EPEL Fedora 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Mar 29 19:18:45 UTC 2014 

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 706  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
 197  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0.8.10-4.el5
 161  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
 136  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12091/bip-0.8.9-1.el5
  41  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1.el5
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0837/lighttpd-1.4.35-1.el5
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0834/389-ds-base-1.2.11.28-1.el5
  13  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0840/mediawiki119-1.19.13-1.el5
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0918/php-pecl-Fileinfo-1.0.4-3.el5,php-pecl-zip-1.8.10-3.el5,php-extras-5.1.6-6.el5
   3  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0952/check-mk-1.2.4-1.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0984/munin-2.0.20-1.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0988/libyaml-0.1.2-7.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    lcgdm-1.8.8-3.el5
    libyaml-0.1.2-7.el5
    munin-2.0.20-1.el5

Details about builds:


================================================================================
 lcgdm-1.8.8-3.el5 (FEDORA-EPEL-2014-0995)
 LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:

Backported patch for GLOBUS_THREAD_MODEL
Update for new upstream release 1.8.8
Update for new upstream release 1.8.8
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 28 2014 Alejandro Alvarez <aalvarez at cern.ch> - 1.8.8-3
- Patch: dpm-drain: needs GLOBUS_THREAD_MODEL set
* Fri Mar 14 2014 Alejandro Alvarez <aalvarez at cern.ch> - 1.8.8-2
- Upstream provided a wrong tag by mistake. Rebuild with the new code
* Wed Mar 12 2014 Alejandro Alvarez <aalvarez at cern.ch> - 1.8.8-1
- Update for new upstream release
--------------------------------------------------------------------------------


================================================================================
 libyaml-0.1.2-7.el5 (FEDORA-EPEL-2014-0988)
 YAML 1.1 parser and emitter written in C
--------------------------------------------------------------------------------
Update Information:

Fixes for CVE-2014-2525
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 27 2014 John Eckersberg <jeckersb at redhat.com> - 0.1.2-7
- Add patch for CVE-2014-2525 (bz1078083)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1078083 - CVE-2014-2525 libyaml: heap-based buffer overflow when parsing URLs
        https://bugzilla.redhat.com/show_bug.cgi?id=1078083
--------------------------------------------------------------------------------


================================================================================
 munin-2.0.20-1.el5 (FEDORA-EPEL-2014-0984)
 Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:

Upstream released 2.0.20
- BZ# 1082162: munin-asyncd doesn't get added to chkconfig
minor bugfix release:
- BZ# 1081254: Start asyncd after node
- BZ# 1028075: munin-node doesn't get added to chkconfig
Upstream update to 2.0.18, fixes CVE-2013-6359
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 28 2014 "D. Johnson" <fenris02 at fedoraproject.org> - 2.0.20-1
- Upstream released 2.0.20
- BZ# 1082162: munin-asyncd doesn't get added to chkconfig
* Wed Mar 26 2014 D. Johnson <fenris02 at fedoraproject.org> - 2.0.19-2
- BZ# 1081254: Start asyncd after node
- BZ# 1028075: munin-node doesn't get added to chkconfig
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1037888 - CVE-2013-6048 CVE-2013-6359 munin: two denial of service flaws fixed in 2.0.18
        https://bugzilla.redhat.com/show_bug.cgi?id=1037888
--------------------------------------------------------------------------------

More information about the epel-devel mailing list