Fedora EPEL 5 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Fri, 20 Jan 2017 18:45:44 +0000 (UTC)

The following Fedora EPEL 5 Security updates need testing:
 Age  URL
 803  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849   sblim-sfcb-1.3.8-2.el5
 446  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516   mcollective-2.8.4-1.el5
 417  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6   thttpd-2.25b-24.el5
  28  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ce45574ab6   libbsd-0.8.3-2.el5
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e541856e99   wordpress-4.7.1-1.el5
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cfdd99a20e   opus-1.0.3-2.el5
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec4289f01   python-crypto-2.0.1-6.el5
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6060d622d3   irssi-0.8.21-1.el5
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-58347aa9ad   libesmtp-1.0.4-8.el5

The following builds have been pushed to Fedora EPEL 5 updates-testing

    irssi-0.8.21-1.el5
    libesmtp-1.0.4-8.el5
    mbedtls-2.4.0-1.el5

Details about builds:

================================================================================
 irssi-0.8.21-1.el5 (FEDORA-EPEL-2017-6060d622d3)
 Modular text mode IRC client with Perl scripting
--------------------------------------------------------------------------------
Update Information:

This is an security update fixing CVE-2017-5193, CVE-2017-5194, CVE-2017-5356.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1410821 - CVE-2017-5193 irssi: Null pointer dereference in the nickcmp function
        https://bugzilla.redhat.com/show_bug.cgi?id=1410821
  [ 2 ] Bug #1410824 - CVE-2017-5194 irssi: Null pointer dereference in the nickcmp function
        https://bugzilla.redhat.com/show_bug.cgi?id=1410824
  [ 3 ] Bug #1413890 - CVE-2017-5356 irssi: Out-of-bounds read in format string
        https://bugzilla.redhat.com/show_bug.cgi?id=1413890
--------------------------------------------------------------------------------

================================================================================
 libesmtp-1.0.4-8.el5 (FEDORA-EPEL-2017-58347aa9ad)
 SMTP client library
--------------------------------------------------------------------------------
Update Information:

This is an update fixing CVE-2010-1192 and CVE-2010-1194.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #571817 - CVE-2010-1192 CVE-2010-1194 libESMTP: Multiple certificate validation flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=571817
--------------------------------------------------------------------------------

================================================================================
 mbedtls-2.4.0-1.el5 (FEDORA-EPEL-2017-f1126c420f)
 Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:

- Update to 2.4.0  Release notes: https://tls.mbed.org/tech-
updates/releases/mbedtls-2.4.0-2.1.6-and-1.3.18-released
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx