The following Fedora EPEL 5 Security updates need testing:
Age URL
243
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13734/pcp-3.6.10-2.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13816/drupal6-6.27-1.el5,drupal7-7.18-1.el5
137
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
66
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13182/ssmtp-2.61-19.el5
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13761/wordpress-3.5-1.el5
65
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13192/icecast-2.3.3-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13822/inkscape-0.46-3.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
drupal6-6.27-1.el5
drupal7-7.18-1.el5
globus-common-14.9-1.el5
globus-core-8.9-2.el5
globus-gram-job-manager-13.51-1.el5
globus-gram-job-manager-condor-1.4-1.el5
globus-gram-job-manager-pbs-1.6-1.el5
globus-gram-job-manager-sge-1.5-2.el5
globus-gridftp-server-6.16-1.el5
globus-gsi-callback-4.4-1.el5
globus-scheduler-event-generator-4.7-1.el5
globus-simple-ca-3.2-1.el5
grid-packaging-tools-3.6.3-1.el5
inkscape-0.46-3.el5
lcm-0.9.2-1.el5
ldns-1.6.16-1.el5
salt-0.11.1-1.el5
zanata-python-client-1.3.13-1.el5
Details about builds:
================================================================================
drupal6-6.27-1.el5 (FEDORA-EPEL-2012-13816)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Upstream Drupal has reported SA-CORE-2012-004 [1] which corrects multiple
vulnerabilities:
1) Access bypass (User module search - Drupal 6 and 7)
2) Access bypass (Upload module - Drupal 6)
3) Arbitrary PHP code execution (File upload modules - Drupal 6 and 7)
CVEs have been requested and are not yet assigned.
These flaws have been fixed in Drupal 6.27 and 7.18.
[1] http://drupal.org/SA-CORE-2012-004
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 20 2012 Jon Ciesla <limburg...@gmail.com> - 6.27-1
- 6.27.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #888990 - CVE-2012-5651 CVE-2012-5652 CVE-2012-5653 drupal:
multiple flaws fixed in 6.27/7.18 (SA-CORE-2012-004)
https://bugzilla.redhat.com/show_bug.cgi?id=888990
--------------------------------------------------------------------------------
================================================================================
drupal7-7.18-1.el5 (FEDORA-EPEL-2012-13816)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Upstream Drupal has reported SA-CORE-2012-004 [1] which corrects multiple
vulnerabilities:
1) Access bypass (User module search - Drupal 6 and 7)
2) Access bypass (Upload module - Drupal 6)
3) Arbitrary PHP code execution (File upload modules - Drupal 6 and 7)
CVEs have been requested and are not yet assigned.
These flaws have been fixed in Drupal 6.27 and 7.18.
[1] http://drupal.org/SA-CORE-2012-004
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 20 2012 Jon Ciesla <limburg...@gmail.com> - 7.18-1
- 7.18.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #888990 - CVE-2012-5651 CVE-2012-5652 CVE-2012-5653 drupal:
multiple flaws fixed in 6.27/7.18 (SA-CORE-2012-004)
https://bugzilla.redhat.com/show_bug.cgi?id=888990
--------------------------------------------------------------------------------
================================================================================
globus-common-14.9-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 14.9-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
globus-core-8.9-2.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Globus Core
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 8.9-2
- Fix globus-spec-creator for TexLive 2012 (Fedora 18+)
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-13.51-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - GRAM Jobmanager
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 13.51-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-condor-1.4-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Condor Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 1.4-1
- Update to Globus Toolkit 5.2.3
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jun 8 2012 Petr Pisar <ppi...@redhat.com> - 1.3-2
- Perl 5.16 rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-pbs-1.6-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - PBS Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 1.6-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-sge-1.5-2.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Grid Engine Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 1.5-2
- Specfile clean-up
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-6.16-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 6.16-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
globus-gsi-callback-4.4-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Globus GSI Callback Library
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 4.4-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
globus-scheduler-event-generator-4.7-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Scheduler Event Generator
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 4.7-1
- Update to Globus Toolkit 5.2.3
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 4.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-simple-ca-3.2-1.el5 (FEDORA-EPEL-2012-13824)
Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 7 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 3.2-1
- Update to Globus Toolkit 5.2.3
--------------------------------------------------------------------------------
================================================================================
grid-packaging-tools-3.6.3-1.el5 (FEDORA-EPEL-2012-13824)
Grid Packaging Tools (GPT)
--------------------------------------------------------------------------------
Update Information:
Update to Globus Toolkit 5.2.3.
