Fedora EPEL 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 4 20:01:20 UTC 2011
The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3762/couchdb-1.0.2-8.el5,erlang-ibrowse-2.2.0-3.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4907/bugzilla-3.2.10-2.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4674/awstats-6.95-3.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5165/phpMyAdmin3-3.4.8-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
archimedes-2.0.0-1.el5
dspam-3.10.1-2.el5
phpMyAdmin3-3.4.8-1.el5
torque-2.5.7-7.el5
Details about builds:
================================================================================
archimedes-2.0.0-1.el5 (FEDORA-EPEL-2011-5163)
2D Quantum Monte Carlo simulator for semiconductor devices
--------------------------------------------------------------------------------
Update Information:
Since last FEL release, archimedes entails the following changes:
- The material parameters have been checked and modified
- Benchmark tests were carried out to check the validity of the framework
- Scattering phonons can be set to ON or OFF
- Support for Full band approach was implemented
- Parabolic, Kane and Full bank verified
- Full band parameters supports for all materials
- Initial implementation of FEM for Poisson
- Quantum Effective Potential modified
- Bohm Potential Model was implemented
- Calibrated Bohm Potential Model was implemented
- Density Gradient corrected and tested
- Full effective potential model was implemented
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 4 2011 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 2.0.0-1
- Bug 731298 - archimedes-2.0.0 is available - new upstream release
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731298 - archimedes-2.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=731298
--------------------------------------------------------------------------------
================================================================================
dspam-3.10.1-2.el5 (FEDORA-EPEL-2011-5158)
A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
Update Information:
Enable Clamav Integration
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 3 2011 Nathanael Noblet <nathanael at gnat.ca> - 3.10.1-2
- enable clamav
- logrotate log ownership
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin3-3.4.8-1.el5 (FEDORA-EPEL-2011-5165)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
Changes for 3.4.8.0 (2011-12-01):
- [interface] enum data split at space char (more space to edit)
- [interface] ENUM/SET editor can't handle commas in values
- [interface] no links to browse/empty views and tables
- [interface] Deleted search results remain visible
- [import] ODS import ignores memory limits
- [interface] Visual column separation
- [parser] TRUE not recognized by parser
- [config] Make location of php-gettext configurable
- [import] Handle conflicts in some open_basedir situations
- [display] Dropdown results - setting NULL does not work
- [edit] Inline edit on multi-server configuration
- [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the view name in main panel db Structure page
- [core] Fail to synchronize column with name of keyword
- [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()'s output
- [GUI] 'newer version of phpMyAdmin' message not shown in IE8
- [interface] Entering the key through a lookup window does not reset NULL
- [security] Self-XSS on database names (synchronize, operations/rename), see PMASA-2011-18 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php)
- [security] Self-XSS on column type (create index, table Search), see PMASA-2011-18 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php)
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 4 2011 Robert Scheck <robert at fedoraproject.org> 3.4.8-1
- Upgrade to 3.4.8 (#759441)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #759441 - phpMyAdmin-3.4.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=759441
--------------------------------------------------------------------------------
================================================================================
torque-2.5.7-7.el5 (FEDORA-EPEL-2011-5161)
Tera-scale Open-source Resource and QUEue manager
--------------------------------------------------------------------------------
Update Information:
Fixes a potential segfault in pbs_server.
This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.
In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.
This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.
In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.
This torque update corrects a security vulnerability whereby a user connecting to the torque pbs_server could impersonate another user present within the torque batch system.
In addition a memory leak is fixed, previously memory used for sending and receiving data was not being released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 3 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-7
- Add torque-2.5.7-rhbz#759141-r5167-pbs_server-crash.patch
- torque clients require munge, e.g qsub.
* Mon Nov 21 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-6
- Add torque-rhbz#758740-r5258-dis-close.patch and
torque-rhbz#758740-r5270-dis-array.patch
* Mon Nov 21 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-5
- Add torque-fix-munge-rhbz#752079-PTII.patch
* Thu Nov 17 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-4
- Empty release for release mistake.
* Thu Nov 17 2011 Steve Traylen <steve.traylen at cern.ch> - 2.5.7-3
- Add torque-fix-munge-rhbz#752079.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #759141 - pbs_server crash on 'pbsnodes' from client without munge
https://bugzilla.redhat.com/show_bug.cgi?id=759141
[ 2 ] Bug #752079 - Torque and Munge impersonation vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=752079
[ 3 ] Bug #758740 - torque 2.5.7 memory leak.
https://bugzilla.redhat.com/show_bug.cgi?id=758740
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list