Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Jul 3 19:37:15 UTC 2012 

The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6298/clamav-0.97.5-1.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6128/viewvc-1.1.15-1.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6223/gajim-0.12.5-1.el5.2
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6229/mosh-1.2.2-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    R-2.15.1-1.el5
    clamav-0.97.5-1.el5
    nickle-2.76-1.el5

Details about builds:


================================================================================
 R-2.15.1-1.el5 (FEDORA-EPEL-2012-6306)
 A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:

Update to R 2.15.1. Rebuild rpy and rkward for new R (update rpy to 2.2.6). Fix dependency issue with tex.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  2 2012 Tom Callaway <spot at fedoraproject.org> - 2.15.1-1
- update to 2.15.1
* Mon Jul  2 2012 Jindrich Novy <jnovy at redhat.com> - 2.15.0-4
- fix LaTeX and dvips dependencies (#836817)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #836817 - R-core depends on texlive-latex
        https://bugzilla.redhat.com/show_bug.cgi?id=836817
--------------------------------------------------------------------------------


================================================================================
 clamav-0.97.5-1.el5 (FEDORA-EPEL-2012-6298)
 Anti-virus software
--------------------------------------------------------------------------------
Update Information:

- Upgrade to 0.97.5
- Fix CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection
- Fix CVE-2012-1457 clamav: overly long length field in tar files evade detection
- Fix CVE-2012-1443 clamav: specially-crafted RAR files evade detection
- Fix CVE-2012-1458 clamav: specially-crafted CHM files evade detection
- Fix CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection
- Ship local copy of virus database; it was removed by accident from 0.97.5 tarball 
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul  1 2012 Robert Scheck <robert at fedoraproject.org> - 0.97.5-1
- Upgrade to 0.97.5
- Fix CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection
- Fix CVE-2012-1457 clamav: overly long length field in tar files evade detection
- Fix CVE-2012-1443 clamav: specially-crafted RAR files evade detection
- Fix CVE-2012-1458 clamav: specially-crafted CHM files evade detection
- Fix CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection
- Ship local copy of virus database; it was removed by accident from 0.97.5 tarball
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #806092 - CVE-2012-1419 clamav: specially-crafted POSIX tar files evade detection
        https://bugzilla.redhat.com/show_bug.cgi?id=806092
  [ 2 ] Bug #806094 - CVE-2012-1457 clamav: overly long length field in tar files evade detection
        https://bugzilla.redhat.com/show_bug.cgi?id=806094
  [ 3 ] Bug #806097 - CVE-2012-1443 clamav: specially-crafted RAR files evade detection
        https://bugzilla.redhat.com/show_bug.cgi?id=806097
  [ 4 ] Bug #806100 - CVE-2012-1458 clamav: specially-crafted CHM files evade detection
        https://bugzilla.redhat.com/show_bug.cgi?id=806100
  [ 5 ] Bug #806101 - CVE-2012-1459 clamav: specially-crafted length field in tar files evade detection
        https://bugzilla.redhat.com/show_bug.cgi?id=806101
--------------------------------------------------------------------------------


================================================================================
 nickle-2.76-1.el5 (FEDORA-EPEL-2012-6303)
 A programming language-based prototyping environment
--------------------------------------------------------------------------------
Update Information:

* Don't crash when using initializer with forward ref type
* Fix crashes when MemCollect occurs during Twixt execution

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  2 2012 Michel Salim <salimma at fedoraproject.org> - 2.76-1
- Update to 2.76
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #831189 - nickle-2.76 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=831189
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list