Fedora EPEL 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Apr 14 18:00:36 UTC 2012
The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5554/phpMyAdmin3-3.5.0-1.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0931/drupal7-ctools-1.0-1.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0352/bugzilla-3.2.10-4.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5561/python26-2.6.8-1.el5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5563/gallery2-2.3.2-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
cobbler-2.2.2-1.el5
drupal6-views-2.16-2.el5
gallery2-2.3.2-1.el5
nagios-plugins-openmanage-3.7.5-1.el5
python26-2.6.8-1.el5
tito-0.4.8-1.el5
Details about builds:
================================================================================
cobbler-2.2.2-1.el5 (FEDORA-EPEL-2012-5555)
Boot server configurator
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 11 2012 James Cammarata <jimi at sngx.net> - 2.2.2-1
- New upstream 2.2.2 release (jimi at sngx.net)
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
drupal6-views-2.16-2.el5 (FEDORA-EPEL-2012-5560)
Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Nov 15 2011 Jon Ciesla <limb at jcomserv.net> - 2.16-1
- Update to 2.16, BZ 754076.
* Fri Nov 4 2011 Jon Ciesla <limb at jcomserv.net> - 2.14-1
- Update to 2.14, BZ 751044.
--------------------------------------------------------------------------------
================================================================================
gallery2-2.3.2-1.el5 (FEDORA-EPEL-2012-5563)
Customizable photo gallery web site
--------------------------------------------------------------------------------
Update Information:
Fixes for CVE-2012-1113, minor XSS vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 12 2012 Jon Ciesla <limburgher at gmail.com> - 2.3.2-1
- Latest upstream, minor security fixes,
- BZ 812048, 812049, 812050.
* Fri Feb 3 2012 Jon Ciesla <limburgher at gmail.com> - 2.3.1-6
- Unbundle php-pear-Mail-Mime, BZ 501867.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Dec 7 2011 Jon Ciesla <limburgher at gmail.com> - 2.3.1-4
- Patch for jpegtran output, BZ 712558.
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Jul 2 2010 Adam Tkac <atkac redhat com> - 2.3.1-2
- jpegtran subpkg: require /usr/bin/jpegtran instead of libjpeg to be compatible
with both libjpeg and libjpeg-turbo
* Thu Dec 17 2009 Jon Ciesla <limb at jcomserv.net> - 2.3.1-1
- 2.3.1, fix for upgrader in PHP 5.3.x.
- smtp patch upstreamed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #812048 - CVE-2012-1113 gallery: XSS flaws in administration area [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=812048
[ 2 ] Bug #812049 - CVE-2012-1113 gallery: XSS flaws in administration area [fedora-rawhide]
https://bugzilla.redhat.com/show_bug.cgi?id=812049
[ 3 ] Bug #812050 - CVE-2012-1113 gallery: XSS flaws in administration area [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=812050
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-openmanage-3.7.5-1.el5 (FEDORA-EPEL-2012-5564)
Nagios plugin to monitor hardware health on Dell servers
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 3.7.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 13 2012 Trond Hasle Amundsen <t.h.amundsen at usit.uio.no> - 3.7.5-1
- Upstream version 3.7.5
--------------------------------------------------------------------------------
================================================================================
python26-2.6.8-1.el5 (FEDORA-EPEL-2012-5561)
An interpreted, interactive, object-oriented programming language
--------------------------------------------------------------------------------
Update Information:
Rebase of python26 from 2.6.5 to 2.6.8 bringing in security fixes, along with other bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 12 2012 David Malcolm <dmalcolm at redhat.com> - 2.6.8-1
- 2.6.8: refresh patch 102 (lib64), patch 52 (valgrind) and patch 110
(ctypes/SELinux); drop upstream patch 11 (tolower), patch 116 (CVE-2010-1634),
patch 117 (CVE-2010-2089), patch 118 (CVE-2008-5983); add patch 200 (Py_DEBUG
and _Py_HashSecret_Initialized); regenerate the autotool intermediates patch
(patch 300)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003)
https://bugzilla.redhat.com/show_bug.cgi?id=750555
[ 2 ] Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
https://bugzilla.redhat.com/show_bug.cgi?id=789790
[ 3 ] Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST)
https://bugzilla.redhat.com/show_bug.cgi?id=812068
--------------------------------------------------------------------------------
================================================================================
tito-0.4.8-1.el5 (FEDORA-EPEL-2012-5569)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Fix mock builds of packages that do not use the standard builder, changelog email issues with interpreting 0 as false, and a broken constructor in the distributionbuilder.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 2 2012 Devan Goodwin <dgoodwin at rm-rf.ca> 0.4.8-1
- Fix MockBuilder for packages that use non-standard builders normally.
(dgoodwin at redhat.com)
- interpret '0' as False for changelog_with_email setting. (msuchy at redhat.com)
* Thu Mar 15 2012 Devan Goodwin <dgoodwin at rm-rf.ca> 0.4.7-1
- Fix issues with DistributionBuilder constructor (dgoodwin at redhat.com)
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list