Fedora EPEL 5 updates-testing report

Sun Dec 19 17:32:37 UTC 2010

The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/fontforge-20061025-3.el5
    https://admin.fedoraproject.org/updates/awstats-6.95-2.el5
    https://admin.fedoraproject.org/updates/mantis-1.1.8-5.el5
    https://admin.fedoraproject.org/updates/collectd-4.10.2-1.el5
    https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.el5
    https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-1.el5

The following builds have been pushed to Fedora EPEL 5 updates-testing

    cmake-fedora-0.3.3-1.el5
    mantis-1.1.8-5.el5
    topgit-0.9-0.2.git9b25e848.el5

Details about builds:

================================================================================
 cmake-fedora-0.3.3-1.el5 (FEDORA-EPEL-2010-3817)
 CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:

- Fixed: Support for out-of-source build.
- Fixed: Join the next line if ended with back slash '\'.
- ChangeLog: Now generate from "cmake ." directly.
- changelog: target removed. So it won't do unnecessary rebuild.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Dec 19 2010 Ding-Yi Chen <dchen at redhat.com> - 0.3.3-1
- Fixed: Support for out-of-source build.
- Fixed: Join the next line if ended with back slash '\'.
- ChangeLog: Now generate from "cmake ." directly.
- changelog: target removed. So it won't do unnecessary rebuild.
--------------------------------------------------------------------------------

================================================================================
 mantis-1.1.8-5.el5 (FEDORA-EPEL-2010-3815)
 Web-based issue tracking system
--------------------------------------------------------------------------------
Update Information:

This update fixes multiple security issues recently found in Mantis.

For more details about the issues in upstream bugs:

http://www.mantisbt.org/bugs/view.php?id=12607

http://www.mantisbt.org/bugs/view.php?id=12309
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 17 2010 Gianluca Sforna <giallu at gmail.com> - 1.1.8.5
- Updated description (#638942)
- Fix CVE-2010-3763 (#640746)
- Fix CVE-2010-4348, CVE-2010-4349, CVE-2010-4350 (#663299, #663230)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #640746 - CVE-2010-3763 MantisBT: XSS in Summary page
        https://bugzilla.redhat.com/show_bug.cgi?id=640746
  [ 2 ] Bug #663230 - CVE-2010-4348 CVE-2010-4349 CVE-2010-4350 MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)
        https://bugzilla.redhat.com/show_bug.cgi?id=663230
--------------------------------------------------------------------------------

================================================================================
 topgit-0.9-0.2.git9b25e848.el5 (FEDORA-EPEL-2010-3816)
 A different patch queue manager
--------------------------------------------------------------------------------
Update Information:

New package:

TopGit aims to make handling of large amount of interdependent topic branches easier. In fact, it is designed especially for the case when you maintain a queue of third-party patches on top of another (perhaps Git-controlled) project and want to easily organize, maintain and submit them - TopGit achieves that by keeping a separate topic branch for each patch and providing few tools to maintain the branches.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #619593 - Review Request: topgit - A different patch queue manager
        https://bugzilla.redhat.com/show_bug.cgi?id=619593
--------------------------------------------------------------------------------