Fedora EPEL 4 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Feb 24 23:41:28 UTC 2012
The following Fedora EPEL 4 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0580/python-paste-script-1.6.3-4.el4
The following builds have been pushed to Fedora EPEL 4 updates-testing
globus-simple-ca-3.0-2.el4
python-paste-script-1.6.3-4.el4
Details about builds:
================================================================================
globus-simple-ca-3.0-2.el4 (FEDORA-EPEL-2012-0579)
Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:
The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for their cause.
The globus-simple-ca package contains: Simple CA Utility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #772994 - Review Request: globus-simple-ca - Globus Toolkit - Simple CA Utility
https://bugzilla.redhat.com/show_bug.cgi?id=772994
--------------------------------------------------------------------------------
================================================================================
python-paste-script-1.6.3-4.el4 (FEDORA-EPEL-2012-0580)
A pluggable command-line frontend
--------------------------------------------------------------------------------
Update Information:
This update fixes a security flaw with Paster that prevents it from properly dropping privileges when run as root.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #796790 - CVE-2012-0878 python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root
https://bugzilla.redhat.com/show_bug.cgi?id=796790
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list