The following Fedora EPEL 5 Security updates need testing:
Age URL
972
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
426
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
191
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
44
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2....
40
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4475/pwgen-2.07-...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4527/xrdp-0.6.1-...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4620/pywebdav-0....
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4520/firebird-2....
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4674/denyhosts-2...
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4743/ettercap-0....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4803/libssh-0.5....
The following builds have been pushed to Fedora EPEL 5 updates-testing
libssh-0.5.5-3.el5
pakiti-3.0.0-1.el5
tcpreplay-4.1.0-1.el5
Details about builds:
================================================================================
libssh-0.5.5-3.el5 (FEDORA-EPEL-2014-4803)
A library implementing the SSH2 protocol (0xbadc0de version)
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-8132.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 19 2014 - Andreas Schneider <asn(a)redhat.com> - 0.5.5-3
- Security fix for CVE-2014-8132.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1158089 - CVE-2014-8132 libssh: Possible double free on a dangling pointer
with crafted kexinit packet
https://bugzilla.redhat.com/show_bug.cgi?id=1158089
--------------------------------------------------------------------------------
================================================================================
pakiti-3.0.0-1.el5 (FEDORA-EPEL-2014-4802)
Patching status monitoring tool
--------------------------------------------------------------------------------
Update Information:
Initial release for pakiti 3.0.0
--------------------------------------------------------------------------------
================================================================================
tcpreplay-4.1.0-1.el5 (FEDORA-EPEL-2014-4790)
Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:
Enhancement:\r\n- Quick TX bypass module for Linux Kernel - allows Tcpreplay to bypass the
kernel network stack and write directly to the network driver. Doing so allows up to
wire-rate transmissions (tested up to 10Gbps).\r\n\r\nFixes include:\r\n- Do not build
Quick TX modules on OS X (#164)\r\n- Add a flag to customize netmap delay (#160)\r\n- Fix
some compile wwarnings (#159)\r\n- Disabled QuickTX build by default (#157)\r\n- Less
verbose build (#154)\r\n- Add a loop delay option (#125)\r\n- CentOS 6.5 kernel panic on
Quick TX init (#146)\r\n- Fix libpcap not found on CentOS 7 (#145)\r\n- Segfault in
tcpliveplay on x86_64 (#132)\r\n- Sometimes unable to interrupt with Ctrl-C (#129)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 18 2014 Bojan Smojver <bojan@rexursive com> - 4.1.0-1
- bump up to 4.1.0
* Sun Sep 7 2014 Bojan Smojver <bojan@rexursive com> - 4.0.5-1
- bump up to 4.0.5
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.0.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.0.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------