The following Fedora EPEL 5 Security updates need testing:
Age URL
796
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3....
250
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
131
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2....
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1651/python-jinj...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1646/python26-ji...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1697/zabbix20-2....
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki11...
The following builds have been pushed to Fedora EPEL 5 updates-testing
CGSI-gSOAP-1.3.6-2.el5
drupal7-languageicons-1.1-1.el5
drupal7-taxonomy_access_fix-2.1-1.el5
gccxml-0.9.0-0.23.20140610.gita012b8fe.el5
gle-4.2.4c-14.el5
libsodium-0.5.0-1.el5
mediawiki119-1.19.17-1.el5
mozilla-https-everywhere-3.5.3-1.el5
python-okaara-1.0.35-1.el5
voms-2.0.11-6.el5
Details about builds:
================================================================================
CGSI-gSOAP-1.3.6-2.el5 (FEDORA-EPEL-2014-1758)
GSI plugin for gSOAP
--------------------------------------------------------------------------------
Update Information:
Updated to 1.3.6 release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 27 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.3.6-2
- Update the source description for the new release
* Fri Jun 27 2014 Alejandro Alvarez Ayllon <aalvarez(a)cern.ch> - 1.3.6-1
- Update for new upstream release
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.5-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Oct 18 2013 Adrien Devresse <adevress at cern.ch> - 1.3.5-7
- Rebuilt for gsoap release
* Thu Aug 8 2013 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.3.5-6
- Use _pkgdocdir
* Fri Aug 2 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.5-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.5-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
drupal7-languageicons-1.1-1.el5 (FEDORA-EPEL-2014-1736)
Adds icons to language links
--------------------------------------------------------------------------------
Update Information:
[
1.1](https://www.drupal.org/node/2264675)
------------------------------------------
* Fixed passing of Image class attribute. (#2230323)
* Removed unnecessary file list in info file. (#1554200)
* Set the module category to "Multilingual". (#2047503)
* Add link to the configuration page via the info file. (#1626648)
* Renamed the module back to "Language Icons". (#1954058)
* New flags:
* Filipino (#1796274)
* Afrikaans (South African) (#1471600)
* Malaysian (#2230379)
* Tibetan (#1961450)
* Belarus (#1309930)
* Somali (#551092)
See the [Git
log](http://drupalcode.org/project/languageicons.git/log/7.x-1.0..7.x-1.1)
for a full changelog.
--------------------------------------------------------------------------------
================================================================================
drupal7-taxonomy_access_fix-2.1-1.el5 (FEDORA-EPEL-2014-1750)
Fixes the crooked access checks for Taxonomy pages
--------------------------------------------------------------------------------
Update Information:
[
2.1](https://www.drupal.org/node/2274235)
------------------------------------------
* Issue #2157451
* Issue #2211281
See the [Git
log](http://cgit.drupalcode.org/taxonomy_access_fix/log/?id=7.x-2.0..7.x-...
for a full changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 2.1-1
- Updated to 2.1 (BZ #1101179; release notes
https://www.drupal.org/node/2274235)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1101179 - drupal7-taxonomy_access_fix-2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1101179
--------------------------------------------------------------------------------
================================================================================
gccxml-0.9.0-0.23.20140610.gita012b8fe.el5 (FEDORA-EPEL-2014-1737)
XML output extension to GCC
--------------------------------------------------------------------------------
Update Information:
Now contains upstream's support files for gcc 4.9
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> -
0.9.0-0.23.20140610.gita012b8fe
- Updated git snapshot
- Now contains support files for gcc 4.9
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.9.0-0.22.20131209.git9a114c0c
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 23 2014 Brent Baude <baude(a)us.ibm.com> - 0.9.0-0.21.20131209.git9a114c0c
- Adding ppc64le support
--------------------------------------------------------------------------------
================================================================================
gle-4.2.4c-14.el5 (FEDORA-EPEL-2014-1754)
Graphics Layout Engine
--------------------------------------------------------------------------------
Update Information:
First releases in EPEL5 and EPEL6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #229676 - Review Request: gle - Graphics Layout Engine
https://bugzilla.redhat.com/show_bug.cgi?id=229676
--------------------------------------------------------------------------------
================================================================================
libsodium-0.5.0-1.el5 (FEDORA-EPEL-2014-1742)
A fork of networking and cryptography library with compatible APIs
--------------------------------------------------------------------------------
Update Information:
Initial EL5 build
--------------------------------------------------------------------------------
================================================================================
mediawiki119-1.19.17-1.el5 (FEDORA-EPEL-2014-1747)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
Update to 1.19.17.
