Fedora EPEL 4 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Fri Feb 24 23:41:28 UTC 2012 

The following Fedora EPEL 4 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0580/python-paste-script-1.6.3-4.el4


The following builds have been pushed to Fedora EPEL 4 updates-testing

    globus-simple-ca-3.0-2.el4
    python-paste-script-1.6.3-4.el4

Details about builds:


================================================================================
 globus-simple-ca-3.0-2.el4 (FEDORA-EPEL-2012-0579)
 Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for their cause.

The globus-simple-ca package contains: Simple CA Utility

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #772994 - Review Request: globus-simple-ca - Globus Toolkit - Simple CA Utility
        https://bugzilla.redhat.com/show_bug.cgi?id=772994
--------------------------------------------------------------------------------


================================================================================
 python-paste-script-1.6.3-4.el4 (FEDORA-EPEL-2012-0580)
 A pluggable command-line frontend
--------------------------------------------------------------------------------
Update Information:

This update fixes a security flaw with Paster that prevents it from properly dropping privileges when run as root.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #796790 - CVE-2012-0878 python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root
        https://bugzilla.redhat.com/show_bug.cgi?id=796790
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list