[EPEL-devel] Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Oct 11 00:10:08 UTC 2014
The following Fedora EPEL 6 Security updates need testing:
Age URL
902 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
234 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
121 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2750/libsrtp-1.4.4-10.20101004cvs.el6
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2719/nodejs-0.10.32-1.el6,v8-3.14.5.10-14.el6
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2742/TeXmacs-1.0.7.2-3.el6
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2713/putty-0.63-3.el6
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2811/nodejs-qs-0.6.6-3.el6
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2821/nodejs-send-0.3.0-4.el6
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2981/check-mk-1.2.4p5-2.el6
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3024/rssh-2.3.4-1.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3064/mediawiki119-1.19.20-1.el6
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3082/golang-1.3.3-1.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3202/python-oauth2-1.5.211-8.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2850/nginx-1.0.15-8.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3264/getmail-4.46.0-2.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3279/php-ZendFramework-1.12.9-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
php-ZendFramework-1.12.9-1.el6
Details about builds:
================================================================================
php-ZendFramework-1.12.9-1.el6 (FEDORA-EPEL-2014-3279)
Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:
Contains fixes for two security relevant bugs:
* "ZF2014-05: Anonymous authentication in ldap_bind() function of PHP, using null byte" (http://framework.zend.com/security/advisory/ZF2014-05)
* "ZF2014-06: SQL injection vector when manually quoting values for sqlsrv extension, using null byte" (http://framework.zend.com/security/advisory/ZF2014-06)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 10 2014 Felix Kaechele <heffer at fedoraproject.org> - 1.12.9-1
- update to 1.12.9
- fixes http://framework.zend.com/security/advisory/ZF2014-05
- fixes http://framework.zend.com/security/advisory/ZF2014-06
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151276 - CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
https://bugzilla.redhat.com/show_bug.cgi?id=1151276
[ 2 ] Bug #1151277 - CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)
https://bugzilla.redhat.com/show_bug.cgi?id=1151277
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list