The following Fedora EPEL 5 Security updates need testing:
Age URL
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13670/bogofilter-1.2.3-1.el5
228
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13530/pcp-3.6.10-1.el5
122
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
54
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13152/cobbler-2.4.0-beta2.el5
51
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5
50
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5
4
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
bogofilter-1.2.3-1.el5
facter-1.6.16-1.el5
opendkim-2.7.3-2.el5
perl-CDB_File-0.97-1.el5
Details about builds:
================================================================================
bogofilter-1.2.3-1.el5 (FEDORA-EPEL-2012-13670)
Fast anti-spam filtering by Bayesian statistical analysis
--------------------------------------------------------------------------------
Update Information:
updated to 1.2.3 (fixes #883358, CVE-2012-5468)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 4 2012 Adrian Reber <adr...@lisas.de> - 1.2.3-1
- updated to 1.2.3 (fixes #883358, CVE-2012-5468)
* Thu Jul 26 2012 Adrian Reber <adr...@lisas.de> - 1.2.2-5
- add new libdb4 include path to configure options
* Wed Jul 18 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jan 12 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Feb 7 2011 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #883358 - CVE-2012-5468 bogofilter: Heap-based buffer overflow by
decoding invalid base64 code (that decodes to incomplete multibyte characters)
https://bugzilla.redhat.com/show_bug.cgi?id=883358
--------------------------------------------------------------------------------
================================================================================
facter-1.6.16-1.el5 (FEDORA-EPEL-2012-13675)
Command and ruby library for gathering system information
--------------------------------------------------------------------------------
Update Information:
Update from upstream with fixes for edge cases around ec2 facts.
Rebase to 1.6.15 and fix issue found in bz #871211
This is a rebase to the upstream of 1.6.15. This should be a backward
compatible release with what is currently in Fedora/EPEL. The known
issue of openstack/ec2 fact exception handling has been resolved in
1.6.15.
This commit also adds the .asc file back as it used by facter
maintainers during package creation.
Moves facter to newest version. This is a fully compatible version from 1.6.6
which is in stable. It also has bug fixes and a few enhancements.
Moves facter to newest version. This is a fully compatible version from 1.6.6
which is in stable. It also has bug fixes and a few enhancements.
Rebase to 1.6.15 and fix issue found in bz #871211
This is a rebase to the upstream of 1.6.15. This should be a backward
compatible release with what is currently in Fedora/EPEL. The known
issue of openstack/ec2 fact exception handling has been resolved in
1.6.15.
This commit also adds the .asc file back as it used by facter
maintainers during package creation.
Moves facter to newest version. This is a fully compatible version from 1.6.6
which is in stable. It also has bug fixes and a few enhancements.
Moves facter to newest version. This is a fully compatible version from 1.6.6
which is in stable. It also has bug fixes and a few enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 4 2012 Michael Stahnke <stah...@puppetlabs.com> - 1.6.16-1
- Update to 1.6.16
* Wed Nov 28 2012 Michael Stahnke <stah...@puppetlabs.com> - 1.6.15-1
- Rebase to 1.6.15
- Put asc file back as Source1
* Fri Nov 9 2012 Michael Stahnke <stah...@puppetlabs.com> - 1.6.13-2
- Add patch for ec2 fix
- Rebase to 1.6.14 via bz 871211
* Mon Oct 29 2012 Michael Stahnke <stah...@puppetlabs.com> - 1.6.13-1
- Rebase to 1.6.13
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #871211 - Please update facter to the latest upstream (patch
included)
https://bugzilla.redhat.com/show_bug.cgi?id=871211
--------------------------------------------------------------------------------
================================================================================
opendkim-2.7.3-2.el5 (FEDORA-EPEL-2012-13677)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Changed default permissions of /etc/opendkim/keys based on suggestion by
Patrick at puzzled.xs4all.nl.
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are
empty, and an oversign header field name list that is present but empty.
Problem noted by Alec Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were
previously defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are
empty, and an oversign header field name list that is present but empty.
Problem noted by Alec Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were
previously defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are
empty, and an oversign header field name list that is present but empty.
Problem noted by Alec Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were
previously defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are
empty, and an oversign header field name list that is present but empty.
Problem noted by Alec Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were
previously defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Update to upstream release 2.7.3, which fixes the following bugs:
Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in
dkimf_db_strerror(). Problem noted by Simone Caruso.
LIBOPENDKIM: Ignore entries in the oversign header field name list that are
empty, and an oversign header field name list that is present but empty.
Problem noted by Alec Peterson.
LIBOPENDKIM: Allow header field lists to be empty, flushing any that were
previously defined. Problem noted by Alec Peterson.
BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan.
REPUTATION: Use lowercase for keywords in REPUTE query generation and handling.
STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze.
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
Updating to newer 2.7.2 source.
Source release notes available here:
http://sourceforge.net/projects/opendkim/files/RELEASE_NOTES/view
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 4 2012 Steve Jenkins <steve stevejenkins com> 2.7.3-2
- Set /etc/opendkim/keys default permissions to 750 (Thanks patrick at
puzzled.xs4al.nl)
* Thu Nov 29 2012 Steve Jenkins <steve stevejenkins com> 2.7.3-1
- Updated to use newer upstream 2.7.3 source code
* Mon Nov 19 2012 Steve Jenkins <steve stevejenkins com> 2.7.2-1
- Updated to use newer upstream 2.7.2 source code
--------------------------------------------------------------------------------
================================================================================
perl-CDB_File-0.97-1.el5 (FEDORA-EPEL-2012-13673)
Perl extension for access to cdb databases
--------------------------------------------------------------------------------
Update Information:
upgrade to 0.97
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 5 2012 Mark McKinstry <mmcki...@nexcess.net> - 0.97-1
- upgrade to 0.97
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #882869 - perl-CDB_File-0.97 is available
https://bugzilla.redhat.com/show_bug.cgi?id=882869
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list
