Fedora EPEL 5 updates-testing report

Sun Nov 6 20:24:06 UTC 2011

The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/atop-1.26-1.el5.1
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-8.el5,erlang-ibrowse-2.2.0-3.el5
    https://admin.fedoraproject.org/updates/ocsinventory-1.3.3-5.el5
    https://admin.fedoraproject.org/updates/bugzilla-3.2.10-2.el5
    https://admin.fedoraproject.org/updates/phpldapadmin-1.0.2-1.el5
    https://admin.fedoraproject.org/updates/awstats-6.95-3.el5
    https://admin.fedoraproject.org/updates/clamav-0.97.3-1.el5
    https://admin.fedoraproject.org/updates/cacti-0.8.7h-1.el5
    https://admin.fedoraproject.org/updates/puppet-2.6.12-1.el5
    https://admin.fedoraproject.org/updates/net6-1.3.14-1.el5
    https://admin.fedoraproject.org/updates/cherokee-1.2.101-1.el5
    https://admin.fedoraproject.org/updates/drupal6-views-2.13-1.el5
    https://admin.fedoraproject.org/updates/phpMyAdmin3-3.4.7-1.el5

The following builds have been pushed to Fedora EPEL 5 updates-testing

    bugzilla-3.2.10-2.el5
    stdair-0.44.1-1.el5
    xrootd-3.0.5-1.el5

Details about builds:

================================================================================
 bugzilla-3.2.10-2.el5 (FEDORA-EPEL-2011-4907)
 Bug tracking system
--------------------------------------------------------------------------------
Update Information:

- Bugzilla 3.4.12 for security updates : CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048, CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976 (RHBZ#729158).
- Various small improvements (RHBZ#736579, RHBZ #736584, RHBZ#736581, RHBZ#736583).

Security update for CVE-2010-4411, CVE-2010-4567, CVE-2010-4568, CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 15 2011 Xavier Bachelot <xavier at bachelot.org> - 3.2.10-2
- Add patches for CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978
  and CVE-2011-2976.
- Fix httpd conf (RHBZ#736579, RHBZ #736584).
- Fix typo in doc (RHBZ#736581).
- Fix files ownership (RHBZ#736583).
* Tue May  3 2011 Xavier Bachelot <xavier at bachelot.org> - 3.2.10-1
- Update to 3.2.10 for CVE-2010-4411, CVE-2010-4567, CVE-2010-4568,
  CVE-2010-4569, CVE-2010-4570, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048)
* Tue Feb  2 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.2.6-2
- Use Linux requirements, not Windows'
* Mon Feb  1 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.2.6-1
- Update to 3.2.6 (CVE-2009-3989, CVE-2009-3387)
- Specify Perl module versions in the Requires (fixes #524309)
- Add an alias to make $webdotdir a working path (fixes #458848)
* Fri Sep 11 2009 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.2.5-1
- Update to 3.2.5 (CVE-2009-3125, CVE-2009-3165 and CVE-2009-3166)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #672856 - bugzilla: multiple security issues [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=672856
  [ 2 ] Bug #729158 - CVE-2011-2976 CVE-2011-2379 CVE-2011-2380 CVE-2011-2979 CVE-2011-2381 CVE-2011-2978 CVE-2011-2977 bugzilla: multiple security flaws fixed in 3.4.12, 3.6.6, 4.0.2, and 4.1.3 [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=729158
  [ 3 ] Bug #736579 - show the doc files correctly
        https://bugzilla.redhat.com/show_bug.cgi?id=736579
  [ 4 ] Bug #736584 - apache configuration improvement
        https://bugzilla.redhat.com/show_bug.cgi?id=736584
  [ 5 ] Bug #736581 - mini typo in docs
        https://bugzilla.redhat.com/show_bug.cgi?id=736581
  [ 6 ] Bug #736583 - file ownership
        https://bugzilla.redhat.com/show_bug.cgi?id=736583
--------------------------------------------------------------------------------

================================================================================
 stdair-0.44.1-1.el5 (FEDORA-EPEL-2011-4908)
 C++ Standard Airline IT Object Library
--------------------------------------------------------------------------------
Update Information:

New package for EPEL 5 (though it has been delivered for the other distributions a long time ago)
--------------------------------------------------------------------------------

================================================================================
 xrootd-3.0.5-1.el5 (FEDORA-EPEL-2011-4909)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:

Update to version 3.0.5. Upstream changelog:

* Major bug fixes

** Avoid stage failures when target file exists in purgeable or writeable space.

** Make sure all the threads are joined when closing a physical connection.

** Fix free/delete mismatch in XrdSecProtocolgsi et al.

* Minor bug fixes

** Remove old async shutdown workaround patch introduced in Linux 2.3. The problem has been since fixed and the solution now causes problems.

** Install the netchk tool

--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov  5 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1:3.0.5-1
- Update to version 3.0.5
--------------------------------------------------------------------------------