EPEL Fedora 5 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Apr 15 23:32:56 UTC 2014
The following Fedora EPEL 5 Security updates need testing:
Age URL
724 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
178 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
58 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0581/augeas-1.2.0-1.el5
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1041/mod_security-2.6.8-5.el5
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1074/cacti-0.8.8b-5.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1096/wordpress-3.8.3-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1126/check-mk-1.2.4p2-1.el5
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1119/znc-1.2-3.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
check-mk-1.2.4p2-1.el5
duply-1.7.3-1.el5
perl-No-Worries-1.2-1.el5
pidgin-sipe-1.18.1-1.el5
wordpress-3.8.3-1.el5
znc-1.2-3.el5
Details about builds:
================================================================================
check-mk-1.2.4p2-1.el5 (FEDORA-EPEL-2014-1126)
A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:
New upstream release.
Fixes CVEs:
- CVE-2014-2329
- CVE-2014-2330
- CVE-2014-2331
- CVE-2014-2332
Fixes CVEs:
- CVE-2014-2329
- CVE-2014-2330
- CVE-2014-2331
- CVE-2014-2332
Fixes CVEs:
- CVE-2014-2329
- CVE-2014-2330
- CVE-2014-2331
- CVE-2014-2332
Fixes CVEs:
- CVE-2014-2329
- CVE-2014-2330
- CVE-2014-2331
- CVE-2014-2332
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 14 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p2-1
- New upstream release.
* Wed Apr 2 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p1-1
- New upstream release. Fixes the missing two CVEs that were still
left unfixed on 1.2.4:
- CVE-2014-2330
- CVE-2014-2331
* Tue Mar 25 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4-1
- New upstream release. Fixes the following CVEs:
- CVE-2014-2329
- CVE-2014-2332
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1080303 - CVE-2014-2329 CVE-2014-2330 CVE-2014-2331 CVE-2014-2332 check-mk: multiple flaws fixed in versions 1.2.2p3 and 1.2.3i5
https://bugzilla.redhat.com/show_bug.cgi?id=1080303
--------------------------------------------------------------------------------
================================================================================
duply-1.7.3-1.el5 (FEDORA-EPEL-2014-0931)
Wrapper for duplicity
--------------------------------------------------------------------------------
Update Information:
Update to the latest released version.
Changes in version 1.7.0:
- disabled gpg key id plausibility check, too many valid possibilities
- featreq 7 "Halt if precondition fails": added and(+), or(-) batch command(separator) support
- featreq 26 "pre/post script with shebang line": if a script is flagged executable it's executed in a subshell now as opposed to sourced to bash, which is the default
- bugfix: do not check if dpbx, swift credentials are set anymore
- bugfix: properly escape profile name, archdir if used as arguments
- add DUPL_PRECMD conf setting for use with e.g. trickle
Changes in version 1.7.1:
- bugfix: purge-* commands renamed to purgeFull, purgeIncr due to incompatibility with new minus batch separator
Changes in version 1.7.2:
- bugfix: debian Bug#743190 "duply no longer allows restoration without gpg passphrase in conf file" GPG_AGENT_INFO env var is now needed to trigger --use-agent
- bugfix: gpg keyenc test routines didn't work if GPG_PW was not set
Changes in version 1.7.3:
- bugfix: test routines, gpg2 asked for passphrase although GPG_PW was set
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 15 2014 Thomas Moschny <thomas.moschny at gmx.de> - 1.7.3-1
- Update to 1.7.3.
* Tue Apr 1 2014 Thomas Moschny <thomas.moschny at gmx.de> - 1.7.1-1
- Update to 1.7.1
- Update %description.
* Fri Mar 21 2014 Thomas Moschny <thomas.moschny at gmx.de> - 1.7.0-1
- Update to 1.7.0.
