The following Fedora EPEL 5 Security updates need testing: Age URL 809 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5 659 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 302 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5 274 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5 57 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c03e77f531 nginx-1.10.1-1.el5 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5475bf961d lcms2-2.8-2.el5 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-53ac7fc86d openvpn-2.3.12-1.el5 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f91c5f9cf4 canl-c-2.1.7-1.el5 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-da5e8da1d0 phpMyAdmin4-4.0.10.17-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
R-3.3.1-3.el5 mksh-53a-1.el5 phpMyAdmin4-4.0.10.17-2.el5
Details about builds:
================================================================================ R-3.3.1-3.el5 (FEDORA-EPEL-2016-0a249168fd) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Fix broken dep on el5. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1371184 - R-core-3.3.1-2.el5.i386 from epel has depsolving problems (also x86_64) https://bugzilla.redhat.com/show_bug.cgi?id=1371184 --------------------------------------------------------------------------------
================================================================================ mksh-53a-1.el5 (FEDORA-EPEL-2016-267618816a) MirBSD enhanced version of the Korn Shell -------------------------------------------------------------------------------- Update Information:
R53a is a snapshot/feature release: * Fix spelling * Unbreak multi-line command history broken by history flush * Fix redefining POSIX functions that were Korn functions before * Fix bounds checks in Vi editing mode * Handle combining characters at end of string or output correctly * Fix ${!#} ${!?} ${!-} (POSIX, prompted by izabera) * Fix shf.c-internal buffer overread on printing digits * Fix a typo in the testsuite * Increase default edit line size (unless MKSH_SMALL) * Improve description of Emacs mode keybindings, especially ^U * Abort read builtin in case of read(2) errors * Fix most of the ambiguous corner cases related to ${[pfx]var[op[word]]} (${@:-1} still unsupported) * Contribute some more testsuite coverage * WDS_TPUTS now emits QCHAR newline reentrant-safe * Fix var=<< implementation (LP#1380389) * Make XSI test(1) extensions behave as if they were POSIX * Add $(<<<x) and $(<<EOF���) implementation * Lower minimum screen size accepted as ���sane��� from the OS to 4��2 * Simplify tilde-expanded parameters * Fix default PS1 for substring matches * Apply defer-builtin-with-arguments logic to realpath builtin * Rework string pooling (own vs. compiler���s) (LP#1580348) * Feature: print -A, prints arguments as characters * Replace <<< and >>> as ROL and ROR operators with their new ^< and ^> spelling as per this proposal * Clear-to- EOL under tmux to work around its anti-feature * Remove support for using file descriptors with more than a single digit, in preparation for named file descriptors * Correct, but simplify (at the potential cost of more tty I/O than strictly necessary, though never redundant and (probably) not more than before when it was miscalculated), line clearing and redrawing * Implement new evaluate-region editing command Esc+Ctrl-E * Prefer external rename utility over the recovery builtin * Remove redundant full-line redraws * Fix errorlevel of ���.��� (���dot��� special builtin) when the sourced script does not run any commands, for POSIX compliance * Refactor op tokens and edchars to shave off some more bytes * Fix some bugs in the manpage and some occasional/minor code bugs * Mark tests requiring new perl as !need-pass * Add $KSH_MATCH and, to make it usable, ${foo@/bar/baz} * Fix bogus patch from OpenBSD: only NULL the global source in unwind when actually reclaiming its Area * Mention in the manpage that integer bases go up to 36 * Fix /= operator broken during refactoring -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370764 - mksh-53a is available https://bugzilla.redhat.com/show_bug.cgi?id=1370764 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin4-4.0.10.17-2.el5 (FEDORA-EPEL-2016-da5e8da1d0) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 4.0.10.17 (2016-08-16) ================================= This release includes many security fixes of various levels of severity. Upstream recommends all users of the 4.0 branch upgrade to this release immediately. For full information on the vulnerabilities fixed and mitigation factors for users who are unable to upgrade, refer to the ChangeLog file included with this release and the security announcements at https://www.phpmyadmin.net/security/ --------------------------------------------------------------------------------