The following Fedora EPEL 5 Security updates need testing:
Age URL
592
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
106
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61-21.el5
82
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0.8.10-4.el5
46
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
21
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12091/bip-0.8.9-1.el5
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12157/varnish-2.0.6-4.el5
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12159/389-ds-base-1.2.11.25-1.el5
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12169/gc-7.1-6.el5
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12174/drupal7-7.24-1.el5
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12221/drupal6-6.29-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12302/zabbix20-2.0.9-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
pythia8-8.1.80-1.el5
root-5.34.13-1.el5
xrootd-3.3.5-1.el5
zabbix20-2.0.9-2.el5
Details about builds:
================================================================================
pythia8-8.1.80-1.el5 (FEDORA-EPEL-2013-12294)
Pythia Event Generator for High Energy Physics
--------------------------------------------------------------------------------
Update Information:
* root 5.34.13
** See
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
for a list of changes
* xrootd 3.3.5
** See https://github.com/xrootd/xrootd/blob/v3.3.5/docs/ReleaseNotes.txt for a
list of changes
* pythia8 8.1.80
** See http://home.thep.lu.se/~torbjorn/pythia81html/UpdateHistory.html (scroll
to the bottom) for a list of changes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 30 2013 Mattias Ellert <[email protected]> - 8.1.80-1
- Update to version 8.1.80
- Use full version in soname
* Sun Aug 4 2013 Fedora Release Engineering <[email protected]>
- 8.1.76-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
root-5.34.13-1.el5 (FEDORA-EPEL-2013-12294)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
* root 5.34.13
** See
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
for a list of changes
* xrootd 3.3.5
** See https://github.com/xrootd/xrootd/blob/v3.3.5/docs/ReleaseNotes.txt for a
list of changes
* pythia8 8.1.80
** See http://home.thep.lu.se/~torbjorn/pythia81html/UpdateHistory.html (scroll
to the bottom) for a list of changes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 3 2013 Mattias Ellert <[email protected]> - 5.34.13-1
- Update to 5.34.13
- Remove java-devel build dependency (not needed with Fedora's libhdfs)
- Adapt to pythia8 >= 8.1.80
* Mon Nov 25 2013 Orion Poplawski <[email protected]> - 5.34.10-3
- Fix hadoop lib location
* Mon Nov 18 2013 Dave Airlie <[email protected]> - 5.34.10-2
- rebuilt for GLEW 1.10
--------------------------------------------------------------------------------
================================================================================
xrootd-3.3.5-1.el5 (FEDORA-EPEL-2013-12294)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
* root 5.34.13
** See
http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes
for a list of changes
* xrootd 3.3.5
** See https://github.com/xrootd/xrootd/blob/v3.3.5/docs/ReleaseNotes.txt for a
list of changes
* pythia8 8.1.80
** See http://home.thep.lu.se/~torbjorn/pythia81html/UpdateHistory.html (scroll
to the bottom) for a list of changes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 3 2013 Mattias Ellert <[email protected]> - 1:3.3.5-1
- Update to version 3.3.5
--------------------------------------------------------------------------------
================================================================================
zabbix20-2.0.9-2.el5 (FEDORA-EPEL-2013-12302)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
This update solves the vulnerability described in CVE-2013-6824:
"Zabbix agent is vulnerable to remote command execution from the Zabbix server
in some cases"
https://support.zabbix.com/browse/ZBX-7479
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 3 2013 Volker Fröhlich <[email protected]> - 2.0.9-2
- Fix vulnerability for remote command execution injection
(ZBX-7479, CVE-2013-6824)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1037944 - CVE-2013-6824 zabbix20: zabbix: remote command execution
from zabbix server [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1037944
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
