The following Fedora EPEL 5 Security updates need testing:
Age URL
559
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
73
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61...
49
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11887/salt-0.17....
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12004/GraphicsMa...
The following builds have been pushed to Fedora EPEL 5 updates-testing
GraphicsMagick-1.3.18-2.el5
pcp-3.8.6-1.el5
Details about builds:
================================================================================
GraphicsMagick-1.3.18-2.el5 (FEDORA-EPEL-2013-12004)
An ImageMagick fork, offering faster image generation and better quality
--------------------------------------------------------------------------------
Update Information:
Update to the latest GraphicsMagick release, includes an important security-related fix
for exporting (some) 8-bit images.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 26 2013 Rex Dieter <rdieter(a)fedoraproject.org> 1.3.18-2
- GraphicsMagick needs to recognize aarch64 as 64bit arch (#978351)
* Mon Mar 11 2013 Rex Dieter <rdieter(a)fedoraproject.org> - 1.3.18-1
- 1.3.18 (#920064)
- add %rhel conditionals
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.17-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 1.3.17-3
- rebuild due to "jpeg8-ABI" feature drop
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 1.3.17-2
- rebuild against new libjpeg
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1019085 - graphicsmagick: 8-bit RGBA images export DoS vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1019085
--------------------------------------------------------------------------------
================================================================================
pcp-3.8.6-1.el5 (FEDORA-EPEL-2013-12010)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Update to upstream bugfix release
Update to upstream bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 1 2013 Nathan Scott <nathans(a)redhat.com> - 3.8.6-1
- Update to latest PCP sources.
- Rework pmpost test which confused virus checkers (BZ 1024850)
- Tackle pmatop reporting issues via alternate metrics (BZ 998735)
* Fri Oct 18 2013 Nathan Scott <nathans(a)redhat.com> - 3.8.5-1
- Update to latest PCP sources.
- Disable pcp-pmda-infiniband sub-package on RHEL5 (BZ 1016368)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1024850 - pmpost-exploit.c detected as false positive by antivirus
https://bugzilla.redhat.com/show_bug.cgi?id=1024850
[ 2 ] Bug #998735 - Several pmatop reporting/output oddities
https://bugzilla.redhat.com/show_bug.cgi?id=998735
--------------------------------------------------------------------------------