The following Fedora EPEL 5 Security updates need testing:
Age URL
978
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
433
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
197
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
51
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17-3.el5
47
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4-4.0.10.7-2.el5
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4674/denyhosts-2.6-5.el5.1
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4743/ettercap-0.7.3-22.el5
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4803/libssh-0.5.5-3.el5
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4527/xrdp-0.6.1-2.el5
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4867/glpi-0.83.9.1-5.el5
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4917/dokuwiki-0-0.23.20140929b.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
dokuwiki-0-0.23.20140929b.el5
Details about builds:
================================================================================
dokuwiki-0-0.23.20140929b.el5 (FEDORA-EPEL-2014-4917)
Standards compliant simple to use wiki
--------------------------------------------------------------------------------
Update Information:
Update to the 2014-09-29b release which contains various fixes,
notably:\\r\\n\\r\\nSecurity:\\r\\n* CVE-2014-9253 - XSS via SFW file
upload\\r\\n* CVE-2012-6662 - jquery-ui XSS
vulnerability\\r\\n\\r\\nBugfixes:\\r\\n* dokuwiki requires php-xml
(RHBZ#1061477)\\r\\n* wrong SELinux file context for writable files/directories
(RHBZ#1064524)\\r\\n* drop httpd requirement (RHBZ#1164396)\\r\\n
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 26 2014 Adam Tkac <[email protected]> - 0.0.23.20140929b
- update to the latest upstream
- drop requirement of httpd (#1164396)
- fix SELinux file contexts (#1064524)
- require php-xml (#1061477)
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0-0.22.20131208
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1064524 - Wrong SELinux type in dokuwiki-selinux package
https://bugzilla.redhat.com/show_bug.cgi?id=1064524
[ 2 ] Bug #1164396 - dokuwiki requires apache
https://bugzilla.redhat.com/show_bug.cgi?id=1164396
[ 3 ] Bug #1150133 - dokuwiki: various security flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1150133
[ 4 ] Bug #1174333 - CVE-2014-9253 dokuwiki: XSS via SFW file upload [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1174333
[ 5 ] Bug #1101095 - New release available - 2014-05-05 "Ponder Stibbons"
https://bugzilla.redhat.com/show_bug.cgi?id=1101095
[ 6 ] Bug #1061477 - wiki:syntax page requires php-xml to render
https://bugzilla.redhat.com/show_bug.cgi?id=1061477
[ 7 ] Bug #1161816 - dokuwiki is 5 months out of date, 2 versions and 3
hotfixes behind
https://bugzilla.redhat.com/show_bug.cgi?id=1161816
[ 8 ] Bug #1150134 - dokuwiki: various security flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1150134
[ 9 ] Bug #1174332 - CVE-2014-9253 dokuwiki: XSS via SFW file upload [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=1174332
[ 10 ] Bug #1166099 - CVE-2012-6662 dokuwiki: jquery-ui: XSS vulnerability in
default content in Tooltip widget [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166099
[ 11 ] Bug #1174331 - CVE-2014-9253 dokuwiki: XSS via SFW file upload
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1174331
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
