The following Fedora EPEL 5 Security updates need testing:
Age URL
734
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
188
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
68
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1.el5
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1074/cacti-0.8.8b-5.el5
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1096/wordpress-3.8.3-1.el5
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1126/check-mk-1.2.4p2-1.el5
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1119/znc-1.2-3.el5
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1156/drupal7-7.27-1.el5,drupal6-6.31-1.el5
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1229/ndjbdns-1.06-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1237/prosody-0.8.2-10.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
bogofilter-1.2.4-1.el5
dislocker-0.3.1-2.20140423git.el5
lua-expat-1.3.0-1.el5
prosody-0.8.2-10.el5
Details about builds:
================================================================================
bogofilter-1.2.4-1.el5 (FEDORA-EPEL-2014-1244)
Fast anti-spam filtering by Bayesian statistical analysis
--------------------------------------------------------------------------------
Update Information:
updated to 1.2.4 (fixes #1084359)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Adrian Reber <[email protected]> - 1.2.4-1
- updated to 1.2.4 (fixes #1084359)
* Sat Aug 3 2013 Fedora Release Engineering <[email protected]>
- 1.2.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <[email protected]> - 1.2.3-4
- Perl 5.18 rebuild
* Fri Feb 22 2013 Adrian Reber <[email protected]> - 1.2.3-2
- removed three files with an unfree license from Source (fixes #912694)
* Wed Feb 13 2013 Fedora Release Engineering <[email protected]>
- 1.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084359 - bogofilter was updateed
https://bugzilla.redhat.com/show_bug.cgi?id=1084359
--------------------------------------------------------------------------------
================================================================================
dislocker-0.3.1-2.20140423git.el5 (FEDORA-EPEL-2014-1243)
Utility to access BitLocker encrypted volumes
--------------------------------------------------------------------------------
Update Information:
Dislocker has been designed to read BitLocker encrypted partitions ("drives")
under a Linux system. The driver used to only read volumes encrypted under a
Microsoft Windows 7 system but is now Microsoft Windows Vista capable and has
the write functionality.
The file name where the BitLocker encrypted partition will be decrypted needs
to be given. This may take a long time, depending on the size of the encrypted
partition. But afterward, once the partition is decrypted, the access to the
NTFS partition will be faster than with FUSE. Another thing to think about is
the size of the disk (same size as the volume that is tried to be decrypted).
Nevertheless, once the partition is decrypted, the file can be mounted as any
NTFS partition.
Alternatively for FUSE a mount point needs to be given to fuse-dislocker. Once
keys are decrypted, a file named 'dislocker-file' appears into this provided
mount point. This file is a virtual NTFS partition, it can be mounted as any
NTFS partition and then reading from it or writing to it is possible.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991689 - Review Request: dislocker - Utility to access BitLocker
encrypted volumes
https://bugzilla.redhat.com/show_bug.cgi?id=991689
--------------------------------------------------------------------------------
================================================================================
lua-expat-1.3.0-1.el5 (FEDORA-EPEL-2014-1239)
SAX XML parser based on the Expat library
--------------------------------------------------------------------------------
Update Information:
LuaExpat 1.3.0 [02/Apr/2014]
============================
- Lua 5.2 support (thanks Tomás Guisasola Gorham)
- support for the XmlDecl handler
- add parser:getcurrentbytecount() (XML_GetCurrentByteCount)
- ability to disable CharacterData merging
- Makefile improvements (thanks Vadim Misbakh-Soloviov)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <[email protected]> - 1.3.0-1
- New upstream release
* Sat Aug 3 2013 Fedora Release Engineering <[email protected]>
- 1.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri May 10 2013 Tom Callaway <[email protected]> - 1.2.0-5
- fix for lua 5.2
* Thu Feb 14 2013 Fedora Release Engineering <[email protected]>
- 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <[email protected]>
- 1.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <[email protected]>
- 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
prosody-0.8.2-10.el5 (FEDORA-EPEL-2014-1237)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Added upstream patches to avoid resource consumption denial of service when
using XMPP application-layer compression (#1085692)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Robert Scheck <[email protected]> - 0.8.2-10
- Added upstream patches to avoid resource consumption denial of
service when using XMPP application-layer compression (#1085692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1085692 - CVE-2014-2745 CVE-2014-2744 prosody: resource
consumption denial of service when using XMPP application-layer compression
https://bugzilla.redhat.com/show_bug.cgi?id=1085692
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
