Fedora EPEL 5 updates-testing report

Mon Apr 29 17:54:49 UTC 2013

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 372  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
 267  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
  72  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.08-1.el5
  30  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0819/libarchive-2.8.4-6.el5
  18  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5410/php-geshi-1.0.8.11-3.el5
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5449/pdns-recursor-3.5-1.el5
   6  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5517/git-1.8.2.1-1.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-5620/phpMyAdmin3-3.5.8.1-1.el5

The following builds have been pushed to Fedora EPEL 5 updates-testing

    munin-2.0.13-1.el5
    phpMyAdmin3-3.5.8.1-1.el5

Details about builds:

================================================================================
 munin-2.0.13-1.el5 (FEDORA-EPEL-2013-5623)
 Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:

Upstream released 2.0.13, nginx subpackage, apache fcgi cleanup
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 26 2013 D. Johnson <fenris02 at fedoraproject.org> - 2.0.13-1
- Upstream released 2.0.13
* Thu Apr  4 2013 Viljo Viitanen <viljo.viitanen at iki.fi> - 2.0.12-4
- BZ #905421 add nginx cgi package, removed unnecessary services from apache
  cgi package
* Mon Apr  1 2013 D. Johnson <fenris02 at fedoraproject.org> - 2.0.12-3
- Add fw_ default config
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #905421 - nfs.export-volumes tunable does not show up as "Options Reconfigured" for volume created after the tunable has been changed
        https://bugzilla.redhat.com/show_bug.cgi?id=905421
--------------------------------------------------------------------------------

================================================================================
 phpMyAdmin3-3.5.8.1-1.el5 (FEDORA-EPEL-2013-5620)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 3.5.8.1 (2013-04-24)
===============================

- [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2)
- [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 25 2013 Robert Scheck <robert at fedoraproject.org> 3.5.8.1-1
- Upgrade to 3.5.8.1 (#956398, #956401)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #956398 - CVE-2013-3238 phpMyAdmin: remote code execution via preg_replace() (PMASA-2013-2)
        https://bugzilla.redhat.com/show_bug.cgi?id=956398
  [ 2 ] Bug #956401 - CVE-2013-3239 phpMyAdmin: remote code execution via locally saved SQL dump file multiple extensions (PMASA-2013-3)
        https://bugzilla.redhat.com/show_bug.cgi?id=956401
--------------------------------------------------------------------------------