The following Fedora EPEL 5 Security updates need testing: Age URL 796 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 250 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.... 131 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1... 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1651/python-jinja2-... 12 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1646/python26-jinja... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1697/zabbix20-2.0.1... 5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1696/perl-Email-Add... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1747/mediawiki119-1...
The following builds have been pushed to Fedora EPEL 5 updates-testing
CGSI-gSOAP-1.3.6-2.el5 drupal7-languageicons-1.1-1.el5 drupal7-taxonomy_access_fix-2.1-1.el5 gccxml-0.9.0-0.23.20140610.gita012b8fe.el5 gle-4.2.4c-14.el5 libsodium-0.5.0-1.el5 mediawiki119-1.19.17-1.el5 mozilla-https-everywhere-3.5.3-1.el5 python-okaara-1.0.35-1.el5 voms-2.0.11-6.el5
Details about builds:
================================================================================ CGSI-gSOAP-1.3.6-2.el5 (FEDORA-EPEL-2014-1758) GSI plugin for gSOAP -------------------------------------------------------------------------------- Update Information:
Updated to 1.3.6 release -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 27 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 1.3.6-2 - Update the source description for the new release * Fri Jun 27 2014 Alejandro Alvarez Ayllon aalvarez@cern.ch - 1.3.6-1 - Update for new upstream release * Fri Jun 6 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.5-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Oct 18 2013 Adrien Devresse <adevress at cern.ch> - 1.3.5-7 - Rebuilt for gsoap release * Thu Aug 8 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 1.3.5-6 - Use _pkgdocdir * Fri Aug 2 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ drupal7-languageicons-1.1-1.el5 (FEDORA-EPEL-2014-1736) Adds icons to language links -------------------------------------------------------------------------------- Update Information:
[1.1](https://www.drupal.org/node/2264675) ------------------------------------------ * Fixed passing of Image class attribute. (#2230323) * Removed unnecessary file list in info file. (#1554200) * Set the module category to "Multilingual". (#2047503) * Add link to the configuration page via the info file. (#1626648) * Renamed the module back to "Language Icons". (#1954058) * New flags: * Filipino (#1796274) * Afrikaans (South African) (#1471600) * Malaysian (#2230379) * Tibetan (#1961450) * Belarus (#1309930) * Somali (#551092)
See the [Git log](http://drupalcode.org/project/languageicons.git/log/7.x-1.0..7.x-1.1) for a full changelog. --------------------------------------------------------------------------------
================================================================================ drupal7-taxonomy_access_fix-2.1-1.el5 (FEDORA-EPEL-2014-1750) Fixes the crooked access checks for Taxonomy pages -------------------------------------------------------------------------------- Update Information:
[2.1](https://www.drupal.org/node/2274235) ------------------------------------------ * Issue #2157451 * Issue #2211281
See the [Git log](http://cgit.drupalcode.org/taxonomy_access_fix/log/?id=7.x-2.0..7.x-2.1) for a full changelog. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 26 2014 Shawn Iwinski shawn.iwinski@gmail.com - 2.1-1 - Updated to 2.1 (BZ #1101179; release notes https://www.drupal.org/node/2274235) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1101179 - drupal7-taxonomy_access_fix-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1101179 --------------------------------------------------------------------------------
================================================================================ gccxml-0.9.0-0.23.20140610.gita012b8fe.el5 (FEDORA-EPEL-2014-1737) XML output extension to GCC -------------------------------------------------------------------------------- Update Information:
Now contains upstream's support files for gcc 4.9 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 26 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 0.9.0-0.23.20140610.gita012b8fe - Updated git snapshot - Now contains support files for gcc 4.9 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9.0-0.22.20131209.git9a114c0c - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Brent Baude baude@us.ibm.com - 0.9.0-0.21.20131209.git9a114c0c - Adding ppc64le support --------------------------------------------------------------------------------
================================================================================ gle-4.2.4c-14.el5 (FEDORA-EPEL-2014-1754) Graphics Layout Engine -------------------------------------------------------------------------------- Update Information:
First releases in EPEL5 and EPEL6. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #229676 - Review Request: gle - Graphics Layout Engine https://bugzilla.redhat.com/show_bug.cgi?id=229676 --------------------------------------------------------------------------------
