The following Fedora EPEL 5 Security updates need testing:
Age URL
1067
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
522
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
286
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
140
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17-3.el5
136
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
45
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0695/drupal7-path_breadcrumbs-3.2-1.el5
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1001/drupal7-entity-1.6-1.el5
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1326/drupal7-ctools-1.7-1.el5
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1344/drupal6-6.35-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1374/tor-0.2.4.26-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1419/cabextract-1.5-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1379/PyYAML-3.09-11.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
PyYAML-3.09-11.el5
cabextract-1.5-1.el5
opendkim-2.10.1-4.el5
potrace-1.12-1.el5
python-psycopg2-2.0.14-3.el5
tor-0.2.4.26-1.el5
Details about builds:
================================================================================
PyYAML-3.09-11.el5 (FEDORA-EPEL-2015-1379)
YAML parser and emitter for Python
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-9130
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 23 2015 John Eckersberg <e...@redhat.com> - 3.09-11
- Add patch for CVE-2014-9130 (bug 1204829)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1204829 - PyYAML: assert failure when processing wrapped strings
https://bugzilla.redhat.com/show_bug.cgi?id=1204829
--------------------------------------------------------------------------------
================================================================================
cabextract-1.5-1.el5 (FEDORA-EPEL-2015-1419)
Utility for extracting cabinet (.cab) archives
--------------------------------------------------------------------------------
Update Information:
Security fix for directory traversal with UTF-8 symbols in filenames. Fixed in
upstream version 1.5.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 24 2015 Juan Orti Alcaine <jo...@fedoraproject.org> - 1.5-1
- Updated to 1.5
* Fri Aug 15 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jan 12 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon May 16 2011 Dan HorĂ¡k <dan[at]danny.cz> - 1.4-1
- updated to 1.4
* Tue Feb 8 2011 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Sep 29 2010 jkeating - 1.3-2
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1193952 - CVE-2015-2060 cabextract: directory traversal with UTF-8
symbols in filenames
https://bugzilla.redhat.com/show_bug.cgi?id=1193952
--------------------------------------------------------------------------------
================================================================================
opendkim-2.10.1-4.el5 (FEDORA-EPEL-2015-1391)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
- Fixed typo in Group Name
- Added updated libtool definition
- Additional comments in spec file
- Patch SysV initscript to stop default key generation on startup
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 24 2015 Steve Jenkins <st...@stevejenkins.com> - 2.10.1-4
- Fixed typo in Group name
- Added updated libtool definition
- Additional comments in spec file
- Patch SysV initscript to stop default key generation on startup
* Thu Mar 5 2015 Adam Jackson <a...@redhat.com> 2.10.1-3
- Drop sysvinit subpackage from F23+
--------------------------------------------------------------------------------
================================================================================
potrace-1.12-1.el5 (FEDORA-EPEL-2015-1369)
Transform bitmaps into vector graphics
--------------------------------------------------------------------------------
Update Information:
Update to 1.12, fixing memory overflow bug with very large bitmaps.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 24 2015 Susi Lehtola <jussileht...@fedoraproject.org> - 1.12-1
- Update to 1.12.
* Sun Aug 17 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.11-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed May 15 2013 Susi Lehtola <jussileht...@fedoraproject.org> - 1.11-2
- Support for 64 bit ARM architecture (BZ #926364).
--------------------------------------------------------------------------------
================================================================================
python-psycopg2-2.0.14-3.el5 (FEDORA-EPEL-2015-1382)
A PostgreSQL database adapter for Python
--------------------------------------------------------------------------------
Update Information:
disabling python-psycopg2-zope; broken dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2015 Jozef Mlich <jml...@redhat.com> - 2.0.14-3
- disabling python-psycopg2-zope and rebuild due
broken dependencies in the epel-5 tree
zope package retired
--------------------------------------------------------------------------------
================================================================================
tor-0.2.4.26-1.el5 (FEDORA-EPEL-2015-1374)
Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 0.2.4.26.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 23 2015 Jamie Nguyen <jamieli...@fedoraproject.org> - 0.2.4.26-1
- update to upstream release 0.2.4.26
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1204773 - tor: security fixes in 0.2.4.26 and 0.2.5.11
https://bugzilla.redhat.com/show_bug.cgi?id=1204773
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