Fixes various security issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Patrick Uiterwijk <puiterwijk(a)redhat.com> - 1.19.17-1
- Update to 1.19.17
- (bug 65839) SECURITY: Prevent external resources in SVG files
- (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only
extracting the tail of the file partially or not at all
* Wed Jun 25 2014 Patrick Uiterwijk <puiterwijk(a)redhat.com> - 1.19.16-1
- Update to 1.19.16
- (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1113134 - mediawiki: security update
https://bugzilla.redhat.com/show_bug.cgi?id=1113134
[ 2 ] Bug #1104222 - CVE-2014-3966 mediawiki: XSS flaw due to improper parsing of
Special:PasswordReset
https://bugzilla.redhat.com/show_bug.cgi?id=1104222
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.5.3-1.el5 (FEDORA-EPEL-2014-1743)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
The cake is not a lie!
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 25 2014 Russell Golden <niveusluna(a)niveusluna.org> - 3.5.3-1
- Now works when installed globally!
- Various ruleset fixes, including PCWorld.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 30 2014 Russell Golden <niveusluna(a)niveusluna.org> - 3.5.1-1
- Revert
https://github.com/EFForg/https-everywhere/pull/134 due to YouTube
-- breakage.
- Re-enable ability to see all rulesets in enable/disable dialog.
- Added more Debian coverage.
- Fixes to Doubleclick, Guardian, Heroku, Home Depot, HypeMachine, IMDB,
-- Justin.tv, Kikatek, Mozilla, MyFitnessPal, Pinterest, XKCD, Reuters,
-- Technet, Tumblr, Wordpress, Yandex, Youtube, Flickr.
- Fix Australis icon positioning:
--
https://github.com/EFForg/https-everywhere/pull/216
* Wed Apr 16 2014 Russell Golden <niveusluna(a)niveusluna.org> - 3.5-1
- Merge all non-ruleset changes from 4.0development.16
- Merge all new/modified rulesets from 4.0development.16 that are
-- in the Alexa Top 1000 using utils/alexa-ruleset-checker.py. For a full list,
-- see utils/alexa-logs/07042014.log.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1100493 - can't access
http://www.pcworld.com with
mozilla-https-everywhere enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1100493
--------------------------------------------------------------------------------
================================================================================
python-okaara-1.0.35-1.el5 (FEDORA-EPEL-2014-1748)
Python command line utilities
--------------------------------------------------------------------------------
Update Information:
Release 1.0.35
Fix for python 2.4 incompatibility
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Jay Dobies <jason.dobies(a)redhat.com> 1.0.35-1
- fixing a bug where Prompt.prompt_password passes the wrong arguments to
another function. (mhrivnak(a)redhat.com)
* Wed May 28 2014 Jay Dobies <jason.dobies(a)redhat.com> 1.0.34-1
- Added build requirement on python-mock (jason.dobies(a)redhat.com)
* Wed May 28 2014 Jay Dobies <jason.dobies(a)redhat.com> 1.0.33-1
- fixing a bug where prompting for password in python 2.4 caused an error
(mhrivnak(a)redhat.com)
- Updated project URL (jason.dobies(a)redhat.com)
- Initial addition of extension functionality (jason.dobies(a)redhat.com)
- Added simple validators for the Option validate_func
(jason.dobies(a)redhat.com)
- Added general int parser (jason.dobies(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
voms-2.0.11-6.el5 (FEDORA-EPEL-2014-1749)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
Fix stack smashing from SHA2 certificates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-6
- Clean up SHA2 patch
* Thu Jun 26 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-5
- Fix compilation problems when strndup is already defined
* Thu Jun 26 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-4
- Patch that fixes a stack smash when SHA2 certificates are used
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.0.11-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------