================================================================================ libsodium-0.5.0-1.el5 (FEDORA-EPEL-2014-1742) A fork of networking and cryptography library with compatible APIs -------------------------------------------------------------------------------- Update Information:
Initial EL5 build --------------------------------------------------------------------------------
================================================================================ mediawiki119-1.19.17-1.el5 (FEDORA-EPEL-2014-1747) A wiki engine -------------------------------------------------------------------------------- Update Information:
Update to 1.19.17. Fixes various security issues. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 26 2014 Patrick Uiterwijk puiterwijk@redhat.com - 1.19.17-1 - Update to 1.19.17 - (bug 65839) SECURITY: Prevent external resources in SVG files - (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all * Wed Jun 25 2014 Patrick Uiterwijk puiterwijk@redhat.com - 1.19.16-1 - Update to 1.19.16 - (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1113134 - mediawiki: security update https://bugzilla.redhat.com/show_bug.cgi?id=1113134 [ 2 ] Bug #1104222 - CVE-2014-3966 mediawiki: XSS flaw due to improper parsing of Special:PasswordReset https://bugzilla.redhat.com/show_bug.cgi?id=1104222 --------------------------------------------------------------------------------
================================================================================ mozilla-https-everywhere-3.5.3-1.el5 (FEDORA-EPEL-2014-1743) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information:
The cake is not a lie! -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 25 2014 Russell Golden niveusluna@niveusluna.org - 3.5.3-1 - Now works when installed globally! - Various ruleset fixes, including PCWorld. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 30 2014 Russell Golden niveusluna@niveusluna.org - 3.5.1-1 - Revert https://github.com/EFForg/https-everywhere/pull/134 due to YouTube -- breakage. - Re-enable ability to see all rulesets in enable/disable dialog. - Added more Debian coverage. - Fixes to Doubleclick, Guardian, Heroku, Home Depot, HypeMachine, IMDB, -- Justin.tv, Kikatek, Mozilla, MyFitnessPal, Pinterest, XKCD, Reuters, -- Technet, Tumblr, Wordpress, Yandex, Youtube, Flickr. - Fix Australis icon positioning: -- https://github.com/EFForg/https-everywhere/pull/216 * Wed Apr 16 2014 Russell Golden niveusluna@niveusluna.org - 3.5-1 - Merge all non-ruleset changes from 4.0development.16 - Merge all new/modified rulesets from 4.0development.16 that are -- in the Alexa Top 1000 using utils/alexa-ruleset-checker.py. For a full list, -- see utils/alexa-logs/07042014.log. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1100493 - can't access http://www.pcworld.com with mozilla-https-everywhere enabled https://bugzilla.redhat.com/show_bug.cgi?id=1100493 --------------------------------------------------------------------------------
================================================================================ python-okaara-1.0.35-1.el5 (FEDORA-EPEL-2014-1748) Python command line utilities -------------------------------------------------------------------------------- Update Information:
Release 1.0.35 Fix for python 2.4 incompatibility -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 26 2014 Jay Dobies jason.dobies@redhat.com 1.0.35-1 - fixing a bug where Prompt.prompt_password passes the wrong arguments to another function. (mhrivnak@redhat.com) * Wed May 28 2014 Jay Dobies jason.dobies@redhat.com 1.0.34-1 - Added build requirement on python-mock (jason.dobies@redhat.com) * Wed May 28 2014 Jay Dobies jason.dobies@redhat.com 1.0.33-1 - fixing a bug where prompting for password in python 2.4 caused an error (mhrivnak@redhat.com) - Updated project URL (jason.dobies@redhat.com) - Initial addition of extension functionality (jason.dobies@redhat.com) - Added simple validators for the Option validate_func (jason.dobies@redhat.com) - Added general int parser (jason.dobies@redhat.com) --------------------------------------------------------------------------------
================================================================================ voms-2.0.11-6.el5 (FEDORA-EPEL-2014-1749) Virtual Organization Membership Service -------------------------------------------------------------------------------- Update Information:
Fix stack smashing from SHA2 certificates. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 26 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.11-6 - Clean up SHA2 patch * Thu Jun 26 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.11-5 - Fix compilation problems when strndup is already defined * Thu Jun 26 2014 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.11-4 - Patch that fixes a stack smash when SHA2 certificates are used * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.11-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org