EPEL Fedora 5 updates-testing report

[updates]

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 580  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.10-5.el5
  94  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11276/ssmtp-2.61-21.el5
  70  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11560/fail2ban-0.8.10-4.el5
  34  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1.20.12-1.el5
  14  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12067/drupal7-context-3.1-1.el5
   9  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12091/bip-0.8.9-1.el5
   2  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12157/varnish-2.0.6-4.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12159/389-ds-base-1.2.11.25-1.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12169/gc-7.1-6.el5
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12174/drupal7-7.24-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    389-adminutil-1.1.19-1.el5
    389-ds-base-1.2.11.25-1.el5
    drupal7-7.24-1.el5
    gc-7.1-6.el5
    lhapdf-5.9.1-2.el5

Details about builds:


================================================================================
 389-adminutil-1.1.19-1.el5 (FEDORA-EPEL-2013-12165)
 Utility library for 389 administration
--------------------------------------------------------------------------------
Update Information:

Ticket #47415 "Manage certificates" crashes admin server
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2013 Rich Megginson <rmegg...@redhat.com> - 1.1.19-1
- Ticket #47415 "Manage certificates" crashes admin server
- 8647ad8 fix compiler warnings - enhancements to test ticket 47415
* Mon Aug 19 2013 Rich Megginson <rmegg...@redhat.com> - 1.1.18-1
- ee1ef81 add Eclipse generated files
- Ticket #47486 - compiler warnings in adminutil, admin, dsgw
- 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password
* Fri Apr 19 2013 Noriko Hosoi <nho...@redhat.com> - 1.1.17-1
-bump version to 1.1.17
Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 
- Console logins fail intermittenly)
Resolves: Bug 905266 - BIND operation result not checked properly in admin 
server and adminutil
--------------------------------------------------------------------------------


================================================================================
 389-ds-base-1.2.11.25-1.el5 (FEDORA-EPEL-2013-12159)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

Each release has bug fixes in addition to the CVE fix
rebase to 1.2.11.24
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 21 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.25-1
- Ticket #47605 CVE-2013-4485: DoS due to improper handling of ger attr searches
- Ticket #47596 attrcrypt fails to find unlocked key
- Revert "Ticket #47559 hung server - related to sasl and initialize"
- Ticket #47585 Replication Failures related to skipped entries due to cleaned 
rids
- Ticket #47581 - Winsync plugin segfault during incremental backoff (phase 2)
- Ticket #47581 - Winsync plugin segfault during incremental backoff
- Ticket 47577 - crash when removing entries from cache
- Ticket #47559 hung server - related to sasl and initialize
- fe52f44 ticket #47550 wip
- Ticket #47550 logconv: failed logins: Use of uninitialized value in numeric 
comparison at logconv.pl line 949
- Ticket #47551 logconv: -V does not produce unindexed search report
- Ticket 47517 - fix memory leak in ldbm_delete.c
- Ticket #47488 - Users from AD sub OU does not sync to IPA
- minor fixes for bdb 4.2/4.3 and mozldap
- Tickets: 47510 & 47543 - 389 fails to build when using Mozldap
* Tue Oct 15 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.23-3.1
- add mutex around ldap ssl functions/bind/unbind
* Wed Oct  2 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.23-3
- bump version to rebuild again
* Wed Oct  2 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.23-2
- forgot to bump the source version
* Wed Oct  2 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.23-1
- Ticket #422 - 389-ds-base - Can't call method "getText"
- Ticket 47509 - CLEANALLRUV doesnt run across all replicas
- Ticket 47533 logconv: some stats do not work across server restarts
- Ticket #47501 logconv.pl uses /var/tmp for BDB temp files
- Ticket 47520 - Fix various issues with logconv.pl
- Ticket #47387 - improve logconv.pl performance with large access logs
- Ticket 47354 - Indexed search are logged with 'notes=U' in the access logs
- Ticket 47461 - logconv.pl - Use of comma-less variable list is deprecated
- Ticket 47447 - logconv.pl man page missing -m,-M,-B,-D
- Ticket #47348 - add etimes to per second/minute stats
- Ticket #47341 - logconv.pl -m time calculation is wrong
- Ticket #47336 - logconv.pl -m not working for all stats
- Ticket 611 - logconv.pl missing stats for StartTLS, LDAPI, and AUTOBIND
- TIcket 419 - logconv.pl - improve memory management
- Ticket 471 - logconv.pl tool removes the access logs contents if "-M" is not 
correctly used
- Ticket 539 - logconv.pl should handle microsecond timing
- Ticket #356 - RFE - Track bind info
- Ticket #47534 - RUV tombstone search with scope "one" doesn`t work
- Ticket 47489 - Under specific values of nsDS5ReplicaName, replication may get 
broken or updates missing
- Ticket #47523 - Set up replcation/agreement before initializing the sub 
suffix, the sub suffix is not found by ldapsearch
- Ticket #47504 idlistscanlimit per index/type/value
- Ticket #47492 - PassSync removes User must change password flag on the 
Windows side
- Ticket #47516 replication stops with excessive clock skew
- Bug 999634 - ns-slapd crash due to bogus DN
* Fri Aug  2 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.22-3
- use socket6 instead of socket
* Thu Aug  1 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.22-2
- remove the dependency and conflict with selinux versions
* Wed Jul 31 2013 Rich Megginson <rmegg...@redhat.com> - 1.2.11.22-1
- 89a98eb fix coverity 11895 - null deref - caused by fix to ticket 47392
- 9750ea7 fix compiler warning in posix winsync code for 
posix_group_del_memberuid_callback
- 12d47a2 Fix compiler warnings for Ticket 47395 and 47397
- d9a1c7b fix compiler warning
- 855d289 Ticket #543 - Sorting with attributes in ldapsearch gives incorrect 
result
- CVE-2013-2219 ACLs inoperative in some search scenarios
- Ticket #47378 - fix recent compiler warnings
- Ticket 47427 - Overflow in nsslapd-disk-monitoring-threshold
- Ticket 47449 - deadlock after adding and deleting entries
- Ticket 47421 - memory leaks in set_krb5_creds
- Ticket 47441 - Disk Monitoring not checking filesystem with logs
- Ticket 47427 - Overflow in nsslapd-disk-monitoring-threshold
- Ticket #47435 - Very large entryusn values after enabling the USN plugin and 
the lastusn value is negative.
- Ticket #47424 - Replication problem with add-delete requests on single-valued 
attributes
- Ticket #47428 - Memory leak in 389-ds-base 1.2.11.15
- Ticket #47392 - ldbm errors when adding/modifying/deleting entries
- Ticket 47385 - Disk Monitoring is not triggered as expected.
- Ticket #47410 - changelog db deadlocks with DNA and replication
- Ticket #47409 - allow setting db deadlock rejection policy
- Ticket #47412 - Modify RUV should be serialized in ldbm_back_modify/add
- Ticket #47409 - allow setting db deadlock rejection policy
- Ticket 47393 - Attribute are not encrypted on a consumer after a full 
initialization
- Ticket 47396 - crash on modrdn of tombstone
- Ticket 47395 47397 v2 correct behaviour of account policy if only stateattr 
is configured or no alternate attr is configured
- Ticket #47402 - Attribute names are incorrect in search results
- Ticket #47391 - deleting and adding userpassword fails to update the password
- e3b8e2f Coverity Fixes (Part 7)
- Ticket 47376 - DESC should not be empty as per RFC 2252 (ldapv3)
- Ticket #47375 - flush_ber error sending back start_tls response will deadlock
- Ticket #47377 - make listen backlog size configurable
- Ticket #47367 - (phase 1) ldapdelete returns non-leaf entry error while 
trying to remove a leaf entry
- Ticket 47383 - connections attribute in cn=snmp,cn=monitor is counted twice
- Ticket 47385 - DS not shutting down when disk monitoring threshold is reached
- Ticket #47378 - fix recent compiler warnings
- 9ac276a Coverity Fixes (Part 5)
- 3ab5aba Coverity Fixes (Part 4)
- 36f2572 Coverity Fixes (Part 3)
- 41a8827 Coverity Fixes (Part 2)
- f771f95 Coverity Fixes (part 1)
- Ticket 580 - Wrong error code return when using EXTERNAL SASL and no client 
certificate
- Ticket #47349 - DS instance crashes under a high load
- Ticket #47359 - new ldap connections can block ldaps and ldapi connections
- Ticket #47327 - error syncing group if group member user is not synced
- Ticket #47362 - ipa upgrade selinuxusermap data not replicating
- Ticket 47361 - Empty control list causes LDAP protocol error is thrown
- Trac Ticket #531 - loading an entry from the database should use 
str2entry_fast
- Ticket #47347 - Simple paged results should support async search
- Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
- 6abec15 Coverity fix 13139 - Dereference after NULL check in 
slapi_attr_value_normalize_ext()
* Tue Apr  9 2013 Mark Reynolds <mreyno...@redhat.com> - 1.2.11.21-1
9a7ba7d bump verison to 1.2.11.21
Ticket 47318 - server fails to start after upgrade(schema error)
* Thu Mar 28 2013 Noriko Hosoi <nho...@redhat.com> - 1.2.11.20-1
46bfabb bump version to 1.2.11.20
Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
Ticket #47308 - unintended information exposure when anonymous access is set to 
rootdse
Ticket 628 - crash in aci evaluation
Ticket #627 - ns-slapd crashes sporadically with segmentation fault in 
libslapd.so
Ticket #634 - Deadlock in DNA plug-in
f6a6514 Coverity issue 13091
Ticket 632 - 389-ds-base cannot handle Kerberos tickets with PAC
Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
* Mon Mar 11 2013 Mark Reynolds <mreyno...@redhat.com> - 1.2.11.19-1
c535f7d bump version to 1.2.11.19
Bug 912964 - CVE-2013-0312 389-ds: unauthenticated denial of service 
vulnerability in handling of LDAPv3 control data
Ticket 590 - ns-slapd segfaults while trying to delete a tombstone entry
Ticket 518 - dse.ldif is 0 length after server kill or machine kill
Ticket #579 - Error messages encountered when using POSIX winsync
Ticket #576 - DNA: use event queue for config update only at the start up
Ticket 367 - Invalid chaining config triggers a disk full error and shutdown
Ticket 570 - DS returns error 20 when replacing values of a multi-valued 
attribute  (only when replication is enabled)
Bug 906005 - Valgrind reports memleak in modify_update_last_modified_attr
Ticket #572 - PamConfig schema not updated during upgrade
* Thu Jan 24 2013 Mark Reynolds <mreyno...@redhat.com> - 1.2.11.18-1
12420d9 bump version to 1.2.11.18
Ticket 556 - Don't overwrite certmap.conf during upgrade
Ticket 495 - 1.2.11 - plugin dn is missing from pblock
Ticket 549 - DNA plugin no longer reports additional info when range is depleted
Ticket 541 - need to set plugin as off in ldif template
Ticket 541 - RootDN Access Control plugin is missing after upgrade
Ticket 527 - ns-slapd segfaults if it cannot rename the logs
39b0938 Coverity Issues for 1.2.11
Ticket 216 - disable replication agreements
Ticket 20 - Allow automember to work on entries that have already been added
7d22bc2 Coverity Fixes
Ticket 337 - improve CLEANRUV functionality
Ticket 495 - internalModifiersname not updated by DNA plugin
Ticket 517 - crash in DNA if no dnaMagicRegen is specified
Trac Ticket #520 - RedHat Directory Server crashes (segfaults) when moving ldap 
entry
Trac Ticket #519 - Search with a complex filter including range search is slow
Trac Ticket #500 - Newly created users with organizationalPerson objectClass 
fails to sync from AD to DS with missing attribute error
Ticket #503 - Improve AD version in winsync log message
Trac Ticket #498 - Cannot abaondon simple paged result search
55997a6 Coverity defects
Trac Ticket #494 - slapd entered to infinite loop during new index addition
56ebbb2 Fixing compiler warnings in the posix-winsync plugin
a57d913 Coverity defects
Ticket 468 - if pam_passthru is enabled, need to 
AC_CHECK_HEADERS([security/pam_appl.h])
Ticket 486 - nsslapd-enablePlugin should not be multivalued
Ticket 488 - Doc: DS error log messages with typo
Ticket #491 - multimaster_extop_cleanruv returns wrong error codes
* Mon Dec 10 2012 Mark Reynolds <mreyno...@redhat.com> - 1.2.11.17-1
- 94d5ea3 bump verison to 1.2.11.17
- Ticket 527 - ns-slapd segfaults if it cannot rename the logs
- 39b0938 Coverity Issues for 1.2.11
- Ticket 216 - disable replication agreements
- Ticket 20 - Allow automember to work on entries that have already been added
- 7d22bc2 Coverity Fixes
- Ticket 337 - improve CLEANRUV functionality
- Ticket 495 - internalModifiersname not updated by DNA plugin
- Ticket 517 - crash in DNA if no dnaMagicRegen is specified
- Trac Ticket #520 - RedHat Directory Server crashes (segfaults) when moving 
ldap entry
- Trac Ticket #519 - Search with a complex filter including range search is slow
- Trac Ticket #500 - Newly created users with organizationalPerson objectClass 
fails to sync from AD to DS with missing attribute error
- Ticket #503 - Improve AD version in winsync log message
- Trac Ticket #498 - Cannot abaondon simple paged result search
- 55997a6 Coverity defects
- Trac Ticket #494 - slapd entered to infinite loop during new index addition
- 56ebbb2 Fixing compiler warnings in the posix-winsync plugin
- a57d913 Coverity defects
- Ticket 468 - if pam_passthru is enabled, need to 
AC_CHECK_HEADERS([security/pam_appl.h])
- Ticket 486 - nsslapd-enablePlugin should not be multivalued
- Ticket 488 - Doc: DS error log messages with typo
- Ticket #491 - multimaster_extop_cleanruv returns wrong error codes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1024552 - CVE-2013-4485 389-ds-base: DoS due to improper handling 
of ger attr searches
        https://bugzilla.redhat.com/show_bug.cgi?id=1024552
--------------------------------------------------------------------------------


