[EPEL-devel] Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Wed Nov 12 23:19:44 UTC 2014 

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 935  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
 389  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
 153  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26-1.el5
  49  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2669/check-mk-1.2.4p5-1.el5
  48  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2853/mediawiki119-1.19.18-1.el5
  21  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3549/rubygem-actionpack-2.3.18-1.el5,rubygem-activerecord-2.3.18-1.el5,rubygem-activesupport-2.3.18-1.el5
  20  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3554/rubygem-rails-2.3.18-1.el5,rubygem-actionmailer-2.3.18-1.el5,rubygem-activeresource-2.3.18-1.el5
  15  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3675/Pound-2.6-2.el5.2
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17-3.el5
   3  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.3.8-2.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3972/nginx-0.8.55-6.el5
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3983/polarssl-1.3.2-3.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    nginx-0.8.55-6.el5
    polarssl-1.3.2-3.el5

Details about builds:


================================================================================
 nginx-0.8.55-6.el5 (FEDORA-EPEL-2014-3972)
 Robust, small and high performance HTTP and reverse proxy server
--------------------------------------------------------------------------------
Update Information:

fix CVE-2013-4547 security bypass due to whitespace parsing
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.8.55-6
- fix CVE-2013-4547 security bypass due to whitespace parsing
  (#1032266, #1032269)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1032266 - CVE-2013-4547 nginx: security restriction bypass flaw due to whitespace parsing
        https://bugzilla.redhat.com/show_bug.cgi?id=1032266
--------------------------------------------------------------------------------


================================================================================
 polarssl-1.3.2-3.el5 (FEDORA-EPEL-2014-3983)
 Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:

- Fix for CVE-2014-8628 (#1159845)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2014 Morten Stevens <mstevens at imt-systems.com> - 1.3.2-3
- CVE-2014-8628 (#1159845)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1159845 - CVE-2014-8627 CVE-2014-8628 polarssl: various issues fixed in 1.3.9
        https://bugzilla.redhat.com/show_bug.cgi?id=1159845
--------------------------------------------------------------------------------

More information about the epel-devel mailing list