Fedora EPEL 5 updates-testing report

The following Fedora EPEL 5 Security updates need testing:

https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3873 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4689 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-3762 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4674 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4748 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4749

The following builds have been pushed to Fedora EPEL 5 updates-testing

cherokee-1.2.101-1.el5 clamav-0.97.3-1.el5 facter-1.6.2-1.el5 findthatword-0.1-3.el5 flashrom-0.9.4-2.svn1455.el5 netdisco-1.1-1.el5 perl-SNMP-Info-2.06-1.el5 znc-infobot-0.202-1.el5

Details about builds:

================================================================================ cherokee-1.2.101-1.el5 (FEDORA-EPEL-2011-4749) Flexible and Fast Webserver -------------------------------------------------------------------------------- Update Information:

Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 -------------------------------------------------------------------------------- ChangeLog:

* Wed Oct 19 2011 Pavel Lisý pali@fedoraproject.org - 1.2.101-1 - Latest 1.2.x upstream release * Tue Oct 18 2011 Pavel Lisý pali@fedoraproject.org - 1.2.100-2 - Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel * Mon Oct 10 2011 Pavel Lisý pali@fedoraproject.org - 1.2.100-1 - Latest 1.2.x upstream release - .spec corrections for optional build for systemd - Resolves bz 710474 - Resolves bz 713307 - Resolves bz 680691 * Wed Sep 14 2011 Pavel Lisý pali@fedoraproject.org - 1.2.99-2 - .spec corrections for EL4 build -------------------------------------------------------------------------------- References:

[ 1 ] Bug #746532 - Cherokee 1.2.100 RPMs built without LDAP, GeoIP support https://bugzilla.redhat.com/show_bug.cgi?id=746532 [ 2 ] Bug #710474 - cherokee: A weakness in Cherokee’s administrative interface random administrator password generation [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=710474 [ 3 ] Bug #713307 - CVE-2011-2190 CVE-2011-2191 cherokee: multiple vulnerabilities [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=713307 [ 4 ] Bug #680691 - cherokee uses libssl from openssl >1.0, when opensssl <1.0 is current in repository https://bugzilla.redhat.com/show_bug.cgi?id=680691 --------------------------------------------------------------------------------

================================================================================ clamav-0.97.3-1.el5 (FEDORA-EPEL-2011-4748) Anti-virus software -------------------------------------------------------------------------------- Update Information:

CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3 -------------------------------------------------------------------------------- ChangeLog:

* Tue Oct 18 2011 Nick Bebout nb@fedoraproject.org - 0.97.3-1 - Update to 0.97.3 - Fix CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3 * Thu Aug 4 2011 Jan-Frode Myklebuust janfrode@tanso.net - 0.97.2-5 - Configure MilterSocket, PidFile and MilterSocket in clamav-milter.conf. (bz#727894) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #725694 - CVE-2011-2721 Clam AntiVirus: Off-by-one error by scanning message hashes https://bugzilla.redhat.com/show_bug.cgi?id=725694 [ 2 ] Bug #746984 - CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3 https://bugzilla.redhat.com/show_bug.cgi?id=746984 --------------------------------------------------------------------------------

================================================================================ facter-1.6.2-1.el5 (FEDORA-EPEL-2011-4739) Ruby module for collecting simple facts about a host operating system -------------------------------------------------------------------------------- Update Information:

This is an upstream bugfix release. One new addition that is of interest is the osfamily fact. For details on the fixes refer to the upstream release announcement:

http://groups.google.com/group/puppet-users/msg/9856678279f498a5 -------------------------------------------------------------------------------- ChangeLog:

* Sat Oct 15 2011 Todd Zullinger tmz@pobox.com - 1.6.2-1 - Update to 1.6.2 - Update source URL --------------------------------------------------------------------------------

================================================================================ findthatword-0.1-3.el5 (FEDORA-EPEL-2011-4725) A word search maker -------------------------------------------------------------------------------- Update Information:

New package. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #746520 - Review Request: findthatword - A word search maker https://bugzilla.redhat.com/show_bug.cgi?id=746520 --------------------------------------------------------------------------------

================================================================================ flashrom-0.9.4-2.svn1455.el5 (FEDORA-EPEL-2011-4746) Simple program for reading/writing BIOS chips content -------------------------------------------------------------------------------- Update Information:

- Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4) - Added lots of new boards and several chipsets and flashchips - Lots of other cleanups and enhancements -------------------------------------------------------------------------------- ChangeLog:

* Fri Oct 21 2011 Peter Lemenkov lemenkov@gmail.com - 0.9.4-2.svn1455 - Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4) - Added lots of new boards and several chipsets and flashchips - Lots of other cleanups and enhancements --------------------------------------------------------------------------------

================================================================================ netdisco-1.1-1.el5 (FEDORA-EPEL-2011-4745) A web-based network management tool -------------------------------------------------------------------------------- Update Information:

Update to version 1.1 -------------------------------------------------------------------------------- ChangeLog:

--------------------------------------------------------------------------------

================================================================================ perl-SNMP-Info-2.06-1.el5 (FEDORA-EPEL-2011-4732) Object Oriented Perl5 Interface to Network devices and MIBs through SNMP -------------------------------------------------------------------------------- Update Information:

Update to version 2.06 -------------------------------------------------------------------------------- ChangeLog:

--------------------------------------------------------------------------------

================================================================================ znc-infobot-0.202-1.el5 (FEDORA-EPEL-2011-4734) infobot module for ZNC IRC Bouncer -------------------------------------------------------------------------------- Update Information:

Build znc-infobot against 0.202 Initial Package Build Initial Package Build Initial Package for F14. Initial Package build for F15 ZNC-Infobot initial package built --------------------------------------------------------------------------------