The following Fedora EPEL 5 Security updates need testing:
https://admin.fedoraproject.org/updates/mantis-1.1.8-5.el5
https://admin.fedoraproject.org/updates/libsndfile-1.0.17-4.el5
https://admin.fedoraproject.org/updates/wordpress-2.8.6-3.el5
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.el5
https://admin.fedoraproject.org/updates/collectd-4.10.2-1.el5
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
erlang-pgsql-0-6.20101203svn.el5
lzop-1.03-2.el5
wordpress-mu-2.9.2-2.el5
Details about builds:
================================================================================
erlang-pgsql-0-6.20101203svn.el5 (FEDORA-EPEL-2010-3865)
Erlang PostgreSQL interface
--------------------------------------------------------------------------------
Update Information:
- Upgrade to SVN 20101203 and some spec file cleanup
- Narrowed explicit requires (thanks to Peter Lemenkov)
- Dropped -devel subpackage (thanks to Peter Lemenkov)
- Corrected wrong subpackage obsolete (thanks to Michael Schwendt)
SVN 20101203 contains the following upstream changes:
- Support PostgreSQL 9.0 (EJAB-1359) (thanks to Stephen Gibberd and Konstantin Nikiforov)
- Support for NULL type (thanks to UJvu)
- Replace TYPE/1 with is_TYPE/1 (EJAB-922)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 1 2011 Robert Scheck <robert(a)fedoraproject.org> 0-6.20101203svn
- Corrected wrong subpackage obsolete (thanks to Michael Schwendt)
* Thu Dec 30 2010 Robert Scheck <robert(a)fedoraproject.org> 0-5.20101203svn
- Upgrade to SVN 20101203 and some spec file cleanup
- Narrowed explicit requires (thanks to Peter Lemenkov)
- Dropped -devel subpackage (thanks to Peter Lemenkov)
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0-4.20080825svn
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Feb 23 2009 Robert Scheck <robert(a)fedoraproject.org> 0-3.20080825svn
- Rebuild against rpm 4.6
--------------------------------------------------------------------------------
================================================================================
lzop-1.03-2.el5 (FEDORA-EPEL-2011-0001)
Real-time file compressor
--------------------------------------------------------------------------------
Update Information:
- Update to 1.03
- Minor spec file cleanups
- Corrected %description
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 31 2010 Robert Scheck <robert(a)fedoraproject.org> 1.03-2
- Minor spec file cleanups and updated %description
* Tue Dec 7 2010 Kamil Dudka <kdudka(a)redhat.com> - 1.03-1
- update to 1.03
* Wed Mar 3 2010 Kamil Dudka <kdudka(a)redhat.com> - 1.02-0.9.rc1
- license changed to GPLv2+
- added -q option to %setup
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.02-0.8.rc1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Feb 23 2009 Robert Scheck <robert(a)fedoraproject.org> 1.02-0.7.rc1
- Rebuild against gcc 4.4 and rpm 4.6
--------------------------------------------------------------------------------
================================================================================
wordpress-mu-2.9.2-2.el5 (FEDORA-EPEL-2011-0002)
WordPress-MU multi-user blogging software
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 2.9.2, fixing one security issue:
* CVE-2010-0682
https://core.trac.wordpress.org/changeset/13117
plus a backported security fix:
* CVE-2010-4257
https://core.trac.wordpress.org/changeset/16625
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 23 2010 Jon Ciesla <limb(a)jcomserv.net> - 2.9.2-2
- Change Requires from httpd to webserver, BZ 523480.
- Patch for security vulnerability, BZ 659319.
* Mon May 10 2010 Bret McMillan <bretm(a)redhat.com> - 2.9.2-1
- updating to 2.9.2
* Fri Jan 29 2010 Bret McMillan <bretm(a)redhat.com> - 2.9.1.1-1
- collected bug fixes and enhancements from wordpress 2.9.x merged into wpmu 2.9.1
- Plugins options fix:
http://trac.mu.wordpress.org/ticket/1193
- wp_getUserBlogs fix:
http://trac.mu.wordpress.org/ticket/1195
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #659265 - CVE-2010-4257 Wordpress: SQL injection flaw by processing
trackbacks
https://bugzilla.redhat.com/show_bug.cgi?id=659265
--------------------------------------------------------------------------------