The following Fedora EPEL 5 Security updates need testing:
Age URL
957
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
411
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
176
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
71
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2853/mediawiki11...
30
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2....
25
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-...
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4147/lsyncd-2.1....
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4221/wordpress-4...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4228/drupal6-6.3...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4231/perltidy-20...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4205/drupal7-7.3...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4275/hivex-1.3.5...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4408/libyaml-0.1...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4402/antiword-0....
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4403/pkcs11-help...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4430/phpMyAdmin4...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4441/icecast-2.4...
The following builds have been pushed to Fedora EPEL 5 updates-testing
2048-cli-0.8-2.el5
edg-mkgridmap-4.0.1-1.el5
icecast-2.4.1-1.el5
phpMyAdmin4-4.0.10.7-1.el5
Details about builds:
================================================================================
2048-cli-0.8-2.el5 (FEDORA-EPEL-2014-4459)
The game 2048 for your Linux terminal
--------------------------------------------------------------------------------
Update Information:
initial rpm-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170231 - Review Request: 2048-cli - The game 2048 for your Linux terminal
https://bugzilla.redhat.com/show_bug.cgi?id=1170231
--------------------------------------------------------------------------------
================================================================================
edg-mkgridmap-4.0.1-1.el5 (FEDORA-EPEL-2014-4416)
A tool to build the grid map-file from VO servers
--------------------------------------------------------------------------------
Update Information:
Update for upstream release 4.0.1
Added missing dependency on "perl(LWP::Protocol::https)"
Added missing dependency on "perl(LWP::Protocol::https)"
Added missing dependency on "perl(LWP::Protocol::https)"
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 3 2014 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 4.0.1-1
- New upstream release
* Fri Nov 21 2014 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 4.0.0-8
- Added Requires perl(LWP::Protocol::https)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.0.0-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.0.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 4.0.0-5
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165991 - edg-mkgridmap missing dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1165991
--------------------------------------------------------------------------------
================================================================================
icecast-2.4.1-1.el5 (FEDORA-EPEL-2014-4441)
ShoutCast compatible streaming media server
--------------------------------------------------------------------------------
Update Information:
**fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)**
**fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)**
**enabled fully hardened build (#954320)**
* update new to release v2.4.1 (#1101950)
* added doc-subpkg
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Björn Esser <bjoern.esser(a)gmail.com> - 2.4.1-1
- update new to release v2.4.1 (#1101950)
- fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)
- fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)
- unified spec-file for el5+ and Fedora
- some improvements to readability
- added doc-subpkg
* Thu Dec 4 2014 Björn Esser <bjoern.esser(a)gmail.com> - 2.3.3-6
- enabled fully hardened build (#954320)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.3-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.3.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168146 - CVE-2014-9091 icecast: supplementary groups are not overriden
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
[ 2 ] Bug #1165880 - CVE-2014-9018 icecast: possible leak of on-connect scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin4-4.0.10.7-1.el5 (FEDORA-EPEL-2014-4430)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.7 (2014-12-03)
================================
- [security] DOS attack with long passwords
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Robert Scheck <robert(a)fedoraproject.org> 4.0.10.7-1
- Upgrade to 4.0.10.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170597 - CVE-2014-9218 phpMyAdmin: Denial of Service with long passwords
https://bugzilla.redhat.com/show_bug.cgi?id=1170597
--------------------------------------------------------------------------------