Fedora EPEL 6 updates-testing report

[updates@xxxxxxxxxxxxxxxxx]

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 359  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828   chicken-4.9.0.1-4.el6
 341  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   python-virtualenv-12.0.7-1.el6
 335  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   rubygem-crack-0.3.2-2.el6
 266  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   nagios-4.0.8-1.el6
 225  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   mcollective-2.8.4-1.el6
 197  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   thttpd-2.25b-24.el6
  90  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843   dropbear-2016.72-1.el6
  83  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813   vtun-3.0.1-10.el6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c5dae2a582   GraphicsMagick-1.3.24-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-314ade996d   phpMyAdmin-4.0.10.15-2.el6
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-52cc1f9c07   iperf3-3.0.12-1.el6
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a   proftpd-1.3.3g-10.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-42cb1b4ac8   php-ZendFramework2-2.2.10-1.el6 php-zendframework-zendxml-1.0.2-2.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    copr-cli-1.51-1.el6
    dibbler-1.0.1-3.el6
    php-ZendFramework2-2.2.10-1.el6
    php-zendframework-zendxml-1.0.2-2.el6

Details about builds:


================================================================================
 copr-cli-1.51-1.el6 (FEDORA-EPEL-2016-29927f4d99)
 Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:

Support for package manipulation as a main new feature.
--------------------------------------------------------------------------------


================================================================================
 dibbler-1.0.1-3.el6 (FEDORA-EPEL-2016-2864119c48)
 Portable DHCPv6 implementation
--------------------------------------------------------------------------------
Update Information:

This is the initial version of the dibbler package for EPEL6.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1325681 - Build for EL6 in EPEL?
        https://bugzilla.redhat.com/show_bug.cgi?id=1325681
--------------------------------------------------------------------------------


================================================================================
 php-ZendFramework2-2.2.10-1.el6 (FEDORA-EPEL-2016-42cb1b4ac8)
 Zend Framework 2
--------------------------------------------------------------------------------
Update Information:

 ## 2.2.10 (2015-02-18)  ### SECURITY UPDATES  - **ZF2015-02:**
`Zend\Db\Adapter\Platform\Postgresql` was incorrectly using   `\\` to escape
double quotes in identifiers and values, which could lead to   SQL injection
vectors. We have provided patches that use proper escaping. If   you use
Postgresql with Zend Framework 2, we recommend upgrading immediately.  ## 2.2.9
(2015-01-14)  ### SECURITY UPDATES  - **ZF2015-01:** Session validators were not
run if set before session start.   Essentially, the validators were writing to
the `$_SESSION` superglobal before   session start, which meant the data was
overwritten once the session began.   This meant on subsequent calls, the
validators had no data to compare against,   making the sessions automatically
valid. We have provided patches to ensure   that validators are run only after
the session has begun, which will ensure   they validate sessions correctly
going forward. If you use `Zend\Session`   validators, we recommend upgrading
immediately.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1343989 - [epel6][security] php-ZendFramework2-2.2.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1343989
--------------------------------------------------------------------------------


================================================================================
 php-zendframework-zendxml-1.0.2-2.el6 (FEDORA-EPEL-2016-42cb1b4ac8)
 Zend Framework ZendXml component
--------------------------------------------------------------------------------
Update Information:

 ## 2.2.10 (2015-02-18)  ### SECURITY UPDATES  - **ZF2015-02:**
`Zend\Db\Adapter\Platform\Postgresql` was incorrectly using   `\\` to escape
double quotes in identifiers and values, which could lead to   SQL injection
vectors. We have provided patches that use proper escaping. If   you use
Postgresql with Zend Framework 2, we recommend upgrading immediately.  ## 2.2.9
(2015-01-14)  ### SECURITY UPDATES  - **ZF2015-01:** Session validators were not
run if set before session start.   Essentially, the validators were writing to
the `$_SESSION` superglobal before   session start, which meant the data was
overwritten once the session began.   This meant on subsequent calls, the
validators had no data to compare against,   making the sessions automatically
valid. We have provided patches to ensure   that validators are run only after
the session has begun, which will ensure   they validate sessions correctly
going forward. If you use `Zend\Session`   validators, we recommend upgrading
immediately.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1343989 - [epel6][security] php-ZendFramework2-2.2.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1343989
--------------------------------------------------------------------------------