The following Fedora EPEL 5 Security updates need testing: Age URL 577 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 91 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61-21... 67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0.8.... 31 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12067/drupal7-conte... 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12091/bip-0.8.9-1.e... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12157/varnish-2.0.6...
The following builds have been pushed to Fedora EPEL 5 updates-testing
salt-0.17.2-1.el5 salt-0.17.2-2.el5 varnish-2.0.6-4.el5 xrootd-3.3.4-1.el5
Details about builds:
================================================================================ salt-0.17.2-1.el5 (FEDORA-EPEL-2013-12152) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Updated to bugfix release 0.17.2. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 18 2013 Erik Johnson erik@saltstack.com - 0.17.2-1 - Update to bugfix release 0.17.2 --------------------------------------------------------------------------------
================================================================================ salt-0.17.2-2.el5 (FEDORA-EPEL-2013-12146) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Patched to fix pkgrepo.managed regression. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 19 2013 Erik Johnson erik@saltstack.com - 0.17.2-2 - Patched to fix pkgrepo.managed regression * Mon Nov 18 2013 Erik Johnson erik@saltstack.com - 0.17.2-1 - Update to bugfix release 0.17.2 --------------------------------------------------------------------------------
================================================================================ varnish-2.0.6-4.el5 (FEDORA-EPEL-2013-12157) High-performance HTTP accelerator -------------------------------------------------------------------------------- Update Information:
Backported a patch for CVE-2013-4484 -------------------------------------------------------------------------------- ChangeLog:
* Wed Nov 6 2013 Ingvar Hagelund ingvar@redpill-linpro.com - 2.0.6-4 - Added a patch to logrotate config, closes #554745 - Backported a patch for CVE-2013-4484, closes #1025129 * Tue Oct 26 2010 Ingvar Hagelund ingvar@linpro.no - 2.0.6-3 - Build fixes for ppc - Added a patch for v00006.vtc that tames a malloc bonanza in some cases -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1025129 - CVE-2013-4484 varnish: denial of service handling certain GET requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1025129 --------------------------------------------------------------------------------
================================================================================ xrootd-3.3.4-1.el5 (FEDORA-EPEL-2013-12158) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
xrootd release 3.3.4
Major bug fixes * Serialize sss authentication client initialization to prevent race conditions * Actually cancel the JobManager threads while stopping it - this affected client side fork handling (new client) * Restore original meaning of -adler and -md5 to xrdcp
Minor bug fixes * Append CGI info when retrying at a server that handshaked but never respnded to the request (xrdcp) * Do socket accepts asynchronously to prevent DNS resolution from blocking accepts * Warn about incomplete dirlist responses (xrdfs) * Cast the utilization statistics to uint16_t before printing to print actual numbers instead of letters corresponding to ASCII codes (xrdfs)
Miscellaneous * When calling File::Stat use file handle instead of path * Improve handling of malformed kXR_readv responses (new client) * Explain parameters of xrdcopy --tpc (documentation)
-------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 19 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 1:3.3.4-1 - Update to version 3.3.4 * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:3.3.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org