The following Fedora EPEL 5 Security updates need testing: Age URL 682 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893 libguestfs-1.20.12-1.el5 447 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5 296 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7699 drupal6-views_bulk_operations-1.17-1.el5 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7734 drupal7-7.39-1.el5 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7804 drupal6-ctools-1.14-1.el5 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7825 drupal6-6.37-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
rear-1.17.2-1.el5 shellinabox-2.18-1.el5
Details about builds:
================================================================================ rear-1.17.2-1.el5 (FEDORA-EPEL-2015-7888) Relax-and-Recover is a Linux disaster recovery and system migration tool -------------------------------------------------------------------------------- Update Information:
For a changelog see the rear-release-notes.txt file. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1238843 - rear: Insecure temporary file usage https://bugzilla.redhat.com/show_bug.cgi?id=1238843 --------------------------------------------------------------------------------
================================================================================ shellinabox-2.18-1.el5 (FEDORA-EPEL-2015-7886) Web based AJAX terminal emulator -------------------------------------------------------------------------------- Update Information:
- Fixed handling of large HTTP packets - Fixed services cleanup on session timeout - Added logging to system log files for important/fatal errors - Support for perfect forward secrecy (SSL) - Disabled secure client initiated renegotiations (SSL) - Minor CSS fixes - SSL security issues - Firefox international keyboard issue - 256 color support - Message passing support for embedded shellinabox - Unix domain socket support - Real IP recognition over proxy - Other minor bug fixes and improvements - Packaging: add license macro, switch to GitHub sources -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1252109 - We package an unmaintained fork of shellinabox https://bugzilla.redhat.com/show_bug.cgi?id=1252109 --------------------------------------------------------------------------------