[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Fedora EPEL 5 updates-testing report
- From: updates fedoraproject org
- To: epel-devel-list redhat com
- Subject: Fedora EPEL 5 updates-testing report
- Date: Tue, 22 Jan 2013 03:43:32 +0000
The following Fedora EPEL 5 Security updates need testing:
Age URL
275 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
169 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2.el5
52 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-13612/drupal6-ctools-1.10-1.el5
17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0011/drupal7-context-3.0-0.3.beta6.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0116/drupal6-6.28-1.el5
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0102/ettercap-0.7.3-21.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0139/proftpd-1.3.3g-2.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0148/drupal7-7.19-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
drupal6-6.28-1.el5
drupal7-7.19-1.el5
fwsnort-1.6.3-1.el5
imapsync-1.518-2.el5
ivykis-0.36.1-1.el5
libxc-2.0.1-1.el5
ndjbdns-1.05.6-1.el5
php-pear-Image-Text-0.6.1-1.el5
php-pear-Text-Figlet-1.0.2-1.el5
php-pear-Text-Password-1.1.1-1.el5
proftpd-1.3.3g-2.el5
python-simplevisor-0.6-1.el5
safekeep-1.4.1-1.el5
salt-0.12.0-1.el5
Details about builds:
================================================================================
drupal6-6.28-1.el5 (FEDORA-EPEL-2013-0116)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
SA-CORE-2013-001
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 17 2013 Jon Ciesla <limburgher gmail com> - 6.28-1
- 6.28, SA-CORE-2013-001.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #896454 - drupal6-6.28 is available
https://bugzilla.redhat.com/show_bug.cgi?id=896454
[ 2 ] Bug #896468 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896468
[ 3 ] Bug #896469 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896469
[ 4 ] Bug #896470 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896470
[ 5 ] Bug #896471 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896471
--------------------------------------------------------------------------------
================================================================================
drupal7-7.19-1.el5 (FEDORA-EPEL-2013-0148)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
SA-CORE-2013-001
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 17 2013 Jon Ciesla <limburgher gmail com> - 7.19-1
- 7.19, SA-CORE-2013-001.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #896455 - drupal7-7.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=896455
[ 2 ] Bug #896468 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896468
[ 3 ] Bug #896469 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896469
[ 4 ] Bug #896470 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896470
[ 5 ] Bug #896471 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=896471
--------------------------------------------------------------------------------
================================================================================
fwsnort-1.6.3-1.el5 (FEDORA-EPEL-2013-0160)
Translates Snort rules into equivalent iptables rules
--------------------------------------------------------------------------------
Update Information:
Updated version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Guillermo Gómez <gomix fedoraproject org> - 1.6.3-1
- Updated version.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1.6.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jun 8 2012 Petr Pisar <ppisar redhat com> - 1.6.2-2
- Perl 5.16 rebuild
--------------------------------------------------------------------------------
================================================================================
imapsync-1.518-2.el5 (FEDORA-EPEL-2013-0154)
Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
Fix outdated license references in README and imapsync script to conform with new NLPL license instead of WTFPL
Update to 1.518
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 17 2013 Nick Bebout <nb fedoraproject org> - 1.518-2
- Fix spec to install COPYING file now
* Thu Jan 17 2013 Nick Bebout <nb fedoraproject org> - 1.518-1
- Upgrade to 1.518
--------------------------------------------------------------------------------
================================================================================
ivykis-0.36.1-1.el5 (FEDORA-EPEL-2013-0125)
Library for asynchronous I/O readiness notification
--------------------------------------------------------------------------------
Update Information:
Update to 0.36.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 17 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 0.36.1-1
- Update to 0.36.1.
--------------------------------------------------------------------------------
================================================================================
libxc-2.0.1-1.el5 (FEDORA-EPEL-2013-0132)
Library of exchange and correlation functionals to be used in DFT codes
--------------------------------------------------------------------------------
Update Information:
Bugfixes to MGGA functionals, all B97-like GGA functionals and GGA C_WL functional.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 Susi Lehtola <jussilehtola fedoraproject org> - 2.0.1-1
- Update to 2.0.1.
