The following Fedora EPEL 6 Security updates need testing: Age URL 582 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 576 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 466 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 438 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 168 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 33 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5bc0e8fa7d drupal7-title-1.0-0.7.alpha9.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b17ae6b75a viewvc-1.1.26-1.el6 viewvc-1.1.26-1.el6 viewvc-1.1.26-1.el6 viewvc-1.1.26-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2f6331df71 bitlbee-3.5.1-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing nrpe-3.0.1-1.el6 php-pecl-zendopcache-7.0.5-2.el6 python-ansible-tower-cli-3.0.3-1.el6 python-bugzilla-2.0.0-1.el6 tripwire-2.4.3.2-1.el6 xrootd-4.6.0-1.el6 Details about builds: ================================================================================ nrpe-3.0.1-1.el6 (FEDORA-EPEL-2017-b64fc8eec9) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: Update to 3.0.1. Major update but upstream is no longer supporting old code. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411705 - allowed_hosts doesn't work, if one of the hostnames can't be resolved by dns https://bugzilla.redhat.com/show_bug.cgi?id=1411705 [ 2 ] Bug #1275870 - NRPE initscript does not read PID file when calling status/killproc https://bugzilla.redhat.com/show_bug.cgi?id=1275870 -------------------------------------------------------------------------------- ================================================================================ php-pecl-zendopcache-7.0.5-2.el6 (FEDORA-EPEL-2017-5901b42760) The Zend OPcache -------------------------------------------------------------------------------- Update Information: Add security mitigation fix backported from PHP 5.6: * php#69090 check cached files permissions This change introduce 2 new configuration options: * **opcache.validate_permission** (default 0): leads OPcache to check file readability on each access to cached file. This directive should be enabled in shared hosting environment, when few users (PHP-FPM pools) reuse the common OPcache shared memory. * **opcache.validate_root** (default 0): prevent name collisions in chroot'ed environment. This directive prevents file name collisions in different "chroot" environments. It should be enabled for sites that may serve requests in different "chroot" environments. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409317 - backport security fix #69090 for OPcache https://bugzilla.redhat.com/show_bug.cgi?id=1409317 -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.0.3-1.el6 (FEDORA-EPEL-2017-97a3a31e2b) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: update to 3.0.3 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-2.0.0-1.el6 (FEDORA-EPEL-2017-8a3a013ae6) A python library and tool for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.0.0 * Several fixes for use with bugzilla 5 * This release contains several smallish API breaks: * Bugzilla.bug_autorefresh now defaults to False * Credentials are now cached in ~/.cache/python-bugzilla/ * bin/bugzilla was converted to argparse * bugzilla query --boolean_chart option is removed * Unify command line flags across sub commands -------------------------------------------------------------------------------- ================================================================================ tripwire-2.4.3.2-1.el6 (FEDORA-EPEL-2017-d86357b3da) IDS (Intrusion Detection System) -------------------------------------------------------------------------------- Update Information: update to 2.4.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #830999 - tripwire cron should send mail to configured recipients https://bugzilla.redhat.com/show_bug.cgi?id=830999 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.6.0-1.el6 (FEDORA-EPEL-2017-85c437a7c5) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: New version 4.6.0, release notes are here: https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
