EPEL Fedora 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 12 17:35:56 UTC 2013 

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 508  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
  22  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61-21.el5
  11  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11396/cacti-0.8.8b-2.el5
   9  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11418/graphite-web-0.9.12-1.el5
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11448/perl-Crypt-DSA-0.14-8.el5
   6  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11460/python-pyrad-1.1-3.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11542/glpi-0.83.9.1-4.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    glpi-0.83.9.1-4.el5
    ldapvi-1.7-17.el5
    openvpn-2.3.2-2.el5
    php-htmLawed-1.1.16-1.el5

Details about builds:


================================================================================
 glpi-0.83.9.1-4.el5 (FEDORA-EPEL-2013-11542)
 Free IT asset management software
--------------------------------------------------------------------------------
Update Information:

Security improvement: restrict access to installation wizard from local server only.

Remote access need to be explicitly allowed in configuration (/etc/httpd/conf.d/glpi.conf).
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 12 2013 Remi Collet <remi at fedoraproject.org> - 0.83.9.1-4
- restrict access for install to local for security
- drop bundled Flash files files, #1000251
- Add a missing requirement on crontabs to spec file
--------------------------------------------------------------------------------


================================================================================
 ldapvi-1.7-17.el5 (FEDORA-EPEL-2013-11548)
 An interactive LDAP client
--------------------------------------------------------------------------------
Update Information:

Add fix of double free() crash (#949157), also fix old FSF address
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 11 2013 Matěj Cepl <mcepl at redhat.com> - 1.7-17
- Add fix of double free() crash (#949157)
- Fix old FSF address
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #949157 - [PATCH] fix use-after-free in sasl code
        https://bugzilla.redhat.com/show_bug.cgi?id=949157
--------------------------------------------------------------------------------


================================================================================
 openvpn-2.3.2-2.el5 (FEDORA-EPEL-2013-11545)
 A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:

Enable --enable-x509-alt-username.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 12 2013 Jon Ciesla <limburgher at gmail.com> 2.3.2-2
- Enable --enable-x509-alt-username, BZ 1007184.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1007184 - Request to enable the "--enable-x509-alt-username" compile-time option
        https://bugzilla.redhat.com/show_bug.cgi?id=1007184
--------------------------------------------------------------------------------


================================================================================
 php-htmLawed-1.1.16-1.el5 (FEDORA-EPEL-2013-11555)
 PHP code to purify and filter HTML
--------------------------------------------------------------------------------
Update Information:

htmLawed 1.1.16, 29 August 2013:
- fix for a potential security vulnerability arising from specialy encoded space characters in URL schemes/protocols
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 12 2013 Remi Collet <remi at fedoraproject.org> - 1.1.16-1
- update to 1.1.16, fix for a potential security vulnerability
  arising from specialy encoded space characters in URL schemes/protocols
--------------------------------------------------------------------------------

More information about the epel-devel mailing list