Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Jan 22 18:21:52 UTC 2011


The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/wordpress-2.8.6-4.el5
    https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.el5
    https://admin.fedoraproject.org/updates/irssi-0.8.15-1.el5
    https://admin.fedoraproject.org/updates/myproxy-5.3-1.el5
    https://admin.fedoraproject.org/updates/proftpd-1.3.3d-1.el5
    https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.113-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    bios_extract-0-0.6.20101207gitd65284d.el5
    perl-CGI-Simple-1.113-1.el5
    perl-Mail-Mbox-MessageParser-1.5002-6.el5
    pondus-0.7.3-1.el5
    python-pep8-0.6.0-2.el5
    skipfish-1.84-0.1.b.el5
    xpdf-3.02-17.el5

Details about builds:


================================================================================
 bios_extract-0-0.6.20101207gitd65284d.el5 (FEDORA-EPEL-2011-0135)
 Tools to extract the different submodules of common legacy bioses
--------------------------------------------------------------------------------
Update Information:

* New GIT snapshot
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 22 2011 Peter Lemenkov <lemenkov at gmail.com> - 0-0.6.20101207gitd65284d
- New git snapshot
- Dropped upstreamed patches
--------------------------------------------------------------------------------


================================================================================
 perl-CGI-Simple-1.113-1.el5 (FEDORA-EPEL-2011-0149)
 Simple totally OO CGI interface that is CGI.pm compliant
--------------------------------------------------------------------------------
Update Information:

Update to 1.113 and apply additional patch to resolve CVE-2010-4410.

Fix boundary to use randomized value as opposed to hardcoded value.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2011 Tom Callaway <spot at fedoraproject.org> - 1.113-1
- Update to 1.113, apply additional patch to fully resolve CVE-2010-4411
* Wed Dec  1 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 1.112-2
- patch for randomizing boundary (bz 658973)
* Mon Jul 12 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 1.112-1
- update to 1.112
* Fri Apr 30 2010 Marcela Maslanova <mmaslano at redhat.com> - 1.108-4
- Mass rebuild with perl-5.12.0
* Mon Dec  7 2009 Stepan Kasal <skasal at redhat.com> - 1.108-3
- rebuild against perl 5.10.1
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.108-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Mar 13 2009 Tom "spot" Callaway <tcallawa at redhat.com> 1.108-1
- update to 1.108
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.103-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Tue Feb  5 2008 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-3
- rebuild for new perl
* Wed Nov 28 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-2
- BR Test::More
* Wed Nov 28 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-1
- bump to 1.103
* Mon Oct 15 2007 Tom "spot" Callaway <tcallawa at redhat.com> 0.077-8
- add BR: perl(ExtUtils::MakeMaker)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #658976 - perl-CGI, perl-CGI-Simple: CVE-2010-2761 -- hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, CVE-2010-4410 -- CRLF injection vulnerability in the header function
        https://bugzilla.redhat.com/show_bug.cgi?id=658976
  [ 2 ] Bug #658970 - perl-CGI-Simple: CRLF injection vulnerability via a crafted URL
        https://bugzilla.redhat.com/show_bug.cgi?id=658970
--------------------------------------------------------------------------------


================================================================================
 perl-Mail-Mbox-MessageParser-1.5002-6.el5 (FEDORA-EPEL-2011-0142)
 A fast and simple mbox folder reader
--------------------------------------------------------------------------------
Update Information:

This is the first EPEL release of perl-Mail-Mbox-MessageParser.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #170507 - Review Request: perl-Mail-Mbox-MessageParser
        https://bugzilla.redhat.com/show_bug.cgi?id=170507
--------------------------------------------------------------------------------


================================================================================
 pondus-0.7.3-1.el5 (FEDORA-EPEL-2011-0147)
 A personal weight management program
--------------------------------------------------------------------------------
Update Information:

Update to newest stable upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 22 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 0.7.3-1
- Update to 0.7.3.
* Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com> - 0.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Mon Feb 15 2010 Jussi Lehtola <jussilehtola at fedoraproject.org> - 0.7.2-1
- Update to 0.7.2.
* Tue Jan 26 2010 Jussi Lehtola <jussilehtola at fedoraproject.org> - 0.7.1-1
- Update to 0.7.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #671866 - pondus-0.7.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=671866
--------------------------------------------------------------------------------


================================================================================
 python-pep8-0.6.0-2.el5 (FEDORA-EPEL-2011-0146)
 Python style guide checker
--------------------------------------------------------------------------------
Update Information:

This update fixes a dependency issue where python-setuptools, a required package to run this program, was not installed.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2011 Ian Weller <iweller at redhat.com> - 0.6.0-2
- RHBZ 633102: Requires: python-setuptools
* Tue Nov 16 2010 Ian Weller <iweller at redhat.com> - 0.6.0-1
- Changed upstream (same code, new maintainer, new URL)
- New release
* Thu Jul 22 2010 David Malcolm <dmalcolm at redhat.com> - 0.4.2-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #633102 - [abrt] python-pep8-0.4.2-2.fc13: pep8:5:<module>:ImportError: No module named pkg_resources
        https://bugzilla.redhat.com/show_bug.cgi?id=633102
--------------------------------------------------------------------------------


================================================================================
 skipfish-1.84-0.1.b.el5 (FEDORA-EPEL-2011-0144)
 Web application security scanner
--------------------------------------------------------------------------------
Update Information:

Update to versin 1.84b
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2011 Michal Ambroz <rebus AT seznam.cz> - 1.84-0.1.b
- rebuild for version 1.84b
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576431 - Package Review: skipfish - Web application security scanner
        https://bugzilla.redhat.com/show_bug.cgi?id=576431
--------------------------------------------------------------------------------


================================================================================
 xpdf-3.02-17.el5 (FEDORA-EPEL-2011-0145)
 A PDF file viewer for the X Window System
--------------------------------------------------------------------------------
Update Information:

Adds pdftoppm binary and manpage back into xpdf EL-5 package, since it is not otherwise available in EL-5.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2011 Tom Callaway <spot at fedoraproject.org> - 1:3.02-17
- Added pdftoppm for el5 or older, since it is not included in poppler-utils on el5
- Thanks to Ingvar Hagelund.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #669662 - readd pdftoppm to xpdf, as it is missing in poppler-utils for el5
        https://bugzilla.redhat.com/show_bug.cgi?id=669662
--------------------------------------------------------------------------------





More information about the epel-devel-list mailing list