The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5749/mozilla-https-... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5859/perl-Config-In...
The following builds have been pushed to Fedora EPEL 5 updates-testing
lcgdm-dav-0.8.0-1.el5 litmus-0.13-5.el5 nagios-plugins-lcgdm-0.8.0-1.el5 perl-Config-IniFiles-2.72-1.el5 plowshare-0.9.4-0.30.20120511git.el5
Details about builds:
================================================================================ lcgdm-dav-0.8.0-1.el5 (FEDORA-EPEL-2012-5855) HTTP/DAV front end to the DPM/LFC services -------------------------------------------------------------------------------- Update Information:
Update for new upstream release (0.8.0). -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 25 2012 Ricardo Rocha ricardo.rocha@cern.ch - 0.8.0-1 - Update for new upstream release - Added build dependencies on json-c-devel and neon-devel - Added provides/requires for compatibility with gLite packaging * Fri Mar 30 2012 Ricardo Rocha ricardo.rocha@cern.ch - 0.7.0-2 - Update for httpd-mmn --------------------------------------------------------------------------------
================================================================================ litmus-0.13-5.el5 (FEDORA-EPEL-2012-5852) WebDAV server compliance test suite -------------------------------------------------------------------------------- Update Information:
This update fixes an issue with a 'foo' missing file in htdocs, required at runtime. -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 16 2012 Ricardo Rocha ricardo.rocha@cern.ch - 0.13-4 - Removed data dir cleanup, files are needed at runtime (bug #800477) * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.13-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #800477 - could not open /usr/share/litmus/htdocs/foo: No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=800477 --------------------------------------------------------------------------------
================================================================================ nagios-plugins-lcgdm-0.8.0-1.el5 (FEDORA-EPEL-2012-5851) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information:
Update for new upstream release. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 26 2012 Ricardo Rocha ricardo.rocha@cern.ch - 0.8.0-1 - Update for new upstream release - Moved nagios configuration files to separate package (nagios-lcgdm) --------------------------------------------------------------------------------
================================================================================ perl-Config-IniFiles-2.72-1.el5 (FEDORA-EPEL-2012-5859) A module for reading .ini-style configuration files -------------------------------------------------------------------------------- Update Information:
Update to 2.72, fixes CVE-2012-2451. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 11 2012 Tom Callaway spot@fedoraproject.org - 2.72-1 - update to 2.72 - notable fix: SECURITY BUG FIX: Config::IniFiles used to write to a temporary filename with a predictable name ("${filename}-new") which opens the door for potential exploits. Fixes CVE-2012-2451 - disable tests for epel -------------------------------------------------------------------------------- References:
[ 1 ] Bug #818430 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=818430 [ 2 ] Bug #818431 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=818431 --------------------------------------------------------------------------------
================================================================================ plowshare-0.9.4-0.30.20120511git.el5 (FEDORA-EPEL-2012-5850) Download and upload files from file-sharing websites -------------------------------------------------------------------------------- Update Information:
New upstream snapshot. -------------------------------------------------------------------------------- ChangeLog:
* Sat May 12 2012 Elder Marco eldermarco@fedoraproject.org - 0.9.4-0.30.20120511git - New upstream snapshot --------------------------------------------------------------------------------