The following Fedora EPEL 5 Security updates need testing:
Age URL
809
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
659
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849
sblim-sfcb-1.3.8-2.el5
302
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516
mcollective-2.8.4-1.el5
274
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6
thttpd-2.25b-24.el5
57
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c03e77f531
nginx-1.10.1-1.el5
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5475bf961d
lcms2-2.8-2.el5
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-53ac7fc86d
openvpn-2.3.12-1.el5
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f91c5f9cf4
canl-c-2.1.7-1.el5
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-da5e8da1d0
phpMyAdmin4-4.0.10.17-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-3.3.1-3.el5
mksh-53a-1.el5
phpMyAdmin4-4.0.10.17-2.el5
Details about builds:
================================================================================
R-3.3.1-3.el5 (FEDORA-EPEL-2016-0a249168fd)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Fix broken dep on el5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1371184 - R-core-3.3.1-2.el5.i386 from epel has depsolving problems (also
x86_64)
https://bugzilla.redhat.com/show_bug.cgi?id=1371184
--------------------------------------------------------------------------------
================================================================================
mksh-53a-1.el5 (FEDORA-EPEL-2016-267618816a)
MirBSD enhanced version of the Korn Shell
--------------------------------------------------------------------------------
Update Information:
R53a is a snapshot/feature release: * Fix spelling * Unbreak multi-line
command history broken by history flush * Fix redefining POSIX functions that
were Korn functions before * Fix bounds checks in Vi editing mode * Handle
combining characters at end of string or output correctly * Fix ${!#} ${!?}
${!-} (POSIX, prompted by izabera) * Fix shf.c-internal buffer overread on
printing digits * Fix a typo in the testsuite * Increase default edit line
size (unless MKSH_SMALL) * Improve description of Emacs mode keybindings,
especially ^U * Abort read builtin in case of read(2) errors * Fix most of
the ambiguous corner cases related to ${[pfx]var[op[word]]} (${@:-1} still
unsupported) * Contribute some more testsuite coverage * WDS_TPUTS now emits
QCHAR newline reentrant-safe * Fix var=<< implementation (LP#1380389) * Make
XSI test(1) extensions behave as if they were POSIX * Add $(<<<x) and
$(<<EOF���) implementation * Lower minimum screen size accepted as ���sane���
from
the OS to 4��2 * Simplify tilde-expanded parameters * Fix default PS1 for
substring matches * Apply defer-builtin-with-arguments logic to realpath
builtin * Rework string pooling (own vs. compiler���s) (LP#1580348) * Feature:
print -A, prints arguments as characters * Replace <<< and >>> as ROL
and ROR
operators with their new ^< and ^> spelling as per this proposal * Clear-to-
EOL under tmux to work around its anti-feature * Remove support for using file
descriptors with more than a single digit, in preparation for named file
descriptors * Correct, but simplify (at the potential cost of more tty I/O
than strictly necessary, though never redundant and (probably) not more than
before when it was miscalculated), line clearing and redrawing * Implement new
evaluate-region editing command Esc+Ctrl-E * Prefer external rename utility
over the recovery builtin * Remove redundant full-line redraws * Fix
errorlevel of ���.��� (���dot��� special builtin) when the sourced script does not run
any commands, for POSIX compliance * Refactor op tokens and edchars to shave
off some more bytes * Fix some bugs in the manpage and some occasional/minor
code bugs * Mark tests requiring new perl as !need-pass * Add $KSH_MATCH
and, to make it usable, ${foo@/bar/baz} * Fix bogus patch from OpenBSD: only
NULL the global source in unwind when actually reclaiming its Area * Mention
in the manpage that integer bases go up to 36 * Fix /= operator broken during
refactoring
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1370764 - mksh-53a is available
https://bugzilla.redhat.com/show_bug.cgi?id=1370764
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin4-4.0.10.17-2.el5 (FEDORA-EPEL-2016-da5e8da1d0)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.17 (2016-08-16) ================================= This
release includes many security fixes of various levels of severity. Upstream
recommends all users of the 4.0 branch upgrade to this release immediately. For
full information on the vulnerabilities fixed and mitigation factors for users
who are unable to upgrade, refer to the ChangeLog file included with this
release and the security announcements at
https://www.phpmyadmin.net/security/
--------------------------------------------------------------------------------