Fedora EPEL 6 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 551  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   python-virtualenv-12.0.7-1.el6
 545  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   rubygem-crack-0.3.2-2.el6
 477  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   nagios-4.0.8-1.el6
 435  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   mcollective-2.8.4-1.el6
 407  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   thttpd-2.25b-24.el6
 138  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53   chicken-4.11.0-3.el6
  17  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   libbsd-0.8.3-2.el6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-245929d91a   tinymce-4.5.1-1.el6
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-62450e4e38   libpng10-1.0.67-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-284a1cc356   exim-4.88-1.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e   dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7d479b3940   php-PHPMailer-5.2.22-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-50bd111169   icoutils-0.31.1-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4e597458f1   php-ZendFramework2-2.2.10-3.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    bitlbee-3.5-1.el6
    golang-github-onsi-ginkgo-1.1.0-11.el6
    golang-github-onsi-gomega-1.0-0.1.git2152b45.el6
    icoutils-0.31.1-1.el6
    php-PHPMailer-5.2.22-1.el6
    php-ZendFramework2-2.2.10-3.el6
    php-tcpdf-6.2.13-1.el6
    python-productmd-1.4-1.el6

Details about builds:


================================================================================
 bitlbee-3.5-1.el6 (FEDORA-EPEL-2017-88b1fb3523)
 IRC to other chat networks gateway
--------------------------------------------------------------------------------
Update Information:

Update to the latest upstream.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1411171 - bitlbee-3.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1411171
--------------------------------------------------------------------------------


================================================================================
 golang-github-onsi-ginkgo-1.1.0-11.el6 (FEDORA-EPEL-2017-54a7538f99)
 A Golang BDD Testing Framework
--------------------------------------------------------------------------------
Update Information:

Add missing Provides  ----  Bump to upstream
7f8ab55aaf3b86885aa55b762e803744d1674700
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1214619 - Tracker for golang-github-onsi-ginkgo
        https://bugzilla.redhat.com/show_bug.cgi?id=1214619
--------------------------------------------------------------------------------


================================================================================
 golang-github-onsi-gomega-1.0-0.1.git2152b45.el6 (FEDORA-EPEL-2017-7feec15962)
 Ginkgo's Preferred Matcher Library
--------------------------------------------------------------------------------
Update Information:

Bump to upstream 2152b45fa28a361beba9aab0885972323a444e28  ----  internal
packages are no longer provided Update of spec file to spec-2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1248013 - Tracker for golang-github-onsi-gomega
        https://bugzilla.redhat.com/show_bug.cgi?id=1248013
--------------------------------------------------------------------------------


================================================================================
 icoutils-0.31.1-1.el6 (FEDORA-EPEL-2017-50bd111169)
 Utility for extracting and converting Microsoft icon and cursor files
--------------------------------------------------------------------------------
Update Information:

This new point release fixes a security vulnerability in wrestool. For further
details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1411251 - CVE-2017-5208 icoutils: Check_offset overflow on 64-bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=1411251
--------------------------------------------------------------------------------


================================================================================
 php-PHPMailer-5.2.22-1.el6 (FEDORA-EPEL-2017-7d479b3940)
 PHP email transport class with a lot of features
--------------------------------------------------------------------------------
Update Information:

**Version 5.2.22** (January 5th 2017)  * **SECURITY** Fix
[CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223),
local file disclosure vulnerability if content passed to `msgHTML()` is sourced
from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix
for this means that calls to `msgHTML()` without a `$basedir` will not import
images with relative URLs, and relative URLs containing `..` will be ignored. *
Add simple contact form example * Emoji in test content   ----  **Version
5.2.21** (December 28th 2016)  * Fix missed number update in version file - no
functional changes  ----  **Version 5.2.20** (December 28th 2016)  *
**SECURITY** Critical security update for CVE-2016-10045 please update now!
Thanks to [Dawid Golunski](https://legalhackers.com) and Paul Buonopane
(Zenexer).   ----  ** Version 5.2.19** (December 26th 2016)  * Minor cleanup  **
Version 5.2.18** (December 24th 2016)  * **SECURITY** Critical security update
for CVE-2016-10033 please update now! Thanks to [Dawid
Golunski](https://legalhackers.com). * Add ability to extract the SMTP
transaction ID from some common SMTP success messages * Minor documentation
tweaks  ** Version 5.2.17** (December 9th 2016)  * This is officially the last
feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0! *
Allow DKIM private key to be provided as a string * Provide mechanism to allow
overriding of boundary and message ID creation * Improve Brazilian Portuguese,
Spanish, Swedish, Romanian, and German translations * PHP 7.1 support for
Travis-CI * Fix some language codes * Add security notices * Improve DKIM
compatibility in older PHP versions * Improve trapping and capture of SMTP
connection errors * Improve passthrough of error levels for debug output *
PHPDoc cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1409489 - CVE-2016-10033 phpmailer: Parameter injection via mail() function
        https://bugzilla.redhat.com/show_bug.cgi?id=1409489
--------------------------------------------------------------------------------


================================================================================
 php-ZendFramework2-2.2.10-3.el6 (FEDORA-EPEL-2017-4e597458f1)
 Zend Framework 2
--------------------------------------------------------------------------------
Update Information:

Fixes [ZF2016-04](https://framework.zend.com/security/advisory/ZF2016-04) /
[CVE-2016-10034](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10034)
vulnerability
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1409591 - CVE-2016-10034 php-zendframework: Parameter injection in setFrom() function
        https://bugzilla.redhat.com/show_bug.cgi?id=1409591
--------------------------------------------------------------------------------


================================================================================
 php-tcpdf-6.2.13-1.el6 (FEDORA-EPEL-2017-5a23161f8b)
 PHP class for generating PDF documents and barcodes
--------------------------------------------------------------------------------
Update Information:

Add a simple classmap autoloader.
--------------------------------------------------------------------------------


================================================================================
 python-productmd-1.4-1.el6 (FEDORA-EPEL-2017-3856ce7e2d)
 Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:

* Fixes working with legacy metadata files. * Miscelaneous bug fixes. * Fixed
Python 3 compatibility
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux