Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat May 12 19:55:42 UTC 2012 

The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5749/mozilla-https-everywhere-2.0.3-2.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
    https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5859/perl-Config-IniFiles-2.72-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    lcgdm-dav-0.8.0-1.el5
    litmus-0.13-5.el5
    nagios-plugins-lcgdm-0.8.0-1.el5
    perl-Config-IniFiles-2.72-1.el5
    plowshare-0.9.4-0.30.20120511git.el5

Details about builds:


================================================================================
 lcgdm-dav-0.8.0-1.el5 (FEDORA-EPEL-2012-5855)
 HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:

Update for new upstream release (0.8.0).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 25 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.8.0-1
- Update for new upstream release
- Added build dependencies on json-c-devel and neon-devel
- Added provides/requires for compatibility with gLite packaging
* Fri Mar 30 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.7.0-2
- Update for httpd-mmn
--------------------------------------------------------------------------------


================================================================================
 litmus-0.13-5.el5 (FEDORA-EPEL-2012-5852)
 WebDAV server compliance test suite
--------------------------------------------------------------------------------
Update Information:

This update fixes an issue with a 'foo' missing file in htdocs, required at runtime.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 16 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.13-4
- Removed data dir cleanup, files are needed at runtime (bug #800477)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.13-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #800477 - could not open /usr/share/litmus/htdocs/foo: No such file or directory
        https://bugzilla.redhat.com/show_bug.cgi?id=800477
--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-lcgdm-0.8.0-1.el5 (FEDORA-EPEL-2012-5851)
 Nagios probes to be run remotely against DPM / LFC nodes
--------------------------------------------------------------------------------
Update Information:

Update for new upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 26 2012 Ricardo Rocha <ricardo.rocha at cern.ch> - 0.8.0-1
- Update for new upstream release
- Moved nagios configuration files to separate package (nagios-lcgdm)
--------------------------------------------------------------------------------


================================================================================
 perl-Config-IniFiles-2.72-1.el5 (FEDORA-EPEL-2012-5859)
 A module for reading .ini-style configuration files
--------------------------------------------------------------------------------
Update Information:

Update to 2.72, fixes CVE-2012-2451.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 11 2012 Tom Callaway <spot at fedoraproject.org> - 2.72-1
- update to 2.72
- notable fix: SECURITY BUG FIX: Config::IniFiles used to write 
  to a temporary filename with a predictable name 
  ("${filename}-new") which opens the door for potential
  exploits.
  Fixes CVE-2012-2451
- disable tests for epel
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #818430 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=818430
  [ 2 ] Bug #818431 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=818431
--------------------------------------------------------------------------------


================================================================================
 plowshare-0.9.4-0.30.20120511git.el5 (FEDORA-EPEL-2012-5850)
 Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:

New upstream snapshot.
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 12 2012 Elder Marco <eldermarco at fedoraproject.org> - 0.9.4-0.30.20120511git
- New upstream snapshot
--------------------------------------------------------------------------------

More information about the epel-devel-list mailing list