See the release notes for details:
http://www.globus.org/toolkit/docs/5.2/5.2.3/rn/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 6 2012 Mattias Ellert <mattias.ell...@fysast.uu.se> - 3.6.3-1
- Update to version 3.6.3
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 3.6.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jun 8 2012 Petr Pisar <ppi...@redhat.com> - 3.6.2-2
- Perl 5.16 rebuild
--------------------------------------------------------------------------------
================================================================================
inkscape-0.46-3.el5 (FEDORA-EPEL-2012-13822)
Vector-based drawing program using SVG
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2012-5656
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #888253 - inkscape: XXE via SVG rasterization [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=888253
--------------------------------------------------------------------------------
================================================================================
lcm-0.9.2-1.el5 (FEDORA-EPEL-2012-13818)
Utilities for lightweight communications and marshaling
--------------------------------------------------------------------------------
Update Information:
This update fixes several issues; There has been one major change upstream, jar
versioned link is no longer created by upstream, so we start doing it on
install section
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 19 2012 Nelson Marques <nmarq...@fedoraproject.org> - 0.9.2-1
- Update to 0.9.2
- Upstream doesn't create the .jar versioned link, we do it on install
* Thu Jul 19 2012 Fedora Release Engineering <rel-...@lists.fedoraproject.org>
- 0.9.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ldns-1.6.16-1.el5 (FEDORA-EPEL-2012-13815)
Lowlevel DNS(SEC) library with API
--------------------------------------------------------------------------------
Update Information:
Addresses bug in 1.6.14 and 1.6.15 that affects opendnssec
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 13 2012 Paul Wouters <pwout...@redhat.com> - 1.6.16-1
- Updated to 1.6.16
- Addresses bug in 1.6.14 and 1.6.15 that affects opendnssec
(if you have empty non-terminals and use NSEC3)
* Fri Oct 26 2012 Paul Wouters <pwout...@redhat.com> - 1.6.15-1
- Updated to 1.6.15, as 1.6.14 accidentally broke ABI
(We never released 1.6.14)
* Tue Oct 23 2012 Paul Wouters <pwout...@redhat.com> - 1.6.14-1
- [pulled before release]
- Updated to 1.6.14
- Removed merged in patch
- Added new dependancy on ca-certificates for ldns-dane PKIX validation
--------------------------------------------------------------------------------
================================================================================
salt-0.11.1-1.el5 (FEDORA-EPEL-2012-13829)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
updated to 0.11.1 for security vulnerability fix
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 14 2012 Clint Savage <her...@gmail.com> - 0.11.1-1
- Upstream patch release 0.11.1
- Fixes security vulnerability (https://github.com/saltstack/salt/issues/2916)
* Fri Dec 14 2012 Clint Savage <her...@gmail.com> - 0.11.0-1
- Moved to upstream release 0.11.0
* Wed Dec 5 2012 Mike Chesnut <mches...@gmail.com> - 0.10.5-2
- moved to upstream release 0.10.5
- removing references to minion.template and master.template, as those files
have been removed from the repo
--------------------------------------------------------------------------------
================================================================================
zanata-python-client-1.3.13-1.el5 (FEDORA-EPEL-2012-13814)
Python Client for Zanata Server
--------------------------------------------------------------------------------
Update Information:
- Use dict instead of nested loop
- Ensure that msgstr_plural is always set for plural strings
- Rename message to poentry for consistency
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 21 2012 Sean Flanigan <sflan...@redhat.com> - 1.3.13-1
- Use dict instead of nested loop
- Ensure that msgstr_plural is always set for plural strings
- Rename message to poentry for consistency
--------------------------------------------------------------------------------
_______________________________________________
epel-devel-list mailing list
epel-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/epel-devel-list
