[EPEL-devel] Fedora EPEL 5 updates-testing report

updates Sat, 30 Jan 2016 22:19:32 -0800

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 833  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893   
libguestfs-1.20.12-1.el5
 598  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626   
puppet-2.7.26-1.el5
 447  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849   
sblim-sfcb-1.3.8-2.el5
  90  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516   
mcollective-2.8.4-1.el5
  62  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6   
thttpd-2.25b-24.el5
  43  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d1309b0eb2   
libsndfile-1.0.17-8.el5
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5a2146a2dd   
prosody-0.9.10-1.el5
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2a457c3d5b   
phpMyAdmin4-4.0.10.14-1.el5



The following builds have been pushed to Fedora EPEL 5 updates-testing

    libburn-1.4.2-2.el5
    phpMyAdmin4-4.0.10.14-1.el5

Details about builds:


================================================================================
 libburn-1.4.2-2.el5 (FEDORA-EPEL-2016-ebbe8b6924)
 Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:

libburn 1.4.2.pl01 ==================    * Bug fix: cdrskin "failed to attach
fifo" when burning from stdin. Regression of 1.4.2, rev 5522.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1294947 - k3b does not work with cdrskin
        https://bugzilla.redhat.com/show_bug.cgi?id=1294947
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin4-4.0.10.14-1.el5 (FEDORA-EPEL-2016-2a457c3d5b)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 4.0.10.14 (2016-01-29) =================================  - Error
with PMA 4.0.10.13 with PHP 5.2   phpMyAdmin 4.0.10.13 (2016-01-28)
=================================  - [Security] Multiple full path disclosure
vulnerabilities, see PMASA-2016-1 - [Security] Unsafe generation of CSRF token,
see PMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see PMASA-2016-3 -
[Security] Insecure password generation in JavaScript, see PMASA-2016-4 -
[Security] Unsafe comparison of CSRF token, see PMASA-2016-5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1302681 - CVE-2016-2041 phpMyAdmin: Unsafe comparison of XSRF/CSRF 
token (PMASA-2016-5)
        https://bugzilla.redhat.com/show_bug.cgi?id=1302681
  [ 2 ] Bug #1302680 - CVE-2016-1927 phpMyAdmin: Insecure password generation 
in JavaScript (PMASA-2016-4)
        https://bugzilla.redhat.com/show_bug.cgi?id=1302680
  [ 3 ] Bug #1302679 - CVE-2016-2040 phpMyAdmin: Multiple XSS vulnerabilities 
(PMASA-2016-3)
        https://bugzilla.redhat.com/show_bug.cgi?id=1302679
  [ 4 ] Bug #1302677 - CVE-2016-2039 phpMyAdmin: Unsafe generation of XSRF/CSRF 
token (PMASA-2016-2)
        https://bugzilla.redhat.com/show_bug.cgi?id=1302677
  [ 5 ] Bug #1302676 - CVE-2016-2038 phpMyAdmin: Multiple full path disclosure 
vulnerabilities (PMASA-2016-1)
        https://bugzilla.redhat.com/show_bug.cgi?id=1302676
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org

[EPEL-devel] Fedora EPEL 5 updates-testing report

Reply via email to