The following Fedora EPEL 6 Security updates need testing: Age URL 445 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 439 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 371 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 329 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 301 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 187 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6 92 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-db7e78fac7 php-PHPMailer-5.2.16-2.el6 85 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e444c5f2 pypy-5.0.1-4.el6 46 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a1450d7fe0 knot-1.6.8-1.el6 32 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bcc7555c8a drupal7-google_analytics-2.3-1.el6 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-204f2f07aa drupal7-panels-3.7-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e079d167e3 distribution-gpg-keys-1.7-1.el6 mock-1.2.21-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-320b654443 php-adodb-5.15-10.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-edda50420f mongodb-2.4.14-4.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-25e30f6dc3 jansson-2.9-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8602185c5 links-2.13-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1117d3c7f6 golang-1.7.1-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing datefudge-1.21-1.el6 dmlite-0.8.0-1.el6 dpm-xrootd-3.6.1-1.el6 globus-gssapi-gsi-12.9-1.el6 golang-1.7.1-1.el6 hitch-1.4.1-1.el6 qpid-dispatch-0.6.1-4.el6 qpid-proton-0.14.0-1.el6 rubygem-qpid_proton-0.14.0-1.el6 Details about builds: ================================================================================ datefudge-1.21-1.el6 (FEDORA-EPEL-2016-2734c98733) Fake the system date -------------------------------------------------------------------------------- Update Information: Initial release for el6 -------------------------------------------------------------------------------- ================================================================================ dmlite-0.8.0-1.el6 (FEDORA-EPEL-2016-416be09229) Lcgdm grid data management and storage framework -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ dpm-xrootd-3.6.1-1.el6 (FEDORA-EPEL-2016-396e346c15) XROOT interface to the Disk Pool Manager (DPM) -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-12.9-1.el6 (FEDORA-EPEL-2016-0fcc6ff347) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: More MIC backward compatibility fixes. -------------------------------------------------------------------------------- ================================================================================ golang-1.7.1-1.el6 (FEDORA-EPEL-2016-1117d3c7f6) The Go Programming Language -------------------------------------------------------------------------------- Update Information: Rebase to 1.7.1. Security fix for CVE-2015-8618, CVE-2016-5386, CVE-2016-3959 ---- bz1271709 include patch from upstream fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1353798 - CVE-2016-5386 Go: sets environmental variable based on user supplied Proxy request header https://bugzilla.redhat.com/show_bug.cgi?id=1353798 [ 2 ] Bug #1324343 - CVE-2016-3959 golang: infinite loop in several big integer routines https://bugzilla.redhat.com/show_bug.cgi?id=1324343 [ 3 ] Bug #1293448 - CVE-2015-8618 golang: Carry propagation in Int.Exp Montgomery code in math/big library https://bugzilla.redhat.com/show_bug.cgi?id=1293448 -------------------------------------------------------------------------------- ================================================================================ hitch-1.4.1-1.el6 (FEDORA-EPEL-2016-94f956b7db) Network proxy that terminates TLS/SSL connections -------------------------------------------------------------------------------- Update Information: Hitch 1.4.1 released: New configuration setting for specifying SSL/TLS protocol. See release details at https://github.com/varnish/hitch/blob/master/docs/configuration.md#ssltls- protocol-setting and changelog at https://github.com/varnish/hitch/blob/master/CHANGES.rst ---- New upstream release, a feature release: - NPN/ALPN support for negotiating a protocol in the SSL handshake - PROXY protocol support for communicating an ALPN/NPN negotiated protocol to the backend Also some bugfixes, see the CHANGES.rst included in the package, or upstream at https://github.com/varnish/hitch/blob/master/CHANGES.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379018 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379018 -------------------------------------------------------------------------------- ================================================================================ qpid-dispatch-0.6.1-4.el6 (FEDORA-EPEL-2016-fbaf0b1710) Dispatch router for Qpid -------------------------------------------------------------------------------- Update Information: Rebuilt against proton 0.14.0. -------------------------------------------------------------------------------- ================================================================================ qpid-proton-0.14.0-1.el6 (FEDORA-EPEL-2016-60b0a4ae98) A high performance, lightweight messaging library -------------------------------------------------------------------------------- Update Information: Rebased to 0.14.0. -------------------------------------------------------------------------------- ================================================================================ rubygem-qpid_proton-0.14.0-1.el6 (FEDORA-EPEL-2016-d5b7b9c23b) Ruby language bindings for the Qpid Proton messaging framework -------------------------------------------------------------------------------- Update Information: Rebased to 0.14.0. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
