a bug fix release correcting the following: * library shared object revisions. * installation issues on some Mac OS X and FreeBSD platforms. * includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd. * Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. * Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team. * Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab. * Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328. * Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2015 Robert Scheck <rob...@fedoraproject.org> - 0.98.6-1 - Upgrade to 0.98.6 and updated daily.cvd (#1187050) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187050 - CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files https://bugzilla.redhat.com/show_bug.cgi?id=1187050 -------------------------------------------------------------------------------- ================================================================================ websvn-2.3.3-8.el5 (FEDORA-EPEL-2015-0549) Online subversion repository browser -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2013-6892 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2015 Xavier Bachelot <xav...@bachelot.org> 2.3.3-8 - Add patch for CVE-2013-6892 (RHBZ#1183632). * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.3.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.3.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Feb 15 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.3.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Dec 2 2012 Johan Cwiklinski <johan AT x-tnd DOT be> - 2.3.3-4 - Fix apache 2.4 configuration (bz #871495) * Sun Jul 22 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.3.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183632 - CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access https://bugzilla.redhat.com/show_bug.cgi?id=1183632 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel