The following Fedora EPEL 5 Security updates need testing:
Age URL
796
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
250
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
131
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1.el5
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1651/python-jinja2-2.2.1-2.el5
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1646/python26-jinja2-2.5.5-5.el5
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1697/zabbix20-2.0.12-2.el5
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-Address-1.905-1.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki119-1.19.17-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
CGSI-gSOAP-1.3.6-2.el5
drupal7-languageicons-1.1-1.el5
drupal7-taxonomy_access_fix-2.1-1.el5
gccxml-0.9.0-0.23.20140610.gita012b8fe.el5
gle-4.2.4c-14.el5
libsodium-0.5.0-1.el5
mediawiki119-1.19.17-1.el5
mozilla-https-everywhere-3.5.3-1.el5
python-okaara-1.0.35-1.el5
voms-2.0.11-6.el5
Details about builds:
================================================================================
CGSI-gSOAP-1.3.6-2.el5 (FEDORA-EPEL-2014-1758)
GSI plugin for gSOAP
--------------------------------------------------------------------------------
Update Information:
Updated to 1.3.6 release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 27 2014 Mattias Ellert <[email protected]> - 1.3.6-2
- Update the source description for the new release
* Fri Jun 27 2014 Alejandro Alvarez Ayllon <[email protected]> - 1.3.6-1
- Update for new upstream release
* Fri Jun 6 2014 Fedora Release Engineering <[email protected]>
- 1.3.5-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Oct 18 2013 Adrien Devresse <adevress at cern.ch> - 1.3.5-7
- Rebuilt for gsoap release
* Thu Aug 8 2013 Mattias Ellert <[email protected]> - 1.3.5-6
- Use _pkgdocdir
* Fri Aug 2 2013 Fedora Release Engineering <[email protected]>
- 1.3.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <[email protected]>
- 1.3.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <[email protected]>
- 1.3.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
drupal7-languageicons-1.1-1.el5 (FEDORA-EPEL-2014-1736)
Adds icons to language links
--------------------------------------------------------------------------------
Update Information:
[1.1](https://www.drupal.org/node/2264675)
------------------------------------------
* Fixed passing of Image class attribute. (#2230323)
* Removed unnecessary file list in info file. (#1554200)
* Set the module category to "Multilingual". (#2047503)
* Add link to the configuration page via the info file. (#1626648)
* Renamed the module back to "Language Icons". (#1954058)
* New flags:
* Filipino (#1796274)
* Afrikaans (South African) (#1471600)
* Malaysian (#2230379)
* Tibetan (#1961450)
* Belarus (#1309930)
* Somali (#551092)
See the [Git
log](http://drupalcode.org/project/languageicons.git/log/7.x-1.0..7.x-1.1) for
a full changelog.
--------------------------------------------------------------------------------
================================================================================
drupal7-taxonomy_access_fix-2.1-1.el5 (FEDORA-EPEL-2014-1750)
Fixes the crooked access checks for Taxonomy pages
--------------------------------------------------------------------------------
Update Information:
[2.1](https://www.drupal.org/node/2274235)
------------------------------------------
* Issue #2157451
* Issue #2211281
See the [Git
log](http://cgit.drupalcode.org/taxonomy_access_fix/log/?id=7.x-2.0..7.x-2.1)
for a full changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Shawn Iwinski <[email protected]> - 2.1-1
- Updated to 2.1 (BZ #1101179; release notes
https://www.drupal.org/node/2274235)
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1101179 - drupal7-taxonomy_access_fix-2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1101179
--------------------------------------------------------------------------------
================================================================================
gccxml-0.9.0-0.23.20140610.gita012b8fe.el5 (FEDORA-EPEL-2014-1737)
XML output extension to GCC
--------------------------------------------------------------------------------
Update Information:
Now contains upstream's support files for gcc 4.9
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Mattias Ellert <[email protected]> -
0.9.0-0.23.20140610.gita012b8fe
- Updated git snapshot
- Now contains support files for gcc 4.9
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.9.0-0.22.20131209.git9a114c0c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 23 2014 Brent Baude <[email protected]> -
0.9.0-0.21.20131209.git9a114c0c
- Adding ppc64le support
--------------------------------------------------------------------------------
================================================================================
gle-4.2.4c-14.el5 (FEDORA-EPEL-2014-1754)
Graphics Layout Engine
--------------------------------------------------------------------------------
Update Information:
First releases in EPEL5 and EPEL6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #229676 - Review Request: gle - Graphics Layout Engine
https://bugzilla.redhat.com/show_bug.cgi?id=229676
--------------------------------------------------------------------------------
================================================================================
libsodium-0.5.0-1.el5 (FEDORA-EPEL-2014-1742)
A fork of networking and cryptography library with compatible APIs
--------------------------------------------------------------------------------
Update Information:
Initial EL5 build
--------------------------------------------------------------------------------
================================================================================
mediawiki119-1.19.17-1.el5 (FEDORA-EPEL-2014-1747)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
Update to 1.19.17.