--------------------------------------------------------------------------------
================================================================================
perl-No-Worries-1.2-1.el5 (FEDORA-EPEL-2014-1127)
Perl coding without worries
--------------------------------------------------------------------------------
Update Information:
Update to upstream version, rhbz #1086545.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 14 2014 Massimo Paladin <massimo.paladin at gmail.com> 1.2-1
- Updating to upstream 1.2, rhbz #1086545.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1086545 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1086545
--------------------------------------------------------------------------------
================================================================================
pidgin-sipe-1.18.1-1.el5 (FEDORA-EPEL-2014-1140)
Pidgin protocol plugin to connect to MS Office Communicator
--------------------------------------------------------------------------------
Update Information:
New upstream release:
* adds support for EWS Autodiscover redirection
* fixes false "not delivered" errors in conference
* fixes incorrect HTML escaping for URLs
* fixes endless loop with failed HTTP Basic authentication
* fixes EWS autodiscover for some Office 365 users
* fixes missing "Copy to" in buddy menu
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 12 2014 Stefan Becker <chemobejk at gmail.com> - 1.18.1-1
- update to 1.18.1:
- fixes false "not delivered" errors in conference
- fixes incorrect HTML escaping for URLs
- fixes endless loop with failed HTTP Basic authentication
- fixes EWS autodiscover for some Office 365 users
- fixes missing "Copy to" in buddy menu
* Sat Jan 11 2014 Stefan Becker <chemobejk at gmail.com> - 1.18.0-1
- update to 1.18.0:
- added support for EWS Autodiscover redirection
--------------------------------------------------------------------------------
================================================================================
wordpress-3.8.3-1.el5 (FEDORA-EPEL-2014-1096)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Upstream announcements:
* http://wordpress.org/news/2014/04/wordpress-3-8-2/
* http://wordpress.org/news/2014/04/wordpress-3-8-3/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 15 2014 Remi Collet <remi at fedoraproject.org> - 3.8.3-1
- update to 3.8.3 Maintenance Release
http://wordpress.org/news/2014/04/wordpress-3-8-3/
* Wed Apr 9 2014 Remi Collet <remi at fedoraproject.org> - 3.8.2-1
- update to 3.8.2 Security Release
- fix privilege escalation issue CVE-2014-0165
- fix authentication bypass issue CVE-2014-0166
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1085858 - CVE-2014-0166 wordpress: authentication bypass via forged cookies
https://bugzilla.redhat.com/show_bug.cgi?id=1085858
[ 2 ] Bug #1085866 - CVE-2014-0165 wordpress: privilege escalation issue allowing contributors to publish posts
https://bugzilla.redhat.com/show_bug.cgi?id=1085866
--------------------------------------------------------------------------------
================================================================================
znc-1.2-3.el5 (FEDORA-EPEL-2014-1119)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Fix possible crash bug
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 14 2014 Nick Bebout <nb at fedoraproject.org> - 1.2-3
- Fix potential crash bug when adding channels
* Mon Nov 11 2013 Nick Bebout <nb at fedoraproject.org> - 1.2-2
- Enable PIE, Fix systemd description, use systemd macros
* Mon Nov 11 2013 Nick Bebout <nb at fedoraproject.org> - 1.2-1
- Upgrade to 1.2
* Fri Oct 25 2013 Nick Bebout <nb at fedoraproject.org> - 1.2-0.4.rc2
- Upgrade to 1.2-rc2
* Thu Sep 26 2013 Nick Bebout <nb at fedoraproject.org> - 1.2-0.3.beta1
- Upgrade to 1.2-beta1
* Sat Aug 3 2013 Petr Pisar <ppisar at redhat.com> - 1.2-0.2.alpha1
- Perl 5.18 rebuild
* Sun Jul 28 2013 Nick Bebout <nb at fedoraproject.org> - 1.2-0.1.alpha1
- Upgrade to 1.2-alpha1
* Wed Jul 17 2013 Petr Pisar <ppisar at redhat.com> - 1.0-3
- Perl 5.18 rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list