The following Fedora EPEL 6 Security updates need testing: Age URL 527 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 521 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 452 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 411 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 383 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 113 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 53 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb5398893b nodejs-0.10.48-3.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8482adf875 php-simplesamlphp-saml2-2.3.3-1.el6 php-simplesamlphp-saml2_1-1.10.3-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5ddfd80ad5 lxc-1.0.9-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-851b04cffd golang-1.7.4-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-681fa1a146 hdf5-1.8.5.patch1-10.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a9e593c654 game-music-emu-0.6.1-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing game-music-emu-0.6.1-1.el6 golang-github-akrennmair-gopcap-0-0.3.git00e1103.el6 golang-github-golang-appengine-0-0.9.git6a43653.el6 golang-github-grpc-grpc-go-1.0.0-0.2.git231b4cf.el6 golang-google-golangorg-cloud-0-0.10.git872c736.el6 golang-googlecode-goauth2-0-0.18.git1364adb.el6 golang-googlecode-google-api-client-0-0.16.gite6294e6.el6 hdf5-1.8.5.patch1-10.el6 nordugrid-arc-5.2.1-1.el6 pcre2-10.21-11.el6 php-horde-Horde-Dav-1.1.4-1.el6 Details about builds: ================================================================================ game-music-emu-0.6.1-1.el6 (FEDORA-EPEL-2016-a9e593c654) Video game music file emulation/playback library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405024 - game-music-emu-0.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1405024 -------------------------------------------------------------------------------- ================================================================================ golang-github-akrennmair-gopcap-0-0.3.git00e1103.el6 (FEDORA-EPEL-2016-adc4f8e9ae) A simple wrapper around libpcap for the Go programming language -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405532 - Tracker for golang-github-akrennmair-gopcap https://bugzilla.redhat.com/show_bug.cgi?id=1405532 -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-appengine-0-0.9.git6a43653.el6 (FEDORA-EPEL-2016-d5c0ffcfe9) Go App Engine for Managed VMs -------------------------------------------------------------------------------- Update Information: Bump to upstream 6a436539be38c296a8075a871cc536686b458371 ---- Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249049 - Tracker for golang-github-golang-appengine https://bugzilla.redhat.com/show_bug.cgi?id=1249049 -------------------------------------------------------------------------------- ================================================================================ golang-github-grpc-grpc-go-1.0.0-0.2.git231b4cf.el6 (FEDORA-EPEL-2016-28e31b6cf5) The Go language implementation of gRPC. HTTP/2 based RPC -------------------------------------------------------------------------------- Update Information: Polish the spec file ---- Give back example provides, they are actually used by golang-github-cockroachdb-cmux-unit-test-devel ---- Bump to upstream 02fca896ff5f50c6bbbee0860345a49344b37a03 ---- Bump to upstream e78224b060cf3215247b7be455f80ea22e469b66 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250461 - Tracker for golang-github-grpc-grpc-go https://bugzilla.redhat.com/show_bug.cgi?id=1250461 -------------------------------------------------------------------------------- ================================================================================ golang-google-golangorg-cloud-0-0.10.git872c736.el6 (FEDORA-EPEL-2016-f00812c4ce) Google Cloud Platform APIs related types and common functions -------------------------------------------------------------------------------- Update Information: Bump to upstream 872c736f496c2ba12786bedbb8325576bbdb33cf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246239 - Tracker for golang-google-golangorg-cloud https://bugzilla.redhat.com/show_bug.cgi?id=1246239 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goauth2-0-0.18.git1364adb.el6 (FEDORA-EPEL-2016-01dcdc30a9) OAuth 2.0 for Go clients -------------------------------------------------------------------------------- Update Information: Polish the spec file ---- Bump to upstream 1364adb2c63445016c5ed4518fc71f6a3cda6169 ---- Update spec file to spec-2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2 https://bugzilla.redhat.com/show_bug.cgi?id=1227273 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-google-api-client-0-0.16.gite6294e6.el6 (FEDORA-EPEL-2016-9a38a25e53) Go libraries for "new style" Google APIs -------------------------------------------------------------------------------- Update Information: Bump to upstream e6294e63a06b2be522ff3d328d8cacded0b1bd31 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250521 - Tracker for golang-googlecode-google-api-client https://bugzilla.redhat.com/show_bug.cgi?id=1250521 -------------------------------------------------------------------------------- ================================================================================ hdf5-1.8.5.patch1-10.el6 (FEDORA-EPEL-2016-681fa1a146) A general purpose library and file format for storing scientific data -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-4330, CVE-2016-4331, CVE-2016-4332, CVE-2016-4333 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397708 - CVE-2016-4333 hdf5: H5T_COMPOUND heap buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1397708 [ 2 ] Bug #1397707 - CVE-2016-4332 hdf5: Shareable message type out-of-bounds write https://bugzilla.redhat.com/show_bug.cgi?id=1397707 [ 3 ] Bug #1397704 - CVE-2016-4331 hdf5: H5Z_NBIT heap buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1397704 [ 4 ] Bug #1397701 - CVE-2016-4330 hdf5: H5T_ARRAY heap buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1397701 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.2.1-1.el6 (FEDORA-EPEL-2016-f88b057c39) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: ARC 5.2.1 -------------------------------------------------------------------------------- ================================================================================ pcre2-10.21-11.el6 (FEDORA-EPEL-2016-970ee92c37) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes crashes in substitution when starting offset was specified beyond the subject end or when an extended substition for \p, \P, or \X was performed. ---- This release fixes "pcre2-config --libs-posix" output, a memory leak in pcre2test tool, a buffer overflow in the library when partial- matching for CR-LF in an empty buffer and a crash in pcre2test tool when diplaying wide characters. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Dav-1.1.4-1.el6 (FEDORA-EPEL-2016-6db8c9d9f3) Horde library for WebDAV, CalDAV, CardDAV -------------------------------------------------------------------------------- Update Information: **Horde_Dav 1.1.4** * [jan] Fix throwing exceptions from Lock backend (Bug #14520). * [jan] Mark PHP 7 as supported. * [jan] Update to SabreDAV 1.8.12 (Only redirect client to HTTP and HTTPS urls; Support empty user names and passwords in basic authentication). -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