Fixes various security issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Patrick Uiterwijk <[email protected]> - 1.19.17-1
- Update to 1.19.17
- (bug 65839) SECURITY: Prevent external resources in SVG files
- (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects
like only extracting the tail of the file partially or not at all
* Wed Jun 25 2014 Patrick Uiterwijk <[email protected]> - 1.19.16-1
- Update to 1.19.16
- (bug 65501) SECURITY: Don't parse usernames as wikitext on
Special:PasswordReset
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1113134 - mediawiki: security update
https://bugzilla.redhat.com/show_bug.cgi?id=1113134
[ 2 ] Bug #1104222 - CVE-2014-3966 mediawiki: XSS flaw due to improper
parsing of Special:PasswordReset
https://bugzilla.redhat.com/show_bug.cgi?id=1104222
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.5.3-1.el5 (FEDORA-EPEL-2014-1743)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
The cake is not a lie!
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 25 2014 Russell Golden <[email protected]> - 3.5.3-1
- Now works when installed globally!
- Various ruleset fixes, including PCWorld.
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 3.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 30 2014 Russell Golden <[email protected]> - 3.5.1-1
- Revert https://github.com/EFForg/https-everywhere/pull/134 due to YouTube
-- breakage.
- Re-enable ability to see all rulesets in enable/disable dialog.
- Added more Debian coverage.
- Fixes to Doubleclick, Guardian, Heroku, Home Depot, HypeMachine, IMDB,
-- Justin.tv, Kikatek, Mozilla, MyFitnessPal, Pinterest, XKCD, Reuters,
-- Technet, Tumblr, Wordpress, Yandex, Youtube, Flickr.
- Fix Australis icon positioning:
-- https://github.com/EFForg/https-everywhere/pull/216
* Wed Apr 16 2014 Russell Golden <[email protected]> - 3.5-1
- Merge all non-ruleset changes from 4.0development.16
- Merge all new/modified rulesets from 4.0development.16 that are
-- in the Alexa Top 1000 using utils/alexa-ruleset-checker.py. For a full list,
-- see utils/alexa-logs/07042014.log.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1100493 - can't access http://www.pcworld.com with
mozilla-https-everywhere enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1100493
--------------------------------------------------------------------------------
================================================================================
python-okaara-1.0.35-1.el5 (FEDORA-EPEL-2014-1748)
Python command line utilities
--------------------------------------------------------------------------------
Update Information:
Release 1.0.35
Fix for python 2.4 incompatibility
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Jay Dobies <[email protected]> 1.0.35-1
- fixing a bug where Prompt.prompt_password passes the wrong arguments to
another function. ([email protected])
* Wed May 28 2014 Jay Dobies <[email protected]> 1.0.34-1
- Added build requirement on python-mock ([email protected])
* Wed May 28 2014 Jay Dobies <[email protected]> 1.0.33-1
- fixing a bug where prompting for password in python 2.4 caused an error
([email protected])
- Updated project URL ([email protected])
- Initial addition of extension functionality ([email protected])
- Added simple validators for the Option validate_func
([email protected])
- Added general int parser ([email protected])
--------------------------------------------------------------------------------
================================================================================
voms-2.0.11-6.el5 (FEDORA-EPEL-2014-1749)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
Fix stack smashing from SHA2 certificates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Mattias Ellert <[email protected]> - 2.0.11-6
- Clean up SHA2 patch
* Thu Jun 26 2014 Mattias Ellert <[email protected]> - 2.0.11-5
- Fix compilation problems when strndup is already defined
* Thu Jun 26 2014 Mattias Ellert <[email protected]> - 2.0.11-4
- Patch that fixes a stack smash when SHA2 certificates are used
* Sun Jun 8 2014 Fedora Release Engineering <[email protected]>
- 2.0.11-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
