Fedora EPEL 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Wed Feb 16 17:27:33 UTC 2011


The following Fedora EPEL 6 Security updates need testing:

    https://admin.fedoraproject.org/updates/gitolite-1.5.7-2.1.el6
    https://admin.fedoraproject.org/updates/Django-1.2.5-1.el6
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.9.2-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    gitolite-1.5.7-2.1.el6
    pgadmin3-1.12.2-1.el6
    php-phpmd-PHP-PMD-1.0.1-1.el6
    rubygem-state_machine-0.9.4-6.el6

Details about builds:


================================================================================
 gitolite-1.5.7-2.1.el6 (FEDORA-EPEL-2011-0365)
 Highly flexible server for git directory version tracker
--------------------------------------------------------------------------------
Update Information:

Dylan Alex Simon discovered and reported a directory traversal flaw in the way Gitolite restricted access to admin defined commands ("ADC"). An authenticated attacker could execute arbitrary code with privileges of Gitolite server user using specially crafted command name.

The flaw does not affect default Gitolite installations. Users who have enabled ADC in their configurations are advised to install the updated package which includes a fix to resolve the issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 15 2011 Lubomir Rintel <lkundrak at v3.sk> - 1.5.7-2.1
- Fix ADC security issue
--------------------------------------------------------------------------------


================================================================================
 pgadmin3-1.12.2-1.el6 (FEDORA-EPEL-2011-0364)
 Graphical client for PostgreSQL
--------------------------------------------------------------------------------
Update Information:

This is the latest in 1.12 series, and includes lots of new features and bugfixes over the 1.10 version:

http://www.pgadmin.org/development/changelog.php

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #675348 - Update pgAdmin to latest 1.12.2
        https://bugzilla.redhat.com/show_bug.cgi?id=675348
--------------------------------------------------------------------------------


================================================================================
 php-phpmd-PHP-PMD-1.0.1-1.el6 (FEDORA-EPEL-2011-0359)
 PHPMD - PHP Mess Detector
--------------------------------------------------------------------------------
Update Information:

upstream 1.0.1 bugfix release
upstream stable release 1.0.0
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 15 2011 Christof Damian <christof at damian.net> - 1.0.1-1
- upstream 1.0.1 - bugfixes
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Feb  6 2011 Christof Damian <christof at damian.net> - 1.0.0-1
- upstream stable release 1.0.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #677273 - php-phpmd-PHP-PMD-1.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=677273
--------------------------------------------------------------------------------


================================================================================
 rubygem-state_machine-0.9.4-6.el6 (FEDORA-EPEL-2011-0362)
 Adds support for creating state machines for attributes on any Ruby class
--------------------------------------------------------------------------------
Update Information:

Adds support for creating state machines for attributes on any Ruby class.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #622904 - Review Request: rubygem-state_machine - Adds support for creating state machines for attributes on any Ruby class
        https://bugzilla.redhat.com/show_bug.cgi?id=622904
--------------------------------------------------------------------------------





More information about the epel-devel-list mailing list