Fedora EPEL 5 updates-testing report

Thu Aug 16 18:01:40 UTC 2012

The following builds have been pushed to Fedora EPEL 5 updates-testing

    erlang-meck-0.7.1-4.el5
    pcp-3.6.5-1.el5
    perl-Sys-MemInfo-0.91-3.el5
    phpMyAdmin3-3.5.2.2-1.el5

Details about builds:

================================================================================
 erlang-meck-0.7.1-4.el5 (FEDORA-EPEL-2012-6732)
 A mocking library for Erlang
--------------------------------------------------------------------------------
Update Information:

* Fix building on EL5
--------------------------------------------------------------------------------

================================================================================
 pcp-3.6.5-1.el5 (FEDORA-EPEL-2012-6733)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:

Security and bugfix update. Security flaws fixed include CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 and CVE-2012-3421
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 16 2012 Mark Goodwin <mgoodwin at redhat.com> - 3.6.5-1
- Update to latest PCP sources, see installed CHANGELOG for details.
- Fix security flaws: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 and CVE-2012-3421 (BZ 848629)
* Thu Jul 19 2012 Mark Goodwin <mgoodwin at redhat.com>
- pmcd and pmlogger services are not supposed to be enabled by default (BZ 840763) - 3.6.3-1.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #841698 - CVE-2012-3418 pcp: multiple integer and heap-based buffer overflow flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=841698
  [ 2 ] Bug #841702 - CVE-2012-3419 pcp: privileged information diclosure flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=841702
  [ 3 ] Bug #841704 - CVE-2012-3420 pcp: two memory leaks can lead to pcmd crash or trigger OOM killer
        https://bugzilla.redhat.com/show_bug.cgi?id=841704
  [ 4 ] Bug #841706 - CVE-2012-3421 pcp: event-driven programming flaw blocks pmcd from responding to other legitimate requests
        https://bugzilla.redhat.com/show_bug.cgi?id=841706
--------------------------------------------------------------------------------

================================================================================
 perl-Sys-MemInfo-0.91-3.el5 (FEDORA-EPEL-2012-6730)
 Sys::MemInfo Perl module
--------------------------------------------------------------------------------
Update Information:

Sys::MemInfo return the total amount of free and used physical memory in bytes in totalmem and freemem variables.

--------------------------------------------------------------------------------

================================================================================
 phpMyAdmin3-3.5.2.2-1.el5 (FEDORA-EPEL-2012-6737)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 3.5.2.2 (2012-08-12)
===============================

  * [security] Fixed XSS vulnerabilities, see PMASA-2012-4 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php)

phpMyAdmin 3.5.2.1 (2012-08-03)
===============================

  * [security] Fixed local path disclosure vulnerability, see PMASA-2012-3 (http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 15 2012 Robert Scheck <robert at fedoraproject.org> 3.5.2.2-1
- Upgrade to 3.5.2.2 (#845736)
* Sat Aug 11 2012 Robert Scheck <robert at fedoraproject.org> 3.5.2.1-1
- Upgrade to 3.5.2.1 (#845736)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #845736 - phpMyAdmin-3.5.2.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=845736
--------------------------------------------------------------------------------