--------------------------------------------------------------------------------
================================================================================
ndjbdns-1.05.6-1.el5 (FEDORA-EPEL-2013-0118)
New djbdns: usable djbdns
--------------------------------------------------------------------------------
Update Information:
New djbdns: usable djbdns
--------------------------------------------------------------------------------
================================================================================
php-pear-Image-Text-0.6.1-1.el5 (FEDORA-EPEL-2013-0136)
Advanced text manipulations in images
--------------------------------------------------------------------------------
Update Information:
Image_Text provides a comfortable interface to text manipulations in GD images. Beside common Freetype2 functionality it offers to handle texts in a graphic- or office-tool like way. For example it allows alignment of texts inside a text box, rotation (around the top left corner of a text box or it's center point) and the automatic measurement of the optimal font size for a given text box.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #896014 - Review Request: php-pear-Image-Text - Advanced text manipulations in images
https://bugzilla.redhat.com/show_bug.cgi?id=896014
--------------------------------------------------------------------------------
================================================================================
php-pear-Text-Figlet-1.0.2-1.el5 (FEDORA-EPEL-2013-0147)
Render text using FIGlet fonts
--------------------------------------------------------------------------------
Update Information:
Engine for use FIGlet fonts to rendering text.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #895992 - Review Request: php-pear-Text-Figlet - Render text using FIGlet fonts
https://bugzilla.redhat.com/show_bug.cgi?id=895992
--------------------------------------------------------------------------------
================================================================================
php-pear-Text-Password-1.1.1-1.el5 (FEDORA-EPEL-2013-0120)
Creating passwords with PHP
--------------------------------------------------------------------------------
Update Information:
Text_Password allows one to create pronounceable and unpronounceable passwords. The full functional range is explained in the manual at http://pear.php.net/manual/.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #895984 - Review Request: php-pear-Text-Password - Creating passwords with PHP
https://bugzilla.redhat.com/show_bug.cgi?id=895984
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3g-2.el5 (FEDORA-EPEL-2013-0139)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
Jann Horn reported that there is a possible race condition in the handling of the MKD/XMKD FTP commands, when the UserOwner directive is involved, and the attacker is on the same physical machine as a running proftpd. This race applies to mod_sftp and the handling of the MKDIR SFTP request as well.
Note that using the DefaultRoot directive to restrict sessions mitigates this attack, since the symlinks created by the local attacker will point outside of the chroot(2) area within the FTP session, and thus the ownership change will fail. The default configuration in EPEL applies the DefaultRoot directive to all users except "adm".
The upstream reference for this issue is: http://bugs.proftpd.org/show_bug.cgi?id=3841
This update includes a backport to 1.3.3g of upstream's backport to proftpd 1.3.4 of the fix for this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 18 2013 Paul Howarth <paul city-fan org> 1.3.3g-2
- Fix possible symlink race when applying UserOwner to newly created directory
(CVE-2012-6095, #892715, http://bugs.proftpd.org/show_bug.cgi?id=3841)
- Add -fno-strict-aliasing, needed for mod_radius
- Drop %defattr, redundant since rpm 4.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #892715 - CVE-2012-6095 proftpd: Symlink race condition when applying UserOwner to a newly (ProFTPD) created directory
https://bugzilla.redhat.com/show_bug.cgi?id=892715
--------------------------------------------------------------------------------
================================================================================
python-simplevisor-0.6-1.el5 (FEDORA-EPEL-2013-0153)
Python simple daemons supervisor
--------------------------------------------------------------------------------
Update Information:
First build, rhbz #857484.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857484 - Review Request: python-simplevisor - Python simple daemons supervisor
https://bugzilla.redhat.com/show_bug.cgi?id=857484
--------------------------------------------------------------------------------
================================================================================
safekeep-1.4.1-1.el5 (FEDORA-EPEL-2013-0164)
The SafeKeep backup system
--------------------------------------------------------------------------------
Update Information:
Upgrade to new upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 19 2013 Frank Crawford <frank crawford emu id au> 1.4.1-1
- Latest upstream release
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
salt-0.12.0-1.el5 (FEDORA-EPEL-2013-0151)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
update to upstream release 0.12.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 16 2013 Clint Savage <herlo1 gmail com> - 0.12.0-1
- Upstream release 0.12.0
--------------------------------------------------------------------------------
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]