The following Fedora EPEL 6 Security updates need testing: Age URL 385 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 379 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 310 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 269 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 240 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 126 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6 31 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-db7e78fac7 php-PHPMailer-5.2.16-2.el6 25 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e444c5f2 pypy-5.0.1-4.el6 24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7a25f65890 nginx-1.10.1-1.el6 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-225fc51f32 chicken-4.11.0-2.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d1c7111779 p7zip-16.02-1.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1cbd9dc578 drupal7-views-3.14-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-823164477b php-doctrine-orm-2.4.8-1.el6 php-doctrine-dbal-2.4.5-1.el6 php-doctrine-common-2.4.3-2.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e8996ae73 php-ZendFramework2-2.2.10-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2f26fee4ad dropbear-2016.74-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d00357bc8 dietlibc-0.33-8.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d44efceb2b collectd-4.10.9-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-66eb498b93 v8-3.14.5.10-25.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af2033a524 cryptopp-5.6.2-10.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing 389-admin-1.1.43-1.el6 389-adminutil-1.1.22-1.el6 389-console-1.1.17-1.el6 389-ds-console-1.2.12-2.el6 collectd-4.10.9-2.el6 cryptopp-5.6.2-10.el6 dietlibc-0.33-8.el6 dpm-dsi-1.9.7-7.el6 dropbear-2016.74-1.el6 globus-ftp-control-7.2-1.el6 globus-gridftp-server-11.1-1.el6 golang-github-golang-time-0-0.1.gita4bde12.el6 golang-github-jessevdk-go-flags-0-0.7.gitf2785f5.el6 golang-github-urfave-cli-1.17.0-0.1.git6011f16.el6 golang-googlecode-net-0-0.33.git4d38db7.el6 golang-googlecode-text-0-0.12.git6fc2e00.el6 idm-console-framework-1.1.15-1.el6 kobo-0.5.2-1.el6 ovirt-guest-agent-1.0.12-4.el6 v8-3.14.5.10-25.el6 zabbix22-2.2.14-1.el6 Details about builds: ================================================================================ 389-admin-1.1.43-1.el6 (FEDORA-EPEL-2016-2618571ab7) 389 Administration Server (admin) -------------------------------------------------------------------------------- Update Information: Release 1.1.43 -------------------------------------------------------------------------------- ================================================================================ 389-adminutil-1.1.22-1.el6 (FEDORA-EPEL-2016-285d49b2b9) Utility library for 389 administration -------------------------------------------------------------------------------- Update Information: Release 1.1.22 -------------------------------------------------------------------------------- ================================================================================ 389-console-1.1.17-1.el6 (FEDORA-EPEL-2016-8824bc47a2) 389 Management Console -------------------------------------------------------------------------------- Update Information: Release 1.1.17-1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304595 - Console -- Update Java dependency to 1.8 https://bugzilla.redhat.com/show_bug.cgi?id=1304595 -------------------------------------------------------------------------------- ================================================================================ 389-ds-console-1.2.12-2.el6 (FEDORA-EPEL-2016-9576102f14) 389 Directory Server Management Console -------------------------------------------------------------------------------- Update Information: Release 1.2.12-2 -------------------------------------------------------------------------------- ================================================================================ collectd-4.10.9-2.el6 (FEDORA-EPEL-2016-d44efceb2b) Statistics collection daemon for filling RRD files -------------------------------------------------------------------------------- Update Information: CVE-2016-6254 -------------------------------------------------------------------------------- ================================================================================ cryptopp-5.6.2-10.el6 (FEDORA-EPEL-2016-af2033a524) C++ class library of cryptographic schemes -------------------------------------------------------------------------------- Update Information: - CVE-2016-3995 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325950 - CVE-2016-3995 cryptopp: bogus protection from timing attacks [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1325950 -------------------------------------------------------------------------------- ================================================================================ dietlibc-0.33-8.el6 (FEDORA-EPEL-2016-2d00357bc8) Small libc implementation -------------------------------------------------------------------------------- Update Information: http://thread.gmane.org/gmane.linux.lib.dietlibc/1833 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359768 - Insecure _PATH_DEFPATH https://bugzilla.redhat.com/show_bug.cgi?id=1359768 -------------------------------------------------------------------------------- ================================================================================ dpm-dsi-1.9.7-7.el6 (FEDORA-EPEL-2016-4a3c065e18) Disk Pool Manager (DPM) plugin for the Globus GridFTP server -------------------------------------------------------------------------------- Update Information: globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server * Fix forced order issues with restart (11.1) * Add forced ordering option (11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a transfer due to timeout while client is still connected (10.5) dpm-dsi * Rebuilt for globus-gridftp-server 11.1 -------------------------------------------------------------------------------- ================================================================================ dropbear-2016.74-1.el6 (FEDORA-EPEL-2016-2f26fee4ad) SSH2 server and client -------------------------------------------------------------------------------- Update Information: new version ---- CVE-2016-3116 dropbear: X11 forwarding input not validated properly -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359635 - dropbear: Multiple security issues fixed in 2016.74 https://bugzilla.redhat.com/show_bug.cgi?id=1359635 -------------------------------------------------------------------------------- ================================================================================ globus-ftp-control-7.2-1.el6 (FEDORA-EPEL-2016-4a3c065e18) Globus Toolkit - GridFTP Control Library -------------------------------------------------------------------------------- Update Information: globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server * Fix forced order issues with restart (11.1) * Add forced ordering option (11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a transfer due to timeout while client is still connected (10.5) dpm-dsi * Rebuilt for globus-gridftp-server 11.1 -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-11.1-1.el6 (FEDORA-EPEL-2016-4a3c065e18) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server * Fix forced order issues with restart (11.1) * Add forced ordering option (11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a transfer due to timeout while client is still connected (10.5) dpm-dsi * Rebuilt for globus-gridftp-server 11.1 -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-time-0-0.1.gita4bde12.el6 (FEDORA-EPEL-2016-15bc71c289) Go supplementary time packages -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354398 - Review Request: golang-github-golang-time - Go supplementary time packages https://bugzilla.redhat.com/show_bug.cgi?id=1354398 -------------------------------------------------------------------------------- ================================================================================ golang-github-jessevdk-go-flags-0-0.7.gitf2785f5.el6 (FEDORA-EPEL-2016-7b9b5d7e40) Go command line option parser -------------------------------------------------------------------------------- Update Information: Bump to upstream f2785f5820ec967043de79c8be97edfc464ca745 ---- Update spec file to spec-2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250487 - Tracker for golang-github-jessevdk-go-flags https://bugzilla.redhat.com/show_bug.cgi?id=1250487 -------------------------------------------------------------------------------- ================================================================================ golang-github-urfave-cli-1.17.0-0.1.git6011f16.el6 (FEDORA-EPEL-2016-3b8bcd5981) A simple, fast, and fun package for building command line apps in Go -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354378 - Review Request: golang-github-urfave-cli - A simple, fast, and fun package for building command line apps in Go https://bugzilla.redhat.com/show_bug.cgi?id=1354378 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-net-0-0.33.git4d38db7.el6 (FEDORA-EPEL-2016-2b97ecadbf) Supplementary Go networking libraries -------------------------------------------------------------------------------- Update Information: Bump to upstream 4d38db76854b199960801a1734443fd02870d7e1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326890 - FTBFS with gcc-go on s390x https://bugzilla.redhat.com/show_bug.cgi?id=1326890 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-text-0-0.12.git6fc2e00.el6 (FEDORA-EPEL-2016-166ab1223a) Supplementary Go text libraries -------------------------------------------------------------------------------- Update Information: Polishing the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1254601 - Tracker for golang-googlecode-text https://bugzilla.redhat.com/show_bug.cgi?id=1254601 -------------------------------------------------------------------------------- ================================================================================ idm-console-framework-1.1.15-1.el6 (FEDORA-EPEL-2016-5d30351294) Identity Management Console Framework -------------------------------------------------------------------------------- Update Information: Release 1.1.15-1 -------------------------------------------------------------------------------- ================================================================================ kobo-0.5.2-1.el6 (FEDORA-EPEL-2016-c539895974) Python modules for tools development -------------------------------------------------------------------------------- Update Information: Update to latest upstream. ---- Rebase to latest upstream New upstream version. Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 New upstream version. Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 New upstream version. Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3 -------------------------------------------------------------------------------- ================================================================================ ovirt-guest-agent-1.0.12-4.el6 (FEDORA-EPEL-2016-fd407a0825) The oVirt Guest Agent -------------------------------------------------------------------------------- Update Information: Bump to upstream version 1.0.12.2 and dependency fix on F24 -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-25.el6 (FEDORA-EPEL-2016-66eb498b93) JavaScript Engine -------------------------------------------------------------------------------- Update Information: fix for CVE-2016-1669, fix for builtin reporting, add provides for v8-314 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1353623 - CVE-2016-1669 v8: chromium-browser,v8,nodejs: buffer overflow in v8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1353623 [ 2 ] Bug #1353620 - CVE-2016-1669 v8: chromium-browser,v8,nodejs: buffer overflow in v8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1353620 -------------------------------------------------------------------------------- ================================================================================ zabbix22-2.2.14-1.el6 (FEDORA-EPEL-2016-9f4ef44d3a) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: http://www.zabbix.com/rn2.2.14.php -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