================================================================================
 drupal7-7.24-1.el5 (FEDORA-EPEL-2013-12174)
 An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:

- Update to upstream 7.24 release for security fixes
- Upstream changelog for this release is available at 
https://drupal.org/drupal-7.24-release-notes
- SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities - 
http://drupal.org/SA-CORE-2013-003
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 21 2013 Peter Borsa <peter.bo...@gmail.com> - 7.24-1
- Update to upstream 7.24 release for security fixes
- Upstream changelog for this release is available at 
https://drupal.org/drupal-7.24-release-notes
--------------------------------------------------------------------------------


================================================================================
 gc-7.1-6.el5 (FEDORA-EPEL-2013-12169)
 A garbage collector for C and C++
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2012-2673, see the bugreport.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828882 - gc: malloc() and calloc() overflows [epel-5]
        https://bugzilla.redhat.com/show_bug.cgi?id=828882
--------------------------------------------------------------------------------


================================================================================
 lhapdf-5.9.1-2.el5 (FEDORA-EPEL-2013-12161)
 Les Houches Accord PDF Interface
--------------------------------------------------------------------------------
Update Information:

Rerun swig code generation for better security.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 21 2013 Mattias Ellert <mattias.ell...@fysast.uu.se> - 5.9.1-2
- Remove bundled swig generated sources
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
epel